We would like to point out that the technical refinements of this website will not necessarily close the security loopholes that can arise in the course of data transmissions via the Internet. Complete protection of personal data when using the Internet is not possible.
Responsible authority (“controller”)
The entity with responsibility for processing the personal data of users of this website is:
Olaf Tenti GDI Gesellschaft für Datenschutz und Informationssicherheit Körnerstrasse 45 D-58095 Hagen Tel.: +49 2331 356 8320 Email: firstname.lastname@example.org
Our website is operated via the servers of RobHost GmbH Glashütter Strasse 53 D-01309 Dresden www.robhost.de
When our web pages are accessed, data is automatically collected and stored in log files on the server of our hoster. Such data may contain references to individuals. The data collected includes:
IP address; data and time of request; time zone difference from Greenwich Mean Time (GMT); content of request (actual page)
HTTP access method; content of request (actual page); HTTP protocol used
Access status/HTTP status code
Quantity of data transferred
Website from which the request originates
Operating system and interface
Language and version of browser software
We and the hoster use the data collected to ensure smooth operation of the website, to ensure IT security and to improve our services. The log data will be analysed subsequently where specific indications dictate.
This data will not be merged with other data sources.
The legal basis for collecting data is article 6 subparagraph 1 sentence 1(f) of the GDPR. For the aforementioned purposes, we have a legitimate interest in collecting data.
Duration of storage by the hoster
Data stored by ourselves/the hoster will be deleted after four weeks.
Personal data ‘Personal data’ is defined as all information relating to an identified or identifiable natural person (hereafter the ‘data subject’); a natural person is regarded as identifiable where they can be directly or indirectly identified, in particular by reference to an identifier such as a name, identification number, location data, online identifier or one or more distinguishing factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of the aforesaid natural person.
Processing ‘Processing’ is any operation performed with or without the aid of automated procedures or any such set of operations in connection with personal data including, the collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Restriction of processing ‘Restriction of processing’ is the marking of stored personal data with the aim of limiting their future processing.
Profiling ‘Profiling’ is any kind of automated processing of personal data that involves utilising such personal data in order to evaluate certain personal aspects relating to a natural person, in particular with a view to analysing or predicting aspects connected with work performance, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
Pseudonymisation ‘Pseudonymisation’ is the processing of personal data in a manner which ensures such personal data can no longer be attributed to a particular data subject without using additional information, provided this additional information is kept separately and is subject to technical and organisational measures that ensure the personal data cannot be attributed to an identified or identifiable natural person.
Filing system A ‘filing system’ is any structured set of personal data which is accessible according to specific criteria, whether centralised, decentralised or dispersed on a functional or geographical basis.
Controller A ‘controller’ is a natural or legal person, public authority, agency or other body which determines the purposes and means of the processing of personal data alone or jointly with others; where the purposes and means of processing are determined by European Union law or the laws of member states, the controller or the specific criteria for their nomination may be provided for by member state or European Union law.
Processor A ‘processor’ is a natural or legal person, public authority, agency or other body processing personal data on behalf of the controller.
Recipient The ‘recipient’ is a natural or legal person, public authority, agency or other body to whom personal data is disclosed, regardless of whether they are a third party or not. However, public authorities that potentially receive personal data in the course of a specific inquiry under European Union or member state law are not regarded as recipients; this data is processed by the stated authorities in line with the applicable data protection regulations according to the purposes of processing.
Third party ‘Third party’ means any natural or legal person, public authority, agency or any body other than the data subject, the controller, the processor and persons who, with the direct authority of the controller or the processor, are authorised to process personal data.
Consent ‘Consent’ on the part of the data subject is any informed statement of intent given voluntarily and unequivocally in respect of the case in point; such a statement may take the form of a declaration or other clear affirmative action by which the data subject indicates that they agree to the processing of their personal data.
In addition to the aforementioned data, cookies will be used on your computer when you visit and make use of our website.
Cookies are small text files placed on your device by your browser in order to store specific information. These cookies are also used to make the usage of our site a more enjoyable and convenient experience for visitors, and for analytical purposes.
