Privacy Policy

This trans­la­ti­on of the ger­man pri­va­cy poli­cy is for infor­ma­tio­nal pur­po­ses only; in case of doubt, the ger­man ver­si­on shall app­ly.

We are very hap­py with your inte­rest in our com­pa­ny. Data pro­tec­tion is espe­ci­al­ly important to PHYSEC GmbH. The use of the Web­site of PHYSEC GmbH is in princip­le pos­si­ble without giving per­so­nal data. In case a data sub­ject wants to make use of par­ti­cu­lar ser­vices from our com­pa­ny by using our web­site, a pro­ces­sing of per­so­nal data might get necessa­ry. Is the pro­ces­sing of per­so­nal data necessa­ry and the­re is no legal basis for such a pro­ces­sing, we gene­ral­ly obtain con­sent from the data sub­ject.

The pro­ces­sing of per­so­nal data, for examp­le the name, the address, the e-mail address or the pho­ne num­ber of a data sub­ject, always hap­pens in accord­ance with the Gene­ral Data Pro­tec­tion Regu­la­ti­on and in com­pli­an­ce with the coun­try-spe­ci­fic data pro­tec­tion regu­la­ti­ons app­ly­ing to PHYSEC GmbH. Using this pri­va­cy poli­cy our com­pa­ny wants to inform the public about the natu­re, extent and the pur­po­se of the per­so­nal data collec­ted, used and pro­ces­sed by us. Fur­ther­mo­re, data sub­jects are infor­med of their rights under this pri­va­cy poli­cy.

The pro­ces­sing of per­so­nal data, for examp­le the name, the address, the e-mail address or the pho­ne num­ber of a data sub­ject, always hap­pens in accord­ance with the Gene­ral Data Pro­tec­tion Regu­la­ti­on and in com­pli­an­ce with the coun­try-spe­ci­fic data pro­tec­tion regu­la­ti­ons app­ly­ing to PHYSEC GmbH. Using this pri­va­cy poli­cy our com­pa­ny wants to inform the public about the natu­re, extent and the pur­po­se of the per­so­nal data collec­ted, used and pro­ces­sed by us. Fur­ther­mo­re, data sub­jects are infor­med of their rights under this pri­va­cy poli­cy.

  1. Defi­ni­ti­ons

The pri­va­cy poli­cy of PHYSEC GmbH is based on the ter­mi­no­lo­gy used by the Euro­pean direc­tive and regu­la­to­ry aut­ho­ri­ty in the adop­ti­on of the Gene­ral Data Pro­tec­tion Regu­la­ti­on (GDPR). Our pri­va­cy poli­cy should be easy to read and under­stand for the public as well as for our custo­mers and busi­ness part­ners. To ensu­re this, we would like to exp­lain in advan­ce the ter­mi­no­lo­gy used.

Amongst others, we use the fol­lo­wing terms in this pri­va­cy poli­cy:

  • a)    per­so­nal data

Per­so­nal data is any infor­ma­ti­on rela­ting to an iden­ti­fied or iden­ti­fia­ble natu­ral per­son (her­einaf­ter the “data sub­ject”). A natu­ral per­son is con­s­i­de­red to be iden­ti­fia­ble who, direct­ly or indi­rect­ly, in par­ti­cu­lar by asso­cia­ti­on with an iden­ti­fier such as a name, an iden­ti­fi­ca­ti­on num­ber, loca­ti­on data, an online iden­ti­fier or one or more spe­cial fea­tures expres­sing the phy­si­cal, phy­sio­lo­gi­cal, gene­tic, men­tal, eco­no­mic, cul­tu­ral or soci­al iden­ti­ty of this natu­ral per­son, can be iden­ti­fied.

  • b)    data sub­ject

Data sub­ject is any iden­ti­fied or iden­ti­fia­ble natu­ral per­son who­se per­so­nal data is pro­ces­sed by the con­trol­ler.

  • c)    Pro­ces­sing

Pro­ces­sing means any pro­cess or series of ope­ra­ti­ons, with or without the aid of auto­ma­ted pro­ce­du­res, rela­ted to per­so­nal data, such as collec­ting, record­ing, orga­ni­zing, sorting, sto­ring, adap­t­ing or modi­fy­ing, rea­ding, que­ry­ing, using, dis­clo­sure by sub­mis­si­on, dis­se­mi­na­ti­on or other form of pro­vi­si­on, recon­ci­lia­ti­on or asso­cia­ti­on, restric­tion, era­su­re or dest­ruc­tion.

  • d)    Restric­tion of the pro­ces­sing

Restric­tion of the pro­ces­sing is the mar­king of stored per­so­nal data with the aim to limit their future pro­ces­sing.

  • e)    Pro­filing

Pro­filing is any kind of auto­ma­ted pro­ces­sing of per­so­nal data that con­sists in using that per­so­nal infor­ma­ti­on to eva­lua­te cer­tain per­so­nal aspects rela­ting to a natu­ral per­son, in par­ti­cu­lar to ana­ly­se or pre­dict aspects rela­ting to job per­for­mance, eco­no­mic situa­ti­on, health, per­so­nal pre­fe­ren­ces, inte­rests, relia­bi­li­ty, beha­vi­or, whe­re­abouts or relo­ca­ti­on of that natu­ral per­son.

  • f)     Pseud­ony­mi­sa­ti­on

Pseud­ony­mi­sa­ti­on is the pro­ces­sing of per­so­nal data in such a way that per­so­nal data can no lon­ger be attri­bu­t­ed to a spe­ci­fic data sub­ject without the need for addi­tio­nal infor­ma­ti­on, pro­vi­ded that such addi­tio­nal infor­ma­ti­on is kept sepa­ra­te and sub­ject to tech­ni­cal and orga­ni­za­tio­nal mea­su­res to ensu­re that the per­so­nal data is not assi­gned to an iden­ti­fied or iden­ti­fia­ble natu­ral per­son.

  • g)    Con­trol­ler

The con­trol­ler is the natu­ral or legal per­son, public aut­ho­ri­ty or body that, alo­ne or in con­cert with others, deci­des on the pur­po­ses and means of pro­ces­sing per­so­nal data. Whe­re the pur­po­ses and means of such pro­ces­sing are deter­mi­ned by Uni­on law or the law of the Mem­ber Sta­tes, the con­trol­ler or the spe­ci­fic cri­te­ria for his desi­gna­ti­on may be pro­vi­ded for under Uni­on or natio­nal law.

  • h)    Pro­ces­sor

The pro­ces­sor is a natu­ral or legal per­son, public aut­ho­ri­ty, agen­cy or other body that pro­ces­ses per­so­nal data on behalf of the con­trol­ler.

  • i)      Reci­pi­ent

Reci­pi­ent is a natu­ral or legal per­son, agen­cy, agen­cy or other ent­i­ty to whom Per­so­nal Data is dis­c­lo­sed, whe­ther or not it is a third par­ty. Howe­ver, aut­ho­ri­ties which may recei­ve per­so­nal data under Uni­on or natio­nal law in con­nec­tion with a par­ti­cu­lar inves­ti­ga­ti­on are not con­s­i­de­red as reci­pi­ents.

  • j)      Third par­ty

Third par­ty is a natu­ral or legal per­son, public aut­ho­ri­ty, body or body other than the data sub­ject, the con­trol­ler, the pro­ces­sor and the per­sons aut­ho­ri­zed under the direct respon­si­bi­li­ty of the con­trol­ler or the pro­ces­sor to pro­cess the per­so­nal data.

