Privacy Statement
We are very pleased about your interest in our company. The protection of your personal data is very important to us. We collect and use your personal data exclusively in accordance with and within the scope of the data protection law applicable in Germany, in particular the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and all other applicable data protection regulations.
In the following, we will inform you of the nature, scope and purpose of the collection and use of personal data while using our website. You can access this information on our website at any time.
Personal data is all data with which a natural person (data subject) can be identified directly or indirectly, e.g. name, address, e-mail address, user behavior.
This information uses the definitions of Regulation (EU) 2016/679 (General Data Protection Regulation, GDPR), which are listed in particular in Art. 4 of the GDPR.
1. Name and Contact Details of the Data Controller and Contact Details of the Data Protection Officer
1.1 The controller in the sense of the data protection laws (Art. 4 para. 7 of the GDPR) is:
This website is operated in the common interest of the Inotec group of companies (hereinafter referred to as the “Inotec group”) by
1. Inotec Barcode Security GmbH
Havelstraße 1- 3
24539 Neumünster
Germany
Phone: +49 (0)4321 8709-0
Fax: +49 (0)4321 8709-30
E-mail: info@inotec.de
The data collected via this website is processed by Inotec Barcode Security GmbH in joint responsibility with the following dependent companies (hereinafter referred to as “Inotec companies”):
2. Inotec Barcode Security S.A.R.L.
ZA de Courtaboeuf 12 avenue de Scandinavie
91967 Les Ulis
France
Phone: +33 1 69 29 81 11
Fax: +33 1 69 29 81 12
E-mail: info@inotec.fr
3. Inotec Barcode Security BV
Bijsterhuizen 3009
6604 LP Wijchen
Netherlands
Phone: +31 24 3450480
Fax: +31 24 3443456
E-Mail: info@inotec-barcode.nl
4. Inotec Barcode Security, Ltd.
Inotec House – Viking Close
Willerby, East Yorkshire HU10 6DZ
Great Britain
Phone: +44 1482-654466
Fax: +44 1482-655004
E-Mail: info@inotecbsl.com
5. Inotec Barcode Security Spol. S.R.O.
Czech Republic
Phone/Fax: +420 416 533 276
E-mail: janecek@inotec-barcode.cz
The companies in the Inotec group are therefore jointly responsible for processing within the meaning of Art. 26 of the GDPR.
Inotec Barcode Security GmbH is the host of the website and is responsible for the fulfillment of the information obligations in accordance with Art. 13 and 14 of the GDPR and assumes the fulfillment of the rights of data subjects. It is the central point of contact for legal data protection inquiries of data subjects. However, they may assert their rights with and against any one of the controllers.
Inotec Barcode Security GmbH makes personal data collected via this website available to Inotec companies. The responsibilities of the Inotec companies for customer inquiries and contracts with customers are divided regionally according to the location of the respective customer. Accordingly, Inotec Barcode Security GmbH provides Inotec companies, for example, with customer data from the customer inquiries of customers in the regional jurisdiction of the respective Inotec company.
2. General Principles
2.1 Scope and Legal Basis of the Processing
We process personal data only in accordance with legal regulations. In particular, personal data will only be processed if you have given your consent or if processing is otherwise legally permitted.
Insofar as we obtain the consent of the data subject for processing personal data, Art. 6 para. 1 lit. a of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
For the processing of personal data necessary for the execution of a contract to which the data subject is a party, Art. 6 para. 1 lit. b of the GDPR serves as the legal basis. This also applies to processing operations that are necessary for carrying out pre-contractual measures.
Insofar as the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 para. 1 lit. c of the GDPR serves as the legal basis.
In the event that vital interests of the data subject or another natural person require a processing of personal data, Art. 6 para. 1 lit. d of the GDPR serves as the legal basis.
If processing is necessary to safeguard a legitimate interest of our company or a third party, and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1 lit. f of the GDPR serves as the legal basis for processing.
We indicate the respective legal basis of the processing in connection with the information on the individual data processing operations in this privacy statement or when you enter your personal data.
2.2 Transmission/Recipients of Data
Within our company, only those departments and employees who need your data to protect our legitimate interests or to fulfill our contractual or legal obligations or to respond to your inquiries will have access to it.
