Preventicus endeavours to protect and respect your privacy. With this data protection notice we would like to inform you with regard to the basis on which we process the personal data collected from you or provided by you, and for which purposes it is used.
1. Who is responsible for data processing and who can I contact?
Responsible within the meaning of the General Data Protection Regulation (GDPR) is:
You can contact our in-house Data Protection Officer by means of the contact details stated above or by e-mail: firstname.lastname@example.org.
2. What is personal data?
Personal data is all information referring to an identified or identifiable natural person. A natural person is deemed to be identifiable, who can be identified directly or indirectly, in particular by means of assignment to an identifier such as a name, customer number, location data, an online identifier or by means of a special characteristic.
3. What data do we collect?
3.1. Data you communicate to us
3.1.1. for general inquiries
In the case of inquiries addressed to us, we process your name, contact data (e. g. telephone number, e-mail address and postal address) as well as all other details provided by you when completing forms or other data fields on our website. This includes details you state when you:
3.1.2. when sending online application documents
When applicants transfer their corresponding application documents to us by electronic means, for instance by e-mail or via a web form on our website, we process the personal data provided by the applicant for the purpose of handling the application procedure.
Within Preventicus, only those bodies have access to your personal data who require it for the processing of the application. Service provides deployed by us can receive data for these purposes, if they maintain data secrecy and obligate themselves to adhere to our written data protection regulations.
3.2. General data we collect during the use of this website
A certain amount of personal data is collected and saved in log files when calling up our website. The data that can be collected includes the browser types and versions used, the operating system used by the accessing system, the website from which an accessing system reaches our page (so-called referrers), the resources you access, the date and time of said access to the website, an Internet protocol address (IP address), the internet service provider of the accessing system and other comparable data and information, which might enable us to avert the risk in the event of attacks on our website.
When using this general data we do not draw any conclusions regarding the person involved. This data is in fact required to correctly deliver the contents of our website, to optimise the presentation of the contents of our website, to ensure the permanent functional capability of our website, and to provide the law enforcement authorities with the necessary information for prosecution in the event of a cyberattack.
This collected, pseudonymised data is evaluated by us on the one hand statistically and on the other hand with the aim of increasing data protection and data security, in order to finally ensure an adequate level of security for the personal data processed by us. The pseudonymised data of the server log files is saved separately from all personal data stated by an affected person.
3.3. Data we collect for the analysis of the use and improvement of the website by means of cookies or comparable analysis tools
We use so-called cookies on our website on the basis of Art. 6 para. 1 letter f DSGVO. Cookies are text files, which are filed and saved on a computer system via an Internet browser.
Many cookies comprise a so-called cookie ID, which is a unique identifier. It consists of a string of characters, by means of which Internet sites and servers can be allocated to the specific Internet browser where the cookie was stored. In addition, your anonymised IP address, details regarding the operating system used, your Internet browser and other device details, such as the resolution used, are collected. This enables the visited websites to differentiate the individual browser of a person involved from other Internet browsers containing other cookies. The purpose of this identification is to provide the users of this website with user-friendly services, which would not be possible if cookies were not set.
The information and offers on our website can be optimised to the benefit of the user by a cookie, and also to make the use of our website easier for the users. Furthermore, cookies are used to place advertising.
The setting of cookies by our website can be prevented at any time by means of a corresponding setting in the Internet browser used, thus permanently objecting to its use. Please follow the instructions in the assistance for your Internet browser. Furthermore, already set cookies can be deleted via an internet browser or other software programs. This is possible in all conventional internet browsers. If the person affected deactivates the setting of cookies in the Internet browser used, it is possible that not all functions of our website can be fully used.
3.3.1. Google Analytics
We additionally use Google Analytics, a web analysis service of Google Inc. ("Google“), which enables an anonymised analysis of the use of the website by you. The information generated by the cookies with regard to your use of this website is usually transferred to a Google server in the USA and stored there. Your IP address will, however, be shortened by Google within the member states of the European Union or in other countries contracted into the European Economic Area. The full IP address is only transferred to a Google server in the USA and shortened there in exceptional cases. On behalf of Preventicus, Google will use this information to analyse your use of the website, to compile reports on the website activities and to render further services associated with the website and Internet use to the website operator. The IP address transmitted by your browser within the framework of Google Analytics is not collected together with other Google data. Apart from the measures described above, you can also prevent the collection of the data related to your use of the website and generated by the cookie (incl. your IP address) to Google and the processing of said data by Google, by downloading and installing the browser plug-in available under the following link (http://tools.google.com/dlpage/gaoptout?hl=de). You can prevent the collection by Google Analytics by clicking on the following link. An opt-out cookie is set, which prevents the future collection of your data when visiting this website: Disable Google Analytics. You will find further information on user conditions and data protection at http://www.google.com/analytics/terms/de.html or https://www.google.de/intl/de/policies/. We would like to point out that on this website, Google Analytics has been extended by the code "anonymizeIp", in order to ensure the anonymous recoding of IP addresses (so-called IP masking).
