Responsible authority in the sense of the data protection laws, in particular the EU – General Data Protection Regulation (GDPR), is the
Sommer Informatik GmbH
Sepp-Heindl-Str. 5
83026 Rosenheim
Tel: +49 8031 24881
E-Mail: info@sommer-informatik.de
County court Traunstein HRB9972
Managing Director: Mr. Robert Sommer, Dipl. computer scientist
Name and address of data protection officer
The data protection officer of Sommer Informatik GmbH is:
Alexander Sommer
Sommer Informatik GmbH
Sepp-Heindl-Str. 5
83026 Rosenheim
Germany
Tel.: +49 8031 24881
E-Mail: info@sommer-informatik.de
Website: www.sommer-informatik.de
Any person concerned can contact our data protection officer directly at any time with any questions or suggestions regarding data protection.
1. Your rights as a data subject
You can exercise the following rights at any time using the contact details provided by our data protection officer:
• Information about your data stored by us and its processing (Art. 15 GDPR)
• Correction of inaccurate personal data (Art. 16 GDPR)
• Deletion of your data stored with us (Art. 17 GDPR)
• Restriction of data processing if we are not yet allowed to delete your data due to legal obligations (Art. 18 GDPR)
• Objection to the processing of your data by us (Art. 21 GDPR)
• Data transferability if you have consented to data processing or have concluded a contract with us (Art. 20 GDPR)
If you have given us your consent, you can revoke it at any time with effect for the future.
You can always complain to the supervisory authority responsible for you (Art. 77 GDPR in conjunction with §19 BDSG). Your responsible supervisory authority depends on the federal state of your residence, your work or the presumed violation. You will find a list of the supervisory authorities (for the non-public sector) with their addresses under:
https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
(Only in German available).
2. Collection of general information when you visit our website
2.1 Nature and purpose of the processing:
If you access our website, i.e. if you do not register or otherwise submit information, information of a general nature is automatically collected. This information (server log files) includes the browser used and similar information. This is only information that does not identify you personally.
In particular, they will be processed for the following purposes:
• Ensuring a trouble-free connection to the website,
• Ensuring the smooth use of our website,
• Evaluation of system safety and stability as well as
• for other administrative purposes
We do not use your data to draw conclusions about your person. Information of this kind is evaluated statistically by us if necessary, in order to optimize our Internet appearance and the technology behind it.
2.2 Legal basis:
Processing is carried out in accordance with Art. 6 Para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website.
2.3 Receiver:
Only the employees of Sommer Informatik GmbH are recipients of the data.
2.4 Storage duration
The data are deleted as soon as they are no longer required for the purpose of collection.
2.5 Provision mandatory or required:
The provision of the aforementioned personal data is neither required by law nor by contract. Without the IP address, however, the service and functionality of our website cannot be guaranteed. In addition, individual services may not be available or restricted. For this reason an objection is excluded.
3. Cookies
3.1 Type and purpose of processing
Like many other websites, we also use so-called “cookies”. Cookies are small text files that are transferred from a website server to your hard drive. This automatically provides us with certain data such as your anonymous IP address, browser used, operating system and your connection to the Internet.
Cookies cannot be used to start programs or transfer viruses to a computer. The information contained in cookies can be used to help you navigate and view our website correctly.
Under no circumstances will the data collected by us be passed on to third parties or linked to personal data without your consent.
Of course, you can also view our website without cookies. Internet browsers are set by default to accept cookies. In general, you can deactivate the use of cookies at any time via the settings of your browser. Please use the help function of your Internet browser to find out how you can change these settings. Please note that individual functions of our website may not function if you have deactivated the use of cookies.
3.2 Legal basis
If personal data are also processed by cookies used by us, the processing according to Art. 6 Para. 1 lit. a GDPR in the case of a consent or according to Art. 6 Para. 1 lit. f GDPR to protect our legitimate interest in the best possible functionality of our website and a customer-friendly and effective design of the website visit.
3.3 Storage duration and used cookies
If you allow us to use cookies through your browser settings or consent, the following cookies may be used on our website:
Insofar as these cookies may (also) concern personal data, we will inform you of this in the following sections. Insofar as these cookies may (also) concern personal data, we will inform you of this in the following sections.
