1. data protection at a glance
General information
The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data is any data that can be used to identify you personally. Detailed information on the subject of data protection can be found in our data protection declaration listed below this text.
Data collection on our website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find the operator’s contact details in the legal notice of this website.
How do we collect your data?
On the one hand, your data is collected when you provide it to us. This may, for example, be data that you enter in a contact form.
Other data is collected automatically by our IT systems when you visit the website. This is primarily technical data (e.g. internet browser, operating system or time of page view). This data is collected automatically as soon as you enter our website.
What do we use your data for?
Some of the data is collected to ensure that the website is provided without errors. Other data can be used to analyze your user behavior.
What rights do you have with regard to your data?
You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction, blocking or deletion of this data. You can contact us at any time at the address given in the legal notice if you have any further questions on the subject of data protection. You also have the right to lodge a complaint with the competent supervisory authority.
You also have the right to request the restriction of the processing of your personal data under certain circumstances. For details, please refer to the privacy policy under “Right to restriction of processing”.
Analysis tools and third-party tools
When you visit our website, your surfing behavior may be statistically evaluated. This is mainly done using cookies and so-called analysis programs. The analysis of your surfing behavior is usually anonymous; the surfing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. Detailed information on this can be found in the following privacy policy.
You can object to this analysis. We will inform you about the objection options in this privacy policy.
2 General notes and mandatory information
Data protection
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.
When you use this website, various personal data is collected. Personal data is data that can be used to identify you personally. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.
We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.
Information on the responsible body
The responsible body for data processing on this website is
VIAREALIS® GmbH
Managing Director: Falko Glaser
Naumannstraße 1a
D-01309 Dresden
Telephone: 0351 – 44 69 80
E-mail: info@viarealis.de
The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).
Revocation of your consent to data processing
Many data processing operations are only possible with your express consent. You can withdraw your consent at any time. All you need to do is send us an informal e-mail. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Right to object to the collection of data in special cases and to direct marketing (Art. 21 GDPR)
If data processing is carried out on the basis of Art. 6 para. 1 lit. e or f GDPR, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation; this also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this privacy policy. If you object, we will no longer process your personal data concerned unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defense of legal claims (objection pursuant to Art. 21 (1) GDPR).
If your personal data are processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is associated with such direct marketing. If you object, your personal data will subsequently no longer be used for the purpose of direct marketing (objection pursuant to Art. 21 (2) GDPR).
Right to lodge a complaint with the competent supervisory authority
In the event of infringements of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, place of work or place of the alleged infringement. The right to lodge a complaint is without prejudice to any other administrative or judicial remedy.
Right to data portability
You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a commonly used, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Information, blocking, deletion
You have the right to free information about your stored personal data, its origin and recipients and the purpose of the data processing and, if applicable, a right to correction, blocking or deletion of this data at any time within the framework of the applicable legal provisions. You can contact us at any time at the address given in the legal notice if you have further questions on the subject of personal data.
Objection to advertising emails
We hereby object to the use of contact data published as part of our duty to provide a legal notice for the purpose of sending unsolicited advertising and information material. The operators of this website expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.
Right to restriction of processing
You have the right to request the restriction of the processing of your personal data. To do so, you can contact us at any time at the address given in the legal notice. The right to restriction of processing exists in the following cases:
If you dispute the accuracy of your personal data stored by us, we generally need time to check this. You have the right to request the restriction of the processing of your personal data for the duration of the review.
If the processing of your personal data was/is carried out unlawfully, you can request the restriction of data processing instead of erasure.
If we no longer need your personal data, but you need it for the exercise, defense or assertion of legal claims, you have the right to request the restriction of the processing of your personal data instead of deletion.
If you have lodged an objection pursuant to Art. 21 (1) GDPR, a balance must be struck between your interests and ours. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, this data – apart from its storage – may only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.
3. data protection officer
Statutory data protection officer
We have appointed a data protection officer for our company.
IfDDS GmbH
DPO: Jens-Uwe Viehrig
Dresdener Straße 58 a
01156 Dresden
Telephone: 0351 – 27579057
E-mail: viarealis@ifdds.eu
4. data collection on our website
Cookies
Some of the Internet pages use so-called cookies. Cookies do not damage your computer and do not contain viruses. Cookies are used to make our website more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are so-called “session cookies”. They are automatically deleted at the end of your visit. Other cookies remain stored on your end device until you delete them. These cookies enable us to recognize your browser on your next visit.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.