In some cases, we use external service providers to process your data, who process data on our behalf as contract processors. This applies in particular to central IT services, our website hosting and newsletter dispatchment. Service providers who work for us as contract processors may only use the data in accordance with our instructions. In this case, we are legally responsible for ensuring appropriate data protection precautions by the companies commissioned by us. The companies have been carefully selected by us; commissioned in writing in accordance with the legal requirements, they are contractually bound by our instructions and obliged to secrecy and are regularly monitored.
Your personal data will only be transmitted to third parties if this is legally permissible, in particular if:
- based on Art. 6 para. 1 lit. a of the GDPR, you have expressly given your consent;
- the disclosure, in accordance with Art. 6 para. 1 lit. b of the GDPR, is required for the processing of contractual relations with you;
- the disclosure is legally required in accordance with Art. 6 para. 1 lit. c of the GDPR;
- the disclosure, in accordance with Art. 6 para. 1 lit. f of the GDPR, is necessary to protect our legitimate interests, provided that your interests do not outweigh ours.
If we intend to pass on personal data to third parties, you will find more detailed information on this in the material regarding individual data processing operations in this privacy statement or by entering your personal data.
The data processing takes place exclusively in Germany or within the European Union. There is no transfer to third countries.
2.3 Duration of Data Storage and Deletion
We process and store personal data only for the period of time necessary to achieve the processing purpose. If the purpose of processing ceases to apply, the data will be deleted, unless legal storage obligations prevent deletion. In the latter case, the processing is limited to the fulfillment of the storage obligations.
You will find more details in the information about the individual data processing operations in this privacy statement or by entering your personal data.
2.4 Data Security
We use SSL or TLS encryption during the website visit to protect the transmission of content. You can verify this by the closed key or lock symbol displayed by your browser when connected to SSL in the lower status bar of your browser.
We also use suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties. Our security measures are continuously improved in accordance with technological developments.
2.5 Rights of the Data Subject
You have the following rights with regard to your personal data:
- right to withdraw consent;
- right to be informed;
- right to correction or deletion;
- right to restrict processing;
- right to object to processing;
- right to data portability;
- right to file a legal complaint with a supervisory authority.
More detailed information on these rights can be found in Section 4 of these instructions.
3. Information on Individual Data Processing Operations
The following provisions provide you with more detailed information on the individual data processing operations, for example, what personal data is collected, for what purposes it is used, on what basis we are entitled to collect the data, how long it is stored and, if necessary, to whom it is transmitted.
3.1 Data Processing While Visiting the Website
When you visit our website, the browser used on your device automatically sends information to the server of our website. The following data is collected:
- IP address of the inquiring computer;
- the date and time of access;
- name and URL of the downloaded file;
- website from which access is made (referrer URL);
- the browser used and, if applicable, the operating system of your computer; as well as
- the name of your access provider;
- names of downloaded files.
This information is temporarily stored in a “log file.” This data is not stored together with other personal user data.
The data mentioned will be processed by us for the following purposes:
- display of the website;
- ensuring a smooth connection to the website;
- ensuring comfortable use of our website;
- evaluation of system security and stability; as well as
- for other administrative purposes.
The temporary storage of the IP address by the system is necessary to enable the transmission of the website data to the user’s computer and with it the display of the retrieved website contents. The data is stored in log files to ensure the website’s functionality. The data is also used to optimize the website and to ensure the security of our information technology systems.
The legal basis for data processing is Art. 6 para. 1 lit. f of the GDPR. Our legitimate interest arises from the purposes listed above for data collection. Under no circumstances do we use the data collected for the purpose of drawing conclusions about you personally.
The data is only temporarily stored and automatically deleted by our web host as soon as it is no longer necessary for the purpose of its collection.
We would like to point out that when data is processed on the basis of Art. 6 para. 1 lit. f of the GDPR, you are entitled to file an objection against the processing in accordance with Art. 21 of the GDPR. For more information, please refer to Section 4.10 of this privacy statement.
In addition, we use cookies and analytical services when you visit our website. You will find more detailed explanations in the following sections of this data protection declaration.
3.2 Cookies
We use cookies on our website. These are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do no damage to your device, do not contain viruses, Trojans or other malware.
Information is stored in the cookie that results in each case in connection with the specific device used. However, this does not mean that we immediately become aware of your identity.