You can delete individual cookies or the entire cookie inventory via your browser settings. In addition, you will receive information and instructions on how these cookies can be deleted or their storage blocked in advance. Depending on the provider of your browser, you will find the necessary information under the following links:
• Google Chrome: https://support.google.com/accounts/answer/61416?hl=en
• Mozilla Firefox: https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox
• Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
• Opera: http://www.opera.com/en/help
• Safari: https://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/mac
3.4 Provision mandatory or required:
The provision of the aforementioned cookies is neither required by law nor by contract. You can delete or block them at any time as described above.
4. Contact form
4.1 Type and purpose of processing
The data you enter will be stored for the purpose of individual communication with you. For this purpose it is necessary to provide a valid e-mail address and your contact details. This is used to allocate the enquiry and subsequently answer it. The entry of further data is optional.
4.2 Legal basis
The processing of the data entered in the contact form is carried out on the basis of a legitimate interest (Art. 6 Para. 1 lit. f GDPR).
By providing you with the contact form, we would like to make it easy for you to contact us. Your data will be stored for the purpose of processing your inquiry and for possible follow-up questions.
If you contact us in order to request an offer, the data entered in the contact form will be processed to carry out pre-contractual measures (Art. 6 Para. 1 lit. b GDPR).
4.3 Receiver
Receivers of the data are only the employees of Sommer Informatik GmbH.
4.4 Storage duration
The data shall be deleted no later than six months after the request has been processed.
If it comes to a contractual relationship, we are subject to the legal retention periods according to the HGB and delete your data after these periods.
4.5 Provision mandatory or required
The provision of your personal data is voluntary. However, we can only process your request if you provide us with your name, e-mail address and the reason for the request.
5. Subscription to our newsletter
5.1 Type and purpose of processing
On the website of Sommer Informatik GmbH, users are given the opportunity to subscribe to our company newsletter. The personal data transmitted to the data controller when ordering the newsletter is determined by the input mask used for this purpose.
Sommer Informatik GmbH informs its customers and business partners about the company’s offers at regular intervals by means of a newsletter.
Sommer Informatik GmbH uses the mailing software provider Mailjet SAS (13 – 13bis, rue de l’Aubrac, 75012 Paris, France) to send the newsletter.
Further details can be found in Mailjet’s privacy policy:
https://www.mailjet.com/privacy-policy/
5.2 Legal basis
The newsletter of our company can only be received by the person concerned if (1) the person concerned has a valid e-mail address and (2) the person concerned registers to receive the newsletter.
For legal reasons, a confirmation e-mail in the double opt-in procedure is sent to the e-mail address entered by the person concerned for the first time for the newsletter dispatch. This confirmation e-mail is used to check whether the owner of the e-mail address as the person concerned has authorised receipt of the newsletter.
5.3 Receiver
The receiver of the personal data is Sommer Informatik GmbH and the mailing software manufacturer Mailjet SAS, via whom we send out our newsletter.
5.4 Storage duration
The data you provide for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from our newsletter and will be deleted from our servers as well as from Mailjet’s servers after you have unsubscribed. Data stored for other purposes remain unaffected by this.
Further information can be found in Mailjet’s privacy policy: https://www.mailjet.com/privacy-policy/
5.5 Provision mandatory or required
The provision of the aforementioned personal data is neither required by law nor by contract. Without a valid e-mail address and contact data, however, the service and functionality of our newsletter are not guaranteed. For this reason an objection is excluded.
5.6 Newsletter-Tracking
The newsletters of Sommer Informatik GmbH contain so-called tracking pixels. A pixel-code is a miniature graphic that is embedded in e-mails that are sent in HTML format to enable log file recording and analysis. This allows a statistical evaluation of the success or failure of online marketing campaigns to be carried out. Based on the embedded pixel-code, Sommer Informatik GmbH can recognize whether and when an e-mail was opened by an affected person and which links in the e-mail were accessed by the affected person.
Such personal data collected via the tracking pixels contained in the newsletters are stored and evaluated by the data controller in order to optimise the newsletter dispatch and to adapt the content of future newsletters even better to the interests of the person concerned.
This personal data will not be passed on to third parties. Affected persons are entitled at any time to revoke the relevant separate declaration of consent submitted via the double opt-in procedure. After a revocation these personal data will be deleted by the person responsible for the processing.
The Sommer Informatik GmbH automatically interprets a deregistration from the receipt of the newsletter as a revocation.
6. Data protection for applications and in the application process
6.1 Type and purpose of processing
Sommer Informatik GmbH collects and processes the personal data of applicants for the purpose of processing the application procedure. The processing can also be carried out electronically. This is particularly the case if an applicant submits the relevant application documents to Sommer Informatik GmbH electronically, for example by e-mail or via a contact form on the website.