Cookies that are required to carry out the electronic communication process or to provide certain functions that you have requested (e.g. shopping cart function) are stored on the basis of Art. 6 para. 1 lit. a GDPR. 1 lit. f GDPR is stored. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimized provision of its services. Insofar as other cookies (e.g. cookies to analyze your surfing behavior) are stored, these are treated separately in this privacy policy.cookie settings
Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are
Browser type and browser version
Operating system used
Referrer URL
Host name of the accessing computer
Time of the server request
IP address
This data is not merged with other data sources.
The basis for data processing is Art. 6 para. 1 lit. f GDPR, which permits the processing of data for the performance of a contract or pre-contractual measures.
Contact form
If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We will not pass on this data without your consent.
The data entered in the contact form is therefore processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. All you need to do is send us an informal email. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Mandatory statutory provisions – in particular retention periods – remain unaffected.
Inquiry by e-mail, telephone or fax
If you contact us by e-mail, telephone or fax, your inquiry, including all resulting personal data (name, inquiry), will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.
This data is processed on the basis of Art. 6 para. 1 lit. b GDPR, provided that your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on your consent (Art. 6 para. 1 lit. a GDPR) and / or on our legitimate interests (Art. 6 para. 1 lit. f GDPR), as we have a legitimate interest in the effective processing of the requests addressed to us.
The data you send to us via contact requests will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.
Processing of data (customer and contract data)
We collect, process and use personal data only insofar as it is necessary for the establishment, content or modification of the legal relationship (inventory data). This is done on the basis of Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures. We collect, process and use personal data about the use of our website (usage data) only insofar as this is necessary to enable or charge the user for the use of the service.
The customer data collected will be deleted after completion of the order or termination of the business relationship. Statutory retention periods remain unaffected.
Cerber Security, Antispam & Malware Scan Plugin
We use the service “Cerber Security, Antispam & Malware Scan”, which is offered by Cerber Tech Inc. New York, NY, 1732 1st Ave, 10128, USA. The security plugin blocks intruders via IP or subnet and protects against further attempts when a specified limit of retries is reached. This makes brute force attacks or distributed brute force attacks by botnets impossible. It is also possible to block or allow logins from certain IP addresses by creating an IP blacklist or whitelist. (More information about the functions can be found at: https://wpcerber.com/). According to the provider, no data is collected or processed in this context – neither by the services nor by the software offered.
Further information on the collection and use of data by “Cerber Security, Antispam & Malware Scan” can be found in Cerber’s privacy policy: https://wpcerber.com/privacy-policy/
5. analysis tools and advertising
Google Analytics
This website uses functions of the web analysis service Google Analytics. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and enable your use of the website to be analyzed. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.
The storage of Google Analytics cookies and the use of this analysis tool are based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising.
IP anonymization
We have activated the IP anonymization function on this website. This means that your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
Browser plugin
You can prevent the storage of cookies by selecting the appropriate settings in your browser software; however, please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.
Objection to data collection
You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this website:Cookie settings
You can find more information on how Google Analytics handles user data in Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.
Order processing
We have concluded an order processing contract with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
Demographic characteristics in Google Analytics
This website uses the “demographic characteristics” function of Google Analytics. This allows reports to be created that contain statements about the age, gender and interests of site visitors. This data comes from interest-based advertising from Google and from visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as described in the section “Objection to data collection”.
Google AdWords and Google Conversion Tracking
This website uses Google AdWords. AdWords is an online advertising program of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”).
As part of Google AdWords, we use what is known as conversion tracking. When you click on an ad placed by Google, a cookie is set for conversion tracking. Cookies are small text files that the Internet browser stores on the user’s computer. These cookies lose their validity after 30 days and are not used to personally identify the user. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to this page.
Each Google AdWords customer receives a different cookie. The cookies cannot be tracked via the websites of AdWords customers. The information collected using the conversion cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users. If you do not wish to participate in tracking, you can object to this use by easily deactivating the Google conversion tracking cookie via your Internet browser under user settings. You will then not be included in the conversion tracking statistics.
The storage of “conversion cookies” and the use of this tracking tool are based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising.
You can find more information about Google AdWords and Google Conversion Tracking in Google’s privacy policy: https://policies.google.com/privacy?hl=de.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.
Leadinfo
We use the lead generation service of Leadinfo B.V., Rotterdam, Netherlands. This recognizes visits from companies to our website based on IP addresses and shows us publicly available information, such as company names or addresses. In addition, Leadinfo sets two first-party cookies to evaluate user behavior on our website and processes domains from form entries (e.g. “leadinfo.com”) in order to correlate IP addresses with companies and improve services. Further information can be found at www.leadinfo.com. On this page: www.leadinfo.com/en/opt-out you have an opt-out option. If you opt out, your data will no longer be collected by Leadinfo.
Mouseflow
What information is collected?
