Data Pro­tec­tion Noti­ce in accordance with GDPR

I. Name and address of the Controller

GSI Office Manage­ment GmbH
Lands­ber­ger Stra­ße 314
80687 Munich
Germany

Tel.: +49 89 89544 500
Email: info@gsi-office.de
Web­site: gsi-office.de

is the Con­trol­ler as defi­ned by the EU Gene­ral Data Pro­tec­tion Regu­la­ti­on (GDPR) and other natio­nal data pro­tec­tion laws.

 

II. Name and address of the Data Pro­tec­tion Officer

AGOR AG
Nid­da­stra­ße 74
60329 Frank­furt am Main
Germany

Tel: +49 69 949432 410
Email: info@agor-ag.com
Web­site: agor-ag.com

 

III. Gene­ral infor­ma­ti­on on data processing

1. Scope of pro­ces­sing of per­so­nal data
As a gene­ral rule, we only coll­ect and use the per­so­nal data of users of our home­page if this is neces­sa­ry to pro­vi­de a func­tion­al web­site, our con­tent and our services.

The per­so­nal data of our users are only coll­ec­ted and used after they have given their con­sent. An excep­ti­on to this prin­ci­ple appli­es in cases whe­re sta­tu­to­ry regu­la­ti­ons per­mit the pro­ces­sing of the data or it is not pos­si­ble for prac­ti­cal reasons to obtain their pri­or consent.

2. Legal basis for the pro­ces­sing of per­so­nal data
The legal basis for pro­ces­sing per­so­nal data is given by:
  • Art. 6 (1)(a) GDPR if con­sent is obtai­ned from the data subject.
  • Art. 6 (1)(b) GDPR in the case of pro­ces­sing which ser­ves to ful­fil a con­tract to which the data sub­ject is a con­trac­ting par­ty. Pro­ces­sing which is requi­red to car­ry out pre-con­trac­tu­al steps is also cover­ed here.
  • Art. 6 (1)© GDPR in the case of pro­ces­sing requi­red for the ful­film­ent of a legal obligation.
  • Art. 6 (1)(d) GDPR if vital inte­rests of the data sub­ject or ano­ther natu­ral per­son requi­re the pro­ces­sing of per­so­nal data.
  • Art. 6 (1)(f) GDPR if the pro­ces­sing is neces­sa­ry to uphold the legi­ti­ma­te inte­rests of our com­pa­ny or of a third par­ty, and the­se are not out­weig­hed by the inte­rests, basic rights and fun­da­men­tal free­doms of the data subject.
3. Era­su­re of data and length of storage
The per­so­nal data of users will be era­sed or blo­cked as soon as the pur­po­se of their sto­rage no lon­ger appli­es. The peri­od of sto­rage may even be lon­ger if this is pro­vi­ded for by Euro­pean or natio­nal legis­la­tors in Uni­on ordi­nan­ces, laws or other regu­la­ti­ons to which the con­trol­ler is sub­ject. The data will also be blo­cked or era­sed if a reten­ti­on dead­line pre­scri­bed by the spe­ci­fied stan­dards expi­res, unless the­re is a need to store the data for a lon­ger peri­od in order to con­clude or ful­fil a contract.
4. Data trans­fers to third count­ries (out­side of the EU)
The GDPR ensu­res an equal­ly high level of data pro­tec­tion within the Euro­pean Uni­on. When sel­ec­ting our ser­vice pro­vi­ders, we the­r­e­fo­re rely on Euro­pean part­ners whe­re­ver pos­si­ble when your per­so­nal data is being pro­ces­sed. Within some excep­ti­ons we may pro­cess per­so­nal data out­side the EU through third-par­ty ser­vices. This may only be the case whe­re the spe­cial requi­re­ments in accordance with Art. 44 et. seq. GDPR are ful­ly met. This means that the pro­ces­sing of your data may then only take place when the third coun­try has been declared to ensu­re an ade­qua­te level of pro­tec­tion by the Euro­pean Com­mis­si­on or if the Euro­pean Stan­dard Con­trac­tu­al Clau­ses have been signed.

 

IV. Use of our web­site, Gene­ral Information

1. Descrip­ti­on and scope of data processing
Every time our web­site is visi­ted, our sys­tem auto­ma­ti­cal­ly regis­ters the user’s data and infor­ma­ti­on about their com­pu­ter sys­tem. The fol­lo­wing infor­ma­ti­on is coll­ec­ted in the process:

  1. infor­ma­ti­on on the brow­ser type and ver­si­on used
  2. the user’s ope­ra­ting system
  3. the user’s IP address
  4. date and time of access
  5. web­sites from which the user’s sys­tem rea­ches our website
  6. web­sites cal­led up by the user’s sys­tem via our website

The data descri­bed — with the excep­ti­on of the user’s IP address or other data which enable the data to be iden­ti­fied with a user — are descri­bed in our system’s log files. The­se data are not stored tog­e­ther with the user’s other per­so­nal data.

