Privacy Policy
IGEL Technology GmbH
We welcome you to our website. We would like to inform you about the management of your personal data in accordance with Art. 13 General Data Protection Regulation (GDPR).
Controller
The controller responsible for the described data collection and processing is named in the imprint.
Storage of Your IP address
We store the IP address transmitted by your web browser for a period of seven (7) days, strictly for the purpose of identifying, restricting and eliminating attacks on our website. After seven (7) days, we delete or anonymize your IP address. The legal basis for the processing of this personal data is provided for in Art. 6 para. 1 lit. f GDPR.
Usage Data
When you visit our website, the data collected from the use of the website is temporarily stored on our web server for statistical purposes in order to improve the quality of our website. This data set contains:
- the page, from which the data is requested,
- the name of the data file,
- the date and time of the query,
- the amount of data transferred,
- the access status (file transmitted, file not found),
- a description of the type of browser used,
- the IP address of the requesting computer shortened to such an extent that no reidentification of any persona data is possible.
The listed usage data is stored anonymously.
Data is processed on the basis of Article 6 paragraph 1 point f) of the General Data Protec-tion Regulation (GDPR). We use this information to enable our website to be called, to control and administer our systems, and to improve the design of our website. Your data is processed only to respond to your request and is deleted as soon as the information is no longer required for the customer relationship or the original contact. It is not passed on to any third party.
You have the right to object to processing of your data. You can find more details in the section “Your Rights as a User” below. As a result, personal user profiles cannot be created. Data on persons or their individual behavior is not collected.
Data Transfer
We transfer your data to service providers who support us in the operation of our website and the associated processes. This transference is made under the scope of a data processing agreement in accordance to Art. 28 GDPR. Our service providers are bound to us by strict instructions and contractual obligations. We use the following service providers: Live Chat Inc. (Contact via Live Chat Tool), Google Ireland Ltd (tracking via Google Analytics) and C. Melchers GmbH & Co. KG (recruitment portal).
Data Transfer to Third Countries (Non-EU Countries)
In some cases, we may transfer personal data to third countries outside the EU. In each case, we ensure an appropriate level of data protection according to European standards.
In the case of Live Chat Inc., the appropriate level of data protection pursuant to Art. 46 para. 2 lit. c GDPR is guaranteed by EU standard contractual clauses, which have been adopted by the service provider established in the USA.
Cookies
We use cookies on our website. Cookies are small pieces of data that are stored and read in your end-device. A distinction is made between session cookies, which are deleted when you close your browser, and permanent cookies, which are stored even after your visit has expired. Cookies may contain data that enables the recognition of the device being used. However, in some cases cookies only contain information on certain settings which are not personal data.
We use session cookies and permanent cookies on our website. The data is processed in accordance to Art. 6 para. 1 lit. f GDPR and in the interest of optimizing or enabling user guidance and improving our website presence.
Please be aware that you can set your browser to inform you when cookies are being stored or used on the website you are visiting. Thus, any use of cookies is transparent to you.
Google Analytics
We use Google Analytics to create pseudonymous user profiles for improving and design-ing our website on demand. Google Analytics uses “cookies”, which are text files placed on your end device and can be read by us. In this way, we are able to recognize and count returning visitors. This data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR and in the interest of finding out how often our website is viewed by different users.
The information generated by the cookies about your use of the website will be transmit-ted to and stored by Google on its servers in the United States. We have activated IP-anonymization on this website, your IP address will be truncated within the area of Member States of the European Union. Only in exceptional cases is the whole IP address transferred to a Google server in the USA and truncated there. Accordingly, Google will solely use collected data for the purposes intended, which are to evaluate the use of the website and to compile reports on website activities.
You can withdraw your consent to the processing at any time. Please use one of the following options:
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you proceed accordingly you may not be able to benefit from the full functionality of this website.
You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plug-in available under the following link (https://tools.google.com/dlpage/gaoptout).
For more information on the Terms of Use and Data Privacy, visit https://www.google.com/analytics/terms/us.html or https://policies.google.com/privacy?hl=en. Please note that the code “gat._anonymizeIp();” has been added to Google Analytics on this website to ensure anonymised capturing of IP addresses (so-called IP Masking).
Data Security
To avoid unauthorized access to your data, we have implemented technical and organizational measures. We use encryption technologies on our website. Your data will be transferred to our servers and back again via a connection that is protected by a TLS encryption technology. You can recognize that you are browsing on an encryption secured website by the lock-symbol shown in the address bar of your browser and by the address bar starting with https://.