  • k)    Con­sent

Con­sent is any vol­un­ta­ri­ly given and unam­bi­guous­ly expres­sed state­ment of intent in the form of a decla­ra­ti­on or other unam­bi­guous con­fir­ma­to­ry act by the data sub­ject for the par­ti­cu­lar case, by which the data sub­ject indi­ca­tes that they con­sent to the pro­ces­sing of the per­so­nal data con­cer­ning him / her.

  1. Name and address of the con­trol­ler

Con­trol­ler as defi­ned by the Gene­ral Data Pro­tec­tion Regu­la­ti­on, other data pro­tec­tion laws in the Memeber Sta­tes oft he Euro­pean Uni­on and other pro­vi­si­ons with a data pro­tec­tion cha­rac­ter is the:

PHYSEC GmbH

Uni­ver­si­täts­stra­ße 142

44799 Bochum

Deutsch­land

Tel.: 0234 544 28224

E-Mail: info@physec.de

Web­site: www.physec.de

  1. Coo­kies

The web­sites of PHYSEC GmbH use coo­kies. Coo­kies are text files that are stored on a com­pu­ter sys­tem via an Inter­net brow­ser.

Many web­sites and ser­vers use coo­kies. Many coo­kies con­tain a so-cal­led coo­kie ID. A coo­kie ID is a uni­que iden­ti­fier of the coo­kie. It con­sists of a string through which Inter­net pages and ser­vers can be assi­gned to the spe­ci­fic Inter­net brow­ser in which the coo­kie was stored. This allows visi­ted web­sites and ser­vers to dis­tin­guish the individual’s brow­ser from other inter­net brow­sers that con­tain other coo­kies. A par­ti­cu­lar web brow­ser can be reco­gni­zed and iden­ti­fied by the uni­que coo­kie ID.

Through the use of coo­kies, PHYSEC GmbH can pro­vi­de users of this web­site with more user-fri­end­ly ser­vices that would not be pos­si­ble without the set­ting of coo­kies.

By means of a coo­kie the infor­ma­ti­on and offers on our web­site can be opti­mi­zed in the sen­se of the user. Coo­kies allow us, as alre­ady men­tio­ned, to reco­gni­ze the users of our web­site. The pur­po­se of this reco­gni­ti­on is to make it easier for users to use our web­site. For examp­le, the user of a web­site that uses coo­kies need not re-enter their creden­ti­als each time they visit the web­site, as this is done by the web­site and the coo­kie stored on the user’s com­pu­ter sys­tem.

By means of a coo­kie the infor­ma­ti­on and offers on our web­site can be opti­mi­zed in the sen­se of the user. Coo­kies allow us, as alre­ady men­tio­ned, to reco­gni­ze the users of our web­site. The pur­po­se of this reco­gni­ti­on is to make it easier for users to use our web­site. For examp­le, the user of a web­site that uses coo­kies need not re-enter their creden­ti­als each time they visit the web­site, as this is done by the web­site and the coo­kie stored on the user’s com­pu­ter sys­tem.

  1. Collec­tion of gene­ral data and infor­ma­ti­on

The web­site of PHYSEC GmbH collects a series of gene­ral data and infor­ma­ti­on every time the web­site is acces­sed by an affec­ted per­son or an auto­ma­ted sys­tem. This gene­ral data and infor­ma­ti­on is stored in the log files of the ser­ver. The (1) brow­ser types and ver­si­ons used, (2) the ope­ra­ting sys­tem used by the acces­sing sys­tem, (3) the inter­net page from which an acces­sing sys­tem acces­ses our web­site (so-cal­led refer­rers), (4) the sub web pages which were acces­sed on our web­site, (5) the date and time of access to the web­site, (6) an Inter­net Pro­to­col address (IP address), (7) the Inter­net ser­vice pro­vi­der of the acces­sing sys­tem and (8) other simi­lar data and infor­ma­ti­on used in the event of attacks on our infor­ma­ti­on tech­no­lo­gy sys­tems can be collec­ted.

When using this gene­ral data and infor­ma­ti­on, PHYSEC GmbH does not draw any con­clu­si­ons about the per­son con­cer­ned. Rather, this infor­ma­ti­on is requi­red to (1) cor­rect­ly deli­ver the con­tents of our web­site, (2) to opti­mi­ze the con­tent of our web­site and the adver­ti­se­ment for it, (3) to ensu­re the con­ti­nued func­tio­n­ing of our infor­ma­ti­on tech­no­lo­gy sys­tems and the tech­no­lo­gy of our web­site, and (4) to pro­vi­de law enforce­ment aut­ho­ri­ties with the infor­ma­ti­on necessa­ry for law enforce­ment in the event of a cyber­at­tack. This anony­mous­ly collec­ted data and infor­ma­ti­on is eva­lua­ted by the PHYSEC GmbH on the one hand sta­tis­ti­cal­ly and fur­t­her with the aim to increa­se the data pro­tec­tion and data secu­ri­ty in our com­pa­ny, in order to ensu­re an opti­mal level of pro­tec­tion for the per­so­nal data pro­ces­sed by us. The anony­mous data of the ser­ver log files are stored sepa­r­a­te­ly from all per­so­nal data pro­vi­ded by a data sub­ject.

  1. Sub­scrip­ti­on to our news­let­ter

On the web­site of PHYSEC GmbH, users are given the oppor­tu­ni­ty to sub­scri­be to the news­let­ter of our com­pa­ny. Which per­so­nal data are trans­mit­ted to the con­trol­ler when the news­let­ter is orde­red results from the input mask used for this pur­po­se.

PHYSEC GmbH informs its custo­mers and busi­ness part­ners at regu­lar inter­vals by means of a news­let­ter about the company’s latest news. The news­let­ter of our com­pa­ny can only be recei­ved by the data sub­ject if (1) the data sub­ject has a valid email address and (2) the data sub­ject sub­scri­bes to the news­let­ter. For legal rea­sons, a con­fir­ma­ti­on e-mail will be sent to the e-mail address ent­e­red by an affec­ted per­son for the first time for news­let­ter mai­ling using the dou­ble-opt-in pro­ce­du­re. This con­fir­ma­ti­on email is used to check whe­ther the owner of the e-mail address as the data sub­ject aut­ho­ri­zed the rece­ipt of the news­let­ter.

When sub­scribing to the news­let­ter, we also store the IP address of the com­pu­ter sys­tem used by the per­son con­cer­ned at the time of regis­tra­ti­on, as assi­gned by the Inter­net Ser­vice Pro­vi­der (ISP), as well as the date and time of regis­tra­ti­on. The collec­tion of this data is necessa­ry in order to recon­struct the (pos­si­ble) misu­se of an affec­ted person’s e-mail address at a later date and the­re­fo­re ser­ves as legal safe­guards for the con­trol­ler.