2. Pur­po­se and legal basis for the data processing
Our sys­tem needs to tem­po­r­a­ri­ly store the IP address in order to faci­li­ta­te deli­very of the web­site to the user’s PC. To do so, the user’s IP address has to be retai­ned for the dura­ti­on of the ses­si­on. The legal basis for the tem­po­ra­ry sto­rage of the data is given by Art. 6 (1)(f) GDPR.

It is essen­ti­al for the ope­ra­ti­on of the web­site to regis­ter your per­so­nal data in order to deli­ver our web­site. For that reason, the user has no right of objection.

3. Length of storage
Your data will be era­sed as soon as they are no lon­ger nee­ded to meet the pur­po­se of their coll­ec­tion. If your data are coll­ec­ted to gua­ran­tee deli­very of the web­site, the data will be era­sed when the par­ti­cu­lar ses­si­on is finished.

 

V. Gene­ral infor­ma­ti­on on the use of cookies

We use coo­kies on our web­site. By coo­kies, we mean text files which are stored in the inter­net brow­ser or by the inter­net brow­ser on the user’s com­pu­ter sys­tem. If you call up a web­site, a coo­kie may be stored on your ope­ra­ting sys­tem. This coo­kie con­ta­ins a cha­rac­te­ristic cha­rac­ter sequence which enables the brow­ser to be unam­bi­guous­ly iden­ti­fied if the web­site is cal­led up again.

We use coo­kies to make our home­page more user-fri­end­ly. Some ele­ments of our web­site requi­re that the brow­ser can still be iden­ti­fied after a chan­ge of page.

TTD­PA (Ger.: TTDSG):

The legal basis for the sto­rage of coo­kies, device iden­ti­fiers and simi­lar track­ing tech­no­lo­gies or for the sto­rage of infor­ma­ti­on in the end user’s ter­mi­nal equip­ment and access to this infor­ma­ti­on is the Euro­pean ePri­va­cy Direc­ti­ve in con­junc­tion with the Tele­com­mu­ni­ca­ti­ons and Tele­me­dia Data Pro­tec­tion Act (TTD­PA; Ger.: TTDSG).

Plea­se note that the legal basis for the pro­ces­sing of per­so­nal data coll­ec­ted in this con­text then results from the GDPR. The rele­vant legal basis for the pro­ces­sing of per­so­nal data in each spe­ci­fic case can be found below the respec­ti­ve coo­kie or the respec­ti­ve pro­ces­sing itself.

The pri­ma­ry legal basis for the sto­rage of infor­ma­ti­on in the end user’s ter­mi­nal equip­ment — con­se­quent­ly in par­ti­cu­lar for the sto­rage of coo­kies — is their con­sent, §25 Abs.1 S.1 TTD­PA (Ger.: TTDSG). Con­sent is given when visi­ting our web­site — alt­hough this does not have to be given, of cour­se — and can be revo­ked at any time in the coo­kie settings.

Accor­ding to §25 Abs.2 Nr.2 TTD­PA (Ger.: TTDSG), con­sent is not requi­red if the sto­rage of infor­ma­ti­on in the end user’s ter­mi­nal equip­ment or access to infor­ma­ti­on alre­a­dy stored in the end user’s ter­mi­nal equip­ment is abso­lut­e­ly neces­sa­ry for the pro­vi­der of a tele­me­dia ser­vice to be able to pro­vi­de a tele­me­dia ser­vice express­ly reques­ted by the user. You can see from the coo­kie set­tings which coo­kies are to be clas­si­fied as abso­lut­e­ly neces­sa­ry (often also refer­red to as “tech­ni­cal­ly neces­sa­ry coo­kies”) and the­r­e­fo­re fall under the excep­ti­on of §25 Para.2 TTD­PA (Ger.: TTDSG) and the­r­e­fo­re do not requi­re consent.

DSGVO:

The fol­lo­wing data are stored and trans­fer­red in the process:

  • log-in infor­ma­ti­on

The legal basis for the pro­ces­sing of per­so­nal data with the use of coo­kies is given by Art. 6 (1)(f) GDPR. The pur­po­se of using tech­ni­cal­ly neces­sa­ry coo­kies is to sim­pli­fy use of our website.