Newsletter
On our website we provide the opportunity to subscribe to our newsletter. If you consent to this processing separately, this processing is pursuant to Art. 6 para. 1 lit. a GDPR. We therefore need your email address only. In order to be able to proof your consent, we will capture the consent data (e.g. your IP-address and the time of your consent). This will be processed by our supplier Act-On Software Limited, Suite 800, 8th Floor Fountain House, 2 Queens Walk, Reading, RG1 7QF. We did sign an agreement according to EU data protection law with this company. This is also only permitted with your consent. Your consent can be withdrawn at any time without affecting the lawfulness of the prior processing. If consent is withdrawn, we will stop the corresponding data processing.
You may unsubscribe from the newsletter at any time, via the link to unsubscribe from the newsletter, which you will find in every newsletter email.
Sweepstakes
Information you submit to take part in a sweepstake or surveys will only be used in order to identify and contact the winner (Art. 6 para. 1 lit. f GDPR). The winners will be notified in writing. If you consent, we will transfer your personal data, provided within the framework of a sweepstake, to our co-operating partners. If you win, with your consent, we will additionally publish your name on our website. If you wish to object to the processing of your data, please send an email to [email protected].
Contact form
You can contact us via our web contact form or service ticket. In order to use our contact form we require your name and your email-address. You may provide us with further information, but you are not obligated to do so. The legal basis for processing is Art. 6 para. 1 lit. b GDPR. We use your data exclusively for the processing of your request. Your data will be deleted, as soon as it is no longer necessary for the initial purpose and will not be transmitted to third parties.
Online applications
We process your personal data in compliance with data protection law, in particular the General Data Protection Regulation (GDPR) and German Federal Data Protection Act (BDSG). Applications are submitted using the applicant portal https://bewerbung.melchers.de of our parent company C. Melchers GmbH & Co. KG. Your application data is encrypted before being transferred.
Nature and scope of data processing
You yourself define the scope of the data you wish to send us as part of your online application. Only some obligatory items of information are transferred electronically to our HR department and processed there as soon as possible. They are encrypted before being transferred. Your data is processed at all our group’s European locations for the purpose of filling vacancies. Your data is not transferred elsewhere apart from that. Your particulars are treated confidentially at our company. If you give your consent, we store your data for a maximum period of 12 months so that it can be used for considering you for vacancies that arise in future. You can revoke that consent at any time with future effect by sending an email to [email protected].
Purpose of data processing
We process the data you disclose to us as part of your online application solely for the purpose of selecting applicants. The data is not processed for other purposes. If you want us to be allowed to consider your application for other or future job advertisements for a maximum period of 12 months, we ask you to give your consent when you send your application (by checking the applicable box). Data is processed on the basis of Section 26 of the German Federal Data Protection Act (BDSG) and Article 6 paragraph 1 point a) of the General Data Protection Regulation (GDPR).
Social media plugins
For reasons of data protection, we have deliberately decided against integrating social plugins (such as the Facebook Like button, the Twitter button or the Google +1 button) directly in our site. That means in principle that no data is transferred to social media services such as Facebook, Twitter or Google+ when you call our site. As a result, profiling by third parties is ruled out.
You can activate the social plugins if you wish.
However, we do not want to prevent visitors who would like to use social plugins from being able to do so. Consequently, you can activate social plugins at various places on our website. Please note that activating social plugins means that certain data may be transferred to the provider of the social media service, such as
- The address of the website on which the activated social plugin is located,
- The date and time the website was called and the social plugin was activated,
- Information on the browser and operating system used,
- Your current IP address.
If you are logged on to a social media service when you activate its social plugin, the provider of the social media service is also able to identify your user name and possibly even your real name from the above data.
This data may also be processed by the provider of the social media service in countries outside the European Union. We do not have any influence on the scope, nature and purpose of data processing by the provider of the social media service. Please note that the provider of the social media service is able to use the above data to create pseudonymized or even personalized user profiles. You can deactivate the social media plugins again at any time. However, this does not have any influence on the data that has already been transferred to the provider of the social media service.
Two clicks – activate and use
You can tell that social plugins are deactivated from their light turquoise background and the fact that you cannot click on them. No external content is loaded and no data is transferred.
When you check the checkbox for the first time, you activate the social media plugins – the social media buttons are then shown with a dark turquoise background. Data is already transferred to the social media providers as of then. You can now use the social plugins with a second click.
Company Facebook Page
We operate an official Facebook page based on Art. 6 para. 1 lit. f GDPR under the URL https://www.facebook.com/igel.technology. We never collect, store or process personal data of our users on this site. Furthermore, no other data processing is carried out or initiated by us. The data you enter on our Facebook page, such as comments, videos or images, will not be used or processed by us at any time for any other purpose.
