DATA PRIVACY STATEMENT
Hello and welcome to our beautiful website. Our Data Privacy Statement gives you an overview of the nature, scope and purpose of the collection and processing of personal data when visiting and using our website, the associated websites, functions and content, and external online presentations.
Our data protection declaration is based on terms used by the General Data Protection Regulation (GDPR) and the new Federal Data Protection Act (BDSG-new). You can view the relevant definitions (Art. 4 GDPR), for example, at https://dejure.org/gesetze/DSGVO/4.html .
We point out that any data transmission on the Internet (e.g. communication by e-mail) may have security vulnerabilities. Complete protection of your data against access by third parties is not possible.
How do we collect your data?
Your data is collected when you provide it to us. An example of this is the completion of a contact form. Through your consent when you visit our website, our IT systems also automatically collect your technical data such as your Internet browser, operating system or the time of the page request.
What do we use your data for?
We collect and process your data to ensure that you can use our website without errors and also to analyze the behaviour of the users of our website.
What rights does the GDPR grant you regarding your data?
You have the right to obtain information about the origin, recipient and purpose of the personal data concerning you. Furthermore, you have the right to have this data corrected or deleted. Through the right of withdrawal, you also have the possibility to withdraw a given consent at any time. In addition, you may, under certain circumstances, request the restriction of the processing of your personal data. Finally, you have the right to lodge a complaint with the responsible supervisory authority.
§ 1 Information about the collection of personal data
(1) Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, and user behaviour.
(2) The responsible party pursuant to Article 4 (7) of the EU General Data Protection Regulation (GDPR) is:
Targa Communications GmbH
Jochen Goetzelmann
Sandgasse 2
60311 Frankfurt am Main
Phone: 06915324210
E-mail: jg@targacommunications.de
You can reach our data protection officer at:
LIEBENSTEIN CONFIDENTIAL GmbH
Mr. Prof. Dr. jur. Hans-Hermann Dirksen
Eschersheimer Landstrasse 351
60320 Frankfurt am Main
Phone: +49-(0)69-272 95 921
E-mail: mail@liebenstein-confidential.de
When you contact us by e-mail or via a contact form, the data you provide (your e-mail address, name and telephone number, if applicable) will be stored by us in order to answer your questions. We delete the data accruing in this context after the storage is no longer necessary or restrict the processing if there are legal retention obligations.
(3) If we use contracted service providers for individual functions of our offer or would like to use your data for advertising purposes, we will inform you in detail about the respective processes below. In doing so, we will also state the defined criteria for the storage period.
§ 2 Collection of personal data when visiting our website
(1) In the case of merely informative use of the website, i.e. if you do not transmit any information to us, we only collect the personal data that your browser transmits to our server.
(2) If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure its stability and security (legal basis is Art. 6 para. 1 s. 1 lit. f GDPR):
IP address
Date and time of the request
Time zone difference to Greenwich Mean Time (GMT)
Content of the request (specific page)
Access status/HTTP status code
Amount of data transferred in each case
The website from which the request comes
Browser
Language and version of the browser software
Operating system and its interface
Websites from which the user's system accesses our website
Websites that are accessed by the user's system via our website
(3) This data is also stored in the log files of our system. This data is not stored together with other personal data of the user.
(4) Purpose of data processing: The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. For this purpose, the user's IP address must remain stored for the duration of the session. The storage in log files is done to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context. These purposes are also our legitimate interest in data processing according to Art. 6 para. 1 lit. f GDPR.
(5) Unless we have stated otherwise in this Data Privacy Statement, personal data will only be stored for as long as it is necessary for the respective purposes.
§ 3 Legal basis of processing
(1) Art. 6 para. 1 a GDPR serves our company as the legal basis for processing operations in which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract of which the data subject is a party, as is the case, for example, with processing operations that are necessary for the delivery of goods or the provision of another service or consideration, the processing is based on Art. 6 para. 1 b GDPR.
