DATA PRIVACY STATEMENT

§ 1 Information on the collection of personal data

  1. The following is to inform you about the collection of personal data during the use of our website. Personal data are all data attributable to you personally, e.g. name, address, e-mail addresses, user behaviour.
     
  2. Controller pursuant to Article 4 Paragraph 7 EU General Data Protection Regulation (GDPR) is ) is PROCITEC GmbH, Rastatter Straße 41, 75179 Pforzheim (see also under Imprint).

    We have appointed a data protection officer for our company.
    PROLIANCE GmbH
    Leopoldstr. 21
    80802 München

    You can reach our data protection officer at
    datenschutzbeauftragter@datenschutzexperte.de or www.datenschutzexperte.de or at the postal address provided.
     
  3. Should we resort to commissioned service providers for individual functions of our offering or wish to use your data for commercial purposes, we will inform you as below in detail of the respective processes. In so doing, we will also cite the set storage time criteria.

 

§ 2 Your rights

You have the following rights vis-à-vis our company with respect to the personal data relating to you:

Right to information, 
Right to correction or deletion,
Right to limitation of processing,
Right to objection to processing,
Right to object (see § 6),
Right to data portability (see § 10)
Right to revoke a given consent

You also have the right to complain to a Data Security Supervisory Authority about our processing of your personal data. To this end, you may contact the Supervisory Authority of your usual place of residence or workplace or of our corporate domicile.

 

§ 3 Collection of personal data during visits to our website

  1. When you use the website merely for purposes of information, i.e. when not registering or transmitting other information to us, we will collect only those personal data transmitted by your browser to our server. Should you wish to view our website, we will collect the following data, required technically by us in order to display our website and to ensure stability and security (legal basis is Article 6 Paragraph 1 Clause 1 Letter f et seq. GDPR):
    IP adress
    Date and time of query
    Time zone difference to Greenwich Mean Time (GMT)
    Content of the request (specific page)
    Access status / HTTP status code
    Data volume transmitted each time
    Originating website of the request
    Browser
    Operating system and interface thereof
    Browser software language and version.

    Such data are stored on a temporary basis only and will be automatically deleted after a short time.
     
  2. In addition to the aforementioned data, cookies will be stored on your computer when you use our website. Cookies are small text files, which are stored on your hard disk assigned to your browser of choice and which provide the agency setting the cookie (us in this case) with specific information. Cookies are unable to execute any programs or infect your computer with any viruses. They serve to enhance the user-friendliness and efficiency of the overall Internet offering.

    This website uses the following types of cookies whose scope and functionality are explained in the following: Transient cookies. Transient cookies are automatically deleted when you close the browser. These include, in particular, the session cookies. The latter store a so-called session ID that allows your browser’s various queries to be assigned to the joint session, thus enabling your computer to be recognised when you return to our website. The session cookies are deleted once you log out or close the browser.

    The user data collected by technically required cookies are not used to create user profiles. These functions also form the basis of our legitimate interest in processing personal data according to Article 6 Paragraph 1 Letter f GDPR.

    Your browser settings may be configured according to your individual preferences e.g. to reject the acceptance of third-party cookies or of all cookies. We should point out to you that you may then be unable to use all the functions of this website.
     
  3. Contact form: We give you the option of establishing contact with us for all kinds of questions via a contact form provided on our website. When using the form, a valid e-mail address is required to inform us of the original source as well as to allow us to respond to the query. Further information may be provided on a voluntary basis. According to Article 6 Paragraph 1 Clause 1 Letter a GDPR, data for purposes of establishing contact with us is processed on the basis of your voluntary consent. The personal details we collect for the use of the contact form will be automatically deleted once your query has been handled.

 

§ 4 Collection of personal data when using the career portal

Should you wish to use our website to apply for a position in a company of the PLATH Group, you are required to provide and transmit specific personal data in the respective contact form provided for such purpose.

Should you apply for an advertised position, your data will only be processed for the purposes of application to this specific position. After completion of the application process and with expiry of a period of 6 months, all applicant data will be automatically deleted.