The per­so­nal data collec­ted in the con­text of regis­te­ring for the news­let­ter will be used exclu­si­ve­ly to send our news­let­ter. Sub­scri­bers to the news­let­ter may also be noti­fied by e-mail if this is necessa­ry for the ope­ra­ti­on of the news­let­ter ser­vice or regis­tra­ti­on, as might be the case in the event of chan­ges to the news­let­ter or tech­ni­cal chan­ges. The­re will be no trans­fer of the per­so­nal data collec­ted as part of the news­let­ter ser­vice to third par­ties. Sub­scrip­ti­on to our news­let­ter may be ter­mi­na­ted by the data sub­ject at any time. The con­sent to the sto­ra­ge of per­so­nal data that the data sub­ject has given us for the news­let­ter dis­patch can be revo­ked at any time. For the pur­po­se of revo­king the con­sent, the­re is a cor­re­spon­ding link in each news­let­ter. It is also pos­si­ble to unsub­scri­be from the news­let­ter at any time, direct­ly on the controller’s web­site, or to inform the con­trol­ler in a dif­fe­rent way.

  1. News­let­ter-Tracking

The news­let­ters of PHYSEC GmbH con­tain so-cal­led coun­ting pixels. A coun­ting pixel is a minia­tu­re gra­phic that is embed­ded in such emails that are sent in HTML for­mat to enab­le log file record­ing and log file ana­ly­sis. This allows a sta­tis­ti­cal eva­lua­ti­on of the suc­cess or fail­u­re of online mar­ke­ting cam­pai­gns. On the basis of the embed­ded pixel, PHYSEC GmbH can detect whe­ther and when an e-mail was ope­ned by a data sub­ject and which links in the e-mail were cal­led up by the data sub­ject.

Such per­so­nal data collec­ted via the coun­ting pixels con­tai­ned in the news­let­ters will be stored and eva­lua­ted by the con­trol­ler in order to opti­mi­ze the deli­very of news­let­ters and to bet­ter adapt the con­tent of future news­let­ters to the inte­rests of the data sub­ject. This per­so­nal data will not be dis­c­lo­sed to third par­ties. Data sub­jects are at any time ent­it­led to revo­ke the sepa­ra­te decla­ra­ti­on of con­sent made via the dou­ble-opt-in pro­ce­du­re. After revo­ca­ti­on, this per­so­nal data will be dele­ted by the con­trol­ler. The PHYSEC GmbH auto­ma­ti­cal­ly inter­prets a can­cel­la­ti­on of the rece­ipt of the news­let­ter as a revo­ca­ti­on.

  1. Con­tact via the web­site

Due to legal regu­la­ti­ons, the PHYSEC GmbH web­site con­ta­ins infor­ma­ti­on that enab­les fast elec­tro­nic con­tact to our com­pa­ny as well as direct com­mu­ni­ca­ti­on with us, which also inclu­des a gene­ral address of the so-cal­led elec­tro­nic mail (e-mail address). If a data sub­ject con­tacts the con­trol­ler by e-mail or through a con­tact form, the per­so­nal data pro­vi­ded by the data sub­ject will be auto­ma­ti­cal­ly saved. Such per­so­nal data, vol­un­ta­ri­ly trans­mit­ted by an indi­vi­du­al to the con­trol­ler, is stored for the pur­po­se of pro­ces­sing or con­tac­ting the data sub­ject. The­re is no dis­clo­sure of this per­so­nal data to third par­ties.

  1. Rou­ti­ne dele­ti­on and blocking of per­so­nal data

The con­trol­ler shall pro­cess and store the per­so­nal data of the data sub­ject only for the peri­od necessa­ry to achie­ve the pur­po­se of the sto­ra­ge or, as the case may be, for the peri­od inten­ded by the Euro­pean direc­tives or regu­la­ti­ons or by any other legis­la­tor in laws or regu­la­ti­ons which the con­trol­ler is sub­ject to.

If the sto­ra­ge pur­po­se is omit­ted or if a sto­ra­ge peri­od pre­scri­bed by the Euro­pean direc­tives and regu­la­ti­ons or any other rele­vant legis­la­tor expi­res, the per­so­nal data will be rou­ti­nely blo­cked or dele­ted in accord­ance with the sta­tu­to­ry pro­vi­si­ons.

  1. Rights of the data sub­ject
  • a)    Right of con­fir­ma­ti­on

Each data sub­ject has the right, as gran­ted by the Euro­pean Regu­la­tors and Regu­la­tors, to requi­re the con­trol­ler to con­firm whe­ther per­so­nal data rela­ting to him / her is being pro­ces­sed. If a data sub­ject wis­hes to make use of this right of con­fir­ma­ti­on, they can con­tact an employee of the con­trol­ler at any time.

  • b)    Right to infor­ma­ti­on

Any data sub­ject con­cer­ned by the pro­ces­sing of per­so­nal data shall have the right, gran­ted by the Euro­pean Direc­tive and Regu­la­to­ry Aut­ho­ri­ty, at any time to obtain from the data con­trol­ler infor­ma­ti­on free of char­ge on the per­so­nal data stored about him and a copy of that infor­ma­ti­on. Fur­ther­mo­re, the Euro­pean Direc­tive and Regu­la­to­ry Aut­ho­ri­ty has pro­vi­ded the data sub­ject with the right to the fol­lo­wing infor­ma­ti­on:

  • the pro­ces­sing pur­po­ses
  • the cate­go­ries of per­so­nal data being pro­ces­sed
  • the reci­pi­ents or cate­go­ries of reci­pi­ents to whom the per­so­nal data have been dis­c­lo­sed or are yet to be dis­c­lo­sed, in par­ti­cu­lar to reci­pi­ents in third coun­tries or to inter­na­tio­nal orga­ni­za­ti­ons
  • if pos­si­ble, the plan­ned dura­ti­on for which the per­so­nal data will be stored or, if that is not pos­si­ble, the cri­te­ria for deter­mi­ning that dura­ti­on
  • the exis­tence of a right to rec­tifi­ca­ti­on or era­su­re of the per­so­nal data con­cer­ning him or of a restric­tion of the pro­ces­sing by the con­trol­ler or of a right to object to such pro­ces­sing
  • the exis­tence of a right to rec­tifi­ca­ti­on or era­su­re of the per­so­nal data con­cer­ning him or of a restric­tion of the pro­ces­sing by the con­trol­ler or of a right to object to such pro­ces­sing
  • if the per­so­nal data are not collec­ted from the data sub­ject: All avail­ab­le infor­ma­ti­on on the source of the data
  • the exis­tence of auto­ma­ted deci­si­on-making inclu­ding pro­filing accord­ing to Arti­cle 22 (1) and (4) of the GDPR and – at least in the­se cases – mea­ning­ful infor­ma­ti­on on the logic invol­ved and the scope and inten­ded impact of such pro­ces­sing on the data sub­ject

In addi­ti­on, the data sub­ject has a right of access as to whe­ther per­so­nal data has been trans­mit­ted to a third coun­try or to an inter­na­tio­nal orga­ni­za­ti­on. If that is the case, then the data sub­ject has the right to obtain infor­ma­ti­on about the appro­pria­te gua­ran­tees in con­nec­tion with the trans­fer.

If an inte­rested par­ty wis­hes to exer­cise this right to infor­ma­ti­on, they may at any time con­tact an employee of the con­trol­ler.

  • c)    Right to rec­tifi­ca­ti­on

Any data sub­ject con­cer­ned by the pro­ces­sing of per­so­nal data has the right gran­ted by the Euro­pean legis­la­tor to demand the imme­dia­te cor­rec­tion of inac­cu­ra­te per­so­nal data con­cer­ning him / her. Fur­ther­mo­re, the data sub­ject has the right to request the com­ple­ti­on of incom­ple­te per­so­nal data, inclu­ding by means of a sup­ple­men­ta­ry decla­ra­ti­on, taking into account the pur­po­ses of the pro­ces­sing.

