Privacy Policy

1. Data protection at a glance

 
General notices

The following notices provide a simple overview of what happens to your personal data when you visit this website. Personal data are all data with which you can be personally identified. For detailed information on the subject of data protection, please refer to our Privacy Policy listed below this text. 

Data collection on this website

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. You can find their contact details in the “Notice about the responsible party” section of this Privacy Policy. 

How do we collect your data?

On the one hand, your data are collected by you providing them to us. For example, this may be data that you enter in a contact form. 

Other data are collected automatically or after your consent by our IT systems when you visit the website. This is mainly technical data (e.g. Internet browser, operating system or time of page view). The collection of this data takes place automatically as soon as you enter this website.

What do we use your data for?

Part of the data is collected to ensure error-free provision of the website. Other data can be used to analyze your user behavior.

What rights do you have with regard to your data?

You have the right at any time to receive information free of charge about the origin, recipient and purpose of your stored personal data. You also have a right to request the correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time for the future. You also have the right to request the restriction of the processing of your personal data under certain circumstances. Furthermore, you have the right to lodge a complaint with the responsible regulatory authority.

If you have any queries in this respect or any on data protection, please do not hesitate to contact us.

Analysis tools and third-party tools

When visiting this website, your surfing behavior may be statistically analyzed. This is primarily undertaken with what are known as analysis programs. 

Detailed information about these analysis programs can be found in the following Privacy Policy.

 

2. Hosting

 

IONOS

We host our website with IONOS SE. The provider is IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany (hereinafter: IONOS). When your visit our website, IONOS collects different log files including your IP addresses. For details, refer to the IONOS Privacy Policy: https://www.ionos.de/terms-gtc/terms-privacy.

IONOS is used on the basis of art. 6(1)(f) GDPR. We have a legitimate interest in ensuring that our website is presented as reliably as possible. If a corresponding consent was requested, the processing is based exclusively on art. 6(1)(a) GDPR; consent can be revoked at any time.

Data processing

We have concluded a data processing agreement (AVV) with the provider given above. This is a contract required by data protection law, which ensures that this processes the personal data of our website visitors only according to our instructions and in compliance with GDPR.

 

3. General notices and mandatory information

 

Data protection

The operators of this website take the protection of your personal information very seriously. We will handle your personal data confidentially, in accordance with statutory privacy regulations and this Privacy Policy.

When you use this website, various personal data are collected. Personal data are data with which you can be personally identified. This Privacy Policy explains which data are collected and what we use them for. It also explains how and for what purpose this takes place.

We would like to emphasize that data transfer over the Internet may entail security loopholes (e.g. email communication). It is not possible to provide full data protection from third party access.

Information on the responsible body

The responsible body for data processing on this website is:

Areus GmbH
Einsteinstraße 13
71083 Herrenberg Germany

Telephone: +49 (0)7032 32098-0
Email: info@areus.de

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).

Retention period

Unless a more specific retention period has been specified within this Privacy Policy, we shall retain your personal data until the purpose for processing the data no longer applies. If you assert a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, the data will be deleted once these reasons no longer apply.

Data Protection Officer

We have appointed a Data Protection Officer for our company.

secopan gmbh
Am Schönblick 14
71229 Leonberg, Germany

Telephone: +49 (0)7152 56958-0
Email: datenschutz@secopan.de

Information on data transfer to the USA and other third countries

Among other things, we use tools from companies based in the USA or other third countries that are not secure under data protection law. If these tools are active, your personal data may be transferred to these third countries and processed there. We would like to point out that no level of data protection comparable to that in the EU can be guaranteed in these countries. For example, US companies are obliged to hand over personal data to security authorities without you as a data subject being able to take legal action against this. Therefore, it cannot be ruled out that US authorities (e.g. intelligence services) may process, evaluate and permanently store your data located on US servers for monitoring purposes. We have no influence on these processing activities.