The use of cookies serves, on the one hand, to make the use of our offer more pleasant for you. Thus, we use so-called session cookies to recognize that you have already visited individual pages on our website. These will be deleted automatically after leaving our site.
In addition, we also use temporary cookies that are stored on your device for a specifically determined period of time for the optimization of usability. If you visit our site again to use our services, it will automatically recall that you have already been with us and what entries and settings you have made so that you do not have to enter them again.
We use cookies to make your visit to our website easier and more pleasant. The data processing is carried out in accordance with Art. 6 para. 1 lit. f of the GDPR. We have a legitimate interest in the storage of cookies for the technically sound and optimized provision of our services.
We would like to point out that when data is processed on the basis of Art. 6 para. 1 lit. f of the GDPR, you are entitled to file an objection against the processing in accordance with Art. 21 of the GDPR. For more information, please refer to Section 4.10 of this privacy statement.
Most internet browsers accept cookies automatically. However, you can configure your browser so that, for example, no cookies are stored on your computer, or so that a message always appears before a new cookie is created. You can delete cookies at any time in the security settings of your browser.
The complete deactivation of cookies, however, may result in you being unable to use all the functions of our website.
Insofar as other cookies (e.g. cookies that analyze your surfing behavior) are used, these are covered separately in this privacy statement (Sections 3.5 – 3.9).
3.3 Data Processing When Using the Contact Form on Our Website and Contacting Us by E-mail
a) Contact Form
We offer you the opportunity to contact us using a form provided on the website.
If you wish to make use of the contact form, we need your valid e-mail address in order to process your request, so that we know from whom the request originates and can answer it. Other information can be provided voluntarily.
When you contact us via the contact form, the data you provide will be stored and used by us to process your request and to contact you in order to resolve it.
The legal basis for the processing of data when using our contact form is Art. 6 para. 1 lit. a of the GDPR based on your voluntary consent. You can revoke your consent at any time with future effect. For more details, please refer to our information on the rights of the data subject in Section 4.1 and on exercising these rights in Section 4.8 of this privacy statement.
The data will be deleted by us when storage is no longer necessary, in particular when the processing of your request has been completed. The further use of data stored by us for other purposes and which we are entitled to process due to another legal basis (e.g. with regard to data required for the execution of the contract) remains unaffected by this. If legal storage obligations exist, we limit the processing to the extent necessary in order to fulfill them. Regardless of this, you are entitled to your rights as a data subject. For more details, please refer to our information on the rights of the data subject under Section 4 of the privacy statement.
b) Email Contact
Even if you contact us via the e-mail address provided, the data provided by you will only be stored and used by us to process your request and to contact you in order to resolve it.
The legal basis for processing the data transmitted in the course of sending an email is Art. 6 para. 1 lit. f of the GDPR. Our legitimate interest ensues from the processing of your request, which is not opposed by any overriding interests on your part, since you voluntarily contact us for this purpose.
We would like to point out that when data is processed on the basis of Art. 6 para. 1 lit. f of the GDPR, you are entitled to file an objection against the processing in accordance with Art. 21 of the GDPR. For more information, please refer to Section 4.10 of this privacy statement.
If the aim of the email contact is to finalize a contract, then an additional legal basis for the processing is Art. 6 para. 1 lit. b of the GDPR.
The data will be deleted by us when storage is no longer necessary, in particular when the processing of your request has been completed. The further use of data stored by us for other purposes and which we are entitled to process due to another legal basis (e.g. with regard to data required for the execution of the contract) remains unaffected by this. If legal storage obligations exist, we limit the processing to the extent necessary in order to fulfill them. Regardless of this, you are entitled to your rights as a data subject. For more details, please refer to our information on the rights of the data subject under Section 4 of the privacy statement.
3.4 Data Processing for Applications
3.4.1 Purpose and Legal Basis of the Processing, Type and Scope of Data Collected
a) Online Application
We offer you the opportunity to apply directly on our website to job advertisements online via the “online application.”
We process your personal data in accordance with the provisions of the EU General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG).
We store and use your applicant data only for the purpose of carrying out the application procedure for the advertised position and for assessing to what extent an aptitude for the relevant position exists.
In the case of an online application, we collect the data from the input mask, in particular
- your master data (such as first name, last name, name affixes, date of birth);
- contact data (such as home address, (mobile) telephone number, email address);
- “skill data” regarding your qualification (e.g. information on training and last employer, special knowledge (language skills, EDP and IT skills)).
