Data Protection Statement

Data Protection Declaration

General

With this declaration, AGNITAS AG, as an entity bearing responsibility for data protection, informs you about the use of your personal data on the website agnitas.de and about your rights as a user. We take the protection of your data seriously and comply with all data protection laws and regulations that are applicable in the Federal Republic of Germany. In particular, we only collect, process and use your personal data if you have consented thereto or this is permitted by law.

Personal data

Person data is any information concerning an identified or identifiable natural person (the data subject). This includes your name, address, email address, telephone number or an IP address assigned to by your Internet provider. Information which cannot be used to identify you (anonymous data) is not personal data.

Below you will find a list of all processed data, the purpose for which it is used, the respective legal basis and the possibilities you have to raise objections:

When you use our website, your Internet browser automatically transfers certain usage data and what are termed log files to us for technical reasons. These include:

  • The time and date of access
  • The URL (address) of the referring website
  • The file retrieved
  • The volume of data sent
  • The host name of the accessing computer (IP address)
  • The browser type and version
  • The operating system.

This information is used by us exclusively for the purposes of technical administration of our website and to prevent illegal activities in connection with our website. We reserve the right to review this log data subsequently if, on the basis of specific indications, suspicion is raised of an illegal activity. Insofar as personal data is processed, we process such data solely to safeguard our justified interest in preventing illegal activities in connection with our website. The legal basis for this is the balancing of interests pursuant to Art. 6 (1) letter f) of the German General Data Protection Regulation (GDPR). Personal data is stored for no more than four weeks if there are no indications of illegal use.

You can send messages to us using a contact form available on our website. When doing so, you must include your name, title, email address, telephone number, company and address. Alternatively, you can contact us by email. We only process that data in order to deal with your enquiry. The legal basis of the data processing is the consent granted by you pursuant to Art. 6 (1) letter a) of the GDPR. You have the right to revoke this consent at any time with effect for the future by sending your revocation by email. The data is not transferred to third parties. We store this data for a maximum of 24 months.

You can leave comments on our website. When you do so, you must state your name, email address and information regarding your own website. We process that data to prevent abuse of the comments function. The legal basis of the data processing is the consent granted by you pursuant to Art. 6 (1) letter a) of the GDPR. You have the right to revoke your consent with effect for the future at any time by sending your revocation by email. The data is not transferred to third parties. We store this data for an indefinite period.

You can apply for positions with us via email. We process the information from your application letter solely for the purposes of processing the application. The information is not transferred to third parties. The legal basis of the data processing is Art. 6 (1) letter B of the GDPR in conjunction with § 26 of the German Federal Data Protection Act (FDPA) (Bundesdatenschutzgesetz, “BDSG”). We store the information from your application for maximum six months from the end of the application process. This data is then deleted.

If you subscribe to the newsletter on our website, on the basis of the consent granted by you we process personal data such as your email address, title, name and preferred language. To subscribe to our newsletter, you merely have to state your email address; providing your title, name and the language is optional. We use this data exclusively to send you information about us, our products, market trends and legal matters. The newsletter can be used to carry our statistical analyses of usage data. To that end, we record both the openings of the email and the internal clicks. This information is used to make the content of the newsletter more exciting and relevant and to measure the success of the marketing campaign. The information is not transferred to third parties. The legal basis for this tracking is the safeguarding of legitimate interests pursuant to Art. 6 (1) letter f) of the GDPR. As the recipient, you may at any time object to this form of data collection. You can change the tracking setting at the end of each newsletter.

The legal basis for the data processing for the dispatch of the newsletter itself is the consent granted by you pursuant to Art. 6 (1) letter f) of the GDPR by subscribing to the newsletter. You have the right to revoke this consent with effect for the future at any time by unsubscribing from the newsletter, for example via an unsubscribe link in the newsletter or by email to: info@agnitas.ag. We only store your data during your subscription to the newsletter and in order to help ensure the newsletter is only sent to the correct recipients.