The majority of the cookies we use are known as ‘session cookies’, which are used to provide you with the services of our website on a technical level. At the end of your visit, the cookies that are set will be deleted from your browser automatically.
Other cookies are retained on your computer so that we will recognise your device the next time you visit (these are known as persistent cookies or permanent cookies).
The next time you access our website using the same device, the information stored in cookies will be retrieved either through our website (‘first-party cookie’) or through another website to which the cookie belongs (‘third-party cookie’).
These cookies will be deleted from your system automatically after a predetermined period of time, which differs according to the cookie.
The respective website uses the stored and returned information to determine that you have already accessed and visited the site via the browser of your device.
We use this information to tailor and present our website according to your preferences. Only the cookie itself will be identified on your device.
Additional personal data will only be stored with your express consent, or where this is essential in order to be able to use the service offered and accessed by you accordingly.
This website uses the following types of cookies, the scope and functionality of which are explained in the following:
Essential cookies facilitate functions without which you cannot utilise our web pages as intended. These cookies are used exclusively by ourselves.
Essential cookies may be used on our website without your consent.
Functional cookies enable our website to store details already supplied (such as the registered name or language selection) and offer you improved and personalised functions on that basis. These cookies only gather and store anonymised information, so your movements on other websites cannot be tracked.
The legal basis for the deployment of these cookies is our legitimate interest in accordance with article 6 subparagraph 1 sentence 1(f) of the GDPR. Our legitimate interest derives from the aforementioned purposes.
You have the option of deactivating cookies in your browser at any time (see below).
However, deactivating cookies may restrict the functionality of this website.
Marketing and/or tracking cookies are only set where you have indicated your active consent.
The legal basis for data processing is article 6 subparagraph 1 sentence 1(a) of the GDPR.
These cookies, which originate from third parties (third-party cookies), are used to gather information on websites visited by the user in order to generate advertising focused on a particular target group for the user.
Here you can revoke your consent to cookies, and prevent cookies being set in future, at any time.
You can adjust your browser settings so that you will be informed when cookies are set (allowing you to permit cookies in certain instances only; for example, third-party cookies which are set by a third party, and not by the actual Internet site you are currently visiting), cookies are only accepted in certain instances or deactivated entirely, or cookies are automatically deleted when you close your browser. You may delete the stored cookies via your web browser at any time.
The following links contain information on the options for the most popular browsers:
If you do not (or have not) changed the settings, cookies that enable or ensure the necessary technical functionality will be retained until you close the browser on your device; other cookies may remain on your device for longer (up to a maximum of six months).
To ensure your privacy, you should regularly review the cookies on your device and clear your own browser history.
For security reasons and to protect transmissions of confidential information (for example, details of orders or enquiries that you send to us as the site operator), this site makes use of SSL and TLS encryption. Where the address bar in your browser changes from ‘http://’ to ‘https://’ and a padlock icon appears, this indicates an encrypted connection.
Where SSL/TLS encryption is activated, data that you supply to us cannot be read by third parties (end-to-end encryption). The logs authenticate the exchange partners and ensure the integrity of the transferred data.
Contact form and callback function
Our website enables visitors to get in touch with us via email and contact form.
The contact form is encrypted using TLS technology before being sent. Encryption serves to prevent unauthorised third parties accessing your personal data.
Where you forward an enquiry to us via the contact form or callback function, we will store the details you supply in the enquiry form (including the contact details you provide) in order to process your enquiry, forward your enquiry internally and answer any follow-up questions. We do not pass on this data without your consent.
Provided your enquiry is linked to the fulfilment of a contract or is necessary to undertake pre-contractual measures, the processing of data is performed on the basis of article 6 subparagraph 1(b) of the GDPR. In all other cases, processing will be based on our legitimate interest in the effective processing of enquiries forwarded to ourselves (article 6 subparagraph 1(f) of the GDPR).
Data will not be merged with other data collected on this website.
Where you are already a customer of our company, data may be stored in the interests of customer relationship management (CRM).
We will retain data you submit via the contact form or callback function until you ask us to delete it, revoke your consent to its storage or there is no longer any need to store such data (e.g. the processing of your enquiry has been concluded). Mandatory legal provisions – and in particular retention periods – are not affected.