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You may revoke your given consent at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to object to data collection in special cases and to direct marketing (art. 21 GDPR)

IF THE DATA PROCESSING IS CARRIED OUT ON THE BASIS OF ART. 6 (1) (E) OR (F) GDPR , YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE SHALL CEASE PROCESSING YOUR PERSONAL DATA, UNLESS WE CAN PROVIDE COMPELLING REASONS FOR ITS PROCESSING WORTHY OF PROTECTION, WHICH OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS OR IF THE PROCESSING SERVES TO ASSERT, EXERCISE OR DEFEND LEGAL CLAIMS (OBJECTION PURSUANT TO ART: 21 (1) GDPR). IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF SUCH PERSONAL DATA FOR THE PURPOSE OF SUCH MARKETING; THIS ALSO APPLIES TO PROFILING INSOFAR AS IT IS ASSOCIATED WITH SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR THE PURPOSE OF DIRECT MARKETING (OBJECTION PURSUANT TO ART. 21 (2) GDPR).

Right to appeal to the responsible regulatory authority

In the event of breaches of the GDPR, data subjects shall have a right of appeal to a regulatory authority, in particular in the Member State of their usual residence, their place of work or the place of the alleged breach. The right of appeal is without prejudice to any other administrative or judicial remedy.

Right to data transferability

You have the right to have data that we process automatically on the basis of your consent or in performance of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible party, this will only be carried out insofar as it is technically feasible.

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Information, deletion and correction

Within the context of applicable legal provisions, you have the right to access any information saved about your person free of charge at any time, including the origin and recipients of such data, and the purpose of the data processing, and the right to the correction or deletion of this data. If you have any queries in this respect or any on personal data, please do not hesitate to contact us. 

Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. If you have any queries, please do not hesitate to contact us. The right to restrict processing exists in the following cases:

  • If you dispute the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the review, you have the right to request the restriction of the processing of your personal data.
  • If the processing of your personal data happened/is happening unlawfully, you may request the restriction of data processing instead of data deletion.
  • If we no longer need your personal data, but you need it to exercise, defend or assert legal claims, you have the right to request restriction of the processing of your personal data instead of data deletion.
  • If you have lodged an objection pursuant to art. 21(1) GDPR, your and our interests must be given due consideration. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.

If you have restricted the processing of your personal , such data, notwithstanding its storage, may only be processed with your consent or for the purpose of asserting, exercising or defending rights or protecting the rights of another natural or legal person or on grounds of an important public interest of the European Union or of a Member State.

Objection to advertising emails

The use of contact data published within the scope of the obligation to provide an imprint for the purpose of sending advertising and information material not expressly requested is hereby prohibited. The website operators reserve the right to take legal action in the event of unsolicited advertising material being sent, for example, in spam mails.

 

 4. Data collection on this website

 

Cookies

Our websites use “cookies“. Cookies are small text files and cause no damage to your terminal device. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your terminal device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your terminal device until you delete them your self or they are automatically deleted by your web browser.

Cookies may also be partly stored on your terminal device by a third-party company when you enter our site (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for processing payment services).

Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies are used to evaluate user behavior or display advertising.

Cookies that are necessary to carry out the electronic communication process (necessary cookies) or to provide certain functions that you have requested (functional cookies, e.g. for the shopping cart function) or to optimize the website (e.g. cookies for measuring the web audience) , are stored on the basis of art. 6(1)(f) GDPR unless another legal basis is specified. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies has been requested, the storage of the cookies in question is based exclusively on this consent (art. 6(1)(a) GDPR); consent can be revoked at any time.

However, you can set your browser to inform you when cookies are to be used and to allow you to decide on their use in each case, accept cookies only in certain instances or exclude them in general; you can also activate the function that automatically deletes the cookies when you close the browser. Deactivating cookies may restrict the functionality of this website.

If cookies are used by third-party companies or for analysis purposes, we will inform you about this separately within the framework of this Privacy Policy and, if necessary, request your consent.