If an affec­ted per­son wis­hes to exer­cise this right of rec­tifi­ca­ti­on, they may, at any time, con­tact an employee of the con­trol­ler.

  • d)    Right to dele­ti­on (right to be for­got­ten)

Any data sub­ject con­cer­ned by the pro­ces­sing of per­so­nal data has the right gran­ted by the Euro­pean Direc­tives and Regu­la­tors to requi­re the con­trol­ler to imme­dia­te­ly dele­te the per­so­nal data con­cer­ning him, pro­vi­ded that one of the fol­lo­wing rea­sons is satis­fied and pro­ces­sing is not requi­red:

  • The per­so­nal data has been collec­ted or other­wi­se pro­ces­sed for such pur­po­ses for which they are no lon­ger necessa­ry.
  • The data sub­ject with­draws the con­sent on which the pro­ces­sing was based in accord­ance with Arti­cle 6 (1) (a) of the GDPR or Arti­cle 9 (2) (a) of the GDPR and the pro­ces­sing lacks any other legal basis.
  • • The data sub­ject objects to the pro­ces­sing in accord­ance with Art. 21 (1) GDPR, and the­re are no pre­ce­ding, legi­ti­ma­te rea­sons for the pro­ces­sing, or the data sub­ject objects to the pro­ces­sing accord­ing to Art. 21 (2) GDPR.
  • The per­so­nal data was pro­ces­sed unla­w­ful­ly.
  • The era­su­re of per­so­nal data is necessa­ry to ful­fill a legal obli­ga­ti­on under Uni­on or natio­nal law to which the con­trol­ler is sub­ject.
  • The per­so­nal data were collec­ted in rela­ti­on to infor­ma­ti­on socie­ty ser­vices offe­red pur­suant to Art. 8 para. 1 GDPR.

If one of the above rea­sons is cor­rect and a data sub­ject wis­hes to arran­ge for the dele­ti­on of per­so­nal data stored by PHYSEC GmbH, they may at any time con­tact an employee of the con­trol­ler. The employee of the PHYSEC GmbH will arran­ge that the dele­ti­on request is ful­fil­led imme­dia­te­ly.

If the per­so­nal data has been made public by PHYSEC GmbH and if our com­pa­ny is obli­ga­ted to dele­te per­so­nal data as the con­trol­ler pur­suant to Art. 17 para. 1 GDPR, PHYSEC GmbH will take appro­pria­te mea­su­res, of a tech­ni­cal natu­re as well, taking into account the avail­ab­le tech­no­lo­gy and the imple­men­ta­ti­on costs, to inform other con­trol­lers pro­ces­sing the published per­so­nal data that the data sub­ject has deman­ded the dele­ti­on of any links to such per­so­nal data or copies or repli­ca­ti­ons of such per­so­nal data, as far as the pro­ces­sing is not requi­red, from the­se other con­trol­lers. The employee of PHYSEC GmbH will arran­ge the necessa­ry in indi­vi­du­al cases.

  • e)    Right to restrict the pro­ces­sing

Any data sub­ject con­cer­ned by the pro­ces­sing of per­so­nal data has the right, gran­ted by the Euro­pean direc­tive and regu­la­to­ry aut­ho­ri­ty, to requi­re the con­trol­ler to restrict the pro­ces­sing if one of the fol­lo­wing con­di­ti­ons is met:

  • The accu­ra­cy of the per­so­nal data is con­tested by the data sub­ject for a peri­od of time that enab­les the con­trol­ler to veri­fy the accu­ra­cy of the per­so­nal data.
  • The pro­ces­sing is unla­w­ful, the data sub­ject refu­ses to dele­te the per­so­nal data and ins­te­ad requests the restric­tion of the use of per­so­nal data.
  • The con­trol­ler no lon­ger needs the per­so­nal data for the pur­po­ses of pro­ces­sing, but the data sub­ject requi­res them to assert, exer­cise or defend legal claims.
  • The data sub­ject has objec­ted to the pro­ces­sing acc. Art. 21 para. 1 GDPR and it is not yet clear whe­ther the legi­ti­ma­te rea­sons of the con­trol­ler out­weigh tho­se of the data sub­ject.

If one of the above-men­tio­ned con­di­ti­ons exists and a data sub­ject wis­hes to request the restric­tion of per­so­nal data stored by PHYSEC GmbH, they can con­tact an employee of the con­trol­ler at any time. The employee of PHYSEC GmbH will initia­te the restric­tion of the pro­ces­sing.

  • f)     Right to data por­ta­bi­li­ty

Any data sub­ject con­cer­ned by the pro­ces­sing of per­so­nal data has the right con­fer­red by the Euro­pean Direc­tives and Regu­la­ti­ons to obtain the per­so­nal data con­cer­ning him / her pro­vi­ded to a con­trol­ler by the data sub­ject in a struc­tu­red, com­mon and machi­ne-read­a­ble for­mat. He / She also has the right to trans­fer this data to ano­t­her con­trol­ler without hin­dran­ce by the con­trol­ler to whom the per­so­nal data was pro­vi­ded, pro­vi­ded that the pro­ces­sing is based on the con­sent pur­suant to Arti­cle 6 (1) (a) of the GDPR or Arti­cle 9 (1) (b) 2 (a) of the GDPR or on a con­tract pur­suant to Arti­cle 6 (1) (b) of the GDPR and pro­ces­sing is done by means of auto­ma­ted pro­ces­ses, unless the pro­ces­sing is necessa­ry for the per­for­mance of a task of public inte­rest or in the exer­cise of public aut­ho­ri­ty, which has been assi­gned to the con­trol­ler.

Fur­ther­mo­re, in exer­cising their right to data por­ta­bi­li­ty under Arti­cle 20 (1) of the GDPR, the data sub­ject has the right to effect that the per­so­nal data are trans­mit­ted direct­ly from one con­trol­ler to ano­t­her, inso­far as this is tech­ni­cal­ly fea­si­ble and if so this does not affect the rights and free­doms of others.

To enforce the right to data por­ta­bi­li­ty, the data sub­ject may at any time con­tact an employee of PHYSEC GmbH.

  • g)    Right to objec­tion

Any data sub­ject con­cer­ned by the pro­ces­sing of per­so­nal data has the right con­fer­red by the Euro­pean direc­tive and regu­la­to­ry aut­ho­ri­ty to object against the pro­ces­sing of per­so­nal data rela­ting to it pur­suant to Arti­cle 6 (1) (e) or (f) GDPR at any time, for rea­sons ari­sing from its par­ti­cu­lar situa­ti­on. This also app­lies to pro­filing based on the­se pro­vi­si­ons.

PHYSEC GmbH will no lon­ger pro­cess per­so­nal data in the event of an objec­tion, unless we can pro­ve that the­re are com­pel­ling legi­ti­ma­te rea­sons for pro­ces­sing that out­weigh the inte­rests, rights and free­doms of the data sub­ject, or the pro­ces­sing is for asser­ti­on, exer­cise or defen­se of legal claims.