If you visit a website that uses Mouseflow, this information is collected:
– Clicks, mouse movements, hovering, scrolling
– Browser
– Device (desktop/tablet/mobile)
– Language
– Operating system
– Screen resolution
– Duration of visit
– Navigation (URLs)
– Page content (HTML)
– ISP & location (city, state/region, country)
– Keyboard entries (only for non-EU/EEA data subjects in non-EU/EEA accounts and never for passwords, numbers or excluded fields.
– Referrer URL
– Visitor type (first-time visitor/returner)
– Individual tags or variables
– Answers in the feedback tool
The data is stored for 1-12 months depending on the customer’s plan.
What can I do?
Data access
If you would like a copy of your data*, please contact the operator of the website on which the data was collected (the data controller). If they are unable to process the request or do not respond within a reasonable time, please contact us at datenschutz@mouseflow.com.
Data correction
If you wish to correct your data*, please contact the operator of the website on which the data was collected/collected (the data controller). If they are unable to process the request or do not respond within a reasonable time, please contact us at datenschutz@mouseflow.com.
Data deletion
If you wish to have your data* deleted, please contact the operator of the website on which the data was collected (the data controller). If they are unable to process the request or do not respond within a reasonable time, please contact us at datenschutz@mouseflow.com.
Revocation of consent
If you have given consent for information to be processed by Mouseflow (in our feedback widget) and wish to withdraw this consent, please contact the operator of the website on which the data was collected (the data controller) and us at datenschutz@mouseflow.com.
Opt Out
If you do not wish to be tracked, you can use the following opt-out:
mouseflow.com/en/opt-out/ By using the opt-out, a corresponding cookie is set on your device until it is deleted.
* Our customers are contractually obliged not to collect any personally identifiable data. Therefore, the data stored by Mouseflow is generally anonymous. This could change your rights above and/or limit our ability to provide, correct or delete your data as there is no way to associate it with you.
6. information on the processing of your personal data (for customers and interested parties)
We hereby inform you about the processing of your personal data by VIAREALIS® GmbH and the rights to which you are entitled under data protection law.
Who is responsible for data processing and who is the data protection officer?
The controller responsible for data processing is
VIAREALIS® GmbH
Managing Director: Falko Glaser
Naumannstraße 1a
D-01309 Dresden
Phone: +49 351 44 69 80
E-mail: info@viarealis.de
We have appointed a data protection officer for our company.
IfDDS GmbH
Jens-Uwe Viehrig
Strehlener Straße 14
01069 Dresden
Phone: +49 351 27 57 90 57
E-mail: viarealis@ifdds.eu
What categories of data do we use and where do they come from?
The categories of personal data processed include first name, surname, name affixes, contact details (address, [mobile] telephone number and e-mail address), date of birth, identification numbers (tax ID, ID card number, etc.), ownership characteristics and factual circumstances (land register entries, income, debts, capital assets, etc.) as well as bank data (account number, credit information, account balances, etc.).
As a rule, your personal data is collected directly from you as part of the contract initiation process.
We also process personal data that we have legitimately obtained from publicly accessible sources.
For what purposes and on what legal basis is data processed?
We process your personal data in compliance with the provisions of the EU General Data Protection Regulation (GDPR), the new version of the German Federal Data Protection Act (BDSG-neu) and all other relevant laws (e.g. UWG, DDG, etc.).
The primary purpose of data processing is to initiate and execute contracts. The primary legal basis for this is Art. 6 para. 1 lit. b GDPR.
In addition, our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR and, if applicable, your separate consents pursuant to Art. 6 para. 1 lit. a, 7 GDPR may be used as a data protection authorization provision. This includes marketing measures in particular.
If we wish to process your personal data for a purpose not mentioned above, we will inform you in advance.
Who receives your data?
Within our company, only those persons and departments receive your personal data who need it to fulfill contractual and legal obligations or who are entrusted with the corresponding fulfillment of the earmarked tasks.
In addition, we use various service providers to fulfill our contractual and legal obligations and the tasks assigned to us.
These can be, for example
Website hoster
Newsletter service provider
Hardware and software for order processing
Maintenance of printing and copying technology
Destruction of files and data carriers
Manufacturer of printed products
more
What data protection rights can you assert as a data subject?
You can request information about the personal data stored about you at the above address. In addition, under certain conditions, you can request the correction or deletion of your data. You may also have the right to restrict the processing of your data and the right to receive the data you have provided in a structured, commonly used and machine-readable format.
Right of objection
You have the right to object to the processing of your personal data for direct marketing purposes without giving reasons. If we process your data to protect legitimate interests, you can object to this processing on grounds relating to your particular situation. We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defense of legal claims.
Where can you complain?
You have the option of lodging a complaint with the data protection officer named above or with a data protection supervisory authority. The data protection supervisory authority responsible for us is
Saxon Data Protection Commissioner
Andreas Schurig
P.O. Box 12 00 16
01001 Dresden
How long will your data be stored?