If Sommer Informatik GmbH concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions.
If Sommer Informatik GmbH does not conclude an employment contract with the applicant, the application documents will be automatically deleted two months after notification of the rejection decision, provided that no other legitimate interests of Sommer Informatik GmbH oppose such deletion. Other legitimate interests in this sense include, for example, a duty to provide evidence in proceedings under the General Equal Treatment Act.
6.2 Legal basis
The legal basis for the collection of applicants’ personal data is the decision on an employment relationship (Art. 88 Para. 1 GDPR/ §26 Para. 1 BDSG).
6.3 Receiver
Receivers of the applicant data are only the employees of the personnel department of Sommer Informatik GmbH.
6.4 Storage duration
Data will be deleted at the latest 6 months after processing the request.
If it comes to a contractual relationship, we are subject to the legal retention periods according to BGB and delete your data at the end of these periods.
6.5 Provision mandatory or required:
The provision of the aforementioned personal data is neither required by law nor by contract. Without the provision of your personal data, however, participation in an application procedure is not possible. For this reason an objection is excluded.
7. Datenschutzbestimmungen zu Einsatz und Verwendung von Facebook
7.1 Type and purpose of processing
Sommer Informatik GmbH has integrated components of the company Facebook on this website. Facebook is a social network.
A social network is an Internet-based social meeting place, an online community that usually enables users to communicate with each other and interact in virtual space. A social network can serve as a platform for the exchange of opinions and experiences or enables the Internet community to provide personal or company-related information. Facebook enables users of the social network to create private profiles, upload photos and network via friend requests.
The operating company of Facebook is Facebook, Inc. 1 Hacker Way, Menlo Park, CA 94025, USA. If a data subject lives outside the USA or Canada, the person responsible for processing personal data is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Each time one of the individual pages of this website is accessed, which is operated by the data controller and on which a Facebook component (Facebook plug-in) has been integrated, the Internet browser on the information technology system of the person concerned is automatically prompted by the respective Facebook component to download a representation of the corresponding Facebook component from Facebook. A complete overview of all Facebook plug-ins can be found at https://developers.facebook.com/docs/plugins/?locale=de_DE
As part of this technical process, Facebook obtains information about which specific subpage of our website is visited by the person concerned.
If the person concerned is logged into Facebook at the same time, Facebook recognizes which specific page of our website the person concerned is visiting each time the person visits our website and for the entire duration of the person’s stay on our website. This information is collected by the Facebook component and assigned by Facebook to the respective Facebook account of the person concerned. If the person concerned clicks one of the Facebook buttons integrated on our website, for example the “Like” button, or if the person concerned makes a comment, Facebook assigns this information to the personal Facebook user account of the person concerned and stores this personal data.
Facebook receives information through the Facebook component that the individual concerned has visited our website whenever the individual concerned is logged into Facebook at the same time as accessing our website, regardless of whether the individual concerned clicks on the Facebook component or not. If the data subject does not want this information to be transferred to Facebook in this way, he or she can prevent the transfer by logging out of his or her Facebook account before accessing our website.
Facebook’s published data policy, which is available at https://www.facebook.com/about/privacy/, provides information about the collection, processing and use of personal data by Facebook. It also explains which settings Facebook offers to protect the privacy of the person concerned. In addition, various applications are available that make it possible to suppress data transmission to Facebook. Such applications can be used by the data subject to suppress data transmission to Facebook.
7.2 Legal basis
Legal basis for the integration of Facebook and the associated data transfer to Facebook is your consent (Art. 6 para. 1 lit. a GDPR)
7.3 Receiver
Calling Facebook automatically triggers a connection to Facebook.
7.4 Storage duration
The data collected by us via Facebook is deleted from our systems as soon as the purpose for storing it no longer applies, you request deletion, revoke your consent or the purpose for storing the data no longer applies.
Stored cookies remain on your device until you delete them.
If it comes to a contractual relationship, we are subject to the legal retention periods according to HGB and delete your data at the end of these periods.
We have no influence on the storage duration of your data that Facebook stores for its own purposes. For detailed information, please contact Facebook directly (e.g. in the privacy statement).
7.5 Provision mandatory or required:
The provision of the aforementioned personal data is neither required by law nor by contract. As described above, you may object to Facebook’s collection of data.