If PHYSEC GmbH pro­ces­ses per­so­nal data in order to ope­ra­te direct mail, the data sub­ject has the right to object at any time to the pro­ces­sing of per­so­nal data for the pur­po­se of such adver­ti­sing. This also app­lies to the pro­filing, as far as it is asso­cia­ted with such direct mail. If the data sub­ject objects to PHYSEC GmbH for pro­ces­sing pur­po­ses for direct mar­ke­ting pur­po­ses, PHYSEC GmbH will no lon­ger pro­cess the per­so­nal data for the­se pur­po­ses.

In addi­ti­on, the data sub­ject has the right, for rea­sons ari­sing from his / her par­ti­cu­lar situa­ti­on, to object against the pro­ces­sing of per­so­nal data rela­ting to him, which is per­for­med by PHYSEC GmbH for sci­en­ti­fic or his­to­ri­cal rese­arch pur­po­ses or for sta­tis­ti­cal pur­po­ses pur­suant to Art. 89 para. 1 GDPR unless such pro­ces­sing is necessa­ry to ful­fill a task of public inte­rest.

In order to exer­cise the right to object, the data sub­ject may direct­ly con­tact any employee of PHYSEC GmbH. The data sub­ject is also free, in the con­text of the use of infor­ma­ti­on socie­ty ser­vices, not­wi­th­stan­ding Direc­tive 2002/58/EC, to exer­cise his right of oppo­si­ti­on by means of auto­ma­ted pro­ce­du­res using tech­ni­cal spe­ci­fi­ca­ti­ons.

  • h)    Auto­ma­ted deci­si­ons in indi­vi­du­al cases inclu­ding pro­filing

Any data sub­ject con­cer­ned by the pro­ces­sing of per­so­nal data has the right, as gran­ted by the Euro­pean legis­la­tu­re, not to be sub­ject to a deci­si­on based sole­ly on auto­ma­ted pro­ces­sing, inclu­ding pro­filing, which has a legal effect on it or, in a simi­lar man­ner, signi­fi­cant­ly affects it; unless the deci­si­on (1) is necessa­ry for the con­clu­si­on or per­for­mance of a con­tract bet­ween the data sub­ject and the con­trol­ler, or (2) is per­mit­ted by Uni­on or Mem­ber Sta­te legis­la­ti­on to which the con­trol­ler is sub­ject, and that legis­la­ti­on pro­vi­des for appro­pria­te mea­su­res to safe­guard the rights and free­doms as well as the legi­ti­ma­te inte­rests of the data sub­ject; or (3) with the express con­sent of the data sub­ject.

If the deci­si­on (1) is requi­red for the con­clu­si­on or the per­for­mance of a con­tract bet­ween the data sub­ject and the con­trol­ler or (2) it takes place with the expli­cit con­sent of the per­son con­cer­ned, PHYSEC GmbH takes appro­pria­te mea­su­res to pro­tect the rights and free­doms as well as the legi­ti­ma­te inte­rests of the data sub­ject, inclu­ding at least the right to obtain the inter­ven­ti­on of a per­son by the con­trol­ler, to express his / her own posi­ti­on and to con­test the deci­si­on.

If the data sub­ject wis­hes to claim rights con­cer­ning auto­ma­ted deci­si­on-making, they can con­tact an employee of the con­trol­ler at any time.

  • i)      Right to revo­ke a data pro­tec­tion con­sent

Any data sub­ject con­cer­ned by the pro­ces­sing of per­so­nal data has the right, gran­ted by the Euro­pean direc­tive and regu­la­to­ry aut­ho­ri­ty, to revo­ke con­sent to the pro­ces­sing of per­so­nal data at any time.

If the data sub­ject wis­hes to claim their right to with­draw con­sent, they may, at any time, con­tact an employee of the con­trol­ler.

  1. Pri­va­cy Poli­cy for Use of Face­book

The con­trol­ler has inte­gra­ted com­pon­ents of the com­pa­ny Face­book on this web­site. Face­book is a soci­al net­work.

A soci­al net­work is an Inter­net-based soci­al mee­ting place, an online com­mu­ni­ty that typi­cal­ly allows users to com­mu­ni­ca­te with each other and inter­act in vir­tu­al space. A soci­al net­work can ser­ve as a plat­form to exchan­ge views and expe­ri­en­ces, or allows the Inter­net com­mu­ni­ty to pro­vi­de per­so­nal or busi­ness infor­ma­ti­on. Face­book allows soci­al net­work users to crea­te pri­va­te pro­files, upload pho­tos and socia­li­ze via fri­end requests.

The ope­ra­ting com­pa­ny of Face­book is Face­book, Inc., 1 Hacker Way, Men­lo Park, CA 94025, USA. Con­trol­ler is, if an affec­ted per­son lives out­side the US or Cana­da, Face­book Ire­land Ltd., 4 Grand Canal Squa­re, Grand Canal Har­bor, Dub­lin 2, Ire­land.

On each visit to one of the indi­vi­du­al pages of this web­site, which is ope­ra­ted by the con­trol­ler and on which a Face­book com­po­nent (Face­book plug-in) has been inte­gra­ted, the Inter­net brow­ser on the infor­ma­ti­on tech­no­lo­gy sys­tem of the data sub­ject auto­ma­ti­cal­ly cau­ses a down­load of the cor­re­spon­ding Face­book Com­po­nent from Face­book. An over­view of all Face­book plug-ins can be found at https://developers.facebook.com/docs/plugins/?locale=en_US. As part of this tech­ni­cal pro­cess, Face­book recei­ves infor­ma­ti­on about which spe­ci­fic sub­page of our web­site is visi­ted by the data sub­ject.

If the data sub­ject is simul­ta­neous­ly log­ged into Face­book, Face­book reco­gni­zes with each visit to our web­site by the data sub­ject and during the ent­i­re dura­ti­on of the respec­tive stay on our web­site, which spe­ci­fic sub­page of our web­site the data sub­ject visits. This infor­ma­ti­on is collec­ted through the Face­book com­po­nent and assi­gned by Face­book to the respec­tive Face­book account of the data sub­ject. If the data sub­ject activa­tes one of the Face­book but­tons inte­gra­ted on our web­site, for examp­le the “Like” but­ton, or if the per­son con­cer­ned makes a com­ment, Face­book assigns this infor­ma­ti­on to the per­so­nal Face­book user account of the per­son con­cer­ned and saves this per­so­nal data.

Face­book always recei­ves infor­ma­ti­on via the Face­book com­po­nent that the data sub­ject has visi­ted our web­site if the data sub­ject is log­ged in to Face­book at the same time as acces­sing our web­site; this hap­pens regard­less of whe­ther the per­son clicks on the Face­book com­po­nent or not. If such a trans­fer of this infor­ma­ti­on to Face­book is not wan­ted by the data sub­ject, it can pre­vent the trans­fer by log­ging out of their Face­book account befo­re cal­ling our web­site.

The data poli­cy published by Face­book, which is avail­ab­le at https://de-de.facebook.com/about/privacy/, pro­vi­des infor­ma­ti­on on the collec­tion, pro­ces­sing and use of per­so­nal data by Face­book. It also exp­lains which opti­ons Face­book offers to pro­tect the pri­va­cy of the data sub­ject. In addi­ti­on, dif­fe­rent app­li­ca­ti­ons are avail­ab­le, which make it pos­si­ble to sup­press data trans­mis­si­on to Face­book. Such app­li­ca­ti­ons can be used by the data sub­ject to sup­press data trans­mis­si­on to Face­book.

