Details of the responsible body
Company: ALLGEIER ENGINEERING GmbH
Legal representative: Ralf Erhardt
Address: Wilhelm-Wagenfeld-Straße 28, 80807 Munich, Germany
Contact data protection officer: datenschutz@allgeier-engineering.com
GENERAL INFORMATION ON DATA PROCESSING
Data concerned
Personal data is only collected if you provide it to us voluntarily. No other personal data is collected.
Any processing of your personal data that goes beyond the scope of the statutory permissions will only take place on the basis of your express consent.
Purpose of processing: Performance of the contract.
Categories of recipients:
– Public authorities in the event of overriding legal provisions.
– External service providers or other contractors.
– Other external bodies if the data subject has given their consent or a transfer is permitted for reasons of overriding interest.
Third country transfers: Processors outside the European Union may also be used in the context of contract performance.
Duration of data storage: The duration of data storage depends on the statutory retention obligations and is generally 10 years.
SPECIFIC INFORMATION ON THE WEBSITE
Usage data
When you visit our website, you transmit data to our web server via your internet browser (for technical reasons). The following data is recorded during an ongoing connection for communication between your Internet browser and our web server:
Date and time of the request
– Name of the requested file
– Page from which the file was requested
– Access status (file transferred, file not found, etc.)
– Web browser and operating system used
– complete IP address of the requesting computer
– amount of data transferred.
For reasons of technical security, in particular to defend against attempted attacks on our web server, this data is stored by us for a short time. It is not possible for us to identify individual persons from this data. After seven days at the latest, the data is anonymized by shortening the IP address at domain level so that it is no longer possible to establish a link to the individual user. The data is also processed in anonymized form for statistical purposes; it is not compared with other databases or passed on to third parties, even in excerpts.
Note: Source of the formulation State Office for Data Protection Supervision Bavaria
Use of own “cookies”
This website uses its own “cookies” to store settings required for the website display (“cookies” are data records that are sent from the web server to the user’s browser and stored there for later retrieval). No personal data is stored in our own “cookies”. You can generally prevent the use of cookies by prohibiting the storage of cookies in your browser. You will find a further option to object or subsequently adjust your consent on our website in the footer under “Cookies”.
Use of Friendly Captcha (bot/spam protection)
Our website uses the “Friendly Captcha” service (www.friendlycaptcha.com). This service is provided by Friendly Captcha GmbH, Am Anger 3-5, 82237 Wörthsee, Germany.
Friendly Captcha is an innovative, data protection-friendly protection solution to make it more difficult for automated programs and scripts (so-called “bots”) to use our website. For this purpose, we have integrated a program code from Friendly Captcha into our website (e.g. for contact forms) so that the visitor’s end device can establish a connection to the Friendly Captcha servers in order to receive a calculation task from Friendly Captcha. The visitor’s end device solves the calculation task, which requires certain system resources, and sends the calculation result to our web server. This contacts the Friendly Captcha server via an interface and receives a response as to whether the puzzle has been solved correctly by the end device. Depending on the result, we can apply security rules to requests via our website and, for example, process or reject them. The data is used exclusively to protect against spam and bots as described above. Friendly Captcha does not set or read any cookies on the visitor’s end device. IP addresses are only stored in hashed (one-way encrypted) form and do not allow us or Friendly Captcha to draw any conclusions about an individual person. If personal data is stored, this data is deleted within 30 days. The legal basis for the processing is our legitimate interest in protecting our website from abusive access by bots, i.e. spam protection and protection against attacks (e.g. mass requests), Art. 6 para. 1 lit. f GDPR.
Further information on data protection when using Friendly Captcha can be found at https://friendlycaptcha.com/legal/privacy-end-users/
Use of Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (‘Google’), based on your consent in accordance with Art. 6 para. 1 lit. a GDPR. Google Analytics uses ‘cookies’, which are text files placed on your device to enable analysis of your use of the website.
The information generated by the cookie about your use of this website (including your IP address) is usually transferred to a Google server in the USA and stored there. IP anonymisation is activated on this website, which means that your IP address will be shortened by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area prior to transmission. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there.
On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address transmitted by your browser within the scope of Google Analytics will not be merged with other data from Google.
Note on third-country transfer: It cannot be ruled out that US authorities may access data stored by Google. The USA is currently considered an unsafe third country in terms of data protection. An adequate level of data protection cannot therefore be guaranteed in every case. The transfer is therefore carried out exclusively on the basis of your express consent in accordance with Art. 49 para. 1 lit. a GDPR.
Revocation of your consent / opt-out options:
You can withdraw your consent at any time with future effect – for example, via the cookie banner or via the corresponding link on our website (‘Cookie’, see footer). In addition, you have the following options:
- You can prevent the storage of cookies by adjusting your browser software settings accordingly. In this case, however, you may not be able to use all functions of this website to their full extent.
- You can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de
Use of Google Tag Manager
This website uses Google Tag Manager, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager allows us to centrally manage website tags via a user interface. The service itself does not process any personal data of users, as it only controls the triggering of other tags without itself accessing the data processed in the process.
Please note: If you have not consented to the use of certain categories of cookies (e.g. statistics or marketing) in our cookie banner or if you withdraw your consent, the corresponding tags controlled by Google Tag Manager will also not be activated.
Further information about Google Tag Manager can be found at: https://www.google.com/intl/de/tagmanager/use-policy.html
Use of Perspective
We use an external service provider for the provision of our online services (e.g. recruiting funnel): Perspective Software GmbH, Mailbox 659770, D-96035 Bamberg (hereinafter referred to as “Perspective”). Perspective itself stores your data exclusively on European servers. However, there is a possibility that your data may be accessible to facilities in the United States of America, as Perspective uses sub-processors based in the USA. As the Commission of the European Union has determined that the data protection laws of the United States do not ensure an adequate level of protection for personal data collected from data subjects in the European Union, Perspective provides additional measures and safeguards for data transfers to the United States in accordance with the requirements of the GDPR to ensure an adequate level of protection. For example, through the conclusion of standard contractual clauses between Perspective and the sub-processors.