(2) The same applies to such processing operations that are necessary for the implementation of pre-contractual measures, for example in cases of inquiries about our products or services.
(3) If our company is subject to a legal obligation by which the processing of personal data becomes necessary, such as for the fulfilment of tax obligations, the processing is based on Art. 6 para. 1 c GDPR.
(4) In some cases, the processing of personal data might become necessary to protect vital interests of the data subject or another natural person. This would be the case, for example, if a visitor were to be injured on our premises and as a result his or her name, age, health insurance data or other vital information had to be passed on to a doctor, hospital or other third party. In that case, the processing would be based on Art. 6 para. 1 d GDPR.
(5) In addition, processing operations could be based on Art. 6 para. 1 f GDPR. Processing operations which are not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary to protect a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject do not predominate. Such processing operations are permitted to us because they were specifically mentioned by the European legislator. In this respect, the European legislator took the view that a legitimate interest could be assumed if the data subject is a customer of the data controller (Recital 47, Sentence 2 GDPR).
(6) If the processing of personal data is based on Article 6 para. 1 f GDPR, our legitimate interest is the performance of our business activities for the benefit of the well-being of all our employees and our shareholders.
§ 4 Your rights
You have the following rights against us regarding the personal data concerning you:
(1) pursuant to Art. 15 GDPR, the right to obtain confirmation as to whether data concerning you is being processed and to obtain information about such data, as well as further information and a copy of the data.
(2) Pursuant to Art. 16 GDPR, the right to request that the data concerning you will be completed or that incorrect data concerning you will be corrected.
(3) Pursuant to Art. 17 GDPR, the right to demand that the data in question be deleted without delay or, alternatively, to demand restriction of the processing of the data pursuant to Art. 18 GDPR.
(4) Pursuant to Art. 20 GDPR, the right to demand that you receive the data in question that you have provided to us in a structured, common and machine-readable format and to demand that it be transferred to other data controllers.
(5) the right to lodge a complaint with the responsible supervisory authority pursuant to Art. 77 GDPR. You can reach the responsible State Data Protection Supervisor at:
The Hessian Supervisor for Data Protection and Freedom of Information.
P.O. Box 3163
65021 Wiesbaden
Telephone: +49 611 1408 - 0
Fax: +49 611 1408 – 900
§ 5 Your right to withdraw the processing of your data
If you have given your consent to the processing of your data, you may withdraw this consent at any time. Such withdrawal will affect the permissibility of processing your personal data after you have expressed it to us.
§ 6 Your right to object to the processing of your data
(1) Insofar as we base the processing of your personal data on a balance of interests, you may object to the processing. This is the case if the processing is not necessary, in particular, for the fulfilment of a contract with you, which is presented by us in each case in the following description of the functions. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will review the situation and either discontinue or adjust the data processing or show you our compelling reasons worthy of protection based on which we will continue the processing.
(2) Of course, you can object to the processing of your personal data for purposes of advertising and data analysis at any time. You can inform us of your objection using the following contact details:
Targa Communications GmbH, Sandgasse 2, 60311 Frankfurt am Main, Germany, Tel.: 06915324210, e-mail: jg@targacommunications.de
§ 7 Your right to have data deleted
(1) The data processed by us will be deleted or its processing restricted in accordance with Articles 17 and 18 GDPR. Unless expressly stated within the scope of this Data Privacy Statement, the data stored by us will be deleted as soon as they are no longer required for their intended purpose and the deletion does not conflict with any legal obligations to maintain records. If the data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law.
(2) In accordance with legal requirements in Germany, data is stored in particular for 6 years in accordance with Section 257 para. 1 of the German Commercial Code (commercial books, inventories, opening balances, annual financial statements, commercial letters, accounting documents, etc.) and for 10 years in accordance with Section 147 para. 1 of the German Fiscal Code (AO) (books, records, management reports, accounting documents, commercial and business letters, documents relevant to taxation, etc.).