  1. Data pro­tec­tion regu­la­ti­ons for use of Goog­le Ana­ly­tics (with anony­mi­za­ti­on func­tion)

The con­trol­ler has inte­gra­ted the com­po­nent Goog­le Ana­ly­tics (with anony­mi­za­ti­on func­tion) on this web­site. Goog­le Ana­ly­tics is a web ana­ly­tics ser­vice. Web ana­ly­sis is the collec­tion, collec­tion and ana­ly­sis of data about the beha­vi­or of visi­tors to web­sites. Among other things, a web ana­ly­sis ser­vice collects data on which web­site an affec­ted per­son has come to a web­site (so-cal­led refer­rers), which sub­pages of the web­site were acces­sed or how often and for which length of stay a sub­page was view­ed. A web ana­ly­sis is main­ly used to opti­mi­ze a web­site and cost-bene­fit ana­ly­sis of Inter­net adver­ti­sing.

The ope­ra­ting com­pa­ny of the Goog­le Ana­ly­tics com­po­nent is Goog­le Inc., 1600 Amphi­thea­ter Pkwy, Moun­tain View, CA 94043-1351, USA.

The con­trol­ler uses the addi­ti­on “_gat._anonymizeIp” for web ana­ly­tics via Goog­le Ana­ly­tics. By means of this adden­dum, the IP address of the Inter­net access of the data sub­ject will be shor­ten­ed and anony­mi­sed by Goog­le if the access to our web­site is from a Mem­ber Sta­te of the Euro­pean Uni­on or from ano­t­her sta­te par­ty to the Agree­ment on the Euro­pean Eco­no­mic Area.

The pur­po­se of the Goog­le Ana­ly­tics com­po­nent is to ana­ly­ze visi­tor flows on our web­site. Among other things, Goog­le uses the data and infor­ma­ti­on obtai­ned to eva­lua­te the use of our web­site, to com­pi­le for us online reports sho­wing the activi­ties on our web­sites, and to pro­vi­de other ser­vices rela­ted to the use of our web­site.

Goog­le Ana­ly­tics uses a coo­kie on the infor­ma­ti­on tech­no­lo­gy sys­tem of the data sub­ject. What coo­kies are, has alre­ady been exp­lai­ned above. By using this coo­kie Goog­le is enab­led to ana­ly­ze the usa­ge of our web­site. Each time one of the pages of this web­site run by the con­trol­ler is acces­sed and a Goog­le Ana­ly­tics com­po­nent has been inte­gra­ted, the Inter­net brow­ser on the infor­ma­ti­on tech­no­lo­gy sys­tem of the data sub­ject is auto­ma­ti­cal­ly cau­sed by the respec­tive Goog­le Ana­ly­tics com­po­nent to sub­mit data to Goog­le for online ana­ly­sis pur­po­ses. As part of this tech­ni­cal pro­cess, Goog­le will be awa­re of per­so­nal data, such as the IP address of the data sub­ject, which ser­ve, among other things, Goog­le to track the ori­gin of the visi­tors and clicks, and sub­se­quent­ly make com­mis­si­on sett­le­ments pos­si­ble.

The coo­kie stores per­so­nal­ly iden­ti­fia­ble infor­ma­ti­on, such as access time, the loca­ti­on from which access was made, and the fre­quen­cy of site visits by the data sub­ject. Each time you visit our web­site, your per­so­nal infor­ma­ti­on, inclu­ding the IP address of the Inter­net con­nec­tion used by the data sub­ject, is trans­fer­red to Goog­le in the United Sta­tes of Ame­ri­ca. This per­so­nal infor­ma­ti­on is stored by Goog­le in the United Sta­tes of Ame­ri­ca. Goog­le may trans­fer such per­so­nal data collec­ted through the tech­ni­cal pro­cess to third par­ties.

The affec­ted per­son can pre­vent the set­ting of coo­kies through our web­site, as shown above, at any time by means of a cor­re­spon­ding set­ting of the Inter­net brow­ser used and thus per­man­ent­ly object the set­ting of coo­kies. Such a set­ting of the Inter­net brow­ser used would also pre­vent Goog­le from set­ting a coo­kie on the infor­ma­ti­on tech­no­lo­gy sys­tem of the per­son con­cer­ned. In addi­ti­on, a coo­kie alre­ady set by Goog­le Ana­ly­tics can be dele­ted at any time via the Inter­net brow­ser or other soft­ware pro­grams.

Fur­ther­mo­re, the data sub­ject has the opti­on of objec­ting to and pre­ven­ting the collec­tion of the data gene­ra­ted by Goog­le Ana­ly­tics for the use of this web­site and the pro­ces­sing of this data by Goog­le. To do this, the per­son must down­load and install a brow­ser add-on at https://tools.google.com/dlpage/gaoptout. This brow­ser add-on informs Goog­le Ana­ly­tics via Java­Script that no data and infor­ma­ti­on about web­site visits may be trans­mit­ted to Goog­le Ana­ly­tics. The instal­la­ti­on of the brow­ser add-on is con­s­i­de­red by Goog­le as an objec­tion. If the data subject’s infor­ma­ti­on tech­no­lo­gy sys­tem is later dele­ted, for­mat­ted or reinstal­led, the data sub­ject must re-install the brow­ser add-on to dis­able Goog­le Ana­ly­tics. If the brow­ser add-on is unin­stal­led or dis­abled by the data sub­ject or any other per­son wit­hin their sphe­re of con­trol, it is pos­si­ble to reinstall or reac­tiva­te the brow­ser add-on.

Addi­tio­nal infor­ma­ti­on and Google’s pri­va­cy poli­cy can be found at https://www.google.com/intl/en/policies/privacy/ and http://www.google.com/analytics/terms/en.html. Goog­le Ana­ly­tics is exp­lai­ned in more detail at https://www.google.com/intl/de_de/analytics/.

  1. Pri­va­cy Poli­cy for Goog­le Web­fonts
  2. This web­site uses exter­nal Goog­le fonts. Goog­le Fonts is a ser­vice of Goog­le Inc. The inte­gra­ti­on of the­se web fonts is done by a ser­ver call, usual­ly a Goog­le ser­ver in the USA. The infor­ma­ti­on about which of our web­sites one have visi­ted, will be trans­mit­ted to the ser­ver. Also, the IP address of the visi­tor of this web­site is stored by Goog­le. For more infor­ma­ti­on, see the Goog­le Pri­va­cy Poli­cy, which you can access here: www.google.com/policies/privacy/

  1. Pri­va­cy Poli­cy for Use of Lin­kedIn

The con­trol­ler has inte­gra­ted com­pon­ents from Lin­kedIn Cor­po­ra­ti­on on this web­site. Lin­kedIn is an Inter­net-based soci­al net­work that allows users to con­nect to exis­ting busi­ness con­tacts and make new busi­ness con­tacts. Over 400 mil­li­on regis­te­red peop­le use Lin­kedIn in more than 200 coun­tries. This makes Lin­kedIn cur­r­ent­ly the lar­gest plat­form for busi­ness con­tacts and one of the most visi­ted web­sites in the world.