Visitors to our website can apply for a job vacancy within our company or submit a speculative application.
Email addresses are displayed for this purpose.
When you apply to us, we will process the information that you supply in the course of the application process (through your CV, covering letter, references, correspondence, phone calls and verbal statements). Alongside your contact details, information concerning your educational background, qualifications, work experience and skills are of particular relevance to us. We only assess your suitability for the relevant position on the basis of your aptitude, so there is no need to submit a photo.
In the case of email applications, data is not generally encrypted when forwarded to us. Alternatively, you can submit application data in encrypted and password-protected files (.zip or similar) and supply us with the decryption password by telephone or otherwise.
Where we subsequently conclude an employment contract with an applicant, the data that was supplied is stored for the purposes of transacting the employment relationship in compliance with legal regulations.
If we do not conclude a contract of employment with an applicant, data will be deleted within six months of declination.
In the event that you have consented to longer storage of your application data, we will transfer your data to our applicant pool (article 26 subparagraph 2 of the Federal Data Protection Act (BDSG) in connection with article 6 subparagraph 1(a) of the GDPR). The data will then be deleted after one year.
The purpose of data processing is to support the application process.
The legal basis for processing data as part of the application process and in connection with personnel records is provided by article 26 subparagraph 1 sentence 1 of the BDSG, article 6 subparagraph 1(b) of the GDPR and (provided you have indicated your consent, e.g. by supplying details not essential to the application process) article 6 subparagraph 1(a) of the GDPR.
You have the right to revoke your consent to the processing of personal data as part of the application process at any time by sending an email to email@example.com.
A legitimate interest in processing on the basis of article 6 subparagraph 1(f) of the GDPR is our defence against legal proceedings.
For this period, our legitimate interest in data storage arises in the assertion or rebuttal of claims, for example in connection with a burden of proof in a court case under the General Act on Equal Treatment (AGG).
Applicants may view the data privacy notice for applicants here.
On our website you can subscribe to a newsletter which will be sent to you via email. Newsletters will be dispatched to the email address provided in the course of personal registration and subsequent confirmation with double opt-in process whereby you consent to receiving the newsletter. The legal basis for this derives from article 6 subparagraph 1 sentence 1(a) of the GDPR. For the purposes of sending the newsletter, we save your name (first name and surname), email address and the newsletter topics to which you subscribe. We store your first name and surname in order to personalise communications. We also store the IP address assigned by the Internet service provider (ISP) of the computer system used by the data subject at the time of registration, along with the date and time of registration. Collecting data is necessary to track potential misuse of the email address of a data subject at a later date, and thus provides a legal safeguard for the person responsible for processing. Personal data collected in the course of registering for the newsletter is exclusively used to send out the newsletter.
In order to dispatch the newsletter, this data is forwarded to our service provider CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede, Germany; data is not passed to other third parties.
To track open rates and click-throughs, registrations and deregistrations and bounces on the part of the newsletter recipient, we make use of ‘tracking codes’ that record the opening of the newsletter and the accessing of weblinks. We record this data in pseudonymised form by replacing all personal data (e.g. email address) with a code (pseudonym). In the process, we do not save any personal data together with usage data such as the opening of the newsletter or the accessing of weblinks. We also ensure such data cannot be merged at a later date. Where the recipient objects to this kind of pseudonymised tracking, they may unsubscribe from the list via the opt-out link at the end of the newsletter.
Revocation of consent
At any time, you may revoke your consent to the usage of your data and also ensure it will not be used in future. An option for unsubscribing from your newsletter topics is included at the end of every newsletter email; alternatively, you may unsubscribe by following this link. The legitimacy of data processing operations already performed will be unaffected by revocation.
To protect input forms on our pages, we use the ‘reCAPTCHA’ service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA (hereafter ‘Google’). Using this service enables us to determine whether form entries are made by a human being or whether improper use has been made of automated machine processing. In the USA, data is transferred on the basis of consent granted in line with article 6 subparagraph 1 sentence 1(a) in connection with article 49 subparagraph 1(a) of the GDPR.