Consent with Borlabs’ cookie

Our website uses Borlabs cookie consent technology to obtain your consent to the storage of certain cookies in your browser or to the use of certain technologies and to document this in accordance with data protection law. This technology is provided by Borlabs – Benjamin A. Bornschein, Rübenkamp 32, 22305 Hamburg, Germany (hereinafter Borlabs).

When you enter our website, a Borlabs cookie is stored in your browser, which stores the consents you have given or revoked. These data are not passed onto the provider of the Borlabs cookie.

The collected data are stored until you request that we delete them or delete the Borlabs cookie yourself, or until the purpose for storing the data no longer applies. Any legal obligation to retention remains unaffected. Details on data processing of Borlabs cookie can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.

Borlabs cookie consent technology is used to obtain the legally required consents for the use of cookies. The legal basis for this is set out in art. 6(1)(c) GDPR.

Server log files

The website provider collects and automatically saves information in server log files, which your browser automatically transmits to us. These are:

  1. Browser type and browser version
  2. Operating system used
  3. Referrer URL
  4. Host name of the requesting computer
  5. Time of the server request
  6. IP address
  7. This data will not be collated with other data sources. 

These data are collected on the basis of art. 6(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website—for this purpose, the server log files must be captured.

Request by email, telephone or fax

If you contact us by email, telephone or fax, your inquiry including all resulting personal data (name, inquiry) will be stored and processed by us for the purpose of processing your request. We do not share this data without your consent.

The processing of these data is based on art. 6(1)(b) GDPR, if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the requests sent to us (art. 6(1)(f) GDPR) or upon your consent (art. 6(1)(a) GDPR) if this has been requested.

The data you send to us via contact requests will remain with us until you request its deletion, revoke your consent to its storage or the purpose for storing the data no longer applies (e.g. after your request has been processed). Mandatory legal provisions—in particular legal retention periods—remain unaffected.

 

5. Analysis tools and advertising

 

Google DoubleClick

This website uses features from Google DoubleClick. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as “DoubleClick”). 

DoubleClick is used to show you interest-based advertisements throughout the Google advertising network. The advertisements can be adapted strategically to the respective viewer’s interests with the aid of DoubleClick. For example, this allows our advertising to show in Google search results or in advertising banners connected with DoubleClick.

To be able to display interest-based advertising to users, DoubleClick must be able to recognize the respective viewer and assign to him or her the web pages visited, clicks and other information on user behavior. For this purpose, DoubleClick uses cookies or comparable recognition technologies (e.g. device fingerprinting). The information collected is combined into a pseudonymous user profile in order to display interest-based advertising to the relevant user.

Google DoubleClick is used in the interest of providing targeted advertising. This is a legitimate interest in accordance with art. 6(1)(f) GDPR. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is based exclusively on art. 6(1)(a) GDPR; consent can be revoked at any time.

For more information on how to object to the advertisements displayed by Google, please see the following links:

https://policies.google.com/technologies/ads
https://adssettings.google.com/authenticated.

 

6. Plugins and tools

 

YouTube with extended data protection

This website embeds TouTube videos. The operator of these sites is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube in extended data protection mode. According to YouTube, this mode ensures that YouTube stores no information about visitors to this website before they view the video . However, the transfer of data to YouTube partners is not necessarily excluded by the extended data protection mode. This is how YouTube–regardless of whether you watch a videoor not–establishes a connection with the Google DoubleClick network.

When you start a YouTube video on this website, a connection is established with the YouTube servers. In the process, the YouTube server is informed about which of our pages you have visited. If you are logged into your YouTube account, this allows YouTube to allocate your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

Furthermore, YouTube may store different cookies on your terminal device once you start watching a video or use comparable recognition technologies (e.g. device fingerprinting). In this way, YouTube can obtain information about visitors to this website. This information is used, for example, to collect video statistics, improve the user experience, and prevent fraud attempts.

Other data processing operations may be triggered after the start of a YouTube video, over which we have no control. 