I. Description and scope of data processing
Perspective processes your data for us so that we can provide you with our online services. For this purpose, your IP address is automatically transmitted to Perspective in order to transmit the content and functions of our online services to your browser or device.
The following data may be collected:
1. information about the browser type and version used
2. the operating system of your computer
3. the internet service provider you use
4. the IP address of your terminal device
5. the date and time of your access to the funnel
6. websites from which you came to our website (“referrer”)
II. legal basis for data processing
Perspective stores the data mentioned under I. in so-called log files. This is done to ensure
– ensuring a smooth connection to the website,
– to ensure a comfortable use of our website
– the evaluation of system security and stability and
– for other administrative purposes.
The temporary storage of the IP address by the system is also necessary to enable the website to be delivered to your computer. For this purpose, the IP address of your computer must remain stored for the duration of the session.
Our legitimate interest in data processing also lies in these purposes. The legal basis for data processing is therefore Art. 6 para. 1 sentence 1 lit. f GDPR.
III Duration of the processing
The personal data processed by Perspective is deleted as soon as it is no longer required to achieve the purpose for which it was collected:
– In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.
– In the case of storage of the IP address in log files, this is the case after 7 days at the latest.
1. rights of data subjects
You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction, blocking or deletion of this data. You can contact us at any time at the address given in the legal notice if you have any further questions on the subject of data protection. Furthermore, you have the right to lodge a complaint with the competent supervisory authority in the event of violations of the GDPR.
Because data processing is carried out on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation. If you object, we will no longer process your personal data concerned unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defense of legal claims (objection pursuant to Art. 21 para. 1 GDPR). Since the collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of our website, there should usually be no possibility for you to object.
You also have the right to request the restriction of the processing of your personal data under certain circumstances. The right to restriction of processing exists in the following cases:
If you dispute the accuracy of your personal data stored by us, we usually need time to check this. For the duration of the review, you have the right to request that the processing of your personal data be restricted.
If the processing of your personal data was/is carried out unlawfully, you can request the restriction of data processing instead of erasure.
If we no longer need your personal data, but you need it for the exercise, defense or assertion of legal claims, you have the right to request the restriction of the processing of your personal data instead of its erasure.
If you have lodged an objection in accordance with Art. 21 para. 1 GDPR, a balance must be struck between your interests and ours. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, this data – apart from its storage – may only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.
INFORMATION ON FURTHER DATA PROCESSING PROCEDURES
Specific information on the application procedure
Data concerned: Application details
Purpose of processing: Implementation of the application procedure
Categories of recipients:
– Public authorities in the event of overriding legal provisions.
– External service providers or other contractors, e.g. for data processing and hosting.
– Other external bodies insofar as the data subject has given their consent or a transfer is permitted for reasons of overriding interest, including customers and interested parties in the context of order acquisition.
Third country transfers: Processors outside the European Union may also be used in the context of contract performance.
Duration of data storage: Application data is generally deleted within six months of notification of the decision, unless the applicant has consented to longer data storage in the context of inclusion in the applicant pool.
Specific information on the processing of customer data/interested party data
Data concerned: Data provided for the performance of the contract; any additional data for processing on the basis of your express consent.
Purpose of processing: Contract execution, including offers, orders, sales and invoicing, quality assurance
Categories of recipients:
– Public authorities in the event of overriding legal provisions
– External service providers or other contractors, e.g. for data processing and hosting, for shipping, transport and logistics, service providers for printing and sending information and call centers.
– Other external bodies insofar as the data subject has given their consent or a transfer is permitted for reasons of overriding interest, e.g. for credit information for purchases on account, for sending information electronically, for quality assurance purposes.
Third country transfers: – None –
Duration of data storage: The duration of data storage depends on the statutory retention obligations and is generally 10 years.
Specific information on the processing of employee data
Data concerned: Data provided for the performance of the contract; any additional data for processing on the basis of your express consent.
Purpose of processing: Performance of the contract in the context of the employment relationship
Categories of recipients:- Public authorities in the event of overriding legal provisions, including the tax office, social security institutions, employers’ liability insurance association
– External service providers or other contractors, e.g. for data processing and hosting, payroll accounting, travel expense accounting, insurance services, vehicle use.
– Other external bodies insofar as the data subject has given their consent or a transfer is permitted for reasons of overriding interest, e.g. for order acquisition, insurance services.
Third country transfers: – None –
Duration of data storage: The duration of data storage depends on the statutory retention obligations and is generally 10 years.
Specific information on the processing of supplier data
Data concerned: Data provided for the performance of the contract; any additional data for processing on the basis of your express consent.
Purpose of processing: Contract performance, including inquiries, purchasing, quality assurance
Categories of recipients:
– Public authorities in the event of overriding legal provisions, including the tax office, customs.
– External service providers or other contractors, e.g. for data processing and hosting, accounting, payment processing.
– Other external bodies if the data subject has given their consent or a transfer is permitted due to overriding interests.
Third country transfers: Processors outside the European Union, including email providers, may also be used in the performance of the contract
Duration of data storage: The duration of data storage depends on the statutory retention obligations and is generally 10 years.
Further information and contacts
In addition, you can assert your rights to information, correction or deletion or to restriction of processing or the exercise of your right to object to processing as well as the right to data portability at any time. You can contact us by e-mail or letter here. You also have the right to contact the data protection supervisory authority if you have a complaint.