Should you send us a speculative application or lightening application, your data may then be reviewed by HR recruiters needing to fill the position, as well as by HR consultants. We will contact you and invite you to a meeting if your profile fits a position to be filled. Such data are also deleted after a time period of 6 months, unless you have stipulated otherwise in your application.

Your entered data will be stored temporarily in a database on the webserver. Once such data have been promptly collected (usually on the following workday) by employees in our HR Department, they will be deleted from the database. All our employees have been bound to compliance with data secrecy according to Section 53 GDPR.

We avail ourselves of the services of an external company to achieve the functionality of the career portal. According to Article 28 Clause 3 GDPR, a commissioned data processing contract has been concluded with such company. The data is collected, stored and processed in Germany. The above-cited deletion periods apply.

The data processing serves the initiation of an employee relationship and takes place in accordance with § 26 para. BDSG.

Objection to or revocation of the processing of your data

  1. Insofar as your personal data is processed by us on the basis of legitimate interests pursuant to Article 6 (1) sentence 1 lit. f DSGVO, you have the right to object to the processing of your personal data pursuant to Article 21 DSGVO, insofar as this is done for reasons arising from your personal situation. Insofar as the objection is directed against the processing of personal data for the purpose of direct marketing, you have a general right of objection without the requirement to specify a particular situation.
  2. You may of course object to the processing of your personal data for advertising and data analysing purposes at any time. You may inform us of your objection to advertising via the following contact data: PROCITEC GmbH, Rastatterstraße 41, 75175 Pforzheim, info@procitec.de, see also our Legal Notice.

 

§ 5 Plugins und Tools

Google Web Fonts

We use "Google Fonts" on our website, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as: "Google"). Google Fonts enables us to use external fonts. For this purpose, the required Google Fonts are loaded into your browser cache by your web browser when you access our website. This is necessary so that your browser can also display a visually improved representation of our texts. If your browser does not support this function, a standard font will be used by your computer for display. The integration of these Google Fonts is done by a server call, usually a Google server in the USA. This transmits to the server which page of our website you have visited. Also, the IP address of the browser of the end device of the visitor is stored by Google.
We use Google Fonts for optimization purposes, in particular to improve the use of our website for you and to make its design more user-friendly. The legal basis for the data processing and transfer to Google is Art. 6 para. 1 lit. f DSGVO.
Since a transfer of personal data to the USA takes place, further protection mechanisms are required to ensure the level of data protection of the DSGVO. To ensure this, we have agreed standard data protection clauses with the provider in accordance with Art. 46 (2) lit. c DSGVO. These oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases where this cannot be ensured even through this contractual extension, we endeavor to obtain additional regulations and commitments from the recipient in the USA.
Further information on data protection can be found in Google's privacy policy: http://www.google.de/intl/de/policies/privacy.
Further information on Google Fonts can be found at https://fonts.google.com/.

 

YouTube
On our website, we integrate videos from "YouTube", a social media platform of Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland (hereinafter referred to as "Google"). The legal basis for the processing of your personal data is your consent granted for this purpose pursuant to Art. 6 (1) p. 1 lit. a DSGVO.
If the playback of embedded YouTube videos is started by your consent, the provider "YouTube" uses cookies to collect information about user behavior. According to information from "YouTube", these are used, among other things, to collect video statistics, to improve user-friendliness and to prevent abusive behavior. If you are logged in to Google, your data is directly assigned to your account when you click on a video. If you do not want the assignment with your profile at YouTube, you must log out before activating the button. Google stores this data as usage profiles and uses them for the purposes of advertising, market research and / or needs-based design of its websites. Such an evaluation is carried out in particular (also for users who are not logged in) for the display of needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles. Please contact Google directly for this purpose.[A1]
 
Since a transfer of personal data to the USA takes place, further protection mechanisms are required to ensure the level of data protection of the GDPR. To ensure this, Google uses standard data protection clauses in accordance with Art. 46(2)(c) DSGVO. These oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases where this cannot be ensured even through this contractual extension, we endeavor to obtain additional regulations and commitments from the recipient in the USA.
Further information on data protection and data use by Google can be found on the following Google website: https://policies.google.com/privacy?hl=de&gl=de.

 

Amazon Web Services

This is a cloud computing service.

