PRIVACY POLICY

1. DATA PROTECTION AT A GLANCE

1.1 Purpose of this privacy policy

The purpose of this document is to give you a quick overview of what happens to your personal data when you visit our website. Personal data is any data that can be used to identify you. For more details on data protection and data collection, please refer to our privacy policy set out below.

1.2 How and why do we collect your data?

How do we collect your data?

We primarily collect data when you communicate your data to us. This could be, for example, the data you enter into a contact form.

Our IT systems collect other data automatically when you visit our website. These are mainly technical data (e.g. information about your browser, operating system or the time you accessed our website). This data is collected automatically whenever you use our website.

What do we use your data for?

We collect some of the data to ensure the proper functioning of the website. Some data can be used to analyse your user behaviour.

2. GENERAL AND MANDATORY INFORMATION

2.1. Data protection

We as the operators of this website take the protection of your personal data very seriously. We will treat your personal data as confidential and in accordance with the applicable data protection legislation and this privacy policy.

When you use this website, we collect various types of personal data. Personal data is any data that can be used to identify you. This privacy policy explains what information we collect, how we collect it and what we use it for. We also provide you with information about the purpose of collecting your data.

We would like to point out in this context that any transfer of data over the internet (for example, when communicating by email) can pose a security risk. It is impossible to provide blanket protection of data from third-party access.

2.2 Data controller

The controller responsible for processing of data on this website is:

wusys solutions GmbH
Vilbeler Landstraße 255
D-60388 Frankfurt
Telephone: +49 69 8509603-0
E-Mail: contact@wusys.com

2.3 Withdrawal of your consent to data processing

2.4 What rights do you have in relation to your personal data?

2.4.1 Right of access

You have the right to obtain information about the personal data we store on you, its source and recipients as well as the purpose of storing the data at any time and free of charge. You also have a right to obtain rectification, erasure or restriction of processing with respect to this data.

This right of access covers information on the purposes of the processing, the categories of personal data processed, the recipients or categories of recipient to whom the personal data have been or will be disclosed, where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period, the existence of the right to request rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing, the right to lodge a complaint with a supervisory authority and, where the personal data are not collected from you, any available information as to their source and the existence of automated decision making, including profiling, referred to in Article 22 (1) and (4) and, at least in these cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing.

2.4.2 Right to rectification

You have the right to request the rectification of inaccurate personal data without undue delay. Taking into account the purposes of the processing, you also have the right to have incomplete personal data completed.

2.4.3 Right to erasure

You also have the right to request the erasure of your personal data concerning you without undue delay where one of the following grounds applies: The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; you withdraw your consent on which the processing is based pursuant to Article 6 (1) (a) GDPR or Article 9 (2) GDPR, and where there is no other legal ground for the processing; you object to the processing pursuant to Article 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21 (2) GDPR; the personal data have been unlawfully processed; the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which we are subject; the personal data have been collected in relation to the offer of information society services referred to in Article 8 (1) GDPR.

Where we have made the personal data public and are obliged pursuant to Article 17 (1) GDPR to erase the personal data, we shall take reasonable steps to inform controllers which are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.

2.4.4 Right to restriction of processing

You have the right to request restriction of processing where one of the following applies: You contest the accuracy of the personal data for a period enabling us to verify the accuracy of the personal data; the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead; we no longer need the personal data for the purposes of the processing, but you require the data for the establishment, exercise or defense of legal claims; or you have objected to processing pursuant to Article 21 (1) GDPR pending the verification, whether the legitimate grounds of our company override your legitimate grounds.

2.4.5 Right to data portability

You have the right to receive the personal data concerning you, which you have provided to us, in a commonly used and machine-readable format. You also have the right to transmit this data to another controller without hindrance from us, where the processing is based on consent pursuant to Article 6 (1) (a) or Article 9 (2) (a) GDPR or on a contract pursuant to Article 6 (1) (b) GDPR and the processing is carried out by automated means, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.

Furthermore, you have the right to have the personal data transmitted directly to another controller, where technically feasible and provided that this does not adversely affect the rights and freedoms of others.

2.4.6 Right of object

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you, which is based on Article 6 (1) (e) or (f) GDPR, including profiling based on these provisions.

If you exercise your right to object, we will then no longer process your personal data, unless we can demonstrate compelling reasons for the processing worth protecting, which prevail over your interests, rights and freedoms, or the processing serves to enforce, exercise or defend legal claims.

Where we process personal data for direct marketing purposes, you as the data subject have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. Where you object to processing for direct marketing purposes, we will no longer process personal data for such purposes.

Where personal data are processed for scientific or historical research purposes or statistical purposes pursuant to Article 89 (1) GDPR, you have the right, on grounds relating to your particular situation, to object to processing of personal data concerning you, unless the processing is necessary for the performance of a task carried out for reasons of public interest. In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications.

