skip to Main Content

Website data protection statement and information for data subjects pursuant to Article 13 and Article 14 of the EU General Data Protection Regulation

General information

Information about the data controller:             Stefan Hoffmann
Company:                                                                ISOG Technology GmbH
Legal representative:                                             Martin Sackmann
Address:                                                                   Am Weidenbach 3, 82362 Weilheim
Contact details for data protection officer:       aumiller@iitr.de

General information about data processing
Data in question:
Personal data is only collected if you provide it yourself. No other personal data is collected. Any processing of your personal data beyond the scope of statutory permissions occurs only when you provide your express consent.

Processing purpose:                                            Execution of contract.
Recipient categories:                                           Public bodies where overriding legal provisions exist.
External service providers or other contractors.
Other external bodies insofar as the data subject has given his or her express consent or if transmission is permitted for reasons of overriding interest.

Transmission to third countries:                      Contractors outside the European Union may also be involved in the execution of the contract.
Duration of data retention:                                How long data is retained for depends on the statutory retention policies and is usually 10 years.

Specific information about the Website

Facebook “Like” button
This website uses social plug-ins provided by the social network Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). When you access a page of our website that contains such a plug-in, data about your user behaviour is automatically transferred to the Facebook server. The website operator has no influence over the type or extent of data collected and transferred to Facebook. If you are logged into Facebook, Facebook can assign your visit to your Facebook account. Further information about data protection on Facebook can be found at http://www.facebook.com/policy.php.

Facebook

Description and scope of data processing
For the purposes of our legitimate interests, we use social plug-ins (“plug-ins”) provided by the social network facebook.com, which is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”).
The plug-ins may encompass interactive elements or content (e.g. videos, graphics or text) and are designated with a Facebook logo (white “f” on a blue tile, the words “like” or a “thumbs-up” sign) or the words “Facebook Social Plugin”. An overview of Facebook plug-ins and what they look like can be found here: https://developers.facebook.com/docs/plugins/.
Facebook has certified to the Privacy Shield Frameworks, thus offering a guarantee that it will comply with European data protection regulations
(https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
When a user accesses a function in this website that contains this kind of plug-in, his or her device establishes a direct connection to the Facebook servers. Facebook directly transfers the plug-in content to the user’s device and embeds the content into the website. This enables Facebook to create a user profile based on the data processed. We therefore have no influence over the extent of data collected by Facebook using this plug-in, and will inform the user according to our state of knowledge.
In the process of embedding the plug-in, Facebook is informed that a user has accessed the corresponding page of the website. If the user is logged into Facebook, Facebook can assign the visit to the person’s respective Facebook account. When users interact with the plug-ins, for example by clicking the “Like” button or leaving a comment, Facebook assigns this information to the personal Facebook user account of the person concerned and stores this personal data. Even if the user is not a member of Facebook, there is still a possibility that Facebook will learn and store this person’s IP address. According to Facebook, only anonymous IP addresses are stored in Germany.

Legal basis for data processing
Article 6 Para 1 lit. f GDPR serves as the legal basis for the processing of personal data of the user.

Purpose of data processing
Data is processed for the purposes of our legitimate interests i.e. in the analysis, optimization and economic operation of our websites.
For further information about the purpose and scope of the data collection and how Facebook processes and uses data, as well as information about the user’s rights and privacy settings, please refer to Facebook’s data use policy: https://www.facebook.com/about/privacy/.

Duration of retention
Data is deleted as soon as it is no longer required for the fulfilment of the determined purpose.

Right to object and right to erasure
If a user is not a member of Facebook and does not want Facebook to collect data about him or her via this website or to connect the data concerning his or her visit with their member data already stored by Facebook, he or she must log out of Facebook and delete the cookies before visiting our websites.
Other settings and ways to object to the use of data for advertising purposes can be found in Facebook’s profile settings: https://www.facebook.com/settings?tab=ads or via the US site http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/. The settings are platform-independent i.e. they are transferred for all devices such as desktop computers and mobile devices.

LinkedIn

Description and scope of data processing
For the purposes of our legitimate interests, we use components of the LinkedIn service, which is operated by the LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA (“LinkedIn”).

LinkedIn is an internet-based social network that enables users to connect to existing business contacts and make new business contacts.

Every time one of our website pages is visited, on which a LinkedIn component (LinkedIn plug-in) has been integrated, this component causes the browser used by the person concerned to download a corresponding representation of the LinkedIn component.
Further information about LinkedIn plug-ins can be viewed at https://developer.linkedin.com/plugins. As part of this technical process, LinkedIn is informed about which specific subpage of our website has been visited by the data subject.
If the data subject is simultaneously logged into LinkedIn, LinkedIn recognizes which specific subpage of the website the person visits each time they visit the website and for the entire duration of the respective stay on the website. This information is collected by the LinkedIn component and assigned by LinkedIn to the respective LinkedIn account of the data subject. If the data subject clinks a LinkedIn button integrated on our website, LinkedIn assigns this information to the personal LinkedIn user account of the data subject and stores this personal data.