We delete your personal data as soon as it is no longer required for the above-mentioned purposes. After termination of the contractual relationship, your personal data will be stored for as long as we are legally obliged to do so. This regularly results from legal obligations to provide evidence and retain data, which are regulated in the German Commercial Code and the German Fiscal Code, among others. The storage periods are up to ten years. In addition, personal data may be stored for the period during which claims can be asserted against us (statutory limitation period of three or up to thirty years). We also reserve the right to retain and process your personal data for a period of five years for marketing purposes and to initiate new contracts on the basis of legitimate interest. If no new contact is made during this period, your data will be deleted.
Are you obliged to provide your data?
As part of the execution of the contract, you must provide the personal data that is required for the establishment and execution of the contractual relationship and the fulfillment of the associated contractual obligations or that we are legally obliged to collect. Without this data, we will not be able to perform the contract with you.
7. information on the processing of your personal data (for suppliers, service providers and business partners)
We hereby inform you about the processing of your personal data by VIAREALIS® GmbH and the rights to which you are entitled under data protection law.
Who is responsible for data processing and who is the data protection officer?
The controller responsible for data processing is
VIAREALIS® GmbH
Managing Director: Falko Glaser
Naumannstraße 1a
D-01309 Dresden
Phone: +49 351 44 69 80
E-mail: info@viarealis.de
We have appointed a data protection officer for our company.
IfDDS GmbH
Jens-Uwe Viehrig
Strehlener Straße 14
01069 Dresden
Phone: +49 351 27 57 90 57
E-mail: viarealis@ifdds.eu
What categories of data do we use and where do they come from?
The categories of personal data processed include first name, surname, name affixes, contact details (address, [mobile] telephone number and e-mail address) of business partners, suppliers, service providers and their contact persons as well as employees and, if applicable, bank details.
As a rule, your personal data is collected directly from you as part of the contract initiation process.
We also process personal data that we have legitimately obtained from publicly accessible sources.
For what purposes and on what legal basis is data processed?
We process your personal data in compliance with the provisions of the EU General Data Protection Regulation (GDPR), the new version of the German Federal Data Protection Act (BDSG-neu) and all other relevant laws (e.g. UWG, DDG, etc.).
The primary purpose of data processing is to initiate and execute contracts. The primary legal basis for this is Art. 6 para. 1 lit. b GDPR.
In addition, our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR and, if applicable, your separate consents pursuant to Art. 6 para. 1 lit. a, 7 GDPR may be used as a data protection authorization provision. This includes marketing measures in particular.
If we wish to process your personal data for a purpose not mentioned above, we will inform you in advance.
Who receives your data?
Within our company, only those persons and departments receive your personal data who need it to fulfill contractual and legal obligations or who are entrusted with the corresponding fulfillment of the earmarked tasks.
In addition, we use various service providers to fulfill our contractual and legal obligations and the tasks assigned to us.
These can be, for example
Website hoster
Newsletter service provider
Hardware and software for order processing
Maintenance of printing and copying technology
Destruction of files and data carriers
Manufacturer of printed products
more
What data protection rights can you assert as a data subject?
You can request information about the personal data stored about you at the above address. In addition, under certain conditions, you can request the correction or deletion of your data. You may also have the right to restrict the processing of your data and the right to receive the data you have provided in a structured, commonly used and machine-readable format.
Right of objection
You have the right to object to the processing of your personal data for direct marketing purposes without giving reasons. If we process your data to protect legitimate interests, you can object to this processing on grounds relating to your particular situation. We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defense of legal claims.
Where can you complain?
You have the option of lodging a complaint with the data protection officer named above or with a data protection supervisory authority. The data protection supervisory authority responsible for us is
Saxon Data Protection Commissioner
Andreas Schurig
P.O. Box 12 00 16
01001 Dresden
How long will your data be stored?
We delete your personal data as soon as it is no longer required for the above-mentioned purposes. After termination of the contractual relationship, your personal data will be stored for as long as we are legally obliged to do so. This regularly results from legal obligations to provide evidence and retain records, which are regulated in the German Commercial Code and the German Fiscal Code, among others. The storage periods are then up to ten years. In addition, personal data may be retained for the period during which claims can be asserted against us (statutory limitation period of three or up to thirty years). We also reserve the right to retain and process your personal data for a period of 5 years for the purpose of initiating a new contract on the basis of legitimate interest. If no new contact is made during this time, your data will be deleted.
Are you obliged to provide your data?
As part of the execution of the contract, you must provide the personal data that is required for the establishment and execution of the contractual relationship and the fulfillment of the associated contractual obligations or that we are legally obliged to collect. Without this data, we will not be able to perform the contract with you.