8. Privacy policy for the use of Google Analytics (with anonymization function)
8.1 Type and purpose of processing
Sommer Informatik GmbH has integrated the Google Analytics component (with anonymization function) on this website. Google Analytics is a web analysis service.
Web analysis is the collection, collection and evaluation of data about the behavior of visitors to Internet sites. A web analysis service collects data on, among other things, from which website a person concerned came to a website (so-called referrers), which subpages of the website were accessed or how often and for how long a subpage was viewed. A web analysis is mainly used to optimise a website and to analyse the costs and benefits of Internet advertising.
The operating company of the Google Analytics component is Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
Sommer Informatik GmbH uses the addition “_gat._anonymizeIp” for the web analysis via Google Analytics. This addition is used by Google to shorten and anonymise the IP address of the Internet connection of the person concerned if our Internet pages are accessed from a member state of the European Union or from another state party to the Agreement on the European Economic Area.
The purpose of the Google Analytics component is to analyse the flow of visitors to our website. Google uses the data and information obtained, among other things, to evaluate the use of our website, to compile online reports for us showing the activities on our website and to provide other services in connection with the use of our website.
Google Analytics places a cookie on the information technology system of the person concerned. What cookies are has already been explained. When the cookie is set, Google is able to analyse the use of our website. Each time you access one of the individual pages of this website, which is operated by the data controller and on which a Google Analytics component has been integrated, the Internet browser on the information technology system of the person concerned is automatically prompted by the respective Google Analytics component to transmit data to Google for the purpose of online analysis. As part of this technical process, Google obtains knowledge of personal data, such as the IP address of the person concerned, which Google uses, among other things, to track the origin of visitors and clicks and subsequently to enable commission statements.
The cookie is used to store personal information such as the access time, the location from which the access originated and the frequency of visits to our website by the person concerned. Each time you visit our website, this personal data, including the IP address of the Internet connection used by the person concerned, is transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may share this personal data collected through the technical process with third parties.
The person concerned can prevent the setting of cookies by our website at any time, as previously described, by means of an appropriate setting of the Internet browser used and thus permanently oppose the setting of cookies. Such a setting of the Internet browser used would also prevent Google from setting a cookie on the information technology system of the person concerned. In addition, a cookie already set by Google Analytics can be deleted at any time via the Internet browser or other software programs.
Furthermore, it is possible for the person concerned to object to and prevent the collection of data generated by Google Analytics and relating to the use of this website and the processing of this data by Google. For this purpose, the person concerned must download and install a browser add-on under the link https://tools.google.com/dlpage/gaoptout . This browser add-on informs Google Analytics via JavaScript that no data and information on visits to Internet pages may be transmitted to Google Analytics. The installation of the browser add-on is considered a contradiction by Google. If the data subject’s information technology system is later deleted, formatted or reinstalled, the data subject must reinstall the browser add-on in order to deactivate Google Analytics. If the browser add-on is uninstalled or deactivated by the person concerned or by another person within his/her sphere of control, the browser add-on may be reinstalled or reactivated.
Further information and Google’s applicable privacy policy can be found at https://www.google.com/intl/en/policies/privacy/ and http://www.google.com/analytics/terms/en.html Google Analytics is explained in more detail at this link https://www.google.com/intl/en_en/analytics/.
8.2 Legal basis
Legal basis for the integration of Google Analytics and the associated data transfer to Google is your consent (Art. 6 para. 1 lit. a GDPR).
8.3 Receiver
The call of Google Analytics automatically triggers a connection to Google.
8.4 Storage duration
The data sent by us and linked to cookies, user recognition (e.g. user ID) or advertising IDs are automatically deleted after 14 months.
The deletion of data whose retention period has been reached takes place automatically once a month.
We have no influence on the storage duration of your data, which is stored by Google for our own purposes. For detailed information, please contact Google directly (e.g. in the privacy policy).
8.5 Provision mandatory or required:
The provision of the aforementioned personal data is neither required by law nor by contract. As described above, you can object to the collection of data by Google Analytics at any time.
9. Privacy policy regarding the use of Google Ads
9.1 Type and purpose of processing
Sommer Informatik GmbH has integrated Google Ads on this website. Google Ads is an Internet advertising service that allows advertisers to place ads both in Google’s search engine results and in the Google advertising network. Google Ads allows an advertiser to pre-define keywords that will be used to display an ad in Google’s search engine results only when the user uses the search engine to retrieve a keyword relevant search result. In the Google advertising network, the ads are distributed to topic-relevant Internet pages using an automatic algorithm and taking into account the previously defined keywords.