We point out that some func­tions of our web­site can only be offe­red if coo­kies are used. This appli­es to the fol­lo­wing applications:

  • iden­ti­fi­ca­ti­on of users

We do not employ user data coll­ec­ted by tech­ni­cal­ly neces­sa­ry coo­kies to prepa­re user profiles.

Coo­kies are stored on the user’s PC and sent to our site by this PC. As the user, you the­r­e­fo­re have con­trol over the use of coo­kies. You can rest­rict or deac­ti­va­te the trans­mis­si­on of coo­kies by making chan­ges to the set­tings of your inter­net brow­ser. Saved coo­kies can then be dele­ted again. Plea­se note that you may no lon­ger be able to use all the func­tions of our web­site if you deac­ti­va­te cookies.

 

VI. Your rights / rights of the data subject

In accordance with the EU Gene­ral Data Pro­tec­tion Regu­la­ti­on, you have the fol­lo­wing rights as a data subject:

1. Right of access

You have the right to recei­ve infor­ma­ti­on from us as the con­trol­ler as to whe­ther we are pro­ces­sing per­so­nal data rela­ting to yourself.
In addi­ti­on, you could demand infor­ma­ti­on on the fol­lo­wing topics:

  1. pur­po­se of the data processing;
  2. cate­go­ries of per­so­nal data processed
  3. dthe reci­pi­ents or cate­go­ries of reci­pi­ents to whom the per­so­nal data rela­ting to yours­elf were dis­c­lo­sed or are still being disclosed;
  4. the plan­ned dura­ti­on of the sto­rage of the per­so­nal data rela­ting to yours­elf or, if no spe­ci­fic details can be given, the cri­te­ria for defi­ning the length of storage;
  5. the exis­tence of any right to rec­ti­fi­ca­ti­on or era­su­re of the per­so­nal data rela­ting to you, any right to rest­rict pro­ces­sing by the con­trol­ler or any right of objec­tion to such processing;
  6. the exis­tence of any right of com­plaint to a super­vi­so­ry authority
  7. all available infor­ma­ti­on on the ori­gin of the data if the per­so­nal data have not been coll­ec­ted from the data subject;
  8. the exis­tence of an auto­ma­ted decis­i­on-making pro­cess inclu­ding pro­fil­ing in accordance with Artic­le 22 (1) and (4) GDPR and — at least in the­se cases — meaningful infor­ma­ti­on on the logic invol­ved as well as the impli­ca­ti­ons and spe­ci­fic effects of any such pro­ces­sing for the data subject
  9. Final­ly, you have the right to request infor­ma­ti­on as to whe­ther per­so­nal data rela­ting to yours­elf are being trans­fer­red to a third coun­try or to an inter­na­tio­nal orga­ni­sa­ti­on. In this case, you can request infor­ma­ti­on on the sui­ta­ble gua­ran­tees in place in accordance with Art. 46 GDPR with respect to the transfer.

You can assert your right of infor­ma­ti­on at:

Email: info@gsi-office.de

Post­an­schrift:
GSI Office Manage­ment GmbH
Lands­ber­ger Stra­ße 314
80687 Munich
Germany

2. Right to rectification
Should the per­so­nal data rela­ting to you and pro­ces­sed by us be incor­rect or incom­ple­te, you have a right of rec­ti­fi­ca­ti­on or com­ple­ti­on. Rec­ti­fi­ca­ti­on will be per­for­med wit­hout delay. Your right to rec­ti­fi­ca­ti­on can be rest­ric­ted to the ext­ent that any such rec­ti­fi­ca­ti­on may make it impos­si­ble to ful­fil the rese­arch and sta­tis­ti­cal pur­po­ses or serious­ly ham­per such work, and the rest­ric­tion is neces­sa­ry in order to meet such rese­arch and sta­tis­ti­cal purposes.

3. Right of restriction
The right to rest­rict the pro­ces­sing of per­so­nal data rela­ting to yours­elf can be asser­ted in the fol­lo­wing cases:

  1. the accu­ra­cy of the per­so­nal data is dis­pu­ted for a length of time which will enable the con­trol­ler to check their accuracy;
  2. the pro­ces­sing is unlawful, but era­su­re of the per­so­nal data is rejec­ted and ins­tead rest­ric­tions on the use of the per­so­nal data are demanded;
  3. the con­trol­ler no lon­ger needs the per­so­nal data for the pur­po­ses of the pro­ces­sing, but the data sub­ject needs them to assert, exer­cise or defend legal claims, or
  4. the data sub­ject has objec­ted to the pro­ces­sing pur­su­ant to Art. 21 (1) GDPR, and it has not yet been deter­mi­ned whe­ther the controller’s legi­ti­ma­te reasons out­weigh tho­se of the data subject.