You may receive notifications on our website. In this way, we draw attention to particularly interesting aspects of our website. For this to happen, you must switch on the browser notifications. We process your data on the basis of the consent granted by you pursuant to Art. 6 (1) letter a) of the GDPR. The data is not transferred to third parties. You have the right to revoke this consent at any time with effect for the future by switching off the browser notifications via your browser settings. We only store your data provided you have not revoked your consent.

Via our website you have direct access to the EMM. With the various features of the EMM, you have the possibility to organize the dispatch of your newsletter via our server. You need a user name and password for access. The legal basis of the data processing is the consent granted by you pursuant to Art. 6 (1) letter a) of the GDPR by subscribing to the service. You have the right to revoke this consent at any time with effect for the future. However, then you will no longer be able to access the EMM.

You alone are responsible for all your customer data (e.g. email addresses, contact data) stored in the EMM. For legal protection, we propose you conclude an agreement for order processing within the meaning of Art. 28 of the GDPR. Further information on data use in the EMM can be found in the Users area.

Parts of our website use cookies. Cookies are used to make our offering more user-friendly, effective and secure. Cookies are small text files that are placed on your computer and that your browser stores. Most of the cookies we use are so-called session cookies. They are deleted automatically after the end of your visit. Other cookies remain placed on your device until you delete them. These cookies enable us to recognise your browser next time you visit our website. You can set your browser so that it is informed about the placement of cookies and only permits cookies in the individual case, accepts cookies for certain cases or generally excludes them or activates the automatic deletion of cookies when your browser closes. If cookies are deactivated, the functionality of this website may be limited. Insofar as we process personal data, we do so on the basis of our legitimate interests in order to improve the design of our website. The cookie information is only processed when you visit our website. The legal basis for the processing is the balancing of interests pursuant to Art. 6 (1) letter f) of the GDPR. We process information from the cookies until they are deleted.

Google Web Fonts from the company Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”) are integrated into this website. This is a content delivery network (CDN) that enables the display of fonts. The integration is via JavaScript code and requires that Google can detect the IP address of users. The IP address is necessary for the content to be sent to the user’s browser. The legal basis for this is the safeguarding of legitimate interests pursuant to Art. 6 (1) letter f) of the GDPR. We only communicate your IP address in order to safeguard our legitimate interest in the use of user-friendly fonts. Using Google Web Fonts means we may also connect to Google servers outside the EU (e.g. in the US), i.e. Google is theoretically informed about the use of the offering. The European Commission has decided in adequacy decision that data transfer to companies in the US is lawful when certified under the EU-US Privacy Shield. Google possesses a certification of this type (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active). We would like to point out that Google has its own data protection guidelines, which are independent of ours. Before using our website, please find out about Google’s data protection regulations at http://www.google.de/intl/de/policies/privacy/. Google Web Fonts is based on a JavaScript code, meaning you can prevent its execution in general by deactivating JavaScript in your browser’s settings or installing a JavaScript blocker. Please note that it may then not be possible to display our website correctly.

We use Google Maps to display our maps. The integration requires that Google can detect the IP address of users. The IP address is necessary for the content to be sent to the user’s browser. The legal basis for this is the safeguarding of legitimate interests pursuant to Art. 6 (1) letter f) of the GDPR. We only communicate your IP address in order to safeguard our legitimate interest in the display of user-friendly maps. Using Google Maps means we may also connect to Google servers outside the EU (e.g. (in the US), i.e. Goggle is theoretically informed about the use of the offering. The European Commission has decided in adequacy decision that data transfer to companies in the US is lawful when certified under the EU-US Privacy Shield. Google possesses a certification of this type (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active). We would like to point out that Google has its own data protection guidelines, which are independent of ours. Before using our website, please find out about Google’s data protection regulations at http://www.google.de/intl/de/policies/privacy/. Google Maps is based on a JavaScript code, meaning you can prevent its execution in general by deactivating JavaScript in your browser’s settings or installing a JavaScript blocker. Please note that it may then not be possible to display our website correctly.