Google Ads services are operated by Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
The purpose of Google Ads is to promote our website by displaying interest-relevant advertisements on third-party websites and in the search results of the Google search engine.
If a person concerned reaches our website via a Google advertisement, a so-called conversion cookie is stored on the information technology system of the person concerned by Google. What cookies are has already been explained. A conversion cookie loses its validity after thirty days and does not serve to identify the person concerned. If the cookie has not yet expired, the conversion cookie is used to track whether certain subpages, such as the shopping cart of an online shop system, have been accessed on our website.
With the conversion cookie, both we and Google can track whether a person who came to our website via an ads ad generated a turnover, i.e. completed or cancelled a purchase of goods.
The data and information collected through the use of the conversion cookie is used by Google to compile visit statistics for our website. These visit statistics are in turn used by us to determine the total number of users who were referred to us via ads, i.e. to determine the success or failure of the respective ads and to optimise our ads for the future.
Neither our company nor other Google Ads advertisers receive information from Google that could identify the individual concerned.
The conversion cookie is used to store personal information, such as the Internet pages visited by the person concerned. Accordingly, each time you visit our website, personal data, including the IP address of the Internet connection used by the person concerned, is transmitted to Google in the United States of America.
This personal data is stored by Google in the United States of America. Google may disclose personal data collected through this technical process to third parties.
The person concerned can prevent the setting of cookies by our website at any time, as described above, by means of an appropriate setting of the Internet browser used and thus permanently object to the setting of cookies. Such a setting of the Internet browser used would also prevent Google from setting a conversion cookie on the information technology system of the person concerned. In addition, a cookie already set by Google Ads can be deleted at any time via the Internet browser or other software programs.
Furthermore, the person concerned has the opportunity to object to the interest-related advertising by Google. To do this, the data subject must access the link www.google.de/settings/ads from any of the Internet browsers he or she uses and make the desired settings there.
Further information and the valid data protection regulations of Google can be called up under https://www.google.com/intl/en/policies/privacy/
9.2 Legal basis
Legal basis for the integration of Google Ads and the associated data transfer to Google is your consent (Art. 6 para. 1 lit. a GDPR)
9.3 Receiver
Calling Google Ads automatically triggers a connection to Google.
9.4 Storage duration
The data sent by us and linked to cookies, user recognition (e.g. user ID) or advertising IDs are automatically deleted after 14 months.
The deletion of data whose retention period has been reached takes place automatically once a month.
We have no influence on the storage duration of your data, which is stored by Google for our own purposes. For detailed information, please contact Google directly (e.g. in the privacy policy).
9.5 Provision mandatory or required:
The provision of the aforementioned personal data is neither required by law nor by contract. As described above, you may object to the collection of data by Google Ads.
10. Privacy policy for the use of LinkedIn
10.1 Type and purpose of processing
Sommer Informatik GmbH has integrated components of the LinkedIn Corporation on this website. LinkedIn is an internet-based social network that enables users to connect to existing business contacts and to make new business contacts. More than 400 million registered people use LinkedIn in more than 200 countries. This makes LinkedIn currently the largest platform for business contacts and one of the most visited websites in the world.
LinkedIn is operated by LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA. For privacy matters outside the United States, LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible.
Each time you visit our website, which is equipped with a LinkedIn component (LinkedIn plug-in), this component causes the browser used by the person concerned to download a corresponding display of the LinkedIn component. More information about LinkedIn plug-ins can be found at https://developer.linkedin.com/plugins. As part of this technical process, LinkedIn receives information about which specific subpage of our website is visited by the person concerned.
If the person concerned is logged in to LinkedIn at the same time, LinkedIn recognizes which specific page of our website the person concerned is visiting each time the person visits our website and for the entire duration of that person’s stay on our website.
This information is collected by the LinkedIn component and assigned by LinkedIn to the respective LinkedIn account of the person concerned. If the person concerned clicks on an integrated LinkedIn button on our website, LinkedIn assigns this information to the personal LinkedIn user account of the person concerned and saves this personal data.
LinkedIn will always receive information through the LinkedIn component that the person concerned has visited our website if the person concerned is logged in to LinkedIn at the same time as accessing our website, regardless of whether the person concerned clicks on the LinkedIn component or not.