To what extent do automated individual case decisions or profiling measures take place?
We use purely automated processing processes to make a decision – including profiling – on the establishment and performance of a contractual relationship in the following cases:
Credit checks
8. information on the processing of your personal data (for applicants)
Who is responsible for data processing and who is the data protection officer?
The controller responsible for data processing is
VIAREALIS® GmbH
Managing Director: Falko Glaser
Naumannstraße 1a
D-01309 Dresden
Phone: +49 351 44 69 80
E-mail: info@viarealis.de
We have appointed a data protection officer for our company.
IfDDS GmbH
Jens-Uwe Viehrig
Strehlener Straße 14
01069 Dresden
Phone: +49 351 27 57 90 57
E-mail: viarealis@ifdds.eu
What categories of data do we use and where do they come from?
We process the data that you have sent us in connection with your application in order to check your suitability for the position (or any other open positions in our companies) and to carry out the application process (e.g. first name, surname, name affixes, nationality, contact details such as private address, (mobile) telephone number, e-mail address). This may also include special categories of personal data such as health data.
Your personal data is generally collected directly from you as part of the recruitment process. In addition, we may have received data from third parties (e.g. recruitment agencies).
We also process personal data that we have legitimately obtained from publicly accessible sources (e.g. professional networks).
For what purposes and on what legal basis is data processed?
We process your personal data in compliance with the provisions of the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and all other relevant laws.
The primary purpose of data processing is the possible establishment of the employment relationship. The primary legal basis for this is Art. 6 para. 1 lit. b GDPR in conjunction with Section 26 para. 1 BDSG. In addition, your separate consents pursuant to Art. 6 para. 1 lit. a, 7 GDPR can be used as a data protection law permission regulation.
If necessary, we also process your data on the basis of Art. 6 para. 1 lit. f GDPR in order to protect our legitimate interests or those of third parties (e.g. authorities). A legitimate interest on our part exists in particular in the assertion of or defense against claims.
Insofar as special categories of personal data are processed in accordance with Art. 9 para. 1 GDPR, this serves the exercise of rights or the fulfillment of legal obligations under labor law, social security law and social protection law (e.g. recording of severe disability due to additional leave and determination of the severely disabled levy) as part of the application process. This is done on the basis of Art. 9 para. 2 lit. b GDPR in conjunction with Section 26 para. 3 BDSG. In addition, the processing of health data may be necessary for the assessment of your ability to work in accordance with Art. 9 para. 2 lit. h GDPR in conjunction with Section 22 para. 1 b) BDSG.
In addition, the processing of special categories of personal data may be based on consent pursuant to Art. 9 para. 2 lit. a GDPR in conjunction with § 26 para. 2 BDSG.
If we wish to process your personal data for a purpose not mentioned above, we will inform you in advance.
Who receives your data?
Your application data will be reviewed by the HR department after receipt of your application. Suitable applications are then forwarded internally to the department managers responsible for the respective open position. The further process is then coordinated. Within the company, only those persons have access to your data who need it for the proper course of our application procedure.
We also use various service providers. These include, in particular, software providers who may also gain knowledge of your personal data in connection with the maintenance and servicing of the systems. We have concluded an order processing contract with this provider, which ensures that the data processing is carried out in a permissible manner.
In addition, we may transfer your personal data to other recipients outside the company if this is necessary to fulfill contractual and legal obligations. These may be, for example
Authorities (e.g. pension insurance institutions, professional pension institutions, social insurance institutions, tax authorities, courts)
more
What data protection rights can you assert as a data subject?
You can request information about the personal data stored about you at the above address. In addition, under certain conditions, you can request the correction or deletion of your data. You may also have the right to restrict the processing of your data and the right to receive the data you have provided in a structured, commonly used and machine-readable format.
Right of objection
If we process your data to protect legitimate interests, you can object to this processing on grounds relating to your particular situation. We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defense of legal claims.
Where can you complain?
You have the option of lodging a complaint with the data protection officer named above or with a data protection supervisory authority. The data protection supervisory authority responsible for us is
Saxon Data Protection Commissioner
Andreas Schurig
P.O. Box 12 00 16
01001 Dresden
How long will your data be stored?
We delete your personal data as soon as it is no longer required for the above-mentioned purposes. After termination of the contractual relationship, your personal data will be stored for as long as we are legally obliged to do so. This regularly results from legal obligations to provide evidence and retain data, which are regulated in the German Commercial Code and the German Fiscal Code, among others. The storage periods are up to ten years. In addition, personal data may be stored for the period during which claims can be asserted against us (statutory limitation period of three or up to thirty years). We also reserve the right to retain and process your personal data for a period of five years for marketing purposes and to initiate new contracts on the basis of legitimate interest. If no new contact is made during this period, your data will be deleted.
