Privacy

General

Person responsible for data processing:

The person responsible in accordance with Article 4 Paragraph 7 of the General Data Protection Regulation (GDPR) is [GITA NET GmbH], see our  [Imprint].

Commissioned service providers:

The general provision and maintenance of our websites and email systems is carried out with the support of IT service providers who work on our behalf and can therefore also view (receive) your data to the extent necessary.

Data protection officer:

We are not obliged to appoint a data protection officer.

Collection and use of your data:

The scope and type of collection and use of your personal data differs depending on whether you visit our website only to access information or whether you use any services we may offer.

If we use other (IT) service providers for individual functions of our offering or would like to use your data for advertising purposes, we will inform you in detail about the respective processes (all data processing) below. We also mention the specified storage period criteria and the applicable legal basis for data processing.

Informational use:

For the informational use of our websites, we only collect the personal data that your browser automatically sends to us, such as:

• IP address
• Date and time of the request
• Time zone difference to Greenwich Mean Time (GMT)
• Content of the request (specific page)
• (File transferred, file not found, etc.)
• Website from which the request comes
• Operating system and its interface
• Language and version of your browser.

Storage period:

The storage period for this data (logs) is 14 days.

Legal basis(s) for data processing:

The above-mentioned data is technically necessary to display our websites to you and to ensure stability and security, in accordance with Art. 6 Para. 1 lit. f) GDPR.

Contact Form 

When you contact us via the contact form or by email, we will store the data you provide (your name, your email address, if applicable, your telephone number and your message) in order to answer your question(s). . Mandatory information required for this is marked separately; further information is voluntary. 

Storage period:

We delete the data arising in this context after storage is no longer necessary, or restrict processing if there are statutory retention obligations (max. ten years as part of the archiving of business email traffic required by commercial and tax law). 

Legal basis(s) for data processing:

The processing is necessary for the performance of a contract to which the data subject is a party or to carry out pre-contractual measures at the request of the data subject, in accordance with Article 6 Paragraph 1 Letter b) GDPR.

Applications/job advertisements

We process the data that you have sent to us in connection with your application in order to check your suitability for the position (or other open positions, if applicable) and to carry out the application process.

Your application will be reviewed by the human resources department upon receipt. Suitable applications are then passed on to the branch and department managers for the respective open or suitable position. The further process will then be coordinated. In the entire company, only those people who need it for the proper processing of our application process have access to your data.

Storage period:

In the event of rejection, applicants’ data will be deleted after 6 months. [If you have agreed to further storage of your personal data, we will include your data in our applicant pool. The data will be deleted there after 2 years.]

If you have been accepted for a position as part of the application process, your data will be transferred to our personnel information system.

Legal basis for data processing:

The processing of your data as part of the application process is permitted for the decision on the establishment of an employment relationship, in accordance with Section 26 of the Federal Data Protection Act (BDSG nF).

If the data is necessary for legal prosecution after completion of the application process, data processing can take place to protect legitimate interests in accordance with Article 6 Paragraph 1 Letter f) GDPR. Our interest then lies in asserting or defending claims.

Use of cookies:

We do not use any cookies on our websites. Cookies are small text files that are sent from our web server to your browser when you visit our website and are stored on your computer for later retrieval. They serve to make the Internet offering more user-friendly and effective overall.

Social media links:

Within our websites there are links to various social media with the corresponding logos. These are not social media plug-ins, but simply a link to our offers within these media. If you click on one of these links, your IP address will generally be transmitted to the operators of the different platforms. If you use one of these services and are logged in with your specific account, information about your surfing behavior may also be recorded by the social media operators. Transmitting your IP address to the operators of the websites you access is technically necessary and applies to all websites.

Processing of your personal data in countries outside the EU and the EEA (third countries):

Your personal data will not be processed in countries outside the European Union and the European Economic Area.

Your rights

You have the following rights towards us with regard to your personal data:

• right to information,
• Right to rectification or deletion,
• Right to restriction of processing,
• Right to data portability.

Right to complain to a supervisory authority:

You also have the right to complain to a data protection supervisory authority about our processing of your personal data. 

You can reach the supervisory authority  here.

Right of objection and revocation

If you have given your consent to the processing of your data, you can revoke this at any time. Such a revocation affects the lawfulness of the processing of your personal data after you have expressed it to us.

If we base the processing of your personal data on the balance of interests (the legal basis is then Art. 6 Para. 1 lit. f) GDPR), you can object to the processing. This is the case if the processing is not necessary to fulfill a contract with you, which we address in the explanation of the individual data processing and functions on our websites above in this data protection declaration. If you exercise such an objection, we will ask you to explain the reasons why we should not process your personal data as we do. In the event of your justified objection, we will examine the situation and will either stop or adjust data processing or show you our compelling legitimate reasons,

Right to object to direct advertising:

You can object to the processing of your personal data for advertising and data analysis purposes at any time, for example if you receive advertising from us in the form of a newsletter, customer magazine or information material by post as part of a business relationship.

If we use your data as part of functions on our websites for direct advertising and associated data analysis, we will inform you about this data processing further up in this data protection declaration, including the possibility of being able to exercise your right of withdrawal using technical means, if necessary.

Contact options regarding your rights:

To exercise your rights, you can contact us at any time.

You are also welcome to use one of the contact options in our legal notice or contact our data protection officer directly (contact details above).

Data security:

We also use technical and organizational security measures to protect personal data that is generated or collected, in particular against accidental or intentional manipulation, loss, destruction or attacks by unauthorized persons. Our security measures are continuously improved in line with technological developments.

The transmission of your personal data is encrypted using SSL technology (https) to prevent access by unauthorized third parties.

Communication via email:

Our email systems support encrypted communication using SSL technology (TLS 1.2 incl. PFS). The transmission of your email can therefore generally be encrypted. Please note, however, that encryption also depends on the configuration of your email program and we cannot therefore guarantee complete data security during transport.

For information that requires a high level of confidentiality, we recommend sending it by post.