LinkedIn receives information via the LinkedIn component that the data subject has visited our website whenever the person concerned is logged in to LinkedIn at the same time as accessing our website; this takes place regardless of whether the person concerned clicks on the LinkedIn component or not. If the data subject does not wish this information to be transferred to LinkedIn in this manner, he or she may prevent such transmission by logging out of his or her LinkedIn account before visiting our internet pages.

Legal basis for data processing
Article 6 Para 1 lit. f GDPR serves as the legal basis for the processing of personal data of the user.

Purpose of data processing
Data is processed for the purposes of our legitimate interests i.e. in the analysis, optimization and economic operation of our websites.
For further information about the purpose and scope of the data collection and how LinkedIn processes and uses data, please refer to LinkedIn’s data protection policy at https://www.linkedin.com/legal/privacy-policy. LinkedIn’s guidelines on cookie usage is available at  https://www.linkedin.com/legal/cookie-policy.

Duration of retention
Data is deleted as soon as it is no longer required for the fulfilment of the determined purpose.

Right to object and right to erasure
If a user is also a LinkedIn user and does not want LinkedIn to collect data about him or her via this website or to connect this to the user data already stored by LinkedIn, he or she must log out of LinkedIn and delete the cookies before visiting our websites.
Visit https://www.linkedin.com/psettings/guest-controls to unsubscribe to emails, text messages and targeted advertising and to manage your advertising settings.
LinkedIn works with partners who may use cookies, like Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua and Lotame. These cookies may be disabled at  https://www.linkedin.com/legal/cookie-policy.
LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible for data protection matters outside the USA.

XING

Description and scope of data processing
For the purposes of our legitimate interests, we use components provided by the service provider XING, operated by XING AG, Dammtorstraße 30, 20354 Hamburg, Germany (“Xing”).

Xing is an internet-based social network that enables users to connect to existing business contacts and make new business contacts. Individual users can set up their own personal profile on Xing. For example, companies can create company profiles or publish job vacancies on Xing.

Each time one of the pages of this website is visited, which is operated by the controller and on which a Xing component (Xing plug-in) has been integrated, the Internet browser on the IT system of the person concerned is automatically prompted by the respective Xing component to download a representation of the corresponding Xing component from Xing. For further information on Xing plug-ins, please refer to  https://dev.xing.com/plugins. As part of this technical process, Xing obtains information about which specific subpage the data subject has visited on our website. If the data subject is logged into Xing at the same time, Xing recognizes every visit to our website by the person and for the entire duration of the data subject’s session on our website which specific subpage is visited. This information is collected by the Xing component and assigned to the data subject’s respective Xing account by Xing. If the data subject clicks on one of the Xing buttons embedded on our website, for example the “Share” button, Xing will assign this information to the personal Xing user account belonging to the data subject and stored by Xing.

Xing receives information via the Xing component that the person has visited our website whenever the person concerned is logged in to Xing at the same time as accessing our website; this takes place regardless of whether the person clicks on the Xing component or not. If the data subject does not wish this information to be transferred to Xing in this manner, he or she may prevent such transmission by logging out of his or her Xing account before visiting our internet pages.

Legal basis for data processing
Article 6 Para 1 lit. f GDPR serves as the legal basis for the processing of personal data of the user.

Purpose of data processing
Data is processed for the purposes of our legitimate interests i.e. in the analysis, optimization and economic operation of our websites.
For further information about the purpose and scope of the data collection and how Xing processes and uses data, please refer to https://www.xing.com/privacy. Information on data protection aspects relating to the Xing share button can also be found at https://www.xing.com/app/share?op=data_protection.

Duration of retention
Data is deleted as soon as it is no longer required for the fulfilment of the determined purpose.

Right to object and right to erasure
If a user is also a Xing user and does not want Xing to collect data about him or her via this website or to connect this to the user data already stored by Xing, he or she must log out of LinkedIn and delete the cookies before visiting our websites.
Xing offers the option of objecting to a web analysis at https://nats.xing.com/optout.html?popup=1&locale=de_DE. Further opt-out options pertaining to Xing can be found at https://www.xing.com/privacy.