If the pro­ces­sing of the per­so­nal data rela­ting to yours­elf has been rest­ric­ted, such data may only be pro­ces­sed — apart from their sto­rage — with your con­sent or to assert, exer­cise or defend legal claims or to pro­tect the rights of ano­ther natu­ral per­son or legal enti­ty, or for reasons of an important public inte­rest of the Uni­on or a Mem­ber State.

If the pro­ces­sing has been rest­ric­ted in accordance with the con­di­ti­ons out­lined, you will be infor­med by us befo­re the rest­ric­tion is lifted.

Your right to rest­rict the pro­ces­sing can be limi­t­ed to the ext­ent that any such rest­ric­tion may make it impos­si­ble to ful­fil the rese­arch and sta­tis­ti­cal pur­po­ses or serious­ly ham­per such work, and the limi­ta­ti­on is neces­sa­ry in order to meet such rese­arch and sta­tis­ti­cal purposes.

4. Right to erasure
If the reasons set out below app­ly, you can request that the per­so­nal data rela­ting to yours­elf are era­sed imme­dia­te­ly. The con­trol­ler is obli­ged to era­se such data wit­hout delay. The reasons are as follows:

  1. The per­so­nal data rela­ting to yours­elf are no lon­ger nee­ded for the pur­po­ses for which they were coll­ec­ted or other­wi­se processed.
  2. The pro­ces­sing is gover­ned by a con­sent gran­ted under Art. 6 (1)(a) or Art. 9 (2)(a) GDPR, and you revo­ke the con­sent. A fur­ther pre­re­qui­si­te is that the­re is no other legal basis for the processing.
  3. You lodge an objec­tion to the pro­ces­sing (Art. 21 (1) DSGVO), and the­re are no over­ri­ding legi­ti­ma­te jus­ti­fi­ca­ti­ons for the pro­ces­sing. A fur­ther opti­on is to lodge an objec­tion to the pro­ces­sing in accordance with Art. 21 (2) GDPR.
  4. The per­so­nal data rela­ting to yours­elf are being pro­ces­sed unlawfully.
  5. Era­su­re of the per­so­nal data rela­ting to yours­elf is requi­red to meet a legal obli­ga­ti­on in accordance with Uni­on or Mem­ber Sta­te law to which the con­trol­ler is subject.
  6. The per­so­nal data rela­ting to yours­elf were coll­ec­ted with refe­rence to ser­vices offe­red by the infor­ma­ti­on socie­ty in accordance with Art. 8 (1) GDPR.

If we have published the per­so­nal data rela­ting to yours­elf and we are obli­ged under Art. 17 (1) GDPR to era­se them, we will take appro­pria­te steps, inclu­ding of a tech­ni­cal natu­re, taking into account the tech­no­lo­gy available and the imple­men­ta­ti­on cos­ts, to inform con­trol­lers respon­si­ble for data pro­ces­sing who are pro­ces­sing the per­so­nal data that you as the data sub­ject have reques­ted them to dele­te all links to the­se per­so­nal data or copies or dupli­ca­tes of such per­so­nal data.

We point out that the­re is no right of era­su­re if the pro­ces­sing is necessary

  1. to exer­cise the right to free speech and information;
  2. zto meet a legal obli­ga­ti­on which requi­res the pro­ces­sing in accordance with the law of the Uni­on or that of Mem­ber Sta­tes to which the con­trol­ler is sub­ject, or to per­form a task which lies in the public inte­rest or that is car­ri­ed out in the exer­cise of offi­ci­al aut­ho­ri­ty con­fer­red on the controller;
  3. for reasons of public inte­rest in the area of public health in accordance with Art. 9 (2) (h and i) as well as Art. 9 (3) GDPR;
  4. for archi­ving pur­po­ses in the public inte­rest, sci­en­ti­fic or his­to­ri­cal rese­arch pur­po­ses or sta­tis­ti­cal pur­po­ses in accordance with Art. 89 (1) GDPR if the right spe­ci­fied in Sec­tion a) will pro­ba­b­ly ren­der rea­li­sa­ti­on of the objec­ti­ves of this pro­ces­sing impos­si­ble or serious­ly com­pro­mi­se them, or
  5. to assert, exer­cise or defend legal claims.

5. Right to information
If you have asser­ted a right to rec­ti­fi­ca­ti­on, era­su­re or rest­ric­tion of pro­ces­sing, we are obli­ged to inform all reci­pi­ents to whom the per­so­nal data rela­ting to yours­elf have been dis­c­lo­sed, of such rec­ti­fi­ca­ti­on or era­su­re of the data or rest­ric­tion of the pro­ces­sing, unless this turns out to be impos­si­ble or is asso­cia­ted with a dis­pro­por­tio­na­te amount of time and effort. You also have the right to be infor­med of the­se recipients.