Processing Company
Amazon Web Services EMEA SARL
38 Avenue John F. Kennedy, L-1855, Luxembourg

 

Data Protection Officer of Processing Company
Below you can find the email address of the data protection officer of the processing company.

eu-privacy@amazon.co.uk

 

Data Purposes
This list represents the purposes of the data collection and processing.
·         Cloud computing

 

Technologies Used
This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.    Cookies

 

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

·         Accessed applications
·         Authentication and security credential information
·         Browser plug-ins
·         Browser type
·         Browser version
·         Click path
·         Content interaction information
·         Cookie ID
·         Cookie information Device information
·         Device type
·         Download errors
·         Downloaded content from AWS
·         Duration and number of simultaneous streams and downloads
·         E-mail address
·         Full URL clickstream to, through, and from AWS website (including date and time)
·         Geographic location
·         Interactions or communications with AWS
·         Internet service provider
·         IP address
·         Mouse movements
·         Network connection type
·         Opened emails or clicks on links in emails from AWS
·         Operating system information
·         Page interaction information
·         Page response times
·         Playback details
·         Streams
·         Telephone number
·         Time zone
·         Usage data
·         Views and interactions with content and ads
·         Visits to, interactions with, and use of AWS offerings

Legal Basis
In the following the required legal basis for the processing of data is listed.
·         Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing
This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.
·         European Union

Retention Period
The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.
·         The data will be deleted as soon as they are no longer needed for the processing purposes.

Transfer to Third Countries
This service may forward the collected data to a different country. Please note that this service might transfer the data outside of the EU/EEA and to a country without the required data protection standards. If the data is transferred to the US, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. This can be for different reasons like storing or processing.
·         United States of America

Data Recipients
In the following the recipients of the data collected are listed.

·         Amazon Web Services Inc.
·         Amazon Web Services EMEA SARL

Click here to read the privacy policy of the data processor
https://aws.amazon.com/privacy/?nc1=f_pr

Click here to read the cookie policy of the data processor
https://aws.amazon.com/legal/cookies/

Storage Information
Below you can see the longest potential duration for storage on a device, as set when using the cookie method of storage and if there are any other methods used.
·         Maximum age of cookie storage: Session
·         Non-cookie storage: no

 

Cloudflare

This is a service providing increased security and performance for web sites.

Processing Company
Cloudflare Inc.
101 Townsend St., San Francisco, CA 94107, United States of America

Data Protection Officer of Processing Company
Below you can find the email address of the data protection officer of the processing company.

privacyquestions@cloudflare.com

Data Purposes
This list represents the purposes of the data collection and processing.

  • Optimization
  • Website security

Technologies Used
This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.
Cookies

Data Collected
This list represents all (personal) data that is collected by or through the use of this service.

  • IP address
  • Log file data
  • System configuration information

Legal Basis
In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. f GDPR

Location of Processing
This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

  • United States of America, European Economic Area

Retention Period
The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

  • Data will be deleted as soon as they are no longer needed for the processing purposes.

Transfer to Third Countries
This service may forward the collected data to a different country. Please note that this service might transfer the data outside of the EU/EEA and to a country without the required data protection standards. If the data is transferred to the US, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. This can be for different reasons like storing or processing.

  • United States of America

Data Recipients
In the following the recipients of the data collected are listed.

  • Service Providers
  • Cloudflare Group

Click here to read the privacy policy of the data processor
https://www.cloudflare.com/privacypolicy/

Click here to read the cookie policy of the data processor
https://www.cloudflare.com/cookie-policy/

Storage Information
Below you can see the longest potential duration for storage on a device, as set when using the cookie method of storage and if there are any other methods used.

  • Maximum age of cookie storage: 1 month
  • Non-cookie storage: no

 

jQuery

This is a JavaScript library service.

Processing CompanyOpenJS Foundation
1 Letterman Drive, Building D, Suite D4700, San Francisco, CA 94129, United States of America

Data Protection Officer of Processing Company
Below you can find the email address of the data protection officer of the processing company.

privacy@openjsf.org

Data Purposes
This list represents the purposes of the data collection and processing.

  • Providing content

Technologies Used
This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies

Data Collected
This list represents all (personal) data that is collected by or through the use of this service.