We also use Google Conversion Tracking. Here Google places a cookie on your computer when you have reached our website via a Google advertisement. These cookies become invalid after 30 days and are not used for personal identification. If you visit certain of our pages and the cookie has not yet expired, we and Google can detect that someone has clicked on the advertisement and thus been taken to our page. Information obtained with the aid of conversion cookies is used to create conversion statistics. They include information about the total number of users who clicked on the advertisement and were taken to the page provided with the conversion tracking tag. However, they do not include any information that can be used to identify users personally. If you do not wish to participate in the tracking process, you can also decline the setting of a cookie required for this, for example by means of a browser setting that generally deactivates the automatic placement of cookies. You can also deactivate cookies for conversion tracking by setting your browser to block cookies from the domain “googleadservices.com”. We cannot rule out the possibility that personal data will be sent to Google’s servers in the US within the framework of this. The European Commission has decided in adequacy decision that data transfer to companies in the US is lawful when certified under the EU-US Privacy Shield. Google possesses a certification of this type (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active). Before using our website, please find out about Google’s data protection regulations at http://www.google.de/intl/de/policies/privacy/.

Videos from the YouTube video platform, which are offered by the company YouTube LLC, 901 Cherry Avenue, San Bruno, CA 94066, USA, are integrated into our website. YouTube is represented by Google. The integration of videos requires that Google can detect the IP address of users. The IP address is necessary for the content to be sent to the user’s browser. We use YouTube to be able to provide attractive videos to users on this website. The legal basis for this is the safeguarding of legitimate interests pursuant to Art. 6 (1) letter f) of the GDPR. We only communicate your IP address in order to safeguard our legitimate interest in the use of user-friendly videos. The integration of YouTube videos means we may also connect to Google servers outside the EU (e.g. in the US), i.e. Google is theoretically informed about the use of the offering. The European Commission has decided in adequacy decision that data transfer to companies in the US is lawful when certified under the EU-US Privacy Shield. Google possesses a certification of this type (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active). More information concerning data protection and the cookies use can be found at https://www.google.de/intl/de/policies/privacy/. We do not store IP-related information relating to the accessing of YouTube videos on our site.

For the purposes of marketing and optimization, we use products and services of the company Lead Forensics (Communication House, 26 York Street, London, W1U 6PZ, Great Britain) on our website. Lead Forensics determines the actual course of your visit to this website, including all the pages you have visited or looked at and how long you spent on this site. Insofar as IP addresses are collected, these are rendered anonymous immediately after collection. On behalf of the operator of this website, Lead Forensics then uses the information collected to analyze your visit, compile reports regarding the website activities and provide to the website operator further services connected with the website use and the Internet use. Further information about data protection can be found at https://www.leadforensics.com/privacy-and-cookies/. Insofar as we process personal data, we do so on the basis of our legitimate interests in order to improve the design of our website. The legal basis for this is the safeguarding of legitimate interests pursuant to Art. 6 (1) letter f) of the GDPR. At any time, you can object to the data processing with effect for the future by clicking on the following link:

http://lfwebproxy.westeurope.cloudapp.azure.com:5000/?clientID=72829
We will then no longer store additional data.

You can share contributions to our blog via the share functions of Facebook, Twitter, Google+ and XING (jointly referred to as “social media providers) within the social networks. We use social plugins to enable you to do so.

Facebook is operated by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. Facebook Ireland Limited belongs to Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). You can find a summary of the Facebook plugins here: https://developers.facebook.com/docs/plugins. Facebook’s data protection policy can be found here: http://www.facebook.com/policy.php.

Twitter is operated by Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland. The Twitter International Company belongs to Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA (“Twitter”). You can find a summary of the Twitter plugins here: https://twitter.com/about/resources/buttons. Twitter’s data protection policy can be found here: https://twitter.com/privacy.

Google+ is operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). You can find a summary of the Google plugins here: https://developers.google.com/+/web/. Google’s data protection policy can be found here: http://www.google.com/intl/de/+/policy/+1button.html.

XING is operated by XING SE, Dammtorstraße 30, 20354 Hamburg, Germany (“XING”). You can find a summary of the XING plugins here: https://dev.xing.com/. XING’s data protection policy can be found here: https://www.xing.com/privacy.