If the data subject does not want LinkedIn to receive such information, he or she can prevent the transmission by logging out of his or her LinkedIn account before accessing our website.
LinkedIn at https://www.linkedin.com/psettings/guest-controls offers the ability to unsubscribe from email messages, SMS messages, targeted ads, and manage ad settings. LinkedIn also uses partners such as Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua and Lotame who can set cookies. Such cookies may be declined at https://www.linkedin.com/legal/cookie-policy LinkedIn’s current privacy policy can be found at https://www.linkedin.com/legal/privacy-policy LinkedIn’s cookie policy is available at https://www.linkedin.com/legal/cookie-policy
10.2 Legal basis
Legal basis for the integration of LinkedIn and the associated data transfer to LinkedIn is your consent.
10.3 Receiver
Calling LinkedIn automatically triggers a connection to LinkedIn.
10.4 Storage duration
The data collected by us via LinkedIn will be deleted from our systems as soon as the purpose for storing it no longer applies, you request deletion, revoke your consent or the purpose for storing the data no longer applies.
Stored cookies remain on your end device until you delete them.
If it comes to a contractual relationship, we are subject to the legal retention periods according to HGB and delete your data after the expiration of these periods.
We have no influence on the storage duration of your data stored by LinkedIn for our own purposes. For detailed information, please contact LinkedIn directly (e.g. in the privacy policy).
10.5 Provision mandatory or required:
The provision of the aforementioned personal data is neither required by law nor by contract. As previously described, you may object to LinkedIn’s data collection.
11. Privacy Policy on the Use and Usage of Twitter
11.1 Type and purpose of processing
Sommer Informatik GmbH has integrated Twitter components on this website. Twitter is a multilingual, publicly accessible microblogging service on which users can publish and distribute so-called tweets, i.e. short messages limited to 280 characters. These short messages can be accessed by anyone, including those not registered on Twitter. However, the tweets are also displayed to the so-called followers of the respective user. Followers are other Twitter users who follow a user’s tweets. Furthermore, Twitter makes it possible to address a broad audience via hashtags, links or retweets.
The operating company of Twitter is Twitter, Inc. 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.
Each time one of the individual pages of this website is accessed, which is operated by Sommer Informatik GmbH and on which a Twitter component (Twitter button) has been integrated, the Internet browser on the information technology system of the person concerned is automatically prompted by the respective Twitter component to download a display of the corresponding Twitter component from Twitter.
Further information on the Twitter buttons can be found at https://about.twitter.com/de/resources/buttons. As part of this technical process, Twitter receives information about which specific subpage of our website is visited by the person concerned. The purpose of integrating the Twitter component is to enable our users to disseminate the content of this website, to make this website known in the digital world and to increase our visitor numbers.
If the person concerned is logged in to Twitter at the same time, Twitter recognizes which specific page of our website the person concerned is visiting each time the person concerned accesses our website and for the entire duration of that person’s stay on our website. This information is collected by the Twitter component and assigned by Twitter to the respective Twitter account of the person concerned. If the person concerned clicks on one of the Twitter buttons integrated into our website, the data and information transmitted will be assigned to the personal Twitter user account of the person concerned and stored and processed by Twitter.
Twitter always receives information via the Twitter component that the person concerned has visited our website if the person concerned is logged on to Twitter at the same time as accessing our website; this takes place regardless of whether the person concerned clicks on the Twitter component or not.
If the person concerned does not wish to transmit this information to Twitter in this way, he or she can prevent the transmission by logging out of his or her Twitter account before accessing our website.
Twitter’s current data protection regulations can be found at https://twitter.com/privacy.
11.2 Legal basis
Legal basis for the integration of Twitter and the associated data transfer to Twitter is your consent (Art. 6 para. 1 lit. a GDPR)
11.3 Receiver
Calling Twitter automatically triggers a connection to Twitter.
11.4 Storage duration
The data collected by us via Twitter will be deleted from our systems as soon as the purpose for storing them no longer applies, you request deletion, revoke your consent or the purpose for storing the data no longer applies.
Stored cookies remain on your end device until you delete them.
If it comes to a contractual relationship, we are subject to the legal retention periods according to HGB and delete your data after the expiration of these periods.
We have no influence on the storage duration of your data stored by Twitter for our own purposes. For detailed information, please contact Twitter directly (e.g. in the privacy policy).