§ 8 Contacting
(1) When contacting us, the information of the inquiring persons is processed insofar as this is necessary to answer the contact inquiries and any requested measures.
(2) The response to the contact inquiries in the context of contractual or pre-contractual relationships is carried out to fulfil our contractual obligations or to respond to (pre)contractual inquiries and otherwise based on the legitimate interests in responding to the inquiries.
(3) There is no transfer of data to third parties in this context. The data is used exclusively for processing the conversation.
(4) Data processing for the purpose of contacting us is carried out in accordance with Art. 6 para. 1 s. 1 lit. a GDPR based on your voluntarily given consent.
§ 9 Newsletter and electronic notifications
(1) With your consent, you can subscribe to our newsletter, with which we inform you about our current interesting offers. The advertised goods and services are named in the declaration of consent.
(2) For the registration to our newsletter we use the so-called Double-opt-in procedure. This means that after your registration we will send you an e-mail to the specified e-mail address in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm your registration within 24 hours, your information will be blocked and automatically deleted after one month. In addition, we store your IP addresses and the times of registration and confirmation. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify a possible misuse of your personal data. After your confirmation, we store your e-mail address for the purpose of sending you the newsletter. The legal basis for this is Art. 6 para. 1 s. 1 a GDPR.
(3) You can withdraw your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can declare the withdrawal by clicking on the link provided in each newsletter e-mail, by e-mail or by sending a message to the contact details provided in the imprint.
(4) We would like to point out that we evaluate your user behaviour when sending the newsletter. For this evaluation, the e-mails sent contain so-called Web Beacons or Tracking Pixels, which are single-pixel image files stored on our website. The data is collected exclusively pseudonymously, i.e. the IDs are not linked to your other personal data, and direct personal reference is excluded.
(5) You can object to this tracking at any time by clicking on the separate link provided in each e-mail or by informing us via another contact channel. The information will be stored for as long as you are subscribed to the newsletter. After unsubscribing, we store the data purely statistically and anonymously.
(6) Deletion and restriction of processing: We may store unsubscribed e-mail addresses for up to three years on the basis of our legitimate interests before deleting them in order to be able to prove consent previously given. The processing of this data is limited to the purpose of a possible defence against claims. An individual request for deletion is possible at any time, provided that the former existence of consent is confirmed at the same time. In the event of obligations to permanently observe objections, we reserve the right to store the e-mail address in a blacklist solely for this purpose.
(7) Notes on a legal basis: The newsletter is sent on the basis of the recipients' consent or, if consent is not required, on the basis of our legitimate interests in direct marketing, if and to the extent that this is permitted by law, e.g. in the case of existing customer advertising. The logging of the registration process takes place on the basis of our legitimate interests for the purposes of proving its proper course. Insofar as we commission a service provider to send e-mails, this is done on the basis of our legitimate interests in an efficient and safe sending system. The registration process is recorded based on our legitimate interests to prove that it has been carried out in accordance with the law.
§ 10 Use of Cookies
(1) We use Cookies on our site. These are small files that are automatically created by your browser and stored on your end device (laptop, tablet, smartphone or similar) when you visit our site. Cookies do not cause any damage to your end device, and do not contain viruses, Trojans or other malware.
(2) Information is stored in the Cookie that is related to the specific end device used. This does not mean, however, that we obtain direct knowledge of your identity.
(3) On the one hand, the use of Cookies serves to make the use of our offer more pleasant for you. We use so-called Session-Cookies to recognize that you have already visited individual pages of our website. These are automatically deleted after you leave our site.
(4) In addition, we also use temporary Cookies to optimize user-friendliness, which are stored on your terminal device for a certain fixed period of time. If you visit our site again to use our services, it is automatically recognized that you have already been with us and which entries and settings you have made so that you do not have to enter them again.
(5) On the other hand, we use Cookies to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer for you. These Cookies enable us to automatically recognize that you have already been to our website when you visit it again. These Cookies are automatically deleted after a defined period of time.
