Privacy Policy
Status: August 2024
Thank you for your interest in our company, our products, and services. This privacy policy serves to inform the user about the type, scope, and purpose of the collection and use of personal data, in particular about which personal data we or service providers used by us collect in the context of the use of our website, for example:
- of your visit to the website: https://www.penta-electric.com/
- the contact
- of job advertisements
- the newsletter
- of our social media presence
- the communication with you on the specified channels
(hereinafter collectively referred to as the “website”) the purposes for which we use this data and how we use it to optimise our services for you and to protect/communicate your rights as a data subject. This privacy policy takes into account both the Swiss Federal Act on Data Protection (FADP) and the European General Data Protection Regulation (GDPR). Whether and to what extent the GDPR is applicable depends on the individual case. Unless otherwise stated, the legal bases stated refer to the GDPR:
A. General Information
1. Name and Contact Details of the Controller, the Union Representative Pursuant to Art. 27 GDPR and the Data Protection Officer
Responsible under data protection law within the meaning of Art. 4 No. 7 GDPR is:
Penta-Electric AG
Hammerstr. 18, CH-4410 Liestal
Tel: +41 61 416 36 36
info@penta-electric.ch
www.penta-electric.com
(hereinafter also referred to as “we” or “us”). Further information about the provider can be found in the legal notice.
Penta-Electric GmbH, Rheinallee 30, D-79639 Grenzach-Wyhlen, Tel.: +49 7624 9085-0, info@penta-electric.de, www.penta-electric.com is the Union representative of Penta-Electric AG within the meaning of Art. 27 GDPR.
You can contact the data protection officer of Penta-Electric GmbH by post at the above address with the addition “Personal/confidential to the attention of the data protection officer” or by e-mail at datenschutzbeauftragter@penta-electric.de.
2. Types of Data Processed, Categories of Data Subjects
2.1 Type of Data Processed
- Master data (e.g. customer master data such as names, addresses)
- Contact details (e.g. e-mail, telephone numbers)
- Communication data and history
- Consent management (“cookie banner”)
- Content data (e.g. text entries, photographs, videos)
- Contract data (e.g. quotations, order, subject matter of the contract, customer category)
- Payment data (e.g. bank details, payment history)
- CRM data, in particular customer history and customer statistics
- Usage data (e.g. pages visited, interest in content, access times)
- Meta/communication data (e.g. device information, IP addresses)
- Data according to items 4 and 5
- Application data
- Special categories of data in the context of application procedures
- Tracking data
- Reach measurement
- Data according to section B
2.2 Categories of Affected Persons
- Visitors and users of the website and online offers
- Customers, interested parties, and business partners
- Applicants
- Newsletter subscribers and direct marketing in existing customer relationships
- Other communication partners
(In the following, we also refer to the persons concerned collectively as “users”.)
2.3 Sources of Personal Data
We process personal data about you that is necessary to fulfil the relevant purposes. You can find more detailed information on the personal data processed under the individual purposes (see section 3).
2.3.1 Data Provided
Normally you provide us with your personal data yourself, e.g. by sending it to us or when you communicate with us.
The provision of personal data is generally voluntary, i.e. you are usually not obliged to disclose personal data to us. However, we must collect and process the personal data that is necessary for the processing of a contractual relationship and for the fulfilment of associated obligations or that is required by law, e.g. mandatory master data and contract data. Otherwise, we will not be able to conclude or continue the contract in question. If you provide us with data about other persons (e.g. third parties to whom deliveries can be made), we assume that you are authorised to do so and that this data is correct. Please also ensure that these other persons have been informed of this privacy policy.
2.3.2 Data Collected
In certain cases, we also collect data about you ourselves or automatically, e.g. when you use our services or surf our website. This includes, in particular, behavioural and transaction data, online identifiers, online tracking, and traffic data. In certain cases, we may also derive the data from existing data, e.g. by evaluating transaction or behavioural data (see section B.).
2.3.3 Data Received
We may also receive your data from third parties. These may be the following third parties, for example:
- People from your sphere (e.g. address for delivery, powers of attorney)
- Banks or other contractual partners (e.g. for purchases and payments)
- Credit agencies (e.g. for obtaining credit reports)
- Online service providers (e.g. analysis services) and address dealers (e.g. for address updates)
- Authorities (e.g. in connection with legal proceedings)
- Public sources (e.g. public registers, media, internet)
3. Purpose of the Processing
We use your personal data:
- To provide the website, its functions, and content.
- To identify you as a contractual partner.