3.3.2. Facebook pixels
Facebook users should observe that a "tracking pixel" of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”) is used on this website by Preventicus. This marks you as a visitor to our website in anonymised form, without identifying you as a person. When you then login to Facebook later, a non-reversible and thus non-person-related checksum (hash value) is transmitted to Facebook from your user data for analysis and marketing purposes. This enables Facebook to allocate the visit to our website to your user account. We can use the information collected in this way for the display of Facebook ads, which are hopefully relevant for you. You will find further information regarding the purpose and extent of the data collection and the further processing and use of the data by Facebook as well as your setting options for the protection of your privacy in the Facebook data protection guidelines, which are available from, amongst others www.facebook.com/ads/website_custom_audiences/ and www.facebook.com/privacy/explanation/. Objection to the use of the Facebook Website Custom Audiences is possible under www.facebook.com/ads/website_custom_audiences/.
The web tracking function on this site is:
3.3.3. Google Maps
3.3.4. Use of Google AdWords Conversion-Tracking
On our website we use the online advertising program "Google AdWords" and, within this scope, conversion tracking (evaluation of user action). Google conversion tracking is an analysis service of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google"). When you click on an advertisement placed by Google, a cookie for conversion tracking is stored on your computer. These cookies have limited validity, do not contain any personal data, and therefore do not serve for personal identification purposes. When you visit certain pages of our website and the cookie has not yet expired, Google and we can recognise that you have clicked on the advertisement and have been directed to this page. Each Google AdWords customer is given a different cookie. Therefore, there is no possibility that cookies can be traced via the websites of AdWords customers.
The information obtained using the conversion cookie serves to prepare conversion statistics. Here we discover the total number of users who have clicked on one of our advertisements and have been directed to a page having a conversion tracking tag. However, we do not receive any information that enables users to be personally identified.
For this you can prevent the storage of the cookies by selecting the appropriate technical settings in your browser software. We must hereby inform you that, in this case, you may not be fully able to utilise certain functions of this website accordingly. You will then not be included in the conversion tracking statistics.
You will find further information as the data protection declaration of Google under: https://www.google.de/policies/privacy/
4. Where do we store your personal data?
When using this website, a transfer of data takes place to countries outside the European Economic Area ("EEA") within the framework of the use of the data processing stated in chapter 3.3 unless you have selected the opt-out function. An adequacy decision of the EU Commission does not exist for these countries, to the effect that in said countries, there are no data protection provisions comparable with those of the EU (so-called third countries).
These servers are located in the USA. Data is transmitted in accordance with the principles of the so-called EU-US Privacy Shield and on the basis of so-called standard contractual clauses of the EU Commission and guarantee the users an appropriate level of data protection, as well as in particular legally binding and judicially enforceable rights for the persons affected.
The remaining data processing operations are performed exclusively within the EU applying contracted service providers acting on our behalf.
5. How long do we store your data?
Preventicus generally processes and saves the personal data of those involved only as long as is necessary for the fulfilment of the purpose or as far as legally required.
If Preventicus concludes an employment contract with the applicant, the transmitted data is stored at Preventicus for the purpose of processing the employment relationship, observing the statutory regulations, otherwise the application documents will be deleted the latest five months after notification of the rejection decision, if the deletion is not opposed due to other legitimate interests of the person responsible for processing. Another legitimate interest in this sense is, for example, a burden of proof in a procedure pertaining to the General Equal Treatment Act (German: AGG).
Compulsory trade and tax-related retention periods may also oppose deletion. The retention or documentation periods specified there may be up to ten years. If the storage purpose is cancelled or if a legally stipulated storage period expires, the personal data is restricted or deleted as a matter of routine and in compliance with the statutory regulations unless it is required as a means of evidence.
6. On which legal basis do we process your data?
We process the previously named personal data in accordance with the provisions of the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG):
6.1. for decisions regarding the substantiation of an employment relationship (Article 6 par. 1 lit. b GDPR in conjunction with § 26 BDSG)
We process the data you have sent us in connection with your application, in order to assess your suitability for the job (or, if applicable, for other vacancies in our company) and to perform the application procedure in accordance with § 26 BDSG.
6.2. Within the framework of the consideration of interests (Art. 6 par. 1 f GDPR)
Where necessary, we process your data for the safeguarding of our legitimate interests of or those of third parties, unless you have objected to the use of your data, for
6.3. Based on your consent (Article 6 par. 1 a GDPR)
If you have granted your consent to the processing of your personal data for certain purposes, the lawfulness of this processing is given on the basis of your consent.