2.4.7 Right to withdraw

You have the right to withdraw your consent to data processing or collection at any time with effect for the future.

2.4.8 Right to confirmation

You have the right to obtain from us confirmation as to whether or not personal data concerning you are being processed.

To exercise any of the above rights, please send your request to the email address datenschutz@wusys.com.

2.5 Right to lodge a complaint with the competent supervisory authority

In addition, you have the right pursuant to Article 77 GDPR to lodge a complaint with a supervisory authority. As a general rule, you can contact the supervisory authority of your habitual residence or place of work or our company's registered office.

The competent supervisory authority for matters related to data protection legislation is the data protection commissioner of the German federal state in which our company has its registered office. A list of data protection commissioners and their contact details is available at:https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

2.6 SSL or TLS encryption

This website uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as orders or inquiries, you send us as the website operator. You can recognize an encrypted connection in your browser's address bar when it changes from "http://" to "https://" and the lock icon is displayed in your browser's address bar.

If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.

2.7 Objection to promotional emails

We hereby expressly object to third parties using our contact information published as part of the company and legal information to send unsolicited advertising and information materials. The website operator expressly reserves the right to take legal action against senders of unsolicited promotional information by email i.e. spam.

2.8 Duration of data retention

Personal data will be erased at the end of the statutory retention period, provided that the data are no longer required for contract performance or initiation.

2.9. Legal basis for processing

The legal basis for the processing of data, where you have given us your consent to the processing is Article 6 (1) (a) GDPR. Where the processing is necessary for the performance of a contract to which you are party or in order to take steps to enter into a contract, the legal basis for processing is Article 6 (1) (b) GDPR.

Where processing is necessary for compliance with a legal obligation e.g. a tax obligation to which you are subject, the legal basis is Article 6 (1) (c) GDPR.

In rare cases, processing may be necessary to protect your vital interests of those of another natural person. The legal basis for processing in these cases is Article 6 (1) (d) GDPR. Finally, processing may be necessary in accordance with Article 6 (1) (f) GDPR. In this case, the processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms. If you are our customer, we can assume that such a legitimate interest exists. Where the processing of personal data is based on Article 6 (1) (f) GDPR, our legitimate interest is the performance of our business activities.

2.10 Provision of personal data

The provision of personal data can be a statutory or contractual requirement. For example, to conclude a contract, it may be necessary for you to provide us with personal data that we will be subsequently required to process. For example, you are obliged to provide personal data in order to enter into a contract. Failure to do so would mean that the contract could not be concluded. Before providing personal data, you can contact our data protection officer, who will inform you on a case-by-case basis, whether the provision of personal data is a statutory or contractual requirement, and the possible consequences of failure to provide such data.

2.11 Security

As the data controller responsible for data processing we have implemented technical and organizational security measures to protect your data from loss, destruction, tampering and unauthorized access. All our employees and all persons involved in data processing are obliged to comply with the General Data Protection Regulation (GDPR) and other data protection-related laws and regulations to treat personal data confidentially.

When personal data is collected and processed, their transfer will be encrypted in order to prevent misuse of data by third parties. Our security measures are revised on a continual basis and brought into line with the latest technology standards.

However, it should be noted that transfer of data over the internet can pose a security risk and cannot be fully protected against third-party access.

3. DATA PROTECTION OFFICER

We have appointed a data protection officer for our company:

DEUDAT GmbH
Herr Mario Arndt
Zehntenhofstraße 5b
D-65201 Wiesbaden
Telephone: +49 611 950008-32
E-Mail: mario.arndt@deudat.de

4. DATA COLLECTION ON OUR WEBSITE

4.1 Cookies and analysis tools

When you visit one of our websites, we may store information on your computer in the form of a cookie. Cookies are small text files that are sent to your browser from a web server and stored on your computer's hard drive.

Apart from the Internet Protocol address, no personal data of the user is stored. This information is used to recognize you automatically when you return to our websites and to make the websites easier to navigate. Cookies allow us, for example, to adapt a website to your interests or to store your password so that you do not have to re-enter it every time. We also use cookies for statistical purposes to evaluate visits to our website with the help of analytical tools. The analysis of your browsing behavior is usually anonymous, i.e. this data will not be used to identify you. You have the right to object to the analysis of your browsing behaviour. You will find detailed information on your right to object in this privacy policy.

Naturally, it is possible to view our websites without the use of cookies. In any event, you can prevent cookies from being stored on your hard-disk drive by selecting the option "do not accept cookies" in your browser settings. Users can delete cookies already stored on their computers through their browser. For more information, please refer to the instructions provided by your browser provider. If you do not accept cookies, however, this may limit the functionality of our website.

4.2 Server log files

The website provider automatically collects and stores data in so-called server log files, which your browser automatically transmits to us. These are:

  • Browser type and browser version
  • Operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • Time of the server request
  • IP address

The data obtained in this way will not be linked to other data sources.