- For administration, answering contact enquiries, and communicating with users.
- For the assertion, enforcement, exercise, or defence of and against legal claims and legal disputes, as well as for the detection, investigation, and prevention of criminal offences.
- In the context of application procedures.
- IT security measures.
- Reach measurement.
- For the purpose of direct marketing, e.g. in the form of an e-mail newsletter or postal advertising in existing customer relationships.
- To manage users’ consent to the processing of their data.
4. Processing of Personal Data When Visiting the Website
When using the website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser automatically transmits to our server. The following data may be transmitted, which is technically necessary for us to display our website to you and to ensure stability and security:
- Date and time of the enquiry
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/HTTP status code
- Amount of data transferred in each case
- Website from which the request comes
- Browser
- Operating system and its interface
- Language and version of the browser software
The data collected in this way is technically necessary to display the website and to ensure stability and security. The legal basis for this is Art. 6 para. 1 sentence 1 lit. f) GDPR (protection of legitimate interests unless the interests of the data subject prevail).
The IP addresses of users are only anonymised, i.e. not processed on a personal basis.
5. Cookies (General Information)
In addition to the aforementioned log file data, cookies are stored on your computer when you use our website. Cookies are small text files that are assigned to the browser you are using and stored on your hard drive, and through which certain information flows to the organisation that sets the cookie (in this case us). Cookies cannot execute programmes or transfer viruses to your computer. They are used to make the website more user-friendly and effective overall.
Use of Cookies:
a) This website uses the following types of cookies, the scope and function of which are explained below:
– Session cookies (see b)
– Persistent cookies (see c)
b) Session cookies store a so-called session ID with which various requests from your browser can be assigned to the joint session. The session cookies are deleted when you log out or close the browser. If you restart your browser and go back to the website, the website will not recognise you. You will have to log in again (if a login is required) or you will have to reset templates and preferences if the website offers these functions. A new session cookie is then generated, which stores your information and remains active until you leave the site and close your browser.
c) Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
For What Purposes Do We Use Cookies?
We use cookies to personalise content and advertisements, to offer social media functions, and to analyse access to our website. We also share information about your use of our website with our social media, advertising, and analytics partners. Our partners may combine this information with other data that you have provided to them or that they have collected as part of your use of the services. You consent to our cookies if you continue to use our website.
Overview
Purpose | Description | Storage Duration |
---|---|---|
Technically necessary cookies | Technically necessary cookies enable the use of our website by enabling basic functions such as page navigation and access to secure areas of the website. Visiting our website cannot function properly without these cookies. | Session cookies – are deleted when the browser is closed. |
Performance (e.g. the user’s browser), display, and preferences | When using our website, cookies are used (e.g. to recognise the browser) to improve performance (e.g. faster loading of content). When you visit our website, the country and language selection determined or selected by you is saved in cookies to save you having to make a new selection on subsequent visits. We check in advance whether your browser supports cookies, and this information is stored in another cookie. You will then be shown localised contact information for your country and language, which will also be saved. The legal basis for this is your consent (Art. 6 para. 1 sentence 1 lit. a) GDPR). | Persistent cookies – remain but are automatically deleted after 182 days if the website is no longer visited, unless shorter periods apply in individual cases. |
Analysis cookies (statistics) | We use third-party analytics cookies to understand how visitors use our site. This helps us to improve the quality and content on our site. The aggregated statistical information includes data such as the total number of visitors. For example, we find out how often and in what order the individual pages were accessed and how much time visitors spend on our pages on average. We also find out whether users have already visited our website at an earlier point in time. The legal basis for this is the consent given to us (Art. 6 para. 1 sentence 1 lit. a) GDPR. For more information, see section B. | Persistent cookies – remain but are automatically deleted after 182 days if the website is no longer visited, unless shorter periods apply in individual cases. |
Advertising cookies (Marketing) | We use advertising cookies to assess the efficiency of our advertising measures and to derive optimisations from them. The legal basis for this is your consent (Art. 6 para. 1 lit. a) GDPR). | Persistent cookies – remain but are automatically deleted after 182 days at the latest if the website is no longer visited, unless shorter periods apply in individual cases. |
Control Over Cookies
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.
Which cookies are used? See section B.
6. Contact Enquiries
It is possible to contact us via the e-mail addresses or telephone numbers provided. In the former case, the user’s personal data transmitted with the e-mail will be stored. The data is used exclusively for processing the contact enquiry.
