Data protection and privacy policy
for use of the www.projektron.de website
We take the protection of your personal data very seriously and treat your personal information confidentially and in compliance with the legal data protection regulations of the EU General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG), as well as this data protection policy.
The following information provides an overview of how we process your personal data and your rights.
Who is responsible for processing the data and who can I contact?
The responsible body is:
Projektron GmbH
Charlottenstraße 68
10117 Berlin
Germany
Tel.: +49 30 3 47 47 64-0
Fax: +49 30 3 47 47 64-999
Email: datenschutz(at)projektron.de
You can contact our external data protection officer at:
Projektron GmbH
Udo Wenzel
Charlottenstraße 68
10117 Berlin
Germany
To whom does this data protection policy apply?
This data protection policy applies to all visitors of this website.
Which data do we use?
You can generally use our web pages without disclosing your identity, unless you send us an email or a message via the contact form, or give your consent to receive information (newsletters), register for our events, or apply for a job vacancy. In these cases, we only process the data which is necessary to answer your inquiry or to provide our information. Which data is collected can be seen in the respective entry form. The respective fields are marked as mandatory. If we request you to provide additional information, the provision occurs on a voluntary basis. We use this information to provide more tailored offers or adjust them to the needs of our customers.
What are the specific purposes for using your data and upon which legal basis do we use it?
We process your personal data in compliance with the provisions of the EU General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG). Please also note our information on your right of objection in accordance with Article 21 GDPR.
a) For the fulfillment of contractual obligations (Art. 6 Para. 1b GDPR)
Personal data is processed for the performance of a contract, as well as to conduct pre-contractual measures at your request, e.g. for the registration for and organization of events.
b) As part of the balancing of interests (Art. 6 Para. 1f GDPR)
Whenever necessary, we process your data beyond the fulfillment of our contractual obligations for the purposes of legitimate interests pursued by us or by a third party.
- To assert or defend legal claims in case of a legal dispute
- To guarantee IT security
- For direct marketing
- To answer your inquiry
c) Based on your consent (Art. 6 Para. 1a GDPR)
Insofar as you have given your consent to the processing of personal data for specific purposes, this processing is lawful based on your consent. You have the right to revoke your consent at any time. Please note that the revocation is only effective for future processing. Processing which has taken place prior to the revocation is not affected.
- Sending of informational material
- Processing of your job application
- Provision of newsletters: You have the option of canceling your subscription immediately with every newsletter.
- Use of cookies which are not required for the technical operation of the website.
d) Based on legal requirements (Art. 6 Para.1c GDPR) or in the public interest (Art. 6 Para.1e GDPR)
The company is also subject to various legal obligations (e.g. the Commercial Code, tax laws).
Data protection guideline for job applications
The primary legal basis for processing your personal data in this application process is § 26 BDSG in the version valid from May 25, 2018. According to this, the processing of data necessary for the decision on the commencement of an employment relationship shall be permissible. Should the data be required for prosecution upon completion of the application process, data processing can be done on the basis of the conditions of Art. 6 GDPR, particularly for safeguarding of legitimate interests in accordance with Art. 6 Para. 1 lit. f) GDPR. In this case, our interest lies in the assertion of or defense against claims.
By clicking on “Send application”, you give your consent for us to store and process your data for the purpose of the application, filling of vacancies and employment. You may revoke your consent at any time and withdraw your application.
The personal data provided by you in the application form is processed by us for the exclusive purpose of completing the application process and filling vacant positions. Filling of vacancies is conducted by the responsible employee in our HR department in cooperation with the heads of the specialist departments.
Your data is deleted six months after completion of the application process unless you agree to a longer storage period, in order to take you into consideration for future job vacancies. In case of your employment, your data is transferred from our application management system to our personnel management system.
Who receives access to my data?