LinkedIn’s ope­ra­ting com­pa­ny is Lin­kedIn Cor­po­ra­ti­on, 2029 Stier­lin Court Moun­tain View, CA 94043, USA. Pri­va­cy Poli­cy issu­es out­side the United Sta­tes are hand­led by Lin­kedIn Ire­land, Pri­va­cy Poli­cy Issu­es, Wil­ton Pla­za, Wil­ton Place, Dub­lin 2, Ire­land.

Each time you visit our web­site, which has a Lin­kedIn com­po­nent (Lin­kedIn plug-in), this com­po­nent cau­ses the brow­ser used by the data sub­ject to down­load a cor­re­spon­ding rep­re­sen­ta­ti­on of the Lin­kedIn com­po­nent. More infor­ma­ti­on about the Lin­kedIn plug-ins can be found at https://developer.linkedin.com/plugins. As part of this tech­ni­cal pro­cess, Lin­kedIn learns about the spe­ci­fic sub­page of our web­site visi­ted by the affec­ted per­son.

If the data sub­ject is log­ged in to Lin­kedIn at the same time, Lin­kedIn reco­gni­zes with each visit to our web­site by the data sub­ject and during the ent­i­re dura­ti­on of the respec­tive stay on our web­site which spe­ci­fic sub­page of our web­site the data sub­ject visits. This infor­ma­ti­on is collec­ted through the Lin­kedIn com­po­nent and lin­ked by Lin­kedIn to the affec­ted Lin­kedIn account. If the affec­ted per­son activa­tes a Lin­kedIn but­ton inte­gra­ted on our web­site, Lin­kedIn assigns this infor­ma­ti­on to the per­so­nal Lin­kedIn user account of the data sub­ject and saves this per­so­nal data.

Lin­kedIn always recei­ves infor­ma­ti­on via the Lin­kedIn com­po­nent that the data sub­ject has visi­ted our web­site if the per­son con­cer­ned is simul­ta­neous­ly log­ged into Lin­kedIn at the time of acces­sing our web­site; this hap­pens regard­less of whe­ther the data sub­ject clicks on the Lin­kedIn com­po­nent or not. If the data sub­ject does not want to trans­mit this infor­ma­ti­on to Lin­kedIn, he / she can pre­vent it from log­ging out of their Lin­kedIn account befo­re visi­ting our web­site.

At https://www.linkedin.com/psettings/guest-controls, Lin­kedIn offers the abi­li­ty to opt out of email messa­ges, text messa­ges, and tar­ge­ted ads, as well as mana­ge ad set­tings. Lin­kedIn also uses part­ners like Quantcast, Goog­le Ana­ly­tics, Blu­e­Kai, Dou­ble­Click, Niel­sen, Comscore, Elo­qua and Lota­me, who can set coo­kies. Such coo­kies can be refu­sed at https://www.linkedin.com/legal/cookie-policy. LinkedIn’s pri­va­cy poli­cy is avail­ab­le at https://www.linkedin.com/legal/privacy-policy. Lin­kedIn coo­kie poli­cy is avail­ab­le at https://www.linkedin.com/legal/cookie-policy.

  1. Pri­va­cy Poli­cy for Use of Twit­ter

The con­trol­ler has inte­gra­ted Twit­ter com­pon­ents on this web­site. Twit­ter is a mul­ti­lin­gu­al publicly avail­ab­le micro­blog­ging ser­vice whe­re users can post and dis­tri­bu­te so-cal­led tweets, which are limi­ted to 280 cha­rac­ters. The­se short messa­ges are avail­ab­le to anyo­ne, inclu­ding non-Twit­ter sub­scri­bers. The tweets are also dis­play­ed to the so-cal­led fol­lo­wers of the respec­tive user. Fol­lo­wers are other Twit­ter users who fol­low a user’s tweets. Twit­ter also allows you to address a broad audi­ence via hash­tags, links or ret­weets.

The ope­ra­ting com­pa­ny of Twit­ter is Twit­ter, Inc., 1355 Mar­ket Street, Sui­te 900, San Fran­cis­co, CA 94103, USA.

Each time one of the indi­vi­du­al pages of this web­site, which is ope­ra­ted by the con­trol­ler and on which a Twit­ter com­po­nent (Twit­ter but­ton) has been inte­gra­ted, the Inter­net brow­ser on the infor­ma­ti­on tech­no­lo­gy sys­tem of the data sub­ject is auto­ma­ti­cal­ly cau­sed by the respec­tive Twit­ter com­po­nent to down­load a pre­sen­ta­ti­on of the cor­re­spon­ding Twit­ter com­po­nent of Twit­ter. Fur­t­her infor­ma­ti­on on the Twit­ter but­tons is avail­ab­le at https://about.twitter.com/en/resources/buttons. As part of this tech­ni­cal pro­cess, Twit­ter recei­ves infor­ma­ti­on about which spe­ci­fic sub­page of our web­site is visi­ted by the per­son con­cer­ned. The pur­po­se of the inte­gra­ti­on of the Twit­ter com­po­nent is to allow our users to redis­tri­bu­te the con­tents of this web­site, to pro­mo­te this web­site in the digi­tal world and to increa­se our visi­tor num­bers.

If the data sub­ject is simul­ta­neous­ly log­ged in to Twit­ter, Twit­ter reco­gni­zes with each visit to our web­site by the data sub­ject and during the ent­i­re dura­ti­on of the respec­tive stay on our web­site, which spe­ci­fic sub­page of our web­site the data sub­ject is visi­ting. This infor­ma­ti­on is collec­ted through the Twit­ter com­po­nent and assi­gned through Twit­ter to the data sub­jects Twit­ter account. If the data sub­ject activa­tes one of the Twit­ter but­tons inte­gra­ted on our web­site, the data and infor­ma­ti­on trans­mit­ted with it are assi­gned to the per­so­nal Twit­ter user account of the data sub­ject and stored and pro­ces­sed by Twit­ter.

Twit­ter always recei­ves infor­ma­ti­on via the Twit­ter com­po­nent that the data sub­ject has visi­ted our web­site if the data sub­ject simul­ta­neous­ly logs on to Twit­ter at the time of access to our web­site; this hap­pens regard­less of whe­ther or not the sub­ject clicks on the Twit­ter com­po­nent. If such a trans­fer of this infor­ma­ti­on to Twit­ter is not wan­ted by the per­son con­cer­ned, it can pre­vent the trans­fer by log­ging out of their Twit­ter account befo­re cal­ling our web­site.

The app­li­ca­ble pri­va­cy poli­ci­es of Twit­ter are avail­ab­le at https://twitter.com/privacy?lang=en.

  1. Pri­va­cy Poli­cy for Use and Use of Xing

The con­trol­ler has inte­gra­ted com­pon­ents from Xing on this web­site. Xing is an Inter­net-based soci­al net­work that allows users to con­nect to exis­ting busi­ness con­tacts and make new busi­ness con­tacts. The indi­vi­du­al users can crea­te a per­so­nal pro­fi­le at Xing. Com­pa­nies can, for examp­le, crea­te com­pa­ny pro­files or publish job offers on Xing.

The ope­ra­ting com­pa­ny of Xing is XING SE, Damm­tor­stra­ße 30, 20354 Ham­burg, Ger­ma­ny.