6. Right to data portability
Under GDPR, you also have the right to recei­ve the per­so­nal data pro­vi­ded to us and rela­ting to yours­elf in a struc­tu­red, com­mon­ly used, machi­ne-rea­da­ble for­mat. Fur­ther­mo­re, you have the right trans­mit such data to a dif­fe­rent con­trol­ler wit­hout being impe­ded by the con­trol­ler to whom the per­so­nal data were pro­vi­ded, as long as
  • the pro­ces­sing is based on con­sent in accordance with Art. (6) (1)(a) GDPR or Art. 9 (2)(a) GDPR or on a con­tract in accordance with Art. 6 (1)(b) GDPR, and
  • the pro­ces­sing is per­for­med with the aid of auto­ma­ted procedures.

Final­ly, in exer­cis­ing this right to data por­ta­bi­li­ty, you have the right to have the per­so­nal data rela­ting to yours­elf trans­fer­red direct­ly from one con­trol­ler to ano­ther if this is tech­ni­cal­ly fea­si­ble and no free­doms or rights of other per­sons are impai­red in the process.

The right to data por­ta­bi­li­ty does not app­ly to the pro­ces­sing of per­so­nal data requi­red for the per­for­mance of a task which lies in the public inte­rest or is car­ri­ed out in the exer­cise of offi­ci­al aut­ho­ri­ty con­fer­red on the controller.

7. Right to revo­ke con­sent with respect to data pro­tec­tion laws
You are entit­led at any time to revo­ke your decla­ra­ti­on of con­sent with respect to data pro­tec­tion laws. We point out that revo­ca­ti­on of your con­sent will not affect the lawful­ness of the data pro­ces­sed on the basis of such con­sent pri­or to its revocation.
8. Right of objection
You also have the right, for reasons stem­ming from your par­ti­cu­lar situa­ti­on, to object at any time to the pro­ces­sing of per­so­nal data rela­ting to yours­elf car­ri­ed out on the basis of Art. 6 (1) (e) or (f) GDPR. The right of objec­tion also appli­es to any pro­fil­ing based on the­se provisions.The con­trol­ler will no lon­ger pro­cess the per­so­nal data rela­ting to yours­elf unless he can show com­pel­ling, sen­si­ti­ve reasons for the pro­ces­sing which out­weigh your inte­rests, rights and free­doms, or the pro­ces­sing ser­ves to assert, exer­cise or defend legal claims.

If your per­so­nal data are pro­ces­sed for the pur­po­se of direct mail mar­ke­ting, you have the right to object at any time to the pro­ces­sing of your per­so­nal data for the pur­po­se of such adver­ti­sing. This also appli­es to pro­fil­ing pro­vi­ded it is asso­cia­ted with such direct adver­ti­sing. If you lodge an objec­tion to pro­ces­sing for the pur­po­se of direct mail mar­ke­ting, the per­so­nal data rela­ting to yours­elf will no lon­ger be pro­ces­sed for the­se purposes.You are also free to exer­cise your right of objec­tion in con­nec­tion with the use of ser­vices of the infor­ma­ti­on socie­ty (not­wi­th­stan­ding Direc­ti­ve 2002/58/EC) by means of auto­ma­ted pro­ce­du­res in which tech­ni­cal spe­ci­fi­ca­ti­ons are used.

You also have the right, for reasons resul­ting from your par­ti­cu­lar situa­ti­on, to object to the pro­ces­sing of your per­so­nal data for sci­en­ti­fic or his­to­ri­cal rese­arch pur­po­ses or for sta­tis­ti­cal pur­po­ses under Art. 89 (1) GDPR.

Your right of objec­tion can be rest­ric­ted to the ext­ent that any such objec­tion may make it impos­si­ble to ful­fil the rese­arch and sta­tis­ti­cal pur­po­ses or serious­ly ham­per such work, and the rest­ric­tion is neces­sa­ry in order to meet such rese­arch and sta­tis­ti­cal purposes.

9. Auto­ma­ted decis­i­ons in indi­vi­du­al cases inclu­ding profiling
Under the EU Gene­ral Data Pro­tec­tion Regu­la­ti­on, you also have the right not to be sub­ject to a decis­i­on based exclu­si­ve­ly on auto­ma­ted pro­ces­sing — inclu­ding pro­fil­ing — which is legal­ly bin­ding on you or which has a con­sider­a­b­ly adver­se effect on you in some other way. An excep­ti­on to this prin­ci­ple appli­es, howe­ver, if the decision
  1. is neces­sa­ry for the con­clu­si­on or ful­film­ent of a con­tract bet­ween yours­elf and the controller,
  2. is per­mit­ted due to legal regu­la­ti­ons of the Uni­on or Mem­ber Sta­tes to which the con­trol­ler is sub­ject, and such legal regu­la­ti­ons con­tain appro­pria­te mea­su­res for pre­ser­ving your rights and free­doms as well as your legi­ti­ma­te inte­rests, or
  3. is made with your expli­cit consent.