Access to your data is provided to those within Projektron who need it in order to fulfill our contractual and legal obligations or as part of the balancing of interests. Service providers and agents utilized by us may receive access to the data for these purposes if they observe our confidentiality and our provisions regarding data protection laws. Transfer of data to third parties only occurs within the framework of the provisions by the GDPR and BDSG.
Is the data transferred to a third country?
Data is not transferred to countries outside the EU or EEA (so-called third countries).
How long is my data stored?
We process and store your personal data as long as it is needed to fulfill our contractual and legal obligations or as part of the balancing of interests. If the data is no longer required for these purposes, it is deleted regularly, unless its – restricted – further processing is required to fulfill storage periods in accordance with commercial law or tax law, such as the German Commercial Code and the German Fiscal Code. The storage and documentation periods specified there range from six to ten years.
Which data protection rights do I have?
In accordance with Article 15 GDPR, you have a right to be provided with information on your stored data, according to Article 16 GDPR you have a right to rectification, according to Article 17 GDPR you have a right to erasure, according to Article 18 GDPR you have a right to the restriction of processing of your data, according to Article 21 GDPR you have a right to object and the right to data portability according to Article 20 GDPR. Furthermore, you have the right to lodge a complaint with a data protection supervisory authority (Article 77 GDPR in conjunction with § 19 BDSG).
Consent given for the processing of personal data may be revoked at any time. Please note that the revocation is only effective for future processing. Processing which has taken place prior to the revocation is not affected. Please also note our information on your right of objection in accordance with Article 21 GDPR.
Is there an obligation to provide data?
As part of a contact inquiry or the ordering of information, you are obligated to provide the personal data which is required to process these requests (marked mandatory fields). Without this data, we are unable to answer your inquiry or provide you with the requested information.
Is there an automated decision-making process which includes profiling?
We generally do not use any fully automated decision-making processes including profiling in accordance with Article 22 GDPR.
Information on your right to object in accordance with Article 21 GDPR
a) Individual right to object
You have the right to object to the processing of your personal data for reasons arising from your particular special situation, provided that the processing of the data is done for reasons of public interest or based on the balancing of interests. This includes profiling. In case of an objection, we will no longer process your personal data, unless we can prove compelling legitimate grounds for processing this data, which outweigh your interests, rights and freedoms. Or your personal data serves for the assertion, exercise or defense of legal claims.
b) Objection to the processing of your data for direct advertising
In individual cases, we may use your personal data for our direct advertising. You have the right to object to this at any time, including against profiling if it is related to direct advertising. In case of an objection, we no longer process your personal data for these purposes. The objection need not follow any particular form and should be addressed to our data protection officer, whose contact address is specified above.
Which data is processed when using the website?
a) Use-related information
We obtain usage data when our web pages are opened. This includes information on screen resolution, browser version, internet access, operating system, language, plug-ins used, origin by country/region and on search engines. This data is exclusively processed for statistical purposes and for optimizing our web pages. Data is not transferred to third parties and no user-related evaluation takes place. Furthermore, we save the communication data to our web pages (IP addresses) for a short period of several days to ensure IT security.
b) Use of cookies
Session cookies are used when calling up individual pages to facilitate navigation. These cookies expire after your session has ended and do not contain any personal data, i.e. the contents of the cookies are not evaluated in relation to the user. You can adjust your browser settings to only allow cookies in individual cases or not at all.
Cookies required for the electronic communication process or for providing certain functions are stored on the basis of Art. 6 Para. 1 lit. f GDPR. In this case, cookies are stored for optimizing the provision of our services and ensuring they are free from technical errors. Deactivating cookies may limit the functionality of this website.
Our website uses cookie consent technology to obtain your permission for storing certain cookies in your browser and documenting them according to data protection regulations.
When you access our website, a cookie is stored in your browser in which your consent or the revocation of your consent is stored.
The cookie consent technology is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6(1) 1 lit. c of the General Data Protection Regulation (GDPR).