(6) The data processed by Cookies is necessary for the aforementioned purposes to protect our legitimate interests and those of third parties in accordance with Art. 6 para. 1 p. 1 lit. f GDPR.
(7) Most browsers accept Cookies automatically. However, you can configure your browser so that no Cookies are stored on your computer or a notice always appears before a new Cookie is created. However, the complete deactivation of Cookies may mean that you cannot use all the functions of our website.
§ 11 Use of the dispatch service provider MailChimp
(1) The newsletter is sent using the dispatch service provider "MailChimp", a newsletter dispatch platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. You can view the privacy policy of the shipping service provider here: https://mailchimp.com/legal/privacy/. The shipping service provider is used based on our legitimate interests pursuant to Art. 6 para. 1 f GDPR and a contract processing agreement pursuant to Art. 28 para. 3 p. 1 GDPR.
(2) The shipping service provider may use the data of the recipients in pseudonymous form, i.e. without assignment to a user, to optimize or improve its own services, e.g. for technical optimization of the dispatch and presentation of the newsletter or for statistical purposes. However, the dispatch service provider does not use the data of our newsletter recipients to write to them or to pass the data on to third parties.
§ 12 Tracking Tools
The tracking measures we use are carried out on the basis of Art. 6 para. 1 p. 1 f GDPR. With the tracking measures we use, we want to ensure a needs-based design and continuous optimization of our website. On the other hand, we use the tracking measures to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer for you. These interests are to be regarded as legitimate within the meaning of the aforementioned provision.
§ 13 Use of Google Analytics
(1) For the purpose of demand-oriented design and continuous optimization of our pages, we use Google Analytics, a web analysis service of Google Inc. (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter "Google"). In this context, pseudonymized usage profiles are created and Cookies are used. The information generated by the Cookie about your use of this website, such as browser type/version, operating system used, referrer URL (the previously visited page), host name of the accessing computer (IP address), time of server request, is transmitted to a Google server in the USA and stored there.
(2) The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services related to the use of the website and the Internet for the purposes of market research and demand-oriented design of these Internet pages. This information may also be transferred to third parties if this is required by law or if third parties process this data on our behalf.
(3) Under no circumstances will your IP address be merged with other Google data. The IP addresses are anonymized so that an assignment is not possible (IP masking).
(4) You may refuse the use of Cookies by selecting the appropriate settings on your browser, however, please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a Browser Add-On (https://tools.google.com/dlpage/gaoptout?hl=de). As an alternative to the Browser Add-On or within browsers on mobile devices, please click this link to prevent the collection by Google Analytics within this website in the future (the opt-out only works in this browser and only for this domain). This will place an opt-out cookie on your device. If you delete your cookies in this browser, you must click this link again. Further information on data protection in connection with Google Analytics can be found, for example, in the Google Analytics help (https://support.google.com/analytics/answer/6004245?hl=de ).
(5) Legal basis for data processing: The legal basis for the processing of personal data using Google Analytics is Art. 6 para. 1 lit. f GDPR.
(6) Purpose of data processing: With the tracking measures used, we want to ensure a needs-based design and continuous optimization of our website. On the other hand, we use tracking measures to statistically record the use of our website and evaluate it for the purpose of optimizing our offer for you. These purposes are also our legitimate interest in the processing of personal data according to Art. 6 para. 1 lit. f GDPR.
§ 14 Google reCAPTCHA
(1) We use "Google reCAPTCHA" (hereinafter "reCAPTCHA") on our websites. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").
(2) The purpose of reCAPTCHA is to check whether the data input on our websites (e.g. in a contact form) is made by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behaviour of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent by the website visitor on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google.
(3) The reCAPTCHA analyses run entirely in the background. Website visitors are not notified that an analysis is taking place.
(4) The data processing is based on Art. 6 para. 1 f GDPR. The website operator has a legitimate interest in protecting its web offers from abusive automated spying and from SPAM.