You also have the option of uploading documents (certificates, CV, etc.).
Mandatory fields are specially marked. Without the mandatory information, your application cannot be considered. Furthermore, we may collect and process further data from you as part of the recruitment process, more specifically in an interview, if applicable, insofar as this is necessary for the decision to establish an employment relationship. We also store the written, electronic communication that takes place between you and us as part of the application process.
The legal basis of processing is Art. 6 para. 1 lit. b of the GDPR, Art. 88 of the GDPR, in conjunction with Art. 26 para. 1 of the BDSG, since the processing of your data is necessary for the decision to establish an employment relationship.
In principle, we do not collect special categories of personal data during the application process and we ask you not to provide us with such data. Special categories of personal data include information revealing racial or ethnic origin, political opinion, religious or philosophical beliefs or trade union membership, as well as genetic data, biometric data uniquely identifying a natural person, health data or data relating to a natural person’s sex life or sexual orientation.
By way of exception, the collection and processing of special categories of personal data may be required, for example, if your physical fitness is relevant to the position. A processing of special categories of personal data only takes place if a statutory authorization justifies this, in particular if the processing is necessary due to labor law rights or obligations or the law of social security and social protection, and your interests do not prevail.
In this case, the processing of special categories of personal data (e.g. health data) is based on Art. 9 para. 2 lit. b of the GDPR, in conjunction with Art. 26 para. 3 of the BDSG.
b) Written Application
Of course, you can also apply to us by other means, for example, in writing. In this case, we will store and process the data that you provide to us in your application and, if applicable, other data that you provide to us in the course of the extended application process. In all other respects, the explanations under a) regarding online applications apply accordingly.
3.4.2 Storage Time
If the application procedure ends with the execution of an employment contract, the transmitted data is stored for the purpose of finalizing the employment relationship in observance of the legal regulations.
Otherwise, the application documents will be automatically deleted three months after notification of the rejection decision, unless we are entitled to store them on a different legal basis.
We would be entitled to store the data for a longer period of time, for example, if you give your express consent to a longer storage period, e.g. in order to be able to consider you in subsequent job postings.
Furthermore, we can store the data for longer if we have a legitimate interest in doing so, provided that your interests do not prevail, for example, if the storage would be necessary to assert, exercise or defend legal claims.
3.4.3 Data Security and Disclosure to Third Parties
Incoming online applications are not stored on the web server but saved and filed in the company’s server environment. Your data will be treated as strictly confidential by our company and is protected against unauthorized access and manipulation by technical and organizational measures.
In our company, only a limited number of employees have access to your data, who process this data as part of your application.
In addition, we are supported by service providers who act as contract processors and provide IT services and hosting services for us. These contractors process the data on our behalf and exclusively according to our instructions. In this case, we are legally responsible for ensuring appropriate data protection precautions by the companies commissioned by us. The companies have been carefully selected by us, commissioned in writing in accordance with legal requirements, are bound by our instructions and are regularly monitored. There is no transmission to third countries.
A transmission of your data to other recipients (third parties) is not intended and will obviously not take place, unless you expressly give us your consent for transmitting or we are obliged or entitled to pass on your data independently of your consent in accordance with applicable legal provisions. Such a case could exist, for example, if the assertion, exercise or defense of legal claims would require the disclosure of data to a court or an authority.
3.5 Google Analytics
This website uses Google Analytics, a web analysis service. This is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, U.S.A.
Google Analytics uses “cookies.” These are text files that are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie about your use of this website is generally transmitted to a Google server in the USA and stored there.
Google Analytics cookies are stored on the basis of Art. 6 para. 1 lit. f of the GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising.
We have activated the IP anonymization feature on this website. Your IP address will be truncated by Google within the European Union or other parties to the Agreement on the European Economic Area prior to transmission to the United States. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports about website activity, and to provide the website operator with other services related to website activity and internet usage. The IP address provided by your browser as part of Google Analytics will not be combined with other data from Google.
We would like to point out that when data is processed on the basis of Art. 6 para. 1 lit. f of the GDPR, you are entitled to file an objection against the processing in accordance with Art. 21 of the GDPR. For more information, please refer to Section 4.10 of this privacy statement.
