Thank you for visiting our website. In the following, we have compiled information about our handling of your data as required by Art. 13 of the General Data Protection Regulation (GDPR).
Controller
The controller for the data collection and processing described below is the body designated in the legal note.
Usage data
When you visit our website, usage data will be saved temporarily on our web server for statistical purposes in the form of a log to improve the quality of our website. This record set consists of:
- The name and address of the requested file,
- the date and time of the query,
- the amount of data transferred,
- the access status (file transferred, file not found),
- the description of the type of web browser used,
- the Referral link indicating the site that has referred you to our site,
- the IP address of the computer sending the query, which is will be shortened in such a way that a reference to a person cannot be made.
The aforementioned log data are only stored in an anonymized form.
Required cookies
We use cookies on our websites that are required for the use of our websites.
Cookies are small text files that are stored on your device and can be read. A distinction is made between session cookies, which are erased as soon as you close your browser, and permanent cookies, which are stored beyond any one session.
We do not use these required cookies for analysis, tracking, or promotional purposes.
Some of these cookies contain solely information about certain settings and are not attributable to a specific individual. They may also be necessary to enable user navigation, security, and realization of the site.
Our use of these cookies is based on point (f) of Art. 6 (1) GDPR.
You can set your browser to notify you about the placement of any cookies. This makes the use of cookies transparent for you. You can also delete cookies at any time and prevent the setting of new cookies by using the pertinent browser settings. Please note that in that case it may not be possible to display our website, and some functions may no longer be technically available.
Insofar as cookies from the provider Google LLC (USA) are used, the transfer is based on point (a) of Art. 49 (1) GDPR (lack of adequate level of data protection).
Third-party tracking technologies for promotional purposes
We use cross-device tracking technologies that targeted advertising on other websites based on your visit to our websites. This allow us to see how effective our advertising activities have been.
With your consent via our banner the data are processed on the basis of your consent pursuant to point (a) of Art. 6 (1), letter a of the GDPR or Article 15, paragraph 3 of the TMG (German Telemedia Act). Your consent is voluntary and may be withdrawn at any time.
How does the tracking work?
When you visit our websites, it is possible that the third-party providers mentioned below will retrieve recognition features for your browser or device (e.g., a so-called browser fingerprint), evaluate your IP address, store or read recognition features on your device (e.g., cookies), or gain access to individual tracking pixels.
These various features can be used by the third-party providers to recognize your device when you access other internet sites. We may engage these third-party providers to display advertising based on the pages you have visited on our site.
What does cross-device tracking mean?
If you log in with the third-party provider using your own user data, the recognition features of different browsers and devices can be linked with one another. If, for instance, the third-party provider has created a separate characteristic for each laptop, desktop PC, smartphone, or tablet you use, these individual characteristics can be attributed to one another as soon as you log in to a third-party provider’s service with your login data. This enables the third-party provider to steer our advertising campaigns to specific targets across various devices.
What third-party providers do we use for this purpose?
We designate below the third-party providers with whom we cooperate for promotional purposes. Please keep in mind that, insofar as data are processed outside the EU or EEA for these purposes, there is a risk that public authorities may access the data for security and surveillance purposes without notifying you or providing you with any means of seeking legal remedy. Insofar as we use providers in third countries that lack adequate security and you give your consent, the transfer to a third country is based on point (a) of Art. 49 (1) GDPR.
Provider | Maximum | Adequate level of data protection | Withdrawal of consent |
|---|---|---|---|
Google LLC (USA) | Inadequate level of data protection. Transfer of data is based on point (a) of Art. 49 (1) GDPR. | If you wish to withdraw your consent, please click here and enter the appropriate setting via our banner. | |
| Inadequate level of data protection. Transfer of data is based on point (a) of Art. 49 (1) GDPR. | If you wish to withdraw your consent, please click here and enter the appropriate setting via our banner. |
Integration of other technical third-party content and functions
We use the technical functions and content of third-party providers mentioned below to display our websites.
Accessing our sites causes the contents of the third-party providers that provide these functions and contents to be downloaded. This provides to the third-party provider the information that you have accessed our site as well as the usage data technically required for this purpose.
We have no control over the further data processing by the third-party provider.
The data are processed on the basis of your consent pursuant to point (a) of Art. 6 (1) GDPR insofar as you have given your consent via our banner.
Please note that the use of third-party content and features may result in your data being processed outside the EU or EEA. In some countries, there is a risk that public authorities may access the data for security and surveillance purposes without notifying you or providing you with any means of seeking legal remedy. Insofar as we use providers in third countries that lack adequate security and you give your consent, the transfer to a third country is based on point (a) of Art. 49 (1) GDPR.
Provider | Technical function or content | Maximum storage period, if applicable | Transfer to third countries as specified by the provider and assurance of an adequate level of data protection | Withdrawal of consent |
|---|---|---|---|---|
Google LLC (USA) | JQuery | Inadequate level of data protection. Transfer of data is based on point (a) of Art. 49 (1) GDPR. | If you no longer agree to the processing, please do not use our site in future. |
Newsletter
You have the opportunity to subscribe to our newsletter. We need the data marked as required fields from you for the use of our contact form.
We use these data in accordance with point (f) of Art. 6 (1) GDPR to initiate your subscription to the newsletter.
Your data will be processed solely for this purpose. We will delete your data insofar as they are no longer required and there are no legal obligations to the contrary.
In accordance with point (f) of Art. 6 (1) GDPR, you have the right to object to the processing at any time. Please use the email address shown in the imprint to lodge your objection.