We use the so-called double opt-in procedure for sending our newsletter, i.e. we will only send you a newsletter via e-mail if you have previously explicitly confirmed that you wish to receive our newsletter. You will then receive a notification e-mail from us, prompting you to confirm that you wish to receive our newsletter by clicking on the link in the e-mail. You can unsubscribe from the newsletter at any time, without any other costs being incurred than the transmission costs at the basic tariffs. A message in text form to the contact data named in section 1 (e.g. e-mail, fax, letter) shall suffice. Of course, you can also use the unsubscribe link in each newsletter for this purpose.
We also use your personal data on the basis of your consent for purposes of direct marketing or to obtain your opinion on our products and services, which can be used for marketing, research and analysis purposes, if you have consented to being contacted for such purposes.
The recording of incoming phone calls takes place only with your consent and can be interrupted by you at any time.
7. Is automated decision-making or profiling applied?
We generally do not use any fully automated decision-making tools in accordance with Article 22 GDPR. If we use this procedure in individual cases, we will inform you separately if this is legally stipulated.
8. Is the provision of the personal data legally or contractually stipulated?
You are under no obligation to provide us with the above-mentioned personal data via the website.
9. Other recipients?
Apart from service providers acting on our behalf and the above-named recipients, we can furthermore disclose your personal data to third parties, if we are obligated to disclose or forward your personal data to fulfil a statutory requirement or to protect the rights, the property or the safety of Preventicus GmbH, our customers or others, as well as to implement our conditions of use.
10. Your rights as an affected person
Each person affected by our personal data processing has the right of access in accordance with Article 15 GDPR, the right of rectification in accordance with Article 16 GDPR, the right to deletion in accordance with Article 17 GDPR, the right to the limitation of processing in accordance with Article 18 GDPR, the right of opposition from Article 21 GDPR as well as the right to data portability from Article 20 GDPR. In the case of access and deletion rights, the limitations according to §§ 34 and 35 of the German Federal Data Protection Act BDSG shall apply. Furthermore, a right to appeal to a data protection authority exists in accordance with Article 77 GDPR in conjunction with § 19 of the German Federal Data Protection Act BDSG.
10.1. Information regarding your right of opposition in accordance with Article 21 GDPR
10.1.1. Individual right of opposition
You have the right, for reasons resulting from your particular situation, to file an opposition at any time against the processing of your personal data, which has taken place based on Article 6 par. 1 f GDPR (data processing based on a balancing of interests); this also applies, where relevant, to a profiling based on this provision within the meaning of Article 4 par. 4 GDPR.
In individual cases we also process your personal data for direct marketing purposes. You have the right to object at any time to processing of your personal data for such marketing purposes; this also applies to profiling to the extent that it is related to such direct marketing.
If you file an opposition, we will no longer process your personal data, unless we can present proof that compelling protection reasons for processing exist that outweigh your interests, rights and freedoms, or that processing serves the assertion, exercise or defence of legal claims.
If you oppose the processing for purposes of direct advertising, we will no longer use your personal data for these purposes.
10.2. Revocation of consents granted
The person involved can revoke a given consent at any time. This also applies to the revocation of declarations of consent granted to us prior to the validity of the EU General data protection regulation, meaning prior to 25 May 2018. The lawfulness of the processing performed based on the consent until the time of revocation shall not be affected by the revocation of the consent.
10.2.1. Implementation of the opposition or revocation of consent granted
Opposition can take place informally and can be performed, for instance:
by telephone via the number +49 (0) 36 41 / 55 98 45-0
or by sending an e-mail to email@example.com
Please contact the Data Protection Officer directly with regard to your data protection rights.
In compliance with the data protection law, we take suitable steps to ensure that your data is treated in accordance with this data protection guideline. Unfortunately, transmission of information via the internet is not completely safe. Although we do our best to protect your personal data, we are unable to guarantee the security of the data communicated to our website; any transmission takes place at your own risk. As soon as we have received your information, we apply strict procedures and security functions to prevent unauthorised access to the greatest extent possible.
Links to third-party websites
Our website may possibly contain links to and from other websites of our partner networks, advertisers and associated companies. Preventicus shall not assume any responsibility for the content of websites linked to its own website. When visiting a website of a third party it is within the scope of your responsibility to ensure that you read the data protection guideline and the conditions that apply to the respective website.
If we decide to change our data protection guideline, we will post the changes on our website, so that you always know what information we collect, how we use it and under which circumstances we possibly disclose it. Should we at any time decide use your personal data in a way which deviates from the way communicated at the time of collection, we will inform you by e-mail (if we are obligated to do so by the applicable data protection regulations).
We warmly recommend to all parents and supervisors to instruct their children in the safe and responsible handling of personal data on the internet. Children should not communicate any personal data to our website without the consent of the parents or supervisor. We assure that we do not knowingly collect the personal data of children, nor use it in any way or disclose it to third parties without authorisation.
Jena, May 25, 2018