The legal basis for the processing of data transmitted in the course of sending an email is Art. 6 para. 1 sentence 1 lit. f) GDPR. If the e-mail contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 sentence 1 lit. b) GDPR. If the contact enquiry or email contact serves to initiate an employment relationship, the additional legal basis is Section 26 under the German Federal Data Protection Act BDSG (refer to Section 7).
The data is deleted as soon as it is no longer required to fulfil the purpose for which it was collected. For personal data sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified.
7. Job Advertisement
We advertise vacancies on our website. We collect, process, and use your personal data to process your online application. The legal basis is Art. 6 para. 1 sentence 1 lit. b) GDPR together with section 26 under the German Federal Data Protection Act BDSG. Your online application data will be sent directly to the management by email. Suitable technical and organisational measures ensure that your personal data is treated confidentially in accordance with the statutory provisions.
Please note that the transmission of data by e-mail is unencrypted and the data may be read or falsified by unauthorised persons. You are welcome to send us your documents by post. If you have applied for a specific position and it has already been filled or we consider you to be equally or even more suitable for another position, we would be happy to forward your application within our company. The legal basis for this is Art. 6 para. 1 sentence 1 lit. f) to protect your and our legitimate interests. Please inform us if you do not agree with this procedure. Your personal data will be automatically deleted after the end of the application process, but after 6 months at the latest unless you expressly consent to it being stored for a longer period.
Processing of special categories of data: Insofar as special categories of personal data within the meaning of Art. 9 para. 1 GDPR (e.g. health data such as status of disability or ethnic origin) are requested from applicants as part of the application procedure so that the controller or the data subject can exercise the rights arising from labour law and social security and social protection law and fulfil their obligations in this regard, their processing takes place
- for the assessment of the employee’s ability to work pursuant to Art. 9 para. 2 lit. h). GDPR,
- in the case of communication of special categories of data based on voluntary consent, their processing is carried out on the basis of Art. 9 para. 2 lit. a) GDPR.
8. Disclosure to Third Parties
As part of the hosting of our website, your data processed by us is processed on the basis of an order processing contract with a service provider based in Switzerland. In the case of the use of web analysis services and third-party providers, the data is transmitted to the extent described herein, see section B. Affiliated company (Penta-Electric GmbH, Rheinallee 30, D-79639 Grenzach-Wyhlen) as part of the exchange of information about customers.
9. Storage Period
We process and store your personal data as long as it is necessary for the fulfilment of our contractual and legal obligations. We delete your personal data as soon as it is no longer required for the above-mentioned purposes. Personal data may be stored for the period during which claims can be asserted against our companies (statutory limitation periods of three or up to thirty years). We also store your personal data insofar as we are legally obliged to do so. Corresponding proof and retention obligations arise from commercial, tax, and social security regulations, usually 6 or 10 years.
10. Automated Decision-Making and Profiling
In principle, we do not use fully automated decision-making or profiling in accordance with Article 22 GDPR to establish and conduct the business relationship.
In order to provide you with targeted information and advice about our products, we or service providers may use web analysis tools, in particular, tracking technology on our behalf. These enable needs-based communication and advertising. Please refer to section B in this regard.
11. Links to Other Websites
Our website may contain links to websites operated by third parties that are not covered by this privacy policy. These third-party websites have their own privacy policies and may also use cookies or other tracking technologies. The respective operator or the person named as responsible for the corresponding website is responsible.
The links to external websites are checked by us before linking. However, we have no influence on whether their operators comply with data protection regulations. If we become aware of any violations or infringements, we will remove the relevant links.
B. Data Processing by Third-Party Providers
12. Google
12.1 Google Analytics
We have integrated Google Analytics on our website. Google Analytics is a web analysis service offered by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter “Google”).
Google Analytics uses so-called “cookies”, text files that are stored on the user’s computer and provide data for the purpose of analysing the use of our website. The information generated by the cookie about the use of our website by the user is usually transmitted to a Google server in the USA and stored there.
IP anonymisation is activated on our website, so the IP address of Google users within member states of the European Union or in other signatory states to the Agreement on the European Economic Area is shortened beforehand. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there, so that data processing can take place outside the European Union. In this case, the personal data collected by Google Analytics will be transmitted to the USA.
We would like to point out that the use of cookies for the purpose of data processing within the framework of Google Analytics is only legally permissible in accordance with Art. 44 and 49 para. 1 lit. a) GDPR on the basis of prior consent by the user. You will therefore be asked to give your consent to this as part of the consent management system we use.