To provide functionality, referrer URLs, IP addresses, behaviour of website visitors, information on operating systems, browsers and dwell times, cookies, display instructions, scripts and information on user inputs/mouse movements in the area of the ‘reCAPTCHA’ checkbox are forwarded to Google.
Among other things, Google uses information acquired in this way to digitalise and optimise its various services.
Google does not merge the IP address collected via reCAPTCHA with other data unless you are logged in to your Google account at the time of using the reCAPTCHA plugins (i.e. at the time you visit our website). If you wish to prevent data concerning you and your behaviour on our website being transferred to and stored by Google, you must log out of Google before accessing our pages.
We make use of the CleverReach service to dispatch our newsletter. The service provider is CleverReach GmbH & Co. KG, Mühlenstrasse 43, 26180 Rastede. CleverReach is a service aimed at organising and analysing the sending of newsletters. The customer data entered (e.g. email address) is stored on servers of CleverReach in Germany or Ireland.
By forwarding newsletters via CleverReach, we are able to analyse the behaviour of newsletter recipients. Among other things, we are thereby able to analyse how many recipients open the newsletter and how often which links in the newsletter are used.
Data is processed on the basis of obtaining your consent in accordance with article 6 subparagraph 1(a) of the GDPR.
We store the data you supply for the purposes of your newsletter subscription until you opt out of the newsletter recipient list; when you unsubscribe, your data is deleted from both our servers and the servers of CleverReach. Data that we store for other purposes is unaffected. For more information, refer to the data privacy regulations of CleverReach: www.cleverreach.com/de/datenschutz/.
We have concluded an agreement governing contract data processing with CleverReach.
The video platform YouTube is operated by Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA or, for those resident or with businesses based in the EU, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereafter ‘Google’).
The following notes do not apply to YouTube videos that are directly integrated on our website.
When you visit our YouTube channel, your data may be automatically collected and stored for the purposes of market research and advertising. Using this data, usage profiles are created using pseudonyms. These profiles can be used to, for example, place advertisements presumed to coincide with your interests within and outside of the video platform. To this end, cookies will usually be placed on your device. The function of cookies is clarified within the framework of the data privacy information provided there; please check the relevant notes. User behaviour and the interests of users are stored in these cookies.
The data we collect also facilitates statistical evaluation of which groups are likely to be interested in our YouTube videos. In particular, we gain information on views and video playing times in this way. The data supplied for purposes of statistical analysis is in anonymised form, so it cannot be associated with individual identities. The information obtained includes the approximate geographical whereabouts, age group and other summarising factors.
The legal basis for the collection and processing of data is established with the consent you grant to Google when accessing the relevant website(s) under the terms of article 6 subparagraph 1(a) of the GDPR. At any time, you may permanently revoke your consent to data processing by contacting Google directly. Revocation of consent does not affect the legitimacy of data processing carried out up to that point.
For detailed information on the processing and usage of data by Google on the YouTube site, for contact details, for information on your rights in this area and for settings options to safeguard your privacy, please refer to Google’s data privacy notice via the following link: https://policies.google.com/privacy?hl=en-GB&gl=de
Since there is no adequacy decision from the EU Commission regarding the transmission of personal data in the USA, we have concluded standard data privacy clauses under the terms of article 46 subparagraph 2(c) of the GDPR with Google. These may be obtained from our Data Security Officer.
Our website makes use of Google Ads, a service of Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland (hereafter referred to as ‘Google’).
Google Ads enables us to use advertising on external websites to raise awareness of our attractive offers. In this way we can determine the effectiveness of specific advertising measures. Google delivers these advertising media via ‘AdServers’.
In this regard we use so-called AdServer cookies, which can be used to quantify specific success parameters such as the display of advertisements and clicks by users. When you reach our website through a Google advertisement, Google Ads will store a cookie on your PC. These cookies become invalid after 30 days.
The cookies are not used to identify you personally. The following analytical values will generally be stored by these cookies: Unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant to post-view conversions), opt-out information (indication that the user does not wish to be targeted further). The cookies enable Google to recognise your web browser. Where a user visits certain pages on the website of an Ads client and the cookie stored on their computer has not yet expired, Google and the client are able to determine that the user has clicked on the advertisement and was redirected to the page in question.