11.5 Provision mandatory or required:
The provision of the aforementioned personal data is neither required by law nor by contract. As previously described, you may object to the collection of data by Twitter
12. Privacy Policy on the Use and Usage of Xing
12.1 Type and purpose of processing
Sommer Informatik GmbH has integrated Xing components on this website. Xing is an Internet-based social network that enables users to connect to existing business contacts and to make new business contacts. The individual users can create a personal profile of themselves at Xing. Companies can, for example, create company profiles or publish job offers on Xing.
Xing’s operating company is XING SE, Dammtorstraße 30, 20354 Hamburg, Germany.
Each time one of the individual pages of this Internet site is accessed, which is operated by the data controller and on which an Xing component (Xing plug-in) has been integrated, the Internet browser on the information technology system of the data subject is automatically prompted by the respective Xing component to download a representation of the corresponding Xing component from Xing. Further information on the Xing plug-ins can be found at https://dev.xing.com/plugins. As part of this technical process, Xing obtains information about which specific subpage of our website is visited by the person concerned.
If the person concerned is logged in to Xing at the same time, Xing recognizes which specific subpage of our website the person concerned is visiting each time the person concerned accesses our website and for the entire duration of that person’s stay on our website. This information is collected by the Xing component and assigned by Xing to the respective Xing account of the person concerned. If the person concerned activates one of the Xing buttons integrated on our website, for example the “Share” button, Xing assigns this information to the personal Xing user account of the person concerned and saves this personal data.
Xing will always receive information via the Xing component that the person concerned has visited our website if the person concerned is logged in to Xing at the same time as accessing our website; this takes place regardless of whether the person concerned clicks on the Xing component or not. If the data subject does not wish to transmit this information to Xing in this way, he or she can prevent the transmission by logging out of his or her Xing account before accessing our website.
The data protection regulations published by Xing, which can be accessed at https://www.xing.com/privacy; provide information about the collection, processing and use of personal data by Xing. In addition, Xing has published data protection information for the XING Share button at https://www.xing.com/app/share?op=data_protection
12.2 Legal basis
Legal basis for the integration of XING and the associated data transfer to XING is your consent (Art. 6 para. 1 lit. a GDPR)
12.3 Receiver
Calling XING automatically triggers a connection to XING.
12.4 Storage duration
The data we collect via XING is deleted from our systems as soon as the purpose for which it was stored no longer applies, you request deletion, revoke your consent or the purpose for which the data was stored no longer applies.
Stored cookies remain on your end device until you delete them.
If it comes to a contractual relationship, we are subject to the legal retention periods according to HGB and delete your data after the expiration of these periods.
We have no influence on the storage duration of your data, which is stored by XING for its own purposes. For detailed information, please contact XING directly (e.g. in the Privacy Policy).
12.5 Provision mandatory or required:
The provision of the aforementioned personal data is neither required by law nor by contract. As described above, you may object to the collection of data by XING.
13. Privacy Policy for the Use and Usage of YouTube
13.1 Type and purpose of processing
On some of our websites we embed YouTube videos. Operator of the corresponding plugins is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA (following “YouTube”).
When you visit a page with the YouTube plugin, a connection to the YouTube servers is established. This will tell YouTube which pages you are visiting. If you are logged in to your YouTube account, YouTube can assign your surfing behavior to you personally. You can prevent this by logging out of your YouTube account beforehand.
If a YouTube video is started, the provider uses cookies which collect information about the user behaviour.
For further information on the purpose and scope of data collection and processing by YouTube, please refer to the provider’s privacy policy. There you will also find further information on your rights in this regard and setting options to protect your privacy (https://policies.google.com/privacy).
13.2 Legal basis
Legal basis for the integration of YouTube and the associated data transfer to Google is your consent (Art. 6 para. 1 lit. a GDPR)
13.3 Receiver
Calling YouTube automatically triggers a connection to Google.
13.4 Provision mandatory or required:
The provision of the aforementioned personal data is neither required by law nor by contract. As described above, you may object to YouTube’s collection of your personal data.
13.5 Storage duration und Widerruf der Einwilligung
Who has deactivated the saving of Cookies for the Google – Ad – Program, will not have to count on such Cookies also when watching YouTube – Videos. However, YouTube also does not store personal usage information in other cookies. If you wish to prevent this, you must block the storage of cookies in your browser.