The user can generally prevent the storage of cookies by selecting the appropriate settings on their internet browser. The user can also prevent the collection and transmission of the data generated by the cookie and related to their use of the website (including their IP address) to Google and the processing of this data by Google by downloading and installing the browser add-on available at the following link to deactivate Google Analytics JavaScript (ga.js, analytics.js, dc.js): http://tools.google.com/dlpage/gaoptout?hl=de.
However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.
We would like to point out that we cannot influence or determine the type and scope of use of your personal data by Google. We therefore recommend that you restrict this processing by making the appropriate privacy settings in your browser configuration if you wish to do so.
Further information and the applicable data protection provisions of Google may be retrieved under https://www.google.de/intl/de/policies/privacy/ and under http://www.google.com/analytics/terms/de.html.
The processing is carried out on the basis of Art. 6 para. 1 sentence 1 lit. a) GDPR insofar as the consent includes the storage of cookies or access to information in the user’s end device (e.g. device fingerprinting). Consent can be revoked voluntarily at any time. If you do not give your consent, you may not be able to use certain functionalities.
Google is certified in accordance with the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active.
12.2 Google Tag Manager
The website uses Google Tag Manager as part of Google Analytics. Tags are small code elements on our website that are used, among other things, to measure traffic and visitor behaviour, measure the impact of online advertising and social media, use remarketing and targeting, and test and optimise the website. Google Tag Manager is a solution that allows us to manage website tags via an interface. The Tag Manager tool itself (which implements the tags) is a cookie-less domain. The tool triggers other tags which in turn may collect data. Google Tag Manager does not access this data. If deactivation has been carried out at domain or cookie level, this remains in place for all tracking tags that are implemented with Google Tag Manager.
Further information on Google Tag Manager can be found on the Internet at: https://www.google.com/analytics/tag-manager/use-policy/.
13. Integration of Google Maps
We use the Google Maps service on this website. This enables us to show you interactive maps directly on the website and allows you to use the map function conveniently.
By visiting the website, Google receives the information that you have accessed the corresponding subpage of our website. In addition, the data mentioned under point 3 of this declaration is transmitted. This occurs regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be assigned directly to your account. If you do not wish your data to be associated with your Google profile, you must log out before activating the button. Google stores your data as usage profiles and uses them for the purposes of advertising, market research, and/or customising its website. Such an analysis is carried out in particular (even for users who are not logged in) to provide customised advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right.
The user can prevent the integration of Google Maps by selecting this option in the cookie banner under External media. However, we would like to point out that in this case you may not be able to use all the functions of this website to their full extent.
The processing is carried out on the basis of Art. 6 para. 1 sentence 1 lit. a) GDPR insofar as consent has been given for the plug-in. Consent can be revoked voluntarily at any time. If you do not give your consent, you may not be able to use certain functionalities.
Further information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the provider’s privacy policy. There you will also find further information on your rights in this regard and setting options to protect your privacy: http://www.google.de/intl/de/policies/privacy. For information on the third-party provider, see Section 12 (1).
14. Social Media
14.1 General Information
We are interested in presenting ourselves on social media channels, being approachable for customers, service providers, other business partners, applicants, and interested parties, and promoting topics and products via social networks.
For the respective data processing purposes and data categories, we refer to the individual social media channels, which are explained in more detail below.
Data processing generally serves the following purposes:
- Communication with our social media channel visitors;
- Private messaging;
- Dealing with enquiries from our social media channel visitors;
- Collecting statistical information about the reach of our social media channels;
- Placing advertisements, conducting customer surveys, marketing campaigns, market analyses, promotions, or similar campaigns or events;
- Resolution of disputes and litigation, establishment, exercise, or defence against legal claims or litigation, enforcement of existing contracts.
The processing of your personal data is necessary for the fulfilment of these purposes.
In social networks and on other external platforms, the respective companies’ own data protection provisions apply, even if we disseminate information and maintain a presence there with our brands.
14.2 LinkedIn
LinkedIn: Social network; Service provider: LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland;
Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR);
Website: https://www.linkedin.com;
Privacy Policy: https://www.linkedin.com/legal/privacy-policy;
Data Processing Agreement: https://legal.linkedin.com/dpa;
Standard Contractual Clauses (guaranteeing the level of data protection for processing in third countries): https://legal.linkedin.com/dpa;
Opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
We process the following personal data:
- Your LinkedIn username and comments on our LinkedIn pages and messages you send us via our LinkedIn page.
- Other information necessary to respond to requests from our visitors or to uniquely identify our visitors in our systems.