Since a different cookie is assigned to every Ads customer, it is not possible to track cookies via the websites of Ads customers. For our part, we do not collect or process any personal data through the aforementioned advertising measures. We only obtain statistical evaluations from Google. On the basis of these evaluations, we are able to determine which of the advertising measures we use have been the most effective. Our use of advertising media does not provide us with any additional data. We would stress that we are not able to identify individuals on the basis of this information.
Your browser uses the marketing tools deployed to establish a direct link with the Google server automatically. We have no influence on the amount or the subsequent utilisation of data collected by Google through the use of Google Ads.
To the best of our knowledge, Google receives information when you access the relevant section of our website or click on one of our advertisements. If you have a user account with Google and are registered, Google may assign the visit to your user account. Even if you are not registered with Google or you are not logged in, it is possible that Google will find out and store your IP address.
You may prevent the installation of cookies by deleting existing cookies and deactivating the storage of cookies via your browser settings. In this case, please note that you may not be able to access all functions of our website in full.
Moreover, your data may be transferred to the USA.
In the USA, data is transferred on the basis of consent granted in line with article 6 subparagraph 1 page 1(a) of the GDPR in connection with article 49 subparagraph 1(a) of the GDPR.
There are several ways in which you can prevent participation in this tracking procedure:
a) by making the relevant setting to your browser software; specifically, inhibiting third-party cookies will stop you seeing advertisements from third-party suppliers;
c) by deactivating interest-based advertisements from suppliers that participate in the ‘About Ads’ self-regulation campaign using the link http://www.aboutads.info/choices; note that this setting will be deleted when you delete your cookies;
d) by choosing permanent deactivation in the Firefox, Internet Explorer and Google Chrome browsers via the link http://www.google.com/settings/ads/plugin; e) through the relevant cookie settings. In this case, please note that you may not be able to access all functions of this site in full.
Your browser uses the marketing tools deployed to establish a direct link with the Google server automatically. We have no influence on the amount or the subsequent utilisation of data collected by Google through the use of this tool, so the information that follows is given to the best of our knowledge. By integrating Campaign Manager, Google receives information when you access the relevant section of our website or click on one of our advertisements. If you are registered with a service supplied by Google, Google may link your visit to your account. Even if you are not registered with Google or you are not logged in, it is possible that the supplier will find out and store your IP address.
Furthermore, the Campaign Manager (DoubleClick Floodlight) cookies that are set enable us to understand whether you perform specific actions on our website after you call up or click on one of our display/video advertisements on Google or another platform via Campaign Manager (conversion tracking). Campaign Manager uses these cookies to determine the content you interact with on our web pages with a view to sending you targeted advertising at a later date.
You may decline to participate in this tracking procedure in various ways: a) by making the relevant setting to your browser software, and in particular by inhibiting third-party cookies to stop you seeing advertisements from third-party suppliers; b) by deactivating cookies for conversion tracking by adjusting your browser settings so that cookies from the domain www.googleadservices.com are blocked (https://www.google.de/settings/ads); this setting will be deleted when you delete your cookies; c) by deactivating interest-based advertisements from suppliers that participate in the ‘About Ads’ self-regulation campaign using the link http://www.aboutads.info/choices; note that this setting will be deleted when you delete your cookies; d) by choosing permanent deactivation in the Firefox, Internet Explorer and Google Chrome browsers via the link http://www.google.com/settings/ads/plugin; e) through the relevant cookie settings. In this case, please note that you may not be able to access all functions of this site in full.
You can also stop Google collecting data on your usage of websites produced using cookies and prevent Google from processing this data by downloading and installing the browser plugin supplied at https://support.google.com/adsense/answer/142293?hl=en (‘Ad settings’, ‘Extension for Campaign Manager Deactivation’).
The social media network Facebook is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA or, for those resident or with businesses based in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland (hereafter ‘Facebook’).