You can prevent cookies from being stored by selecting the appropriate settings in your browser; however, we wish to point out that by doing so, you may not be able to enjoy the full functionality of this website. You can also prevent the data generated by cookies about your use of the website (incl. your IP address) from being passed to Google, and the processing of this data by Google, by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en/.
You can prevent the collection of your data by Google Analytics by clicking on the following link: https://tools.google.com/dlpage/gaoptout/. An opt-out cookie is set which prevents the collection of your data on future visits to this website.
For more information about how Google Analytics handles user data, see Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=en/.
We have entered into a contract with Google for the outsourcing of our data processing and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
3.6 Google Analytics Remarketing
Our websites use the features of Google Analytics Remarketing combined with the cross-device capabilities of Google AdWords and DoubleClick. These are operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, U.S.A.
This function enables the target groups created with Google Analytics Remarketing to be linked with the cross-device functions of Google AdWords and Google DoubleClick. This allows advertising to be displayed based on your personal interests, identified from your previous usage and surfing behaviour on one device (e.g. your mobile phone), on other devices (such as a tablet or computer).
Once you have given your consent, Google will associate your web and app browsing history with your Google Account for this purpose. That way, the same personalized advertising messages can appear on any device you sign in to with your Google Account.
To support this feature, Google Analytics collects Google-authenticated user IDs that are temporarily linked to our Google Analytics data to define and create cross-device ad targeting.
The aggregation of the data collected in your Google Account data is based solely on your consent, which you may give or withdraw from Google (per Art. 6 para. 1 lit. a of the GDPR). For data collection operations not merged into your Google Account (for example, because you do not have a Google Account or have objected to the merge), the collection of data is based on Art. 6 para. 1 lit. f of the GDPR. The legitimate interest arises from the fact that the website operator has an interest in the anonymous analysis of website visitors for advertising purposes.
We would like to point out that when data is processed on the basis of Art. 6 para. 1 lit. f of the GDPR, you are entitled to file an objection against the processing in accordance with Art. 21 of the GDPR. For more information, please refer to Section 4.10 of this privacy statement.
You may permanently opt out of cross-device remarketing/targeting by disabling personalized advertising in your Google Account by following this link: https://www.google.com/settings/ads/onweb/.
Further information and the data protection regulations can be found in Google’s privacy statement at: https://www.google.com/policies/technologies/ads/.
3.7 Google AdWords and Google conversion tracking
This website uses Google AdWords. AdWords is an online advertising program from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States (“Google”).
As part of Google AdWords, we use so-called conversion tracking. When you click on an ad served by Google, a conversion tracking cookie is set. Cookies are small text files that your internet browser stores on your computer. These cookies expire after 30 days and are not used for personal identification of the user. Should the user visit certain pages of this website and the cookie has not yet expired, we and Google can tell that the user clicked on the ad and proceeded to that page.
Each Google AdWords advertiser has a different cookie. The cookies cannot be tracked through the website of an Adwords advertiser. The information obtained using the conversion cookie is used to create conversion statistics for the Adwords advertisers who have opted for conversion tracking. Advertisers are told the total number of users who clicked on their ad and were redirected to a conversion tracking tag page. However, advertisers do not obtain any information that can be used to personally identify users. If you do not want to participate in tracking, you can opt out of this by easily disabling the Google conversion tracking cookie by changing your browser settings. By doing so, you will not be included in the conversion tracking statistics.
“Conversion cookies” are stored on the basis of Art. 6 para. 1 lit. f of the GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising.
For more information about Google AdSense and Google conversion tracking, please see Google’s privacy policy at http://www.google.de/policies/privacy/.
We would like to point out that when data is processed on the basis of Art. 6 para. 1 lit. f of the GDPR, you are entitled to file an objection against the processing in accordance with Art. 21 of the GDPR. For more information, please refer to Section 4.10 of this privacy statement.
You can configure your browser so that you are informed about the use of cookies, and you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions, or to always reject them, or to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of this website.
3.8 Facebook Pixel
Our website uses the visitor action pixel of Facebook, Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, U.S.A. (“Facebook”) for conversion measurement.
This way, the behavior of site visitors can be tracked after they click on a Facebook ad and are redirected to the provider’s website. This allows an analysis of the effectiveness of Facebook advertisements for statistical and market research purposes and their future optimization.