How long will your data be stored?
We will delete your personal data as soon as it is no longer required for the above-mentioned purposes. In the event of a rejection, your personal data will be retained for the period during which claims can be asserted against us (maximum 6 months).
In the event that you have consented to further storage of your personal data, we will transfer your data to our applicant pool. There, the data will be deleted after two years if no further communication with you has taken place.
If you have been accepted for a position as part of the application process, the data from the applicant data system will be transferred to our personnel information system.
Are you obliged to provide your data?
As part of your application, you may have to provide the personal data that is necessary for the possible establishment of the employment relationship and the fulfillment of the associated contractual obligations or that we are legally obliged to collect. Without this data, we will not be able to conclude the employment contract with you.
9. social media
Social media plugins with Shariff
Plugins from social media are used on our pages (e.g. Facebook, Twitter, Google+, Instagram, Pinterest, XING, LinkedIn, Tumblr).
You can usually recognize the plugins by the respective social media logos. To ensure data protection on our website, we only use these plugins together with the so-called “Shariff” solution. This application prevents the plugins integrated on our website from transferring data to the respective provider the first time you enter the site.
Only when you activate the respective plugin by clicking on the corresponding button will a direct connection to the provider’s server be established (consent). As soon as you activate the plugin, the respective provider receives the information that you have visited our site with your IP address. If you are logged into your respective social media account (e.g. Facebook) at the same time, the respective provider can assign the visit to our pages to your user account.
Activating the plugin constitutes consent within the meaning of Art. 6 para. 1 lit. a GDPR. You can revoke this consent at any time with effect for the future.
Data protection when visiting our social media channels
We maintain online presences within social networks and platforms in order to communicate with the customers, interested parties and users active there and to inform them about our services.
We would like to point out that user data may be processed outside the European Union. This may result in risks for users because, for example, it could make it more difficult to enforce users’ rights. With regard to US providers that are certified under the Privacy Shield, we would like to point out that they thereby undertake to comply with the data protection standards of the EU.
Furthermore, user data is generally processed for market research and advertising purposes. For example, usage profiles can be created from the usage behavior and the resulting interests of the users. The usage profiles can in turn be used, for example, to place advertisements inside and outside the platforms that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the user’s computer, in which the user’s usage behavior and interests are stored. Furthermore, data can also be stored in the user profiles independently of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).
The processing of users’ personal data is based on our legitimate interests in effective user information and communication with users in accordance with Art. 6 para. 1 lit. f. GDPR. GDPR. If the users are asked by the respective providers of the platforms for consent to the data processing described above, the legal basis for the processing is Art. 6 para. 1 lit. a., Art. 7 GDPR.
For a detailed description of the respective processing and the opt-out options, we refer to the following linked information from the providers.
In the case of requests for information and the assertion of user rights, we would also like to point out that these can be asserted most effectively with the providers. Only the providers have access to the user’s data and can take appropriate measures and provide information directly. If you still need help, you can contact us.
As the operator of an Instagram page, we are jointly responsible with the operator of the social network Instagram (Facebook Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland or Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA) within the meaning of Art. 4 No. 7 of the General Data Protection Regulation (GDPR). When you visit our Instagram page, personal data is processed by the controller. In the following, we will inform you about what data is involved, how it is processed and what rights you have in this regard.
As the controller of this page, we have entered into agreements with Facebook that govern, among other things, the conditions for using the Instagram page. The Instagram terms of use at https://help.instagram.com/581066165581870 and the other conditions and guidelines listed there at the end apply.
One of the purposes of processing the information is to enable Facebook to improve its advertising system, which it distributes via its network. On the other hand, it should enable us as the operator of the Instagram page to obtain statistics that Facebook creates based on visits to our Instagram page. The purpose of this is to manage the marketing of our activities. For example, it enables us to gain knowledge of the profiles of visitors who like our Instagram page or use applications on the page in order to provide them with more relevant content and develop features that may be of greater interest to them.
In order to better understand how we can better achieve our goals with our Instagram page, demographic and geographical evaluations are also created and made available to us based on the information collected. We can use this information to place targeted interest-based advertisements without gaining direct knowledge of the visitor’s identity. If visitors use Facebook on multiple devices, the data can also be collected and analyzed across devices if the visitors are registered and logged into their own profile.
The visitor statistics compiled are only transmitted to us in anonymized form. We have no access to the underlying data.
We operate this Instagram page to present ourselves to Instagram users and other interested parties who visit our Instagram page and to communicate with them. The processing of users’ personal data is based on our legitimate interests in an optimized company presentation (Art. 6 para. 1 lit. f GDPR).