14.3 Twitter
Twitter: Social network; Service provider: Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland;
Privacy Policy: https://twitter.com/de/privacy;
Use of cookies: https://help.twitter.com/de/rules-and-policies/twitter-cookies;
You can customise your Twitter privacy settings yourself in your user account. To do this, click on the following link and log in: https://twitter.com/personalization.
Legal bases: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR). Insofar as the processing includes the storage of cookies or access to information in the user’s end device (e.g. device fingerprinting), the processing is carried out on the basis of Art. 6 para. 1 sentence 1 lit. a) GDPR. Consent can be revoked voluntarily at any time. If you do not give your consent, you may not be able to use certain functionalities of the Twitter platform.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://gdpr.twitter.com/en/controller-to-controller-transfers.html.
14.4 Facebook
Facebook: Social network; Service provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. According to Meta, the data collected is also transferred to the USA and other third countries.
You can customise your advertising settings yourself in your user account. To do this, click on the following link and log in: https://www.facebook.com/settings?tab=ads.
Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR);
Website: https://www.facebook.com/;
Details on the handling of your personal data by the service provider can be found in Facebook’s privacy policy: https://www.facebook.com/about/privacy/.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.
The service provider is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnywAAC&status=Active;
We process the following personal data:
- Your Facebook user name as well as comments on our Facebook pages and messages that you send us via our Facebook page.
- Other information necessary to respond to requests from our visitors or to uniquely identify our visitors in our systems.
14.5 Instagram
Instagram: Social network; Service provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. According to Meta, the data collected is also transferred to the USA and other third countries.
Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR);
Website: https://www.instagram.com/;
For details on the handling of your personal data by the service provider, please refer to Instagram’s privacy policy: https://privacycenter.instagram.com/policy/.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://privacycenter.instagram.com/policy/, and https://de-de.facebook.com/help/566994660333381.
The service provider is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnywAAC&status=Active.
We process the following personal data:
- Your Instagram username and comments on our Instagram pages and messages you send us via our Instagram page.
- Other information necessary to respond to requests from our visitors or to uniquely identify our visitors in our systems.
14.6 YouTube
YouTube: Social network; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR);
Website: https://www.youtube.com/;
For details on how the service provider handles your personal data, please refer to the privacy policy: https://policies.google.com/privacy?hl=de.
The service provider is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified in accordance with the DPF undertakes to comply with these data protection standards.
Further information on this can be obtained from the provider under the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active.
We process the following personal data:
- Your YouTube user name and comments on our YouTube pages and messages that you send us via our YouTube page.
- Other information necessary to respond to requests from our visitors or to uniquely identify our visitors in our systems.
14.7 Xing
Xing: Social network; Service provider: New Work SE, Dammtorstrasse 30, 20354 Hamburg, Germany.
Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR);
Website: https://www.xing.com/;
For details on how the service provider handles your personal data, please refer to the privacy policy: https://privacy.xing.com/en/privacy-policy.
We process the following personal data:
- Your Xing user name as well as comments on our Xing pages and messages that you send us via our Xing page.
- Other information necessary to respond to requests from our visitors or to uniquely identify our visitors in our systems.
14.8 Social Media Plug-ins
(1) We currently use the following social media plug-ins: LinkedIn, Xing. You can recognise the provider of the plug-in by the marking on the box above its initial letter or the logo. We give you the opportunity to communicate directly with the provider of the plug-in via the button. As the plug-in provider collects data via cookies in particular, we recommend that you delete all cookies via your browser’s security settings before clicking on the greyed-out box.
We have no influence on the data collected and data processing procedures, nor are we aware of the full extent of data collection, the purposes of processing, or the storage periods. We also have no information on the deletion of the data collected by the plug-in provider.
The plug-in provider stores the data collected about you as usage profiles and uses these for the purposes of advertising, market research, and/or customising its website. Such an evaluation is carried out in particular (even for users who are not logged in) to display customised advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact the respective plug-in provider to exercise this right. We offer you the opportunity to interact with the social networks and other users via the plug-ins so that we can improve our offering and make it more interesting for you as a user. The legal basis for the use of the plug-ins is Art. 6 para. 1 sentence 1 lit. f) GDPR (for the protection of legitimate interests).
Data is passed on regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in with the plug-in provider, your data collected by us will be assigned directly to your existing account with the plug-in provider. If you press the activated button and for example link the page, the plug-in provider also saves this information in your user account and shares it publicly with your contacts. We recommend that you log out regularly after using a social network but especially before activating the button as this will prevent you from being assigned to your profile with the plug-in provider.