The collected data is anonymous to us as the operator of this website; we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible, and Facebook can use the data for its own advertising purposes in accordance with the guidelines for Facebook data use. This will allow Facebook to display ads both on Facebook and on third-party sites. We have no control over how this data is used.
Please see Facebook’s privacy policy for more information on how your privacy is protected: https://www.facebook.com/about/privacy/.
You can also disable the remarketing feature “Custom Audiences” in the ad settings section at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do so, you will first need to log into Facebook.
If you do not have a Facebook account, you can disable Facebook usage-based advertising on the European Interactive Digital Advertising Alliance website:
http://www.youronlinechoices.com/de/praferenzmanagement/.
3.9 Newsletter
3.9.1 Newsletter Data
If you would like to receive our newsletter, we require a valid email address, as well as information which allows us to verify that you are the owner of the email address provided and that you agree to receive this newsletter. No additional data is collected or will only be collected on a voluntary basis. We only use this data to send the requested information and do not pass it on to third parties.
We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 para. 1 lit. a of the GDPR. You can revoke consent to the storage of your data and email address as well as their use for sending the newsletter at any time, e.g. through the “unsubscribe” link in the newsletter. The legality of the data processing that occurs before we receive your revocation remains unaffected.
The data provided when registering for the newsletter will be saved and used to distribute the newsletter until such time as you cancel your subscription, when said data will be deleted. Data we have stored for other legally valid purposes (e.g. email addresses for the members area) remains unaffected.
3.10 Google Maps
We use an API for the Google Maps service to visually display geographical information via the Google Maps service. This is hosted by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, U.S.A.
When Google Maps is used, Google also collects, processes, and utilizes data about the visitor’s use of map functions, in particular the IP address. This information is usually transmitted to a Google server in the USA and stored there. The host has no influence on the data transmission.
The data transmission takes place regardless of whether Google provides a user account through which you are logged in or if no user account exists. If you are logged into Google, your information will be directly linked to your account. If you do not wish to be associated to your Google profile, you must first log out before activating the button. Google stores your data as usage profiles and uses them for the purposes of advertising, market research and/or the customized design of its website. Such an evaluation also takes place (even for users who are not logged in) for the purposes of providing customized advertising and to inform other social network users about activities on our website.
Google Maps is used to make our website more attractive and to make it easier for you to find the places indicated on our website, for example, our company headquarters.
The data processing is based on Art. 6 para. 1 lit. f of the GDPR. The purposes described above represent a legitimate interest.
You have the right to object to the creation of these user profiles, in which case you must contact Google to exercise this right.
You can find more information about the purpose and scope of data collection and its processing by Google Maps in Google’s privacy statement. There you will also find further information about your respective rights and settings options for protecting your privacy: http://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield,
https://www.privacyshield.gov/EU-US-Framework.
4. Rights of the Data Subject
As the data subject, you have the following rights:
4.1 Right to Revoke Consent
If you have given your consent to the processing of your data, you have, pursuant to Art. 7 para. 3 of the GDPR the right to revoke your consent to us at any time. As a result, we are no longer allowed to continue data processing in the future, insofar as this was permitted to us on the basis of your consent. The legality of the processing carried out before the revocation remains unaffected, i.e. the processing carried out in the past on the basis of the consent remains legal.
If you wish to revoke your consent, it is sufficient, for example, to send an e-mail to the data protection officer at datenschutzbeauftragter@inotec.de or via the contact details given in Section 1.
4.2 Right to Confirmation and Information
You have the right, based on Art. 15 of the GDPR, to request confirmation from us on whether your personal data is being processed. Furthermore, you have the right to free information concerning your personal data that is processed by us. Specifically, you may request information on
- the purposes of processing;
- the category of personal data;
- the categories of recipients to whom your information has been or will be disclosed;
- the anticipated storage time;
- the existence of a right to correction, cancellation, limitation of processing or objection;
- the existence of a right to appeal;
- all available information about the origin of your data, if not collected from us; and
- the existence of automated decision making, including profiling and, if applicable, meaningful information about its details.
4.3 Right to Correction
You have the right to immediately request the completion or correction of incorrect personal data stored by us in accordance with Art. 16 of the GDPR.
4.4 Right to Deletion
You have the right to request the deletion of your personal data stored by us pursuant to Art. 17 of the GDPR if one of the following reasons applies:
- The personal data is no longer necessary for the purpose of its collection or other types of processing.