It is conceivable that some of the information collected may also be processed outside the European Union by Facebook Inc. based in the USA. Facebook Inc. is certified under the US-EU data protection agreement “Privacy Shield” and thus undertakes to comply with European data protection regulations.
We do not pass on any personal data ourselves.
Instagram users can use the settings for advertising preferences to influence the extent to which their user behavior may be recorded when they visit our Instagram page. The Facebook and Instagram settings offer further options under:
or the form for the right of objection at:
The processing of information by means of the cookies used by Facebook can also be prevented by not allowing third-party cookies or cookies from Facebook in your browser settings.
Shared responsibility
The agreements with Facebook, including on joint responsibility, essentially mean that requests for information and the assertion of other data subject rights should be made directly to Facebook. As the provider of the social network and the possibility of integrating Facebook pages there, Facebook alone has direct access to the necessary information and can also immediately take any necessary measures and provide information. Should our support nevertheless be required, we can be contacted at any time.
Further information on our contact details, the rights of data subjects vis-à-vis us and how we otherwise process personal data can be found in the privacy policy on our website.
Information on the handling of personal data by Facebook on Instagram can be found in their privacy policy at https://help.instagram.com/519522125107875 or at http://instagram.com/about/legal/privacy/.
In the following data protection information, we (the controller within the meaning of the General Data Protection Regulation) explain what personal data we collect about you when you visit our Facebook company page https://de-de.facebook.com/viarealis/. Personal data is all data with which you can be personally identified.
Our Facebook company presence https://de-de.facebook.com/viarealis/(fan page) serves us as an information platform for a broad public and for addressing interested visitors in a targeted manner. We only process data if you specifically provide it to us by using the interaction options. We would like to point out that you use this Facebook page and its functions voluntarily and on your own responsibility. This applies in particular to the use of interactive functions (e.g. commenting, sharing, rating).
Data processing by Facebook
We are also present on Facebook. We have no influence on the data protection settings of this third-party platform. However, the European Court of Justice (judgment of 05.06.2018 – C-210/16) has ruled in one case that, in addition to Facebook itself, the operator of Facebook fan pages is also (co-)responsible for data processing. Therefore, in accordance with the EU General Data Protection Regulation (GDPR), we inform you here about data processing in connection with Facebook, insofar as we are aware of and can influence this data processing.
When you visit our Facebook corporate presence, Facebook collects, among other things, your IP address and other information that is stored on your PC in the form of cookies. This information is used to provide us, as the operator of the Facebook pages, with statistical information about the use of the Facebook page.
Facebook provides us as the site operator with the following data (anonymized and summarized by group) for evaluation purposes:
Age
Gender
Place of residence (nation and region or city)
All usage is recorded anonymously:
Time of use
Interactions in the context of posts (e.g. reactions, comments, click rate, views, shares)
Video usage time
Devices, operating systems, software used
Usage history (referring websites)
Language
Interests/ Topics
Location of use
Facebook provides more information on this under the following link: https://de-de.facebook.com/help/pages/insights
The data is processed on the basis of Art. 6 para. 1 sentence 1 lit. f) GDPR.
The operators of Facebook process your data in order to operate and optimize their own services and to pass on the data – possibly for commercial purposes. It is expressly pointed out that Facebook also sets cookies with which the company Facebook can track usage behavior on other websites and apps of the group and integrate Facebook technologies on certain websites and apps. This applies in particular if you are already registered on Facebook. You can find more detailed information on this in the data protection information of the third-party platform. The data is collected using Facebook’s standard criteria and filter functions. We have no influence on these criteria.
The data collected about you in this context is processed by Facebook and may be transferred to countries outside the EU. What information Facebook receives and how it is used is described by Facebook in general terms in its data usage guidelines. There you will also find information on how to contact Facebook and the settings options for advertisements. The data guidelines are available at the following link: https://de-de.facebook.com/about/privacy or https://de-de.facebook.com/full_data_use_policy
How Facebook uses the data from visits to Facebook pages for its own purposes, to what extent activities from the Facebook page are assigned to individual users, how long Facebook stores this data and whether data from a visit to the Facebook company presence is passed on to third parties is not conclusively and clearly stated by Facebook and is not known to us.
When you access a Facebook company presence, the IP address assigned to your end device is transmitted to Facebook. According to Facebook, this IP address is anonymized (for “German” IP addresses) and deleted after 90 days. Facebook also stores information about the end devices of its users (e.g. as part of the “login notification” function). This may enable Facebook to assign IP addresses to individual users.
If you are currently logged in to Facebook as a user, a cookie with your Facebook ID is stored on your device. This enables Facebook to track that you have visited this page and how you have used it. This also applies to all other Facebook pages.