When you retrieve a page including such a plugin on our website, your browser establishes a direct connection to the providers’ servers. The respective provider transfers the content of the plugin directly to your browser and integrates it into the page. Through the integration of the plugins, the providers obtain the information that your browser has accessed the corresponding page of our website even if you do not have a profile or are not logged in at that time. Your browser transfers this information (including your IP address) directly to a server of the respective provider, where that information is stored. If you are logged into one of the services, the providers can directly assign the visit to our website to your profile on Facebook, Twitter, Google+ or XING. If you interact using the plugins, for example by sharing a contribution, the corresponding information is also sent directly to a server of the providers and saved there. The information is also published in the social networks and shown there to your contacts.

The legal basis of the data processing is the consent granted by you pursuant to Art. 6 (1) letter a) of the GDPR by sharing a contribution. You have the right to revoke this consent at any time with effect for the future by sending your revocation by email. Please note that the respective social media providers are responsible for the data processing within the social networks.

When you share a contribution, data is transferred to the social media provider. Some of their servers are located in countries outside the EU (e.g. the US). The European Commission has decided in adequacy decision that data transfer to companies in the US is lawful when certified under the EU-US Privacy Shield. Facebook (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active), Twitter (https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active) and Google (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active) possess a certification under the EU-US Privacy Shield.

If you do not want Facebook, Twitter, Google or XING to assign data collected via our website directly to your profile in the respective service, you must log out of the corresponding service before visiting our website. You can also completely prevent the loading of the plugins with the aid of add-ons for your browser, e.g. with the script blocker “NoScript” (http://noscript.net/).

In principle, we do not pass your personal data onto third parties unless we are obliged to by law or on the basis of a court/official order or you have granted your consent for us to do so. However, we reserve the right to commission third parties to process your data. These third parties act on our behalf as the processor exclusively and strictly in accordance with our instructions within the meaning of Art. 4 (8) of the GDPR and only receive the data that they need for the specific activity commissioned by us.

This data protection declaration applies exclusively to our website. The website may include links to external websites that are not covered by this declaration. If you leave our website via a link, it is advisable to carefully read the data protection policy of the respective linked website.

Your rights

All persons concerned have the right to assert their rights as persons vis-à-vis us concerned at any time. In particular, you have the following rights:

  • You have the right to request information regarding whether and, where relevant, to what extent we process or do not process your personal data.
  • If your personal data is processed, you have a right to demand information regarding in particular the following information: data stored regarding your person, processing purpose(s), data category/categories, recipient, the party to whom that data is disclosed, the length of time for which it is stored.
  • You have the right to demand that your data be corrected immediately if it is incorrect and/or incomplete.
  • You have the right to demand the immediate deletion of your personal data.
  • At any time, you have the right to revoke a consent granted to us to process your data.
  • You have the right to have the processing of your personal data restricted.
  • You have the right to receive in a structured, customary and machine-readable format the personal data concerning yourself that you have provided to us, and to send that data to another responsible person / entity.

Your right of revocation pursuant to Art. 21 GDPR

You have the right, in accordance with Art. 21 (1) and (5) of the GDPR, on grounds arising from your special situation, at any time to raise an objection to the processing of your personal data, which occurs on the basis of Art. 6 (1) letter e) or f) of the GDPR, with effect for the future; this also applies to profiling based on these provisions (which we do not undertake).

Responsible entity

If you have any questions regarding data protection, please contact:

AGNITAS AG

Werner-Eckert-Straße 6

81829 Munich

Email: info@agnitas.ag

Our data protection officer

David Oberbeck
DATENSCHUTZKANZLEI
Herting Oberbeck Rechtsanwälte Partnerschaft
Sillemstr. 60a, 20257 Hamburg
Telefon +49 (0) 40 228 691 140

You also have the possibility to contact our data protection officer by email datenschutz@agnitas.de.

Supervisory authority

Should you have any complaints, you can always contact an EU data protection authority or the EU member states.

 

 

Status 03/2018

Newsletter

Stay up to date! Our newsletter keeps you informed about e-mail marketing.