- You revoke your consent on which the data processing was based, and there is no other legal basis for data processing.
- You object to the processing operations carried out on the basis of Art. 6 para. 1 lit. b or f of the GDPR, and there are no overriding legitimate grounds for processing, or you object to the processing of data for direct marketing purposes.
- The personal data has been unlawfully processed.
- The deletion of your personal data is necessary to fulfill a legal obligation under EU law or the law of the member states to which we are subject;
- The personal data concerning you has been collected in relation to services offered by the information society according to Art. 8 para. 1 of the GDPR.
This does not apply if the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.
4.5 Right to Processing Restrictions
You have the right to request, in accordance with Art. 18 DSGVO, restrictions on the processing of your personal data if
- you dispute the accuracy of the data for a period that allows us to verify the accuracy of your data;
- the processing is unlawful, but you object to deleting it and instead request that the processing be restricted;
- we no longer need the data, but you do need it to assert, exercise, or defend legal claims; or
- you have filed an objection against the processing pursuant to Art. 21 of the GDPR, as long as it is not clear whether our justified reasons outweigh yours.
In this case, apart from storage, your data may only be processed with your consent or for certain legally defined purposes, in particular for the prosecution and protection of the rights of other persons. We will notify you before the restriction is lifted.
4.6 Right to Data Portability
You have the right, pursuant to Art. 20 of the GDPR, to receive your personal data that you have provided to us in a structured, current and machine-readable format, or to request its transmission to another data controller.
4.7 Right to Object to the Processing
Under certain conditions, you also have the right to object to the processing of your personal data in accordance with Art. 21 of the GDPR. Please read our special instruction under Section 4.10: Special Information About Your Right to Objection Pursuant to Art. 21 of the GDPR.
4.8 Information on the Exercise of Rights in Accordance with Sections 4.1 – 4.7
If you would like to avail yourself of your aforementioned rights, you can contact us at any time. This can be done, for example, by sending an e-mail to the data protection officer at datenschutzbeauftragter@inotec.de or via the contact details given in Section 1.
4.9 The Right to Lodge a Complaint With a Supervisory Authority
Furthermore, according to Art. 77 of the GDPR, you have the right to complain to a supervisory authority. For example, you can contact the supervisory authority for your usual place of residence or workplace or our headquarters. A list of supervisory authorities can be found here:
https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
4.10 Special Information About Your Right to Objection Pursuant to Art. 21 of the GDPR
In the following, we would like to draw your attention particularly to your right to objection pursuant to Art. 21 of the GDPR:
4.10.1 Individualized Right to Objection Pursuant to Art. 21 Para. 1 of the GDPR
A prerequisite for this right to objection is that data processing occurs based on the provisions of Art. 6 para. 1 lit. e or f of the GDPR.
Art. 6 para. 1 lit. e regulates the case in which the processing is necessary to execute a task in the public interest or in the exercise of official authority assigned to the controller. This is primarily a consideration for holders of sovereign power such as the Federal Government, the states and their authorities or private individuals who have been granted loans.
Art. 6 para. 1 lit. f of the GDPR permits processing if necessary to safeguard the legitimate interests of the data controller or a third party, provided that the interests or fundamental rights and freedoms of the data subject do not prevail.
If the data is processed on one of these bases, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation. This also applies to profiling based on these provisions.
If an objection is lodged, the personal data will no longer be processed, unless we can prove compelling legitimate reasons for the processing which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise, or defend legal claims.
4.10.2 Right to Object to the Processing of Data for Direct Marketing According to Art. 21 Para. 2 of the GDPR
If your data is processed for direct marketing purposes, you have the right to object at any time to the processing of your data for the purposes of such advertising. This also applies to profiling if it is connected with direct marketing.
The result of the objection is that the data is no longer processed for these purposes.
4.10.3 Exercise of the Right to Objection
If you wish to exercise your right to objection under a) or b), you can contact us at any time. This can be done, for example, by sending an e-mail to the data protection officer at datenschutzbeauftragter@inotec.de or via the contact details given in Section 1.1.
5. Period of Validity
In order to ensure that our privacy statement always complies with current legal requirements, we reserve the right to make changes at any time. This also applies in the event that the data protection statement has to be modified due to new or revised offers or services.