Facebook uses web tracking methods on this site. Please be aware that Facebook may use your profile data to evaluate your habits, personal relationships, preferences, etc. We have no influence on the processing of your data by Facebook.
FindTime
Data processing
FindTime is an Outlook add-in that facilitates the scheduling of meetings and conversations. Proposed appointments are created and sent by e-mail.
Recipients can select or agree on suitable appointments as well as a desired date. The appointment with the highest number of votes is then submitted as a meeting request and booked.
The following data is processed while using the tool: e-mail address and name. We would like to point out that pseudonyms can also be used when using FindTime.
The data is stored in our IT systems. In addition, your data is stored on servers of our service provider, Microsoft Corporation. Your data will be automatically and completely deleted after 90 days at the latest.
Data processing is based on Art. 6 (1) (1b) GDPR or Art. 88 GDPR in conjunction with applicable national data protection law (in relation to employees of the IGEL group of companies) or Art. 6 (1) (1f) GDPR (in relation to external parties). In the latter case, the interest of IGEL Technology GmbH is to set up appointments in a purposeful and customer-friendly manner.
As an external party you have the right to object to the data processing.
You will find more details under the point “Your rights as a user”.
Data receiver
We will only transfer your data to third parties if we are authorised to do so under data protection law.
Your data will be passed on to our external service provider, Microsoft Corporation, who is supporting us as a data processor according to Art. 28 GDPR and acts strictly in accordance with our instructions.
Microsoft Corporation is an IT service provider in the USA. As a suitable guarantee for the permissibility of the data transfer, we have, among other things, concluded EU standard contractual clauses with the processor in accordance with Art. 46 (2c) GDPR. In addition, Microsoft Corporation is certified under the EU-US Privacy Shield Framework, cf.:
https://www.privacyshield.gov/participant?id=a2zt0000000KzNaAAK&status=Active
We will neither sell your personal data to third parties nor use it for marketing purposes.
Your Rights as a User
As a website user, the GDPR grants you certain rights when processing your personal data.
1. Right of access (Art. 15 GDPR):
You have the right to obtain confirmation at to whether or not personal data concerning you is being processed, and, where that is the case access to the personal data and the information specified in Art. 15 GDPR.
2. Right to rectification and erasure (Art. 16 and 17 GDPR):
You have the right to obtain without undue delay the rectification of inaccurate personal data concerning you and, if necessary, the right to have incomplete personal data completed.
You also have the right to obtain an erasure of the personal data concerning you without undue delay, if one of the reasons listed in Art. 17 GDPR applies, e.g. if the data is no longer necessary for the intended purpose.
3. Right to restriction of processing (Art. 18 GDPR):
If one of the conditions set forth in Art. 18 GDPR applies, you shall have the right to restrict the processing of your data to mere storage, e.g. if you revoke consent, to the processing, for the duration of a possible examination.
4. Right to data portability (Art. 20 GDPR):
In certain situations, listed in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, common and machine-readable format or demand a transmission of the data to another third party.
5. Right to object (Art. 21 GDPR):
If the data is processed pursuant to Art. 6 para. 1 lit. f GDPR (data processing for the purposes of the legitimate interests), you have the right to object to the processing at any time for reasons arising out of your particular situation. We will then no longer process personal data, unless there are demonstrably compelling legitimate grounds for processing, which override the interests, rights and freedoms of the person concerned, or the processing serves the purpose of asserting, exercising or defending legal claims.
If you have any questions, suggestions or comments about data protection, please contact Bernd Sengpiehl, COO, [email protected].
6. Right to lodge a complaint with a supervisory authority
Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you consider the processing of the data concerning you infringes data protection regulations. The right to lodge a complaint may be invoked in particular in the Member State of your habitual residence, place of work or the place of the alleged infringement.
Contact Details of the Data Protection Officer
Please contact our data protection officer if you have any further questions, suggestions or wishes regarding data protection:
Germany (IGEL Technology GmbH):
datenschutz nord GmbH, Konsul-Smidt-Straße 88, 28217 Bremen, Germany
[email protected], +49 421 69 66 320
Europe (branch office in Vänersborg, Sweden; IGEL Technology (Austria) GmbH; IGEL Technology BVBA, Belgium; IGEL Technology B.V., The Netherlands; IGEL Technology Ltd., Great Britain):
FIRST PRIVACY GmbH, Konsul-Smidt-Straße 88, 28217 Bremen, Germany
[email protected], +49 421 69 66 32 80
Document version: 25062020