YouTube is used in the interest of providing an appealing presentation of our online offerings. This is a legitimate interest in accordance with art. 6(1)(f) GDPR. If a corresponding consent was requested, the processing is based exclusively on art. 6(1)(a) GDPR; consent can be revoked at any time.

More information about data protection on YouTube can be found in its Privacy Statement at: https://policies.google.com/privacy?hl=de.

 

Google web fonts

For the uniform display of fonts, this site uses web fonts provided by Google. When you call up a site, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.

For this purpose, the browser you are using must connect with Google’s servers. This enables Google to know that this website has been accessed via your IP address. Google web fonts are used on the basis of art. 6(1)(f) GDPR. The website operator has a legitimate interest in the uniform presentation of the typeface on its website. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is based exclusively on art. 6(1)(a) GDPR; consent can be revoked at any time.

If your browser does not support web fonts, a default font is used by your computer.

Find further information about Google web fonts at: https://developers.google.com/fonts/faq and in Google’s Privacy Policy: https://policies.google.com/privacy?hl=de

Google Maps

This site uses the map service Google Maps. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland

To use the functions of Google Maps, it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no control over this data transmission. If Google Maps is activated, Google may use Google web fonts for the purpose of uniform display of fonts. When you call up Google Maps, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.

Google Maps is used in the interest of providing an attractive presentation of our online offerings and making it easy to find the places we indicate on the website. This is a legitimate interest in accordance with art. 6(1)(f) GDPR. If a corresponding consent was requested, the processing is based exclusively on art. 6(1)(a) GDPR; consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Find more details here:
https://privacy.google.com/businesses/gdprcontrollerterms/ 
https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

More information on the handling of user data can be going on Google’s Privacy Policy at:
https://policies.google.com/privacy?hl=de.

 

7. Own services

Handling of applicants’ data

We invite you to apply for a job with us (e.g. by email, post or using the online application form). Below, we will inform you about the scope, purpose and use of your personal data collected as part of the application process. We assure you that the collection, processing and use of your data will be carried out in accordance with applicable data protection law and all other statutory provisions and that your data will be treated in strict confidence.

Scope and purpose of data collection

When you send us an application, we process your associated personal data (e.g. contact and communication data, application documents, notes taken during interviews, etc.) to the extent that this is necessary to decide about establishing an employment relationship with you. The legal basis for this is Section 26 of the Federal Data Protection Act (BDSG) under German law (initiation of an employment relationship), art. 6(1)(b) GDPR (general contract initiation) and—if you have given your consent—art. 6(1)(a) GDPR. Consent can be revoked at any time. Your personal data will only be passed on within our company to persons who are involved in processing your application.

If your application is successful, the data you provided will be stored in our data processing systems on the basis of Section 26 Federal Data Protection Act and art. 6(1)(b) GDPR for the purpose of conducting the employment relationship.

Data retention period

If we are unable to make you a job offer, if you reject a job offer or withdraw your application, we reserve the right to retain the data you have submitted for up to six months from the end of the application process (rejection or withdrawal of the application) on the basis of our legitimate interests (art. 6(1)(f) GDPR). The data will subsequently be deleted and the physical application documents destroyed. This storage serves in particular as evidence in the event of a legal dispute. If it is apparent that the data will be required after the six-month period has expired (e.g. due to an impending or pending legal dispute), the data will not be deleted until the purpose for continued storage no longer applies.

Longer storage may also take place if you have given your consent (art. 6(1)(a) GDPR) or if legal retention obligations prevent deletion.

Acceptance into the pool of applicants

If we do not make you a job offer, we may be able to include you in our pool of applicants. If you are accepted, all documents and information from your application will be transferred to the applicant pool in order to contact you in the event of suitable vacancies.

Inclusion in the applicant pool is based exclusively on your express consent (art. 6(1)(a) GDPR). The provision of consent is voluntary and is not related to the current application process. The data subject may revoke his/her consent at any time. In this case, the data from the applicant pool will be irrevocably deleted, unless there are legal reasons for retention.

The data from the applicant pool will be irrevocably deleted no later than one year after consent has been given.