YouTube

Description and scope of data processing
For the purposes of our legitimate interests, we use components provided by the service YouTube, operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA (“YouTube”).
YouTube is an internet video portal that allows video publishers to post video clips free of charge and other users to view, rate and comment on them, also free of charge. YouTube allows the publication of all kinds of videos, which is why complete film and television programs, but also music videos, trailers or videos produced by users themselves can be called up via the internet portal.
Each time one of the pages of this website is visited, which is operated by the controller and on which a YouTube component (YouTube video) has been integrated, the internet browser on the IT system of the person concerned is automatically prompted by the respective YouTube component to download a representation of the corresponding YouTube component from YouTube. For more information about YouTube, please refer to  https://www.youtube.com/yt/about/de/. As part of this technical process, YouTube and Google are informed about which specific subpage of our website has been visited by the data subject.
If the data subject is simultaneously logged into YouTube, YouTube recognizes which specific subpage of our website the person is visiting when calling up a subpage containing a YouTube video This information is collected by YouTube and Google and assigned to the respective YouTube account of the data subject.
If the data subject is logged into YouTube at the time of visiting our website, YouTube and Google are notified about the data subject’s visit to our website via the YouTube component; regardless of whether or not the data subject clicks on the YouTube component. If the data subject does not wish this information to be transferred to YouTube and Google in this manner, he or she may prevent such transmission by logging out of their YouTube account before visiting our internet pages.

Legal basis for data processing
Article 6 Para 1 lit. f GDPR serves as the legal basis for the processing of personal data of the user.

Purpose of data processing
Data is processed for the purposes of our legitimate interests i.e. in the analysis, optimization and economic operation of our websites.
For further information about the purpose and scope of the data collection and how YouTube processes and uses data, please refer to YouTube’s data protection policy at https://www.google.de/intl/de/policies/privacy/.

Duration of retention
Data is deleted as soon as it is no longer required for the fulfilment of the determined purpose.

Right to object and right to erasure
If a user is also a YouTube user and does not want YouTube to collect data about him or her via this website or to connect this to the user data already stored by YouTube, he or she must log out of YouTube and delete the cookies before visiting our websites.
YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. Accordingly it could become necessary for the user to log out of a possible user account of the company Google Inc. and delete the cookies.
Visit https://www.google.de/settings/ads/authenticated for the option of objecting to targeted Advertising.

Handling business cards

In handing over or exchanging business cards, you share personal data with us, such as phone number and email address. We use this data exclusively for the purpose of remaining in contact with you. Furthermore, we forward additional information about our services. If you do not purchase any products or services from our range, we will delete your contact details upon request.You have the right to access your data, delete it or correct it at any time.

Forwarding personal data to third party customs, waybills, etc.:
In respect of forwarding data to recipients outside our company, it must be observed, first of all, that we only forward the personal data that is required in compliance with the data protection regulations in force. In the course of the contractual process, we are required to forward personal data to third parties, such as generating waybills, customs export declarations and taking out transport insurance policies.
We also call in our local distributor who is responsible for you, to whom we forward your data for the purpose of further processing, in order to offer you a relevant range of services.
The documents are deleted or destroyed in accordance with statutory retention obligations, which is usually a period of 10 years. In this context, please note, with reference to the AEO (Authorised Economic Operator), that your personal data is subject to Pre-Employment Screening.

Using our own cookies
This website uses its own cookies in order to enhance user-friendliness. (“Cookies” are data files sent by the web server to the user’s browser and stored there for retrieval at a later time). Absolutely no personal data is stored in our own cookies. You may prevent the use of cookies in general by forbidding cookies to be stored in your browser.

Information about additional data processing procedures
Specific information about application processes

Data in question:                              Application information
Processing purpose:                        Execution of application processes
Recipient categories:                       Public bodies if overriding legal provisions exist.
External service providers or other contractors.
Other external bodies insofar as the data subject has given his or her express consent or if transmission is permitted for reasons of overriding interest.
Transmission to third countries:  Contractors outside the European Union may also be involved in the execution of the contract.
Duration of data retention:            Application data is usually deleted six months after the decision has been announced, unless consent has been given for data to be stored for longer.

Specific information about processing customer data/data of prospective customers
Data in question:                             Data communicated for the execution of the contract; if necessary, additional data for processing on the basis of your express consent.
Processing purpose:                        Execution of contract.
Recipient categories:                       Public bodies if overriding legal provisions exist.
External service providers or other contractors.
Other external bodies insofar as the data subject has given his or her express consent or if transmission is permitted for reasons of overriding interest.
Transmission to third countries:  Contractors outside the European Union may also be involved in the execution of the contract.
Duration of data retention:            How long data is retained for depends on the statutory retention policies and is usually 10 years

Specific information on processing employee data

Data in question:                             Data communicated for the execution of the contract; if necessary, additional data for processing on the basis of your express consent.
Processing purpose:                       Execution of contract.
Recipient categories:                      Public bodies where overriding legal provisions exist.
External service providers or other contractors.
Other external bodies insofar as the data subject has given his or her express consent or if transmission is permitted for reasons of overriding interest.
Transmission to third countries: Contractors outside the European Union may also be involved in the execution of the contract.
Duration of data retention:            How long data is retained for depends on the statutory retention policies and is usually 10 years.

Further information and contact details
In addition, you may assert your right to correct or delete your data, to restrict processing, to exercise your right to object against processing as well as the right to data transmissibility at any time. Here you will find the option to contact us by email at datenschutz@isog-technology.com. You also have the right to contact the data protection supervisory authority in the case of any complaints.