The storing of non-essential cookies occurs on the basis of Art. 6(1) lit. a of the GDPR (consent). Grant your consent or revoke your consent in our cookie guideline.
How secure is my data?
In order to protect the personal data of our customers and interested parties, we use a secure online-transferring method known as “Secure Socket Layer” (SSL) technology. All information transferred with this secure method is encrypted prior to being sent. Your personal data is exclusively processed in computing centers and on computers which are protected by security technologies that comply with the industry standard (e.g. Firewalls, password protection, access control, etc.).
Which plug-ins and tools are used on the website?
a) Google AdWords conversion tracking
This website uses the online advertising system “Google AdWords” and, as part of Google AdWords, the conversion tracking process of Google LLC, Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). We use this service by Google AdWords in order to advertise our attractive offers on external websites using advertising material (known as Google AdWords). In relation to the data of the advertisement campaigns, we can determine the success of individual advertisement measures. We do so in the interest of displaying advertisements which are of interest to you, making our website more attractive to you and calculating advertisement costs fairly.
The cookie for conversion tracking is saved when a user clicks on an AdWords advertisement from Google. Cookies are small text files which are stored on your computer system. These cookies generally lose their validity after a period of 30 days and do not serve the purpose of personal identification. If the user visits certain pages on this website and the cookie has not expired, both Google and we can determine that the user has clicked on the advertisement and was forwarded to this page. Every Google AdWords customer receives a different cookie. Cookies can therefore not be tracked via the websites of AdWords customers. Information collected by the conversion cookie serves to create conversion statistics for AdWords customers who have chosen conversion tracking. These customers receive information on the total number of users who have clicked on their advertisement and were forwarded to a web page with a conversion tracking tag. They do not, however, receive information which would allow them to identify users personally. If you do not which to participate in the tracking, you may block its use by deactivating the cookie of the Google conversion tracking service in the user settings of your internet browser. You are then excluded from the conversion tracking statistics. We use Google AdWords on the grounds of your consent in accordance with Art. 6 Para. 1 lit. a GDPR. Further information on the data protection policies of Google can be found at the following internet address: www.google.de/policies/privacy/
b) Google Fonts
This page uses so-called Web Fonts, which are provided by Google, for the uniform display of fonts. The Google Fonts are installed locally. There is no connection to servers operated by Google.
c) Google Maps
This website uses the Google Maps service via an API. This service is provided by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Maps is deactivated when you access this website for the first time in order to ensure the data protection on this website. A direct connection to Google servers is only established when you activate Google Maps (consent according to Art. 6(1) lit. a of the GDPR. This prevents your data from being transferred to Google as soon as you access the website for the first time. Following activation, Google Maps will store your IP address. Generally, this information is transferred to a Google server in the USA and stored there. The provider of this page has no influence on the data transfer once Google Maps is activated. Additional information on the handling of user data is available in Google’s Data Privacy declaration at: policies.google.com/privacy
d) YouTube
YouTube with expanded data protection
This website embeds videos provided by YouTube. The site is operated by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
We use YouTube in the expanded data protection mode. According to YouTube, this mode ensures that YouTube does not store any information on the visitors to this website before the users watch the video. However, forwarding of data to YouTube partners is not explicitly excluded by the expanded data protection mode. This means that YouTube – regardless of whether you watch a video – establishes a connection to the Google DoubleClick network.
A connection to YouTube servers is established as soon as you start watching a YouTube video on this website. Information on which of our pages you have visited is provided to the YouTube server. When you are logged in to your YouTube account, you make it possible for YouTube to directly link your surf behaviour to your personal profile. You can prevent this from occurring by logging out of your YouTube account.
Moreover, YouTube can store various cookies on your end device when you start a video. These cookies allow YouTube to obtain information on visitors to this website. This information is used, among other things, to record video statistics, improve user-friendliness and prevent any attempted frauds. The cookies remain on your end device until you delete them.