Map services
We embed map services on our websites that are not stored on our servers. We initially display solely locally stored preview images of the maps so that the accessing of our websites with embedded map services does not automatically download content from the third-party provider and no information is transferred to the third-party provider.
Content from the third-party provider is not downloaded until you click on the preview image. This provides to the third-party provider the information that you have accessed our site as well as the usage data technically required for this purpose. We have no control over the further data processing by the third-party provider. By clicking on the preview image, you give us your consent to download content from the third-party provider.
The preview image is embedded on the basis of your consent pursuant to point (a) of Art. 6 (1) GDPR or Section 15 (3) first sentence TMG insofar as you have given your consent by clicking on the preview image.
Please keep in mind that the embedding of some map services may result in your data being processed outside the EU or EEA. In some countries, there is a risk that public authorities may access the data for security and surveillance purposes without notifying you or providing you with any means of seeking legal remedy. Insofar as we use providers in third countries that lack adequate security and you give your consent, the transfer to a third country is based on point (a) of Art. 49 (1) GDPR.
Provider | Maximum storage time | Adequate level of data protection | Option to object |
|---|---|---|---|
Google LLC (USA) | Inadequate level of data protection. Transfer of data is based on point (a) of Art. 49 (1) GDPR. | Once you have clicked on a preview image, the third-party content is immediately downloaded. If you do not want any content to be downloaded on other sites, please do not click on the preview images any more. |
Storage period
Insofar as we have not previously given you detailed information about the storage period, we delete personal data when they are no longer required for the aforementioned processing purposes and no legal obligations preclude their deletion.
Other processors
We share your data with service providers who support us in the operation of our websites and related processes as part of order processing pursuant to Art. 28 GDPR. Hosting service providers are examples. Our service providers are strictly bound by our instructions and have accepted our contract obligations to this effect.
We list below the processors with whom we cooperate who have not previously been mentioned in the course of this privacy policy. If data are transferred outside the EU or EEA at this time, we provide information regarding the adequate level of data protection.
| Processor | Purpose | Adequate level of data protection |
|---|---|---|
| Mittwald CM Service GmbH & Co. KG | Web hosting and support | Processing within the EU/EEA |
Online applications
You have the opportunity on our website to submit your application for any job positions we advertise. You determine the scope of the data you wish to send to us as part of your online application.
We process the data that you disclose to us as part of your online application solely for the purpose of selecting applicants in accordance with Section 26 Federal Data Protection Act [Bundesdatenschutzgesetz; BDSG]. Data are not processed for any other purposes.
As a rule, applications are forwarded to the heads of the pertinent departments in our company. Your data will not be passed on to any other parties. Your information will be treated confidentially in our company. If your application is unsuccessful, your documents will be deleted after 6 months.
In the event that you wish to allow us to consider your application for other or future job postings, please make a note to that effect on your application. We process your data in accordance with point (a) of Art. 6 (1) GDPR. The data will be deleted after a maximum of two years.
Your rights as data subject
Whenever your personal data are processed, the GDPR grants you certain rights as a data subject:
Right of access (Art. 15 of the GDPR)
You have the right to request confirmation as to whether personal data concerning you are being processed; if this is the case, you have a right to information about these personal data and to the information listed in detail in Art. 15 of the GDPR.
Right to rectification (Art. 16 of the GDPR)
You have the right to request the correction of inaccurate personal data concerning you and, if necessary, the completion of incomplete data without delay.
Right to erasure (Art. 17 of the GDPR)
delay, provided that one of the reasons listed specifically in Art. 17 GDPR applies.
Right to restriction of processing (Art. 18 of the GDPR)
You have the right to request the restriction of processing if one of the conditions listed in Art. 18 GDPR is met (e.g., if you have objected to the processing) for the duration of the review by the controller.
Right to portability (Art. 20 of the GDPR)
In certain cases, which are listed in detail in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, common, and machine-readable format or to request the transfer of these data to a third party.
Right of withdrawal (Art. 7 of the GDPR)
Insofar as the processing of data is based on your consent, you are entitled to withdraw your consent to the use of your personal data at any time pursuant to Art. 7 (3) GDPR. Please note that the withdrawal is effective solely for the future. The withdrawal of consent is without prejudice to the lawfulness of prior processing based on this consent.
Right of objection (Art. 21 of the GDPR)
If and when data are collected on the basis of point (f) of Art. 6 (1) GDPR (data processing for the protection of legitimate interests) or on the basis of point (e) of Art. 6 (1) GDPR (data processing for the protection of public interest or in the exercise of official authority), you have the right to object to the processing at any time for reasons relating to your particular situation. We will no longer process the personal data concerning you unless there are verifiably compelling legitimate grounds for the processing that override your interests, rights, and freedoms or for the establishment, exercise, or defense of legal claims.
Right to lodge a complaint with a supervisory authority (Art. 77 of the GDPR)
In accordance with Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you are of the opinion that the processing of data concerning you infringes on data protection regulations. The right of complaint may be asserted in particular before a supervisory authority in the Member State of your habitual residence, of your place of work, or of the place of the alleged infringement.
Assertion of your rights
Unless otherwise described above, please contact the office designated in the imprintto assert your rights as a data subject.
Contact details of the data protection officer
Our external data protection officer will be happy to provide you with information on the subject of data protection and can be contacted at the address shown here:
datenschutz nord GmbH
Konsul-Smidt-Straße 88
28217 Bremen
Web: www.datenschutz-nord-gruppe.de
E-Mail: office@datenschutz-nord.de
If you contact our data protection officer, please also indicate the competent office designated in the legal note.