Website data privacy statement and notice for data subjects in accordance with Article 13 and Article 14 of the EU General Data Protection Regulation

General information

Details of controlling body

Company: Securetec Detektions-Systeme AG
Legal representatives: Verena Zimmermann, Stefan Masur
Adress: Lilienthalstraße 7,
85579 Neubiberg
Data Protection Officer contact details: [email protected]

General data processing information

Data affected::

We only collect personal data that you share with us. No other personal data is collected. Subject to applicable legal exceptions, your personal data is only processed on the basis of your explicit consent.

Purpose of processing: Contract performance.
Categories of recipients: Public bodies, where regulations make this compulsory.

External service providers or other contracting processors.

Other external bodies where data subjects have given their consent, or data transfer is permitted due to overriding interests.

Transfers to third countries: Processors outside the European Union may also be used for contract performance.
Data retention period: The period for which data are stored is based on statutory retention periods, generally 10 years.

Specific details on website

Use of a newsletter

To subscribe to our newsletter you share your e-mail address, and optionally other data, with us. We use these data solely for sending you the newsletter. We store the data you submit when you subscribe to the newsletter until you unsubscribe from our newsletter. You can unsubscribe at any time using the designated link in the newsletter or by sending us a message. When you unsubscribe you withdraw your consent to the use of your e-mail address.

hCaptcha

hCaptcha is a service of Intuition Machines, Inc. (“IMI”), a Delaware, U.S. corporation (#6393793).

Enquiries can be mailed to the following address: Intuition Machines, Inc., 350 Alabama St, San Francisco, CA 94110.

Intuition Machines, Inc. (“IMI”) complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), as set forth by the U.S. Department of Commerce. IMI has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. IMI has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework. To learn more about the Data Privacy Framework (DPF) programme and to view our certification, please visit https://www.dataprivacyframework.gov/.

To view the data processing agreements (DPA) that refer to the EU standard contractual clauses/the Privacy Policy of hCaptcha, please visit: https://www.hcaptcha.com/privacy?tid=331727781164.

We use hCaptcha to verify whether the data entered on our website (e.g., in a contact form) is entered by a human or by an automated program. For this purpose, hCaptcha analyses the behaviour of the website visitor based on a number of characteristics.

This analysis begins automatically as soon as the website visitor enters a website that has hCaptcha enabled. For the analysis, hCaptcha evaluates various information (e.g., IP address, how long the visitor has been on the website, or mouse movements made by the user). The data collected during the analysis is forwarded to IMI. If hCaptcha is used in “invisible mode”, the analysis takes place completely in the background. Website visitors are not informed that an analysis is taking place.

The storage and analysis of the data is based on Art. 6(1)(f) of the GDPR. The website operator has a legitimate interest in protecting its web offerings from abusive automated crawling and spam. If consent to the storage of cookies or access to information on the user’s end device (e.g., device fingerprinting) has been requested, processing is carried out exclusively on the basis of Art. 6(1)(a) of the GDPR. This consent can be withdrawn at any time.

Use of Google Analytics

This Web site uses Google Analytics, a Web analysis service by Google Inc. (“Google”). Google Analytics uses so-called “cookies,” small text files stored on your computer for the purpose of analyzing your use of the Web site. Typically, the information about your use of this Web site generated by the cookie is transmitted to a Google server in the United States where it is stored. If IP anonymisation is activated on this website, your IP address will, however, be shortened beforehand by Google within member states of the European Union or in other states that are party to the Agreement on the European Economic Area. It is only in exceptional cases that the full IP address is transferred to a Google server in the United States and shortened there. On behalf of the operator of this Web site, Google will use this information to analyze your use of the Web site, to prepare reports about Web site activity, and to provide other services to the Web site operator in connection with the use of the Web site or Internet use. The IP address transmitted by your browser in connection with Google Analytics is not merged with other Google data. You can prevent these cookies from being stored by enabling the relevant setting in your browser software. Please note, however, that you may be unable to use all functions available on this website in this case. In addition, you can prevent the collection of the data in connection with your use of the Web site collected by the cookie (including your IP address) by Google as well as the processing of this data by Google by downloading and installing the browser plug-in from the following link: In view of the debate around the use of analytical tools with complete IT addresses, please note that this website uses Google Analytics with the “_anonymizeIp()” plug-in enabled, which means that IP addresses are shortened before processing to prevent them being used for individual identification. If you are using a browser on a mobile device, please click on this link to disable Google Analytics, to prevent any future anonymous recording by Google Analytics on this website for your browser using an “opt-out” cookie.

[google_analytics_optout]Click here for Google Analytics Opt-Out[/google_analytics_optout]

 

Google AdWords Conversion Tracking

This Web page uses Google AdWords Conversion Tracking, a Web analysis service by Google Inc. (“Google”). Google AdWords Conversion Tracking also uses “cookies”, which are text files stored on your computer and which enable analysis of your use of the website. The information that cookies generate about your use of this website is transferred to a Google server in the USA and stored there. Google will use this information to analyse your use of the website, create reports on website activities for the website operators and provide additional services in connection with use of the website and Internet usage. Google may also pass on this information to third parties if this is required by law or if third parties process these data on behalf of Google. Under no circumstances will Google associate the data with other data from Google. You can prevent the use of cookies generally by refusing to store cookies in your browser.