It may occur that additional data processing activities are triggered when starting a YouTube video; we cannot influence these activities.
Using YouTube is intended to provide an appealing representation of our online offering. This represents a legitimate interest in the meaning of Art. 6(1) lit. f of the GDPR. Insofar as corresponding consent was requested (for example, consent for the storing of cookies), the respective data processing will exclusively be done on the basis of Art. 6(1) lit. a of the GDPR; your consent can be revoked at any time. Additional information on data protection at YouTube is available in its data protection declaration at: policies.google.com/privacy.
e) Contacting (Powermail & Netup Projektron)
When contacting us (for example via contact form, email, telephone or social media), information provided by the user is processed for handling the contact enquiry and its completion in accordance with Art. 6(1) lit. b of the GDPR (within the scope of contractual/pre-contractual relations) and Art. 6(1) lit. f of the GDPR (other enquiries). The Powermail and Netup Projektron plug-ins are used for this purpose. The user information can be stored in a Customer Relationship Management System (“CRM system”) or comparable enquiry organisation. We will delete the enquiries provided they are no longer necessary. We review the necessity every two years; the legal archiving obligations furthermore apply.
f) SimplePoll
This website uses the SimplePoll plug-in for smaller surveys. For this purpose, the plug-in stores the user’s IP address to prevent multiple voting. This data is only stored and processed by Projektron GmbH and is not forwarded to third parties. The IP addresses are deleted following the completion of the surveys.
g) Matomo
This website uses the open source web analysis service Matomo. Matomo uses so-called “Cookies”. These are text files which are stored on your computer and allow for an analysis of user behavior on the website. For this purpose, the user information generated by the cookie is stored on our server. The IP address is made anonymous before being stored. Matomo cookies remain on your device until you delete them. The storage of Matomo cookies and the use of this analysis tool are based on Art. 6 para. 1 lit. a GDPR. A corresponding consent is requested (consent to the storage of cookies), the consent can be revoked at any time. The information generated by the cookie about the use of this website is not passed on to third parties.
h) Mailjet
This website uses Mailjet for sending newsletters. The provider is Mailjet SAS (Global HQ). Office and postal address in Paris: 13-13 bis, rue de l’Aubrac, 75012 Paris, France. Mailjet is a service that can be used to organise the sending of newsletters. The data you provide for the purpose of receiving the newsletters is stored on Mailjet’s servers.
You must unsubscribe from the newsletter if you do not wish to receive any emails from Mailjet. Each newsletter message contains a link you can use to unsubscribe.
You can find more detailed information on how Mailjet works by clicking the following link: https://www.mailjet.com/features/
Mailjet’s Data Protection Policy is available under: https://www.mailjet.com/security-privacy/
Legal basis
Data processing is conducted based on your consent (Art. 6(1) lit. a of the GDPR) or for customers within the contractual relationship (Art. 6(1) lit. b of the GDPR). You can revoke the newsletter subscription at any time. The legality of the already conducted data processing remains unaffected by the revocation.
Retention period
The data you provided for the purpose of receiving the newsletter is stored by us or the newsletter service provider until you unsubscribe from the newsletter. The data will be deleted from the newsletter distribution list when you revoke the subscription. Data stored by us for other purposes remains unaffected by the revocation.
Following the deletion from the newsletter mailing list, we or the newsletter service provider reserve the right to store your email address on a blacklist to prevent any future mailings. The data from the blacklist will only be used for this purpose and will not be consolidated with other data.
This is done in your interest, as well as our own interest regarding compliance with legal requirements applicable for sending newsletters (legitimate interest in the meaning of Art. 6(1) lit. f of the GDPR). The duration for storage in the blacklist is not limited. You can object to the storage provided that your interests outweigh our legitimate interests.
Links to the websites of other providers
For the purpose of providing further information, our website may contain links to websites by other providers. We have no influence as to their compliance with the data protection and security regulations. Our data protection policy therefore does not cover these websites.