(5) For more information on Google reCAPTCHA and Google's privacy policy, please refer to the following links: https://www.google.com/intl/de/policies/privacy/ and https://www.google.com/recaptcha/intro/android.html .
§ 15 Provision of the online offer and web hosting
(1) In order to provide our online offer securely and efficiently, we use the services of one or more Webhosting Providers, from whose servers (or servers managed by them) the online offer can be accessed. For these purposes, we may use infrastructure and platform services, computing capacity, storage space and database services as well as security services and technical maintenance services.
(2) The data processed in the course of providing the hosting service may include all information relating to the users of our online service, which is collected in the course of use and communication. This regularly includes the IP address, which is necessary to be able to deliver the contents of online offers to browsers, and all entries made within our online offer or from websites.
(3) E-mail dispatch and hosting: The web hosting services we use also include the dispatch, receipt and storage of e-mails. For these purposes, the addresses of the recipients and senders as well as further information regarding the e-mail dispatch (e.g. the providers involved) and the contents of the respective e-mails are processed. The aforementioned data may also be processed for SPAM detection purposes. Please note that e-mails on the Internet are generally not sent in encrypted form. As a rule, e-mails are encrypted in transit, but (unless a so-called end-to-end encryption method is used) not on the servers from which they are sent and received. We can therefore not assume any responsibility for the transmission path of the e-mails between the sender and the reception on our server.
(4) Collection of access data and log files: We ourselves (or our web hosting provider) collect data on each access to the server (so-called Serverlogfiles). The Serverlogfiles may include the address and name of the web pages and files accessed, the date and time of access, the volume of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page) and, as a rule, IP addresses and the requesting provider.
(5) The Serverlogfiles may be used for security purposes, e.g., to prevent server overload (especially in the event of abusive attacks, and so-called DDoS attacks) and to ensure the utilization of the servers and their stability.
§ 16 Plug-ins and embedded functions and content
(1) We integrate into our online offer functional and content elements that are obtained from the servers of their respective providers (hereinafter referred to as "third-party providers"). These can be, for example, graphics, videos or social media buttons as well as posts (hereinafter uniformly referred to as "content").
(2) The integration always requires that the third-party providers of this content process the IP address of the user, since without the IP address they could not send the content to their browser. The IP address is thus required for the presentation of this content or function. We endeavour to only use content whose respective providers only use the IP address to deliver the content. Third-party providers may also use so-called Pixel Tags (invisible graphics, also known as "Web Beacons") for statistical or marketing purposes. The "Pixel Tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in Cookies on the user's device and may contain, among other things, technical information about the browser and operating system, referring websites, the time of the visit and other information about the use of our online offer, as well as be linked to such information from other sources.
(3) Notes on the legal basis: If we ask users for their consent to the use of third-party providers, the legal basis for the processing of data is consent. Otherwise, the users' data is processed on the basis of our legitimate interests (i.e., interest in efficient, economical and recipient-friendly services). In this context, we would also like to refer you to the information on the use of Cookies in this privacy policy.
§ 17 Integration of Spotify
(1) On our pages, functions of the music service Spotify are integrated. The provider is Spotify AB, Birger Jarlsgatan 61, 113 56 Stockholm in Sweden. You can recognize the Spotify plugins by the green logo on our site. An overview of the Spotify plugins can be found at: https://developer.spotify.com .
(2) This allows a direct connection to be established between your browser and the Spotify server when you visit our pages via the plugin. Spotify thereby receives the information that you have visited our site with your IP address. If you click the Spotify button while logged into your Spotify account, you can link the content of our pages on your Spotify profile. This allows Spotify to assign the visit to our pages to your user account.
(3) For more information, please see Spotify's privacy policy: https://www.spotify.com/de/legal/privacy-policy/ .
(4) If you do not want Spotify to be able to associate the visit to our pages with your Spotify user account, please log out of your Spotify user account.
§ 18 Integration of YouTube videos
(1) We have integrated YouTube videos into our online offer, which are stored on http://www.YouTube.com and can be played directly from our website.