If you want to avoid this, you should log out of Facebook or deactivate the “stay logged in” function, delete the cookies on your device and close and restart your browser. In this way, Facebook information that can be used to directly identify you will be deleted. This allows you to use our Facebook company presence without revealing your Facebook ID.
Insofar as the respective requirements are met, you have the right to rectification in accordance with Art. 16 GDPR, to erasure in accordance with Art. 17 GDPR, to restriction of processing in accordance with Art. 18 GDPR, to object to processing in accordance with Art. 21 GDPR and to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR.
However, please note that we do not process any of your personal data, but only statistical data. If necessary, please contact the operator of the third-party platform. Information on how you can manage or delete existing information about you can be found in the above-mentioned data policy(https://de-de.facebook.com/about/privacy or https://de-de.facebook.com/full_data_use_policy).
10. newsletter
Newsletter data
If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. No further data is collected, or only on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties.
The data entered in the newsletter registration form is processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent to the storage of the data, the e-mail address and its use for sending the newsletter at any time, for example via the “unsubscribe” link in the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation.
The data you provide us with for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and deleted after you unsubscribe from the newsletter. Data stored by us for other purposes (e.g. e-mail addresses for the member area) remain unaffected by this.
Mailster
Mailster is a software that can be used to organize the sending of newsletters, among other things. If you enter data for the purpose of subscribing to the newsletter (e.g. e-mail address), this data is stored on our company’s server. Mailster states that it does not transfer any data to external servers. Further information can be found here https://kb.mailster.co/gdpr/.
The so-called double opt-in procedure is used to register for our newsletter. This means that after your registration you will receive an e-mail to the e-mail address you have provided, in which you will be asked to confirm that you wish to receive the newsletter.
You can revoke your consent to receive the newsletter at any time. We provide a link for this purpose at the end of each newsletter message.
Data analysis by Mailster
With the help of Mailster, we are able to analyze our newsletter campaigns. Among other things, we can see whether a newsletter message has been opened.
Mailster also allows us to subdivide newsletter recipients according to different recipient categories (e.g. place of residence). In this way, the newsletters can be better adapted to the respective target groups.
The mailing service provider may use the recipients’ data in pseudonymous form, i.e. without assigning it to a user, to optimize or improve its own services, e.g. to technically optimize the mailing and presentation of the newsletter or for statistical purposes. However, the mailing service provider does not use the data of our newsletter recipients to write to them itself or to pass the data on to third parties.
Detailed information on the functions of Mailster can be found at the following link: https://mailster.co/.
Legal basis
Data processing is based on your consent (Art. 6 para. 1 lit. a GDPR). You can withdraw this consent at any time. The legality of the data processing operations that have already taken place remains unaffected by the revocation.
Storage period
The data you provide us with for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and deleted from our server after you unsubscribe from the newsletter. Data stored by us for other purposes (e.g. e-mail addresses for the member area) remain unaffected by this.
Conclusion of a contract for commissioned data processing
We have concluded a contract with Mailster in which we oblige Mailster to protect our customers’ data and not to pass it on to third parties.
For more information, please refer to Mailster’s privacy policy at: https://mailster.co/legal/privacy-policy/.
11. plugins and tools
Google Web Fonts
This site uses so-called web fonts provided by Google for the uniform display of fonts. When you access a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.
For this purpose, the browser you are using must connect to Google’s servers. This informs Google that our website has been accessed via your IP address. The use of Google Web Fonts is in the interest of a uniform and appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
If your browser does not support web fonts, a standard font will be used by your computer.
Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://policies.google.com/privacy?hl=de.
Google Maps
This site uses the map service Google Maps via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To use the functions of Google Maps, it is necessary to save your IP address. This information is usually transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.
The use of Google Maps is in the interest of an appealing presentation of our online offers and to make it easy to find the places we have indicated on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR represent.
12. other
Children
Persons under the age of 16 should not transmit any personal data to us without the consent of their parents or legal guardians. We do not request personal data from children, do not collect it and do not pass it on to third parties.
Links to other websites
Our website contains links to other websites. We have no influence on whether their operators comply with data protection regulations.
Contributions
The contributions on our site are accessible to everyone. Contributions should be carefully checked before publication to ensure that they do not contain information that is not intended for the public. The contributions may be recorded in search engines and may also be accessible worldwide without specifically accessing this website.
Questions and comments
If you have any questions, suggestions or comments on the subject of data protection, please contact the VIAREALIS webmaster by e-mail.
Security notice
We make every effort to store your personal data in such a way that it is not accessible to third parties by taking all technical and organizational measures. We cannot guarantee complete data security when communicating by e-mail, so we recommend that you send confidential information by post.