  • Log file data
  • IP address

Legal Basis
In the following the required legal basis for the processing of data is listed.

  • Art. 6 Abs. 1 S.1 lit. f DSGVO

Location of Processing
This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

  • United States of America

Retention Period
The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

  • The data will be deleted as soon as they are no longer needed for the processing purposes.

Transfer to Third Countries
This service may forward the collected data to a different country. Please note that this service might transfer the data outside of the EU/EEA and to a country without the required data protection standards. If the data is transferred to the US, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. This can be for different reasons like storing or processing.

  • United States of America

Data Recipients
In the following the recipients of the data collected are listed.

  • OpenJS Foundation

Click here to read the privacy policy of the data processor

https://openjsf.org/wp-content/uploads/sites/84/2019/11/OpenJS-Foundation-Privacy-Policy-2019-11-15.pdf

 

Usercentrics Management Platform

This is a consent management service. Usercentrics GmbH is used on the website as a processor for the purpose of consent management.

Processing Company
Usercentrics GmbH
Sendlinger Str. 7, 80331 Munich, Germany

Data Protection Officer of Processing Company
Below you can find the email address of the data protection officer of the processing company.

datenschutz@usercentrics.com

Data Purposes
This list represents the purposes of the data collection and processing.

  • Compliance with legal obligations
  • Consent storage

Technologies Used
This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Local storage

Data Collected
This list represents all (personal) data that is collected by or through the use of this service.

  • Opt-in and opt-out data
  • Referrer URL
  • User agent
  • User settings
  • Consent ID
  • Time of consent
  • Consent type
  • Template version
  • Banner language

Legal Basis
In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. c GDPR

Location of Processing
This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

  • European Union

Retention Period
The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

  • The consent data (given consent and revocation of consent) are stored for three years. The data will then be deleted immediately.

Data Recipients
In the following the recipients of the data collected are listed.

  • Usercentrics GmbH

Click here to read the privacy policy of the data processor

https://usercentrics.com/privacy-policy/

Storage Information
Below you can see the longest potential duration for storage on a device, as set when using the cookie method of storage and if there are any other methods used.

  • Maximum age of cookie storage: Session
  • Non-cookie storage: no

​​​​​​​

 

§ 6 Data security

During visits to our website, we use the widely spread SSL (secure socket layer) procedure in conjunction with the highest level of encryption that your individual browser supports. The encryption concerned is usually 256 bit. Should your browser not support 256-bit encryption, we resort to 128-bit v3 technology instead. You can tell whether an individual page of our website is being transmitted encrypted by means of the closed illustration of the key or lock symbol in the lower status bar of your browser.

For the rest, we avail ourselves of appropriate technical and organisational security measures, in order to protect your data against accidental or deliberate manipulations, partial or complete loss, destruction, or against unauthorised third-party access. Our security measures are subject to continuous improvement in compliance with technological development.

 

§ 7 Web analytics

We use no tracking and create no usage profiles on our website.

 

§ 8 Social networks

Our website uses no social media plug-ins. Social media plug-ins such as the Like button are small buttons, e.g. under Articles, which allow users to share such articles with other users in a practical way, without having to leave the website.
You will find buttons with links to social networks. Please comply with the data protection information of these providers when using such links.

§ 9 Data portability

You have a right to data portability, should the processing be based on your consent (Article 6 Paragraph 1 Clause 1 Letter a) or Article 9 Paragraph 2 Letter a) GDPR) or on a contract to which you are a party and the processing ensues by means of automated procedures. In such case, the right to data portability includes the following rights, unless the rights and freedoms of other persons would be adversely affected as a result:

You may request us to maintain any personal data, with which you have already provided us, in a structured, commonly used and machine-readable format.

You have the right to transmit such data to another controller with no hindrance on our part.

If technically feasible, you may request that we transmit your personal data directly to another controller.

 

§ 10 Timeliness

Timeliness and modifications to this data privacy statement. This data privacy statement is currently applicable and was last updated in April 2021. The further development of our website and associated offerings, as well as the modification of legal or official provisions, may necessitate the modification of this data privacy statement. The most recent data privacy statement may be retrieved and printed from our website procitec.de/en/footer/datenschutz at any time.