(2) By visiting the website, YouTube receives the information that you have accessed the corresponding sub-page of our website. This occurs regardless of whether YouTube provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be directly assigned to your account. If you do not want the assignment to your YouTube profile, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide need-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right.
(3) Further information on the purpose and scope of data collection and processing by YouTube can be found in the privacy policy. There you will also find further information on your rights and setting options to protect your privacy:
§ 19 Video Conferencing, Online Meetings, Webinars, and Screen Sharing
(1) We use platforms and applications of other providers (hereinafter referred to as "third-party providers") for the purpose of conducting video and audio conferences, webinars, and other types of video and audio meetings. When selecting third-party providers and their services, we observe the legal requirements.
(2) In this context, data of the communication participants is processed and stored on the servers of the third-party providers, insofar as these are components of communication processes with us. This data may include, in particular, registration and contact data, visual and vocal contributions as well as entries in chats and shared screen contents.
(3) If users are referred to third-party providers or their software or platforms in the course of communication, business or other relationships with us, the third-party providers may process usage data and metadata for security, service optimization or marketing purposes. We therefore ask you to observe the data protection notices of the respective third-party providers.
(4) Notes on legal bases: If we ask users for their consent to use the third-party providers or certain functions (e.g. consent to a recording of conversations), the legal basis for the processing is consent. Furthermore, their use may be a component of our (pre)contractual services, provided that the use of the third-party providers was agreed upon in this context. Otherwise, user data is processed on the basis of our legitimate interests in efficient and secure communication with our communication partners. In this context, we would also like to refer you to the information on the use of Cookies in this privacy statement.
§ 20 Cloud Services
(1) We use software services accessible via the Internet and executed on the servers of their providers (so-called "Cloud Services", also referred to as "Software as a service") for the following purposes: document storage and management, calendar management, e-mail dispatch, spreadsheets and presentations, exchange of documents, content and information with specific recipients or publication of web pages, forms or other content and information as well as chats and participation in audio and video conferences.
(2) In this context, personal data may be processed and stored on the servers of the providers, insofar as these are components of communication processes with us or are otherwise processed by us as set out in this privacy policy. This data may include, in particular, master data and contact data of users, data on transactions, contracts, other processes and their contents. The providers of Cloud Services also process usage data and metadata used by them for security purposes and service optimization.
(3) If we use the Cloud Services to provide forms or other documents and content for other users or publicly accessible websites, the providers may store Cookies on the users' devices for the purposes of web analysis or to remember the users' settings (e.g. in the case of media control).
(4) Notes on legal bases: If we ask for consent to use the Cloud Services, the legal basis of the processing is consent. Furthermore, their use may be a component of our (pre)contractual services, provided that the use of the Cloud Services has been agreed upon within this framework. Otherwise, the users' data is processed on the basis of our legitimate interests (i.e., interest in efficient and secure management and collaboration processes).
§ 21 Data protection information in the application process
(1) We process applicant data only for the purpose of and within the scope of the application procedure in accordance with the legal requirements. Applicant data is processed in order to fulfil our (pre)contractual obligations within the scope of the application procedure in accordance with Art. 6 para. 1 b. GDPR and Art. 6 para. 1 f. GDPR insofar as the data processing becomes necessary for us, e.g. within the scope of legal procedures (§ 26 BDSG).
(2) By submitting their application to us, applicants agree to the processing of their data for the purposes of the application procedure in accordance with the type and scope set out in this data protection declaration.
(3) Insofar as special categories of personal data within the meaning of Article 9 para. 1 GDPR are voluntarily disclosed during the application process, they will also be processed in accordance with Article 9 para. 2 b GDPR (e.g. health data, such as severely disabled status or ethnic origin). Insofar as special categories of personal data within the meaning of Art. 9 para. 1 GDPR are requested from applicants as part of the application process, their processing shall additionally be carried out in accordance with Art. 9 para. 2 a GDPR (e.g. health data, if this is required for the exercise of the profession).