The legal basis for processing, which is necessary for the performance of a contract or implementation of pre-contractual measures is Article 6 (1) (b) GDPR.

4.3 Query using a contact form / quotation form

If you use the contact or quotation form to send us a query, we will store the information you enter into the form, including your contact details to process your query and to deal with any follow-up questions you may have. We will not share this information without your consent.

We process the data you enter into the contact or quotation form exclusively based on your consent to the processing of personal data (Article 6 (1) (a) GDPR). You can withdraw your consent at any time. To do this, an informal notice of withdrawal by email will suffice. The withdrawal of consent does not affect the lawfulness of data processing based on consent before its withdrawal.

We will keep the data submitted through the contact or quotation form until you ask us to erase the data, withdraw your consent to storage of your data or the data is no longer needed for the purpose for which it has been collected. This is without prejudice to mandatory provisions and in particular, statutory retention requirements.

4.4 Queries by email, telephone or fax

If you contact us by email, telephone or fax, we will process and store your data (name, query details) to deal with your query. We will not share this information without your consent.

This data is processed on the basis of Article 6 (1) (b) GDPR if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases the processing is based on your consent (Article 6 (1) (a) GDPR) and / or on our legitimate interests (Article 6 (1) (f) GDPR), since we have a legitimate interest in the effective processing of the inquiries addressed to us.

We will keep the data submitted through the contact form until you ask us to erase the data, withdraw your consent to storage of your data or the data is no longer needed for the purpose for which it has been collected. This is without prejudice to mandatory provisions and in particular, statutory retention requirements.

5. ANALYSIS TOOLS AND ADVERTISING

5.1 WordPress Statistics

This website uses the open source website analysis tool WordPress Statistics. WordPress Statistics uses so-called "cookies". Cookies are small text files that are stored to your computer and facilitate an analysis of the way you use the website. To do this, the information generated by the cookie about the use of this website is stored on our server. The IP address is anonymized before it is stored.

WordPress Statistics cookies remain on your device until you delete them.

The legal basis for storage of WordPress Statistics cookies is Article 6 (1) (f) GDPR. The website operator has a legitimate interest in analyzing user behavior in an anonymized form aimed at optimizing its website and its advertising.

The information generated by the cookie about your use of this website is not disclosed to third parties. You may refuse the use of cookies by selecting the appropriate settings of your browser. However, please note that if you do this you may not be able to use the full functionality of this website.

5.2 Opt-in

We use cookies to ensure that you have the best possible experience on our website. If you continue to use this website, we assume that you are satisfied with it.

6. OWN SERVICES

6.1 Job applications

We offer you the opportunity to submit a job application (e.g. by email or by post). In the following, we inform you about the scope, purpose and use of your personal data collected as part of the application process. We collect, process and use your data strictly in accordance with applicable data protection laws and regulations and further statutory provisions and we will treat all your data with strictest confidence.

6.2 Scope and purpose of data collection

If you send us an application, we process your associated personal data (e.g. contact and communication data, application documents, notes taken during job interviews, etc.) where this is necessary to decide whether to enter into an employment relationship with you. The legal basis for this is Article 26 of the new German Federal Data Protection Act (BDSG) (initiation of an employment relationship), Article 6 (1) (b) GDPR (contract initiation) and - where you have given your consent - Article 6 (1) (a) GDPR. You can withdraw your consent at any time. Within our company, your personal data will only be disclosed to persons involved in the processing of your application.

If the application is successful, the data you submit will be stored in our data processing systems on the basis of Article 26 (BDSG) and Article 6 (1) (b) GDPR for the purpose of implementing the employment agreement.

6.3 Data retention requirements

If we cannot offer you a job, if you reject a job offer or withdraw your application, withdraw your consent to data processing or ask us to erase the data, the data you have submitted, including any remaining physical application documents, will be stored or retained for a maximum of 3 months after completion of the application process (retention period) in order to be able to trace the details of the application process in the case of any discrepancies (Article 6 (1) (f) GDPR).

YOU MAY OBJECT TO THIS STORAGE IF YOU HAVE LEGITIMATE INTERESTS THAT OVERRIDE OUR INTERESTS.

At the end of the retention period, the data will be erased, provided this does not conflict with statutory retention requirements or other legal requirements. If it is evident that it will be necessary to retain your data after the end of the retention period (e.g. due to an impending or pending legal dispute), the data will only be erased once it is no longer needed. This is without prejudice to other statutory retention requirements.

7. CHANGES TO OUR PRIVACY POLICY

We reserve the right to change our security and data protection measures if this becomes necessary due to technological developments. In these cases, we will update our privacy policy accordingly. Therefore, you should always refer to the most recent version of our privacy policy.

Privacy Policy for the wusys website version: October 2019