Use of in-house “cookies”

This website uses in-house “cookies” to make it more user-friendly (“cookies” are data records that the web server sends to the user’s browser where they are saved for later requests). No personal data are stored in our in-house “cookies”. You can prevent the use of cookies generally by refusing to store “cookies” in your browser.

Borlabs Cookie

This website uses Borlabs Cookie, which sets a technically necessary cookie (borlabs-cookie) to store your cookie consents. Borlabs Cookie does not process any personal data. The borlabs-cookie stores the consent you gave when you entered the website. If you wish to revoke these consents, simply delete the cookie in your browser. When you re-enter or reload the website, you will be asked again for your cookie consent.

Cloudflare

We use the Content Delivery Network (CDN) of Cloudflare Germany GmbH, Rosental 7, c/o Mindspace, 80331 Munich, Germany (Cloudflare) to improve the security and delivery speed of our website. Use of the Cloudflare service is also necessary to ensure stability and security for our website, to allow our host to bill us for the services provided, and to enable efficient website display. The legal basis is your consent in accordance with GDPR Art. 6 par. 1 point (f). A CDN is a network of distributed servers capable of delivering optimised content to website users. For this purpose, Cloudflare processes personal data in server log files.

Collected data:
IP address
Information about system configuration
Website name
Date and time of request
Name and URL of the retrieved file
Transferred data volume
Status information
Device operating system
Referrer URL
Requesting provider
Device type
Time of server request

Legal basis:
Art. 6 par. 1 point f) GDPR

Cloudflare receives your personal data and acts as a data processor on our behalf.

Cloudflare only stores your personal data for as long as is necessary for the purposes specified.

Cloudflare has implemented compliance measures for international transfers. These apply to all global activities that involve Cloudflare processing the personal data of natural persons within the EU. These measures are based on the EU Standard Contractual Clauses (SCCs). For more information, see: https://www.cloudflare.com/cloudflare_customer_SCCs.pdf

LINKEDIN

LinkedIn, LinkedIn, 2029 Stierlin Court, Mountain View, CA 94043 USA can be accessed using the blue “in” icon. Double-clicking on our “in” button creates a connection with the LinkedIn server which uploads the LinkedIn plugin to the Internet page. The content of the “in” button is sent directly to your browser by LinkedIn and integrated into the webpage. It is possible that your IP address may be sent to LinkedIn in the USA. For more detailed information about the scope, nature and purpose of the data processing and additional processing and use of the data by LinkedIn, and on rights and settings you can use to protect your privacy, please refer to LinkedIn’s Privacy Policy (http://www.linkedin.com/legal/privacy-policy) on the “in” button. If you are a LinkedIn member and do not want LinkedIn to collect data about you via our website when you press the “in” button and associate the data with your membership data stored by LinkedIn, you must log out of LinkedIn before visiting our Internet site.

XING

XING, XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany, can be accessed using the green “x” or “xing” icon. Double-clicking on our “XING” button creates a connection with the XING server which uploads the XING share button features (in particular the visitor counter) to the Internet page. XING does not store any of your personal data when you access this website. In particular, XING does not store any IP addresses. In addition, your usage behaviour is not analysed by the use of cookies associated with the XING share button. Please visit the following website to view the latest privacy policy for the “XING share button” and other information: https://www.xing.com/app/share?op=data_protection

TWITTER

Please note that you alone are responsible for using the Twitter messaging service and its features provided here. This applies particularly to the use of the interactive features such as sharing and liking.

Data privacy information for use of Twitter:

For more information on the data processed by Twitter and the purposes for which they are used, see the Twitter Privacy Policy: https://twitter.com/en/privacy

Twitter Inc. is committed to the principles of the EU-US Privacy Shield. More details are available at: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active

Securetec Detektions-Systeme AG has no influence over the scope and nature of the data processed by Twitter, how they are processed and used, or their transfer to third parties. Nor has it any effective means of controlling these aspects.

When you use Twitter, your personal data are collected, transferred, stored, published and used by Twitter Inc. and transferred to and stored in the United States, Ireland, and any other country where Twitter Inc. operates, irrespective of the country you live in.

To do this, Twitter processes data provided by you voluntarily such as your name and user name, e-mail address, telephone number or the contacts in your address book if you upload or synchronise them.

Twitter also analyses the contents shared by you to make inferences such as what topics you are interested in, and stores and processes Direct Messages you send to other users, and can identify your location based on GPS data, information on wireless networks or via your IP address to send you advertisements or other contents.