When you visit our social media pages, your data may be automatically collected and stored for the purposes of market research and advertising. Using this data, usage profiles are created using pseudonyms. These profiles can be used to, for example, place advertisements presumed to coincide with your interests within and outside of the platforms. To this end, cookies will usually be placed on your device. The function of cookies is clarified within the framework of our data privacy information; please check the relevant notes. User behaviour and the interests of users are stored in these cookies. In the context of balancing our priorities, this helps us to uphold our overriding legitimate interest in optimising the presentation of our offers and services and in ensuring effective communications with customers and interested parties. The legal basis for processing is therefore article 6 subparagraph 1(f) of the GDPR.
The legal basis for the collection and processing of data is established with the consent you grant to Facebook when accessing the relevant website under the terms of article 6 subparagraph 1(a) of the GDPR. At any time, you may permanently revoke your consent to data processing by contacting Facebook directly. Revocation of consent does not affect the legitimacy of data processing carried out up to that point.
For detailed information on the processing and usage of data by suppliers via their pages, contact options, details of your associated rights and possible settings to protect your privacy (in particular the possibility of opting out), please refer to the data privacy notice of Facebook: https://www.facebook.com/about/privacy/
Your rights are as stated below; you are entitled to assert these rights against us. Please assert any claim via the relevant address as shown above, or contact us via email at: Datenschutz@gdi-mbh.eu.
For your information:
According to article 15 of the GDPR, you have the right to be informed of what personal data concerning yourself we process. In particular, you are entitled to demand information on the purposes of processing, category of personal data, categories of recipients to whom your data is (or has been) disclosed, the envisaged duration of storage, the existence of a right to request rectification, erasure, restriction of processing or objection to processing, the existence of the right to lodge a complaint, the origins of your data (where we did not collect the data), the existence of automated decision-making (including profiling) and, where appropriate, meaningful information on the details;
In accordance with article 16 of the GDPR, you have the right to demand the immediate rectification of inaccurate or incomplete personal data stored by ourselves;
In line with article 17 of the GDPR, you have the right to demand the erasure of your personal data that we store, unless data processing is necessary to exercise the right of freedom of expression and information, to comply with a legal obligation, for reasons of public interest or to assert, exercise or defend a legal claim;
Restriction of processing:
In accordance with article 18 of the GDPR, you have the right to demand that processing of your personal data is restricted where you contest the accuracy of the personal data, the processing is unlawful but you do not wish to erase the data, we no longer require the data but you still require the data to assert, exercise or defend a legal claim and where you have formally objected to the processing of your data in line with article 21 of the GDPR;
Right to data portability:
According to article 20 of the GDPR, you have the right to receive the personal data you supplied to us in a structured, commonly used and machine-readable format or demand your data is transferred to another controller;
Revocation of consent:
In line with article 7 subparagraph 3 of the GDPR, you have the right to withdraw the consent you indicated to us at any time. As a consequence of this, we will not be able to continue with data processing based on your consent in the future.
Please revoke your consent by contacting the relevant address as shown above or by sending an email to: Datenschutz@gdi-mbh.eu.
Lodging a complaint with a supervisory authority:
In accordance with article 77 of the GDPR, you have the right to lodge a complaint with a supervisory authority. For this purpose, you will generally be able to contact the supervisory authority of your habitual residence or place of work, or direct your complaint to our office/place of business.
Right to object
Where your personal data is being processed on the basis of a legitimate interest in line with article 6 subparagraph 1 page 1(f) of the GDPR, you have the right to object to the processing of your personal data according to article 21 of the GDPR provided grounds exist in relation to your particular situation.
If you wish to assert your right of revocation or objection, it is sufficient to send an email to: Datenschutz@gdi-mbh.eu.
Reach measurement with Matomo (Tracking)
Opt-out complete; your visits to this website will not be recorded by the Web Analytics tool. Note that if you clear your cookies, delete the opt-out cookie, or if you change computers or Web browsers, you will need to perform the opt-out procedure again.
You may choose to prevent this website from aggregating and analyzing the actions you take here. Doing so will protect your privacy, but will also prevent the owner from learning from your actions and creating a better experience for you and other users.
The tracking opt-out feature requires cookies to be enabled.