Each time one of the indi­vi­du­al pages on this web­site, which is run by the con­trol­ler and on which a Xing com­po­nent (Xing plug-in) has been inte­gra­ted, is cal­led, the inter­net brow­ser on the infor­ma­ti­on tech­no­lo­gy sys­tem of the data sub­ject is auto­ma­ti­cal­ly cau­sed by the respec­tive Xing Com­po­nent to down­load a rep­re­sen­ta­ti­on of the cor­re­spon­ding Xing com­po­nent from Xing. More infor­ma­ti­on about the Xing plug-ins can be found at https://dev.xing.com/plugins. As part of this tech­ni­cal pro­cess, Xing is awa­re of which spe­ci­fic sub­page of our web­site is visi­ted by the data sub­ject.

If the data sub­ject is log­ged in to Xing at the same time, Xing reco­gni­zes with each visit to our web­site by the data sub­ject and during the ent­i­re dura­ti­on of the respec­tive stay on our web­site, which spe­ci­fic sub­page of our web­site was visi­ted by the data sub­ject. This infor­ma­ti­on is collec­ted by the Xing com­po­nent and assi­gned by Xing to the affec­ted Xing account. If the data sub­ject activa­tes one of the Xing but­tons inte­gra­ted on our web­site, for examp­le the “Sha­re” but­ton, Xing assigns this infor­ma­ti­on to the per­so­nal Xing user account of the data sub­ject and stores this per­so­nal data.

Xing always recei­ves infor­ma­ti­on from the Xing com­po­nent that the data sub­ject has visi­ted our web­site if the data sub­ject is simul­ta­neous­ly log­ged in to Xing at the time of acces­sing our web­site; this hap­pens regard­less of whe­ther or not the data sub­ject clicks on the Xing com­po­nent. If such a trans­fer of this infor­ma­ti­on to Xing by the data sub­ject is not inten­ded, it can pre­vent the trans­fer by log­ging out of your Xing account befo­re cal­ling our web­site.

Xing’s pri­va­cy poli­cy, avail­ab­le at https://www.xing.com/privacy, pro­vi­des infor­ma­ti­on about the collec­tion, pro­ces­sing and use of per­so­nal infor­ma­ti­on by Xing. In addi­ti­on, Xing has posted pri­va­cy noti­ces for the XING Sha­re but­ton at https://www.xing.com/app/share?op=data_protection.

  1. Legal basis of pro­ces­sing

Art. 6 I lit. a GDPR ser­ves our com­pa­ny as the legal basis for pro­ces­sing ope­ra­ti­ons whe­re we obtain con­sent for a par­ti­cu­lar pro­ces­sing pur­po­se. If the pro­ces­sing of per­so­nal data is necessa­ry to ful­fill a con­tract of which the data sub­ject is a par­ty, as is the case, for examp­le, in pro­ces­sing ope­ra­ti­ons necessa­ry for the sup­ply of goods or the pro­vi­si­on of any other ser­vice or con­s­i­de­ra­ti­on, pro­ces­sing shall be based on Art. 6 I lit. b GDPR. The same app­lies to pro­ces­sing ope­ra­ti­ons that are necessa­ry to car­ry out pre-con­trac­tu­al mea­su­res, for examp­le in cases of inqui­ries regar­ding our pro­ducts or ser­vices. If our com­pa­ny is sub­ject to a legal obli­ga­ti­on which requi­res the pro­ces­sing of per­so­nal data, such as the ful­fill­ment of tax obli­ga­ti­ons, the pro­ces­sing is based on Art. 6 I lit. c GDPR. In rare cases, the pro­ces­sing of per­so­nal data may be requi­red to pro­tect the vital inte­rests of the data sub­ject or ano­t­her natu­ral per­son. This would be the case, for examp­le, if a visi­tor to our pre­mi­ses were inju­red and his or her name, age, health insuran­ce or other vital infor­ma­ti­on would have to be pas­sed on to a doc­tor, hos­pi­tal or other third par­ty. Then the pro­ces­sing would be based on Art. 6 I lit. d GDPR. Ulti­mate­ly, pro­ces­sing ope­ra­ti­ons could be based on Art. 6 I lit. f GDPR. On this legal basis, pro­ces­sing ope­ra­ti­ons that are not cove­r­ed by any of the above legal bases are requi­red if pro­ces­sing is necessa­ry to safe­guard the legi­ti­ma­te inte­rests of our com­pa­ny or a third par­ty, unless the inte­rests, fun­da­men­tal rights and fun­da­men­tal free­doms of the per­son con­cer­ned pre­vail. Such pro­ces­sing ope­ra­ti­ons are par­ti­cu­lar­ly allo­wed to us becau­se they have been spe­ci­fi­cal­ly men­tio­ned by the Euro­pean legis­la­tor. In that regard, it con­s­i­de­red that a legi­ti­ma­te inte­rest could be assu­med if the data sub­ject is a custo­mer of the con­trol­ler (reci­tal 47, second sen­tence, GDPR).

  1. Eli­gi­ble pro­ces­sing inte­rests that are being pur­sued by the con­trol­ler or a third par­ty

Is the pro­ces­sing of per­so­nal data based on Arti­cle 6 I lit. f GDPR, our legi­ti­ma­te inte­rest is in con­duc­ting our busi­ness for the bene­fit of all of our employees and our share­hol­ders.

  1. Dura­ti­on for which the per­so­nal data are stored

The cri­te­ri­on for the dura­ti­on of the sto­ra­ge of per­so­nal data is the respec­tive sta­tu­to­ry reten­ti­on peri­od. After the dead­line, the cor­re­spon­ding data will be rou­ti­nely dele­ted, if they are no lon­ger requi­red to ful­fill the con­tract or to initia­te a con­tract.

  1. Legal or con­trac­tu­al pre­scrip­ti­ons for the pro­vi­si­on of per­so­nal data; Neces­si­ty for the con­clu­si­on of the con­tract; Obli­ga­ti­on of the data sub­ject to pro­vi­de the per­so­nal data; pos­si­ble con­se­quen­ces of non-pro­vi­si­on

We cla­ri­fy that the pro­vi­si­on of per­so­nal infor­ma­ti­on is in part requi­red by law (such as tax regu­la­ti­ons) or may result from con­trac­tu­al arran­ge­ments (such as details of the con­trac­tor). Occa­sio­nal­ly it may be necessa­ry for a con­tract to be con­clu­ded that a data sub­ject pro­vi­des us with per­so­nal data that must sub­se­quent­ly be pro­ces­sed by us. For examp­le, the data sub­ject is requi­red to pro­vi­de us with per­so­nal infor­ma­ti­on when our com­pa­ny enters into a con­tract with her. Fail­u­re to pro­vi­de the per­so­nal data would mean that the con­tract with the data sub­ject could not be clo­sed. Pri­or to any per­so­nal data being pro­vi­ded by the data sub­ject, the data sub­ject must con­tact one of our employees. Our employee will inform the indi­vi­du­al on a case-by-case basis whe­ther the pro­vi­si­on of the per­so­nal data is requi­red by law or con­tract or is requi­red for the con­clu­si­on of the con­tract, whe­ther the­re is an obli­ga­ti­on to pro­vi­de the per­so­nal data and the con­se­quen­ces of the non-pro­vi­si­on of the per­so­nal data.

  1. Exis­tence of auto­ma­ted deci­si­on-making

As a respon­si­ble com­pa­ny we refrain from auto­ma­tic deci­si­on-making or pro­filing.