Twitter Inc. may use analytical tools such as Twitter or Google Analytics to analyse your data. Securetec Detektions-Systeme AG has no influence over the use of these tools by Twitter Inc., nor has it been informed of such potential use. Where these types of tools are used by Twitter Inc. for the Securetec Detektions-Systeme AG account, Securetec Detektions-Systeme AG has not contracted this, approved it or supported it in any other way. It does not have access to the data obtained from the analysis. Securetec Detektions-Systeme AG can only view specific, non-personalised information about Tweet activity, such as the number of clicks on profile or link by a specific Tweet via its account. Securetec Detektions-Systeme AG is also unable to prevent or switch off the use of such tools on your Twitter account.

Finally, Twitter also obtains information, for example, when you view contents, even if you have not created an account. These Log Data may include your IP address, browser type, operating system, the referring web page, pages visited, location, your mobile carrier, device information (including device and application IDs), search terms, or cookie information.

Twitter can use Twitter buttons/widgets embedded in web pages and cookies to record your visits to these web pages and assign them to your Twitter profile. These data can be used to customise the content or ads shown to you.

Twitter Inc. believes that as a provider based outside Europe whose only subsidiary is in Ireland it is not bound by the German Data Protection regulations. This affects, for example, your rights to access, blocking or erasure of data or to withdrawing consent to usage data being used for marketing purposes.

You can restrict the processing of your data by going to the general settings on your Twitter account and clicking on “Privacy and Safety”. If you are using a mobile device (smartphone, tablet) you can also go to the settings and restrict Twitter’s access to contact and calendar data, photos, location data etc. However, this will depend on the operating system used.

Privacy policy on use of YouTube

YouTube’s operating company is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, USA.

Each time one of the pages of this website, which is operated by the controller, is accessed and a YouTube component (YouTube video) has been integrated, the Internet browser on the data subject’s information technology system will automatically be activated by the respective YouTube component to download a presentation of the corresponding YouTube component from YouTube. More information about YouTube can be found at https://www.youtube.com/intl/en/yt/about/. As part of this technical process, YouTube and Google are aware of the specific subpage on our site being visited by the data subject.

If the data subject is logged in to YouTube at the same time, YouTube recognises which specific subpage of our website the affected person has visited when a subpage containing a YouTube video is accessed. This information is collected by YouTube and Google and associated with the data subject’s individual YouTube account.

YouTube and Google are always notified by the YouTube component that the data subject has visited our website if the data subject is simultaneously logged into YouTube at the time of accessing our website; this happens regardless of whether the person clicks on a YouTube video or not. If such transfer of this information to YouTube and Google is not wanted by the data subject, they can prevent the transfer by logging out of their YouTube account before calling our website.

YouTube’s privacy policy, available at https://policies.google.com/privacy?hl=en, identifies the collection, processing, and use of personal data by YouTube and Google.

Information on additional data processing methods

Specific details on recruitment procedure

Data affected: Application details
Purpose of processing: Implementation of recruitment procedure
Categories of recipients: Public bodies, where regulations make this compulsory.

External service providers or other contracting processors.

Other external bodies where data subjects have given their consent, or data transfer is permitted due to overriding interests.

Transfers to third countries: Processors outside the European Union may also be used for contract performance.
Data retention period: Application data shall normally be erased within four months of notification of the decision unless you have consented to the data being retained for a longer period.

Specific details on processing of data on existing/prospective customers

Data affected: Data communicated for contract performance; any other data for processing based on your explicit consent.
Purpose of processing: Contract performance
Categories of recipients: Public bodies, where regulations make this compulsory.

External service providers or other contracting processors.

Other external bodies where data subjects have given their consent, or data transfer is permitted due to overriding interests.

Transfers to third countries: Processors outside the European Union may also be used for contract performance.
Data retention period: The period for which data are stored is based on statutory retention periods, generally 10 years.

Specific details on processing of employee data

Data affected: Data communicated for contract performance; any other data for processing based on your explicit consent.
Purpose of processing: Contract performance as part of the employment relationship
Categories of recipients: Public bodies, where regulations make this compulsory.

External service providers or other contracting processors.

Other external bodies where data subjects have given their consent, or data transfer is permitted due to overriding interests.

Transfers to third countries: Processors outside the European Union may also be used for contract performance.
Data retention period: The period for which data are stored is based on statutory retention periods, generally 10 years.

Specific details on processing of supplier data

Data affected: Data communicated for contract performance; any other data for processing based on your explicit consent.
Purpose of processing: Contract performance
Categories of recipients: Public bodies, where regulations make this compulsory.

External service providers or other contracting processors.

Other external bodies where data subjects have given their consent, or data transfer is permitted due to overriding interests.

Transfers to third countries: Processors outside the European Union may also be used for contract performance.
Data retention period: The period for which data are stored is based on statutory retention periods, generally 10 years.

Additional information and contacts

You may also establish your claims to access, rectification, erasure, restriction of processing or to object to processing, and your claim to data portability at any time. You can contact us by e-mail or letter here. You also have the right to address any complaints to the competent data protection supervisory authority.