Further information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the data protection declarations of these providers provided below. There you will also find further information on your rights in this regard and setting options to protect your privacy.
Addresses of the respective plug-in providers and URLs with their data protection notices:
- (a) LinkedIn: Social network; Service provider: LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland;
Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR);
Website: https://www.linkedin.com;
Privacy policy: https://www.linkedin.com/legal/privacy-policy;
Order processing contract: https://legal.linkedin.com/dpa;
Standard contractual clauses (guaranteeing the level of data protection for processing in third countries): https://legal.linkedin.com/dpa;
Option to object (opt-out): https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out. - (b) Xing: Social network; Service provider: New Work SE, Dammtorstrasse 30, 20354 Hamburg, Germany.
Privacy policy: https://privacy.xing.com/en/privacy-policy
C. Rights of the Data Subjects
15. Your Rights
If your personal data is processed, you are the data subject and you have the following rights vis-à-vis us as the controller.
15.1 Rights According to the Swiss Federal Act on Data Protection (FADP)
You have the right to object to data processing, particularly if we process your personal data on the basis of a legitimate interest and the other applicable requirements are met. You can also object to data processing in connection with direct marketing (e.g. advertising emails) at any time. This also applies to profiling insofar as this is associated with such direct marketing.
Insofar as the applicable requirements are met and no statutory exceptions apply, you also have the following rights:
- The right to request information about your personal data stored by us
- The right to have incorrect or incomplete personal data corrected
- The right to request the deletion or anonymisation of your personal data
- The right to request the restriction of the processing of your personal data
- The right to receive certain personal data in a structured, commonly used, and machine-readable format
- The right to withdraw consent with effect for the future insofar as processing is based on consent
The exercise of such rights generally requires that you clearly prove your identity (e.g. by means of a copy of your identity card where your identity is otherwise not clear or cannot be verified). To assert your rights, you can contact us at the address given in section 1.
You are also free to enforce your claims in court or to lodge a complaint with a competent supervisory authority if you have concerns as to whether the processing of your personal data is legally compliant.
The competent supervisory authority in Switzerland is the Federal Data Protection and Information Commissioner (FDPIC): http://www.edoeb.admin.ch.
15.2 Rights Pursuant to Art. 15 et seq. GDPR
a) The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed and where that is the case, access to the personal data and the information specified in Article 15 GDPR. Under certain legal conditions, they have the right to rectification under Article 16 GDPR, the right to restriction of processing under Article 18 GDPR, and the right to erasure (“right to be forgotten”) under Article 17 GDPR. In addition, they have the right to receive the data they have provided in a structured, commonly used, and machine-readable format (right to data portability) in accordance with Article 20 GDPR, provided that the processing is carried out using automated procedures and is based on consent pursuant to Art. 6 para. 1 sentence 1 lit. a) or Art. 9 para. 2 lit. a) or on a contract pursuant to Art. 6 para. 1 sentence 1 lit. b) GDPR.
b) Revocation of consent pursuant to Art. 7 para. 3 GDPR
If the processing is based on consent, you can revoke your consent to the processing of personal data at any time. Please note that the revocation only takes effect for the future. Processing that took place before the revocation is not affected.
c) Right of appeal
You have the option of lodging a complaint with us or our data protection officer or with a data protection supervisory authority (Article 77 GDPR).
d) Right to object pursuant to Article 21 GDPR
In addition to the aforementioned rights, you have the right to object as follows:
- Individual right of objection
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Article 6(1)(1)(e) GDPR (data processing in the public interest) and Article 6(1)(1)(f) GDPR (data processing on the basis of a balancing of interests); this also applies to a profile based on this provision within the meaning of Article 4(4) GDPR.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms or the processing serves the establishment, exercise, or defence of legal claims. - Right to object to the processing of data for advertising purposes
In individual cases, we process your personal data for direct marketing purposes. You have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising. If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes.
D. Final Provisions
16. Security
We have taken technical and organisational security measures in accordance with Art. 24, 32 GDPR to protect your personal data from loss, destruction, manipulation, and unauthorised access. All our employees and all third parties involved in data processing are obliged to comply with the requirements of the GDPR and to handle personal data confidentially.
This site uses TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
17. Changes to Our Privacy Policy
We reserve the right to change our security and data protection measures if this becomes necessary due to technical developments, the expansion of our services, or legal changes. In such cases, we will also adapt our privacy policy accordingly. Please therefore refer to the latest version of our data protection declaration.