If the pro­ces­sing is per­for­med within the con­fi­nes of cases spe­ci­fied in (1) and (3), the con­trol­ler will take appro­pria­te steps to safe­guard rights and free­doms as well as your legi­ti­ma­te inte­rests. At the least, this includes the right to obtain the inter­ven­ti­on of a per­son on the part of the con­trol­ler, to pre­sent your own point of view and to chall­enge the decision.

The decis­i­on under (1) and (3) may not be based on spe­cial cate­go­ries of per­so­nal data in accordance with Art. 9 (1) GDPR unless Art. 9 (2)(a) or (g) appli­es and sui­ta­ble steps have been taken to safe­guard rights and free­doms as well as your legi­ti­ma­te interests.

10. Right of com­plaint to a regu­la­to­ry authority
If you are of the view that the pro­ces­sing of your per­so­nal data brea­ches the GDPR, you have the ulti­ma­te right to com­plain to a regu­la­to­ry aut­ho­ri­ty, par­ti­cu­lar­ly in the mem­ber sta­te of your place of resi­dence, your place of work or the place whe­re the suspec­ted breach has been committed.

 

VII. Elec­tro­nic contact

You will find a cont­act form on our home­page that you can use to cont­act us elec­tro­ni­cal­ly. The data ente­red into the input mask are trans­mit­ted to us and stored. The­se data include:

  1. Title
  2. First name
  3. Sur­na­me
  4. Email
  5. Pho­ne number
  6. Com­pa­ny
  7. Con­tent of the message

The date of the mes­sa­ge is also stored once the mes­sa­ge has been sent.

It is also pos­si­ble to cont­act us via our pro­vi­ded email address. In this case, the user’s per­so­nal data trans­mit­ted by email will be stored.

A trans­fer of your data to third par­ties will not take place in this con­text; this data will be used exclu­si­ve­ly for pro­ces­sing the com­mu­ni­ca­ti­on record.

The legal basis for pro­ces­sing the data is in sub­mit­ting user con­sent as defi­ned in Art. 6 Sec­tion 1 lit. a GDPR. The legal basis for pro­ces­sing the data trans­mit­ted while sen­ding an email is Artic­le 6 Sec­tion 1 lit. f GDPR. If the email cont­act aims to con­clude a con­tract, then addi­tio­nal legal basis for the pro­ces­sing is Art. 6 Sec­tion 1 lit. b GDPR.

Pro­ces­sing per­so­nal data in this con­text is sole­ly for pro­ces­sing the cont­act. In the case of cont­act via e‑mail, this also includes the requi­red legi­ti­ma­te inte­rest in pro­ces­sing the data.

If fur­ther per­so­nal data are pro­ces­sed during the sen­ding pro­cess, then they ser­ve only to pre­vent misu­se of the cont­act form and to ensu­re the secu­ri­ty of our infor­ma­ti­on tech­no­lo­gy systems.

Your data will be dele­ted as soon as they are no lon­ger neces­sa­ry for achie­ving the pur­po­se of the inquiry. Regar­ding the per­so­nal data from the input form on the cont­act form and tho­se sent by e‑mail, this is the case when the respec­ti­ve con­ver­sa­ti­on with the user has ended. The con­ver­sa­ti­on is ended when it can be infer­red from the cir­cum­s­tances that the rele­vant facts have been final­ly clarified.

The addi­tio­nal per­so­nal data coll­ec­ted during the sen­ding pro­cess will be dele­ted at the latest after a peri­od of seven days.

You will have the oppor­tu­ni­ty to revo­ke your con­sent to the pro­ces­sing of per­so­nal data at any time. Even when cont­ac­ting us by email, you can object to the sto­rage of your per­so­nal data at any time. Howe­ver, we would like to point out that in such a case, the con­ver­sa­ti­on can­not continue.

All per­so­nal data stored while cont­ac­ting will be dele­ted in this case.

 

VIII. Log­in MyGSI

As a regis­tered cus­to­mer you can log into the pro­tec­ted space “MyG­SI” on our web­site with use of your user name and your per­so­nal password.