(4) In the event of a successful application, the data provided by the applicants may be further processed by us for the purposes of the employment relationship. Otherwise, if the application for a job offer is not successful, the applicants' data will be deleted. The applicants' data will also be deleted if an application is withdrawn, which the applicants are entitled to do at any time.
(5) Subject to a justified withdrawal by the applicant, the data will be deleted after a period of six months so that we can answer any follow-up questions about the application and meet our obligations to provide evidence under the Equal Treatment Act.
(6) As part of the application process, we offer applicants the opportunity to be included in our "applicant pool" for a period of two years on the basis of consent within the meaning of Art. 6 para. 1 b. and Art. 7 GDPR. The application documents in the applicant pool will be processed solely in the context of future job advertisements and the search for employees and will be destroyed at the latest after the expiry of the period. Applicants are informed that their consent to inclusion in the applicant pool is freely given, that it has no influence on the current application process and that they can withdraw this consent at any time for the future and declare their objection within the meaning of Article 21 GDPR.
§ 22 Commissioned data processing and transfer to third parties
(1) In some cases, we use external service providers to process your data. If, in the course of our processing, we disclose data to other persons and companies (processors or third parties), transfer it to them or otherwise grant them access to the data, this will only be done on the basis of a legal permission (e.g. if a transfer of data to third parties, such as to payment service providers, is required in accordance with Art. 6 para. 1 b GDPR for the performance of the contract), your consent, if a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.).
(2) If we commission third parties with the processing of data on the basis of a so-called "commissioned processing agreement", this is done on the basis of Art. 28 GDPR. These are carefully selected and commissioned by us, are bound by our instructions and are regularly monitored.
(3) Furthermore, we may pass on your personal data to third parties if we offer promotions, competitions, contracts or similar services together with partners. You will receive more information on this when you provide your personal data or below in the description of the offer.
(4) If we process data outside the European Union (EU) or the European Economic Area (EEA) (so-called third country) or if this occurs in the context of the use of third-party services or the disclosure or transfer of data to third parties, this will only occur if it is done to fulfil our (pre-)contractual obligations, on the basis of your consent, due to a legal obligation or on the basis of our legitimate interests. Otherwise, we process or allow data to be processed in a third country only if the requirements of Art. 44 et seq. GDPR are met.
§ 23 Planning, organization and auxiliary tools
(1) We use services, platforms and software from other providers (hereinafter referred to as "third-party providers") for the purpose of organizing, managing, planning and providing our services. When selecting third-party providers and their services, we observe the legal requirements.
(2) In this context, personal data may be processed and stored on the servers of third-party providers. This may involve various data that we process in accordance with this privacy policy. This data may include, in particular, master data and contact data of users, data on transactions, contracts, other processes and their contents.
(3) If users are referred to third-party providers or their software or platforms in the course of communication, business or other relationships with us, the third-party providers may process usage data and metadata for security purposes, service optimization or marketing purposes. We therefore ask you to observe the data protection notices of the respective third-party providers.
(4) Notes on legal basis: If we ask users for their consent to use third-party providers, the legal basis for processing data is consent. Furthermore, their use may be a component of our (pre)contractual services, provided that the use of the third-party providers was agreed within this framework. Otherwise, user data is processed on the basis of our legitimate interests (i.e. interest in efficient, economical and recipient-friendly services). In this context, we would also like to refer you to the information on the use of Cookies in this Data Privacy Statement.
§ 24 Data security
(1) Within the website visit, we use the widespread SSL procedure (Secure Socket Layer) in conjunction with the highest encryption level supported by your browser. As a rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is encrypted by the closed key or lock symbol in the lower status bar of your browser.
(2) We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
§ 25 Up-to-dateness and amendment of this data protection declaration
(1) This data protection declaration is currently valid and has the status of January 2021.
(2) Due to the further development of our website and offers on it or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can access and print out the current data protection declaration at any time on the website at https://www.targacommunications.de/datenschutz/.