You will find further information on data protection at “YouTube” in the provider’s data protection declaration under: https://policies.google.com/privacy
14. Routine deletion and blocking of personal data
Sommer Informatik GmbH processes and stores the personal data of the person concerned only for the period of time necessary to achieve the storage purpose or insofar as this has been provided for by the European Directive and Ordinance Generator or another legislator in laws or regulations to which Sommer Informatik GmbH is subject.
If the storage purpose no longer applies or if a storage period prescribed by the European directive and regulation giver or another competent legislator expires, the personal data shall be blocked or deleted routinely and in accordance with the statutory provisions.
15. Third country transfer
Google, Facebook, Twitter and LinkedIn process your data in the USA and have submitted to the EU – US Privacy Shield: https://www.privacyshield.gov/EU-US-Framework.
16. Legitimate interests in the processing pursued by the controller or by a third party
If the processing of personal data is based on Article 6 I lit. f DS-GVO, our legitimate interest is the conduct of our business for the benefit of all our employees and shareholders.
17. Duration for which personal data will be stored
The criterion for the duration of the storage of personal data is the respective legal retention period. After this period has expired, the corresponding data will be routinely deleted unless they are no longer required for the fulfilment or initiation of the contract.
18. Legal or contractual provisions governing the provision of personal data; necessity for the conclusion of the contract; obligation of the data subject to provide the personal data; possible consequences of not providing the data
We will inform you that the provision of personal data is partly required by law (e.g. tax regulations) or may result from contractual provisions (e.g. information on the contractual partner).
Sometimes it may be necessary for a contract to be concluded that a person concerned makes personal data available to us which must subsequently be processed by us. For example, the data subject is obliged to provide us with personal data if our company concludes a contract with him or her. Failure to provide personal data would mean that the contract could not be concluded with the data subject.
Before the data subject provides personal data, the data subject must contact one of our employees. Our employee will inform the data subject on a case-by-case basis whether the provision of the personal data is required by law or contract or is necessary for the conclusion of a contract, whether there is an obligation to provide the personal data and the consequences of not providing the personal data.
19. Existence of automated decision making
As a responsible company, we refrain from automatic decision-making or profiling.
20. Begriffsbestimmungen
The data protection declaration of Sommer Informatik GmbH is based on the terms used by the European Directive and Ordinance Giver in the enactment of the General Data Protection Regulation (GDPR). Our data protection declaration should be easy to read and understand both for the public and for our customers and business partners. In order to guarantee this, we would like to explain the terms used.
We use the following terms in this data protection declaration:
-
a) personal data
- Personal data is any information relating to an identified or identifiable natural person (hereinafter “data subject”). A natural person shall be considered identifiable if he can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more specific characteristics expressing the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.
b) data subject
- Data subject means any identified or identifiable natural person whose personal data are processed by the controller.
c) processing
- Processing” means any operation or set of operations which is carried out with or without the aid of automated processes and which relates to personal data, such as collection, recording, organisation, sorting, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or association, qualification, erasure or destruction.
d) Limitation of processing
- Limitation of processing is the marking of stored personal data with the aim of limiting their future processing.
e) Profiling
- Profiling is any automated processing of personal data consisting of the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to the work performance, economic situation, health, personal preferences, interests, reliability, conduct, whereabouts or movement of that natural person.
f) pseudonymisation
- Pseudonymisation means the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the provision of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures ensuring that the personal data are not attributed to an identified or identifiable natural person.
g) controller or data controller
- The controller or data controller is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are laid down by Union law or by the law of the Member States, the controller or controllers may be designated in accordance with Union law or with the law of the Member States on the basis of specific criteria.
h) Processors under contract
- Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
i) Receiver
- Receiver is a natural or legal person, agency, body or other entity to whom personal information is disclosed, whether or not it is a third party. However, authorities which may receive personal data under a particular investigation mandate under Union law or the law of the Member States shall not be considered as receivers.
j) third parties
- Third party means any natural or legal person, public authority, agency or body other than the data subject, the controller, the processor and the persons authorised to process the personal data under the direct responsibility of the controller or processor.
k) consent
- Consent shall mean any voluntary, informed and unambiguous expression by the data subject of his or her will in the particular case, in the form of a statement or other unequivocal confirmatory act, indicating that he or she consents to the processing of his or her personal data.
21. Changes to our privacy policy
We reserve the right to adapt this data protection declaration so that it always corresponds to the current legal requirements or to implement changes to our services in the data protection declaration, e.g. when introducing new services. Your renewed visit will then be subject to the new data protection declaration.
©Sommer Informatik GmbH, Rosenheim the 26.11.2019