At the time of log­ging in the fol­lo­wing infor­ma­ti­on is coll­ec­ted as well:

  1. User­na­me and e‑mail
  2. Date and time of login
  3. Down­loads
  4. User IP
  5. Brow­ser

The pur­po­se of the log­in is to pro­vi­de a per­so­nal pro­ject room for pro­ject management.
The legal basis for pro­ces­sing per­so­nal data is Art. 6 para. 1 sent. 1 lit. b GDPR.

 

IX. Care­er Portal

On this web­site, we dis­play job offers for which inte­res­ted indi­vi­du­als can app­ly by e‑mail. Spe­cu­la­ti­ve appli­ca­ti­ons can also be sent by e‑mail. In case of an recei­ved appli­ca­ti­on, we pro­cess data from the appli­cant strict­ly for the pur­po­se of poten­ti­al­ly fil­ling the rele­vant position.
The pri­ma­ry legal basis for this is Art. 88 GDPR in con­junc­tion with § 26 para. 1 BDSG.

Within our com­pa­ny only per­son­nel that is rele­vant to the appli­ca­ti­on pro­ce­du­re and respon­si­ble for the decis­i­on over the appli­ca­ti­on recei­ve access to your per­so­nal data.

We dele­te your per­so­nal data as soon as it is no lon­ger requi­red for the abo­ve-men­tio­ned pur­po­ses. If we enter into a con­tract of employ­ment with an appli­cant, the data trans­mit­ted will be stored for the pur­po­se of admi­nis­te­ring the employ­ment rela­ti­onship in com­pli­ance with the sta­tu­to­ry pro­vi­si­ons. If no con­tract of employ­ment is signed with the appli­cant, the appli­ca­ti­on docu­ments will be dele­ted after 6 months at most, after noti­fi­ca­ti­on of the rejec­tion, pro­vi­ded that no other legi­ti­ma­te inte­rests of the pro­ces­sor con­flict with era­su­re of the appli­cants per­so­nal data. Other legi­ti­ma­te inte­rests in this sen­se include, for exam­p­le, a duty of pro­of in pro­cee­dings under the Ger­man Gene­ral Equal Tre­at­ment Act (AGG).

Your per­so­nal data will not be dis­c­lo­sed to third parties.

 

X. News­let­ter

You can sub­scri­be to a free news­let­ter on our home­page in which we will keep you up to date on our latest inte­res­t­ing offers. The data which you pro­vi­de in the ent­ry win­dow in the cour­se of regis­tering, will be trans­mit­ted to us.

In the pro­cess, we will coll­ect the fol­lo­wing data on the basis of the con­sent obtai­ned from you as part of the regis­tra­ti­on process:

  • First and last name
  • Email address
  • Your com­pa­ny
  • IP address of the reques­t­ing processor
  • Date and time of registration

Your data coll­ec­ted in con­nec­tion with pro­ces­sing data for the des­patch of news­let­ters will not be pas­sed on. The data will be used exclu­si­ve­ly for the des­patch of the newsletter.

1. Dou­ble opt-in and log

Regis­tra­ti­on for our news­let­ter is made in a so-cal­led dou­ble opt-in pro­ce­du­re. After regis­tra­ti­on, you will recei­ve an email in which you are asked to con­firm your regis­tra­ti­on. This con­fir­ma­ti­on is requi­red to ensu­re that no-one can regis­ter with an email address that does not belong to them.

Regis­tra­ti­ons for the news­let­ter will be log­ged to enable the regis­tra­ti­on pro­cess to be veri­fied in accordance with legal requi­re­ments. This includes sto­ring the time of regis­tra­ti­on and con­fir­ma­ti­on as well as the IP address.

2. Legal basis

The legal basis for pro­ces­sing the data is given by Art. 6 (1)(a) GDPR as long as the user’s con­sent has been obtai­ned. Coll­ec­tion of the user’s email address ser­ves to deli­ver the newsletter.

3. Era­su­re, revo­ca­ti­on and objection

Your data will be era­sed as soon as they are no lon­ger nee­ded to meet the pur­po­se of their coll­ec­tion. Your email address will the­r­e­fo­re be stored for as long as the sub­scrip­ti­on to the news­let­ter is acti­ve. You can ter­mi­na­te your sub­scrip­ti­on to the news­let­ter at any time by revo­king your con­sent. You will find a cor­re­spon­ding link in every news­let­ter for this purpose.

We also draw your atten­ti­on to the fact that you can object at any time to the future pro­ces­sing of your per­so­nal data in accordance with the sta­tu­to­ry requi­re­ments set out in Art. 21 GDPR. In par­ti­cu­lar, the objec­tion can rela­te to pro­ces­sing for the pur­po­ses of direct mail marketing.

4. Email mar­ke­ting ser­vice providers

The news­let­ter is sent through “Bre­vo” (form­er­ly Sen­din­blue), a news­let­ter des­patch plat­form ope­ra­ted by Bre­vo, Köpe­ni­cker Str. 126, 10179 Ber­lin, Germany.

The email addres­ses of our news­let­ter sub­scri­bers as well as fur­ther data descri­bed in the cour­se of the­se notes, are stored on the ser­vers of Bre­vo. Bre­vo uses this infor­ma­ti­on to des­patch the news­let­ter and for eva­lua­tions on our behalf. Fur­ther­mo­re, accor­ding to Bre­vo, it can use the­se data to opti­mi­se or impro­ve its own ser­vices, e.g. for the tech­ni­cal opti­mi­sa­ti­on of the des­patch pro­cess and the dis­play of the news­let­ter or for busi­ness pur­po­ses to deter­mi­ne which count­ries the reci­pi­ents come from. Howe­ver, Bre­vo will not use the data of our news­let­ter sub­scri­bers to wri­te to them its­elf or pass them on to third parties.

We trust Brevo’s relia­bi­li­ty as well as their IT and data secu­ri­ty. You can view the data pro­tec­tion pro­vi­si­ons of Bre­vo here: https://www.brevo.com/legal/privacypolicy.

 

XI. Use of Goog­le Analytics

This web­site uses the web ana­ly­sis ser­vice Goog­le Ana­ly­tics to ana­ly­se the use of our web­site and to enable us to regu­lar­ly impro­ve it. We can use the sta­tis­tics recei­ved to impro­ve our pro­duct and to make our web­site more attrac­ti­ve to you as the user.

Coo­kies are stored on your com­pu­ter for this eva­lua­ti­on. The con­trol­ler saves the infor­ma­ti­on thus coll­ec­ted exclu­si­ve­ly on its ser­ver in Ger­ma­ny. You can halt the eva­lua­ti­on by dele­ting exis­ting coo­kies and pre­ven­ting the sto­rage of new ones. If you pre­vent the sto­rage of coo­kies, we point out that you may not be able to use this web­site in its enti­re­ty. You can pre­vent the sto­rage of coo­kies through a set­ting in your browser.

We use Goog­le Ana­ly­tics with the exten­si­on “Anony­mi­zeIP”. This means that IP addres­ses are pro­ces­sed in abbre­via­ted form making it impos­si­ble to direct­ly iden­ti­fy them with a per­son. The IP address trans­mit­ted from your brow­ser by means of Goog­le Ana­ly­tics is not com­bi­ned with other data coll­ec­ted by us.

You can find infor­ma­ti­on on the data pro­tec­tion offe­red by this exter­nal sup­pli­er at https://policies.google.com/privacy.

XII. Inte­gra­ting Goog­le Maps

We use Goog­le Maps offer on our web­site. This allows us to show you inter­ac­ti­ve maps right on the web­site and allow you to con­ve­ni­ent­ly use the map feature.

By visi­ting the web­site, Goog­le recei­ves the infor­ma­ti­on that you have acces­sed the cor­re­spon­ding sub­page for our web­site. In addi­ti­on, the infor­ma­ti­on refer­red to in Sec­tion IV of this state­ment will be trans­mit­ted to Goog­le. This is done regard­less whe­ther Goog­le pro­vi­des a user account that you are log­ged in to, or if the­re is no user account. When you’­re log­ged in to Goog­le, your data will be assi­gned direct­ly to your account. If you do not wish to be asso­cia­ted with your pro­fi­le on Goog­le, you must log out befo­re acti­vat­ing the but­ton. Goog­le stores your data as usa­ge pro­files and uses them for adver­ti­sing, mar­ket rese­arch and/or needs-based web­site design. This type of an eva­lua­ti­on is car­ri­ed out (even for users who are not log­ged in) for the pur­po­se of pro­vi­ding appro­pria­te adver­ti­sing and to inform other users of the social net­work about your acti­vi­ties on our web­site. You have a right of objec­tion to the for­ma­ti­on of the­se user pro­files, and you must cont­act Goog­le to exer­cise this right.

Plea­se refer to the provider’s pri­va­cy poli­cy for more infor­ma­ti­on on the pur­po­se and scope of the data coll­ec­tion and its pro­ces­sing by the plug-in pro­vi­der. The­re you will also find fur­ther infor­ma­ti­on about the­se rights as they rela­te to you and set­tings opti­ons for pro­tec­ting your pri­va­cy. http://www.google.de/intl/de/policies/privacy.

Data Pro­tec­tion Noti­ce | Patent Soft­ware | GSI Office Management