Data Processing Information for this Website in accordance with Art. 13 EU General Data Protection Regulation (GDPR) regarding the collection of personal data from the data subject
This data protection information (Version: GDPR 1.0 dated 09.01.2020) was created by: Deutsche Datenschutzkanzlei Datenschutz-Office München – www.deutsche-datenschutzkanzlei.de
Data Protection
QUANTEC Engineering GmbH is responsible for this website and, as a provider of a teleservice, is required to inform you at the beginning of your visit about the type, scope, and purposes of the collection and use of personal data in a precise, transparent, understandable, and easily accessible manner, in clear and simple language. This content must be easily accessible to you at all times.
We place great emphasis on the security of your data and compliance with data protection regulations. The processing of personal data is subject to the provisions of the currently applicable European and national laws.
With the following data protection information, we would like to show you how we handle your personal data and how you can contact us:
QUANTEC Engineering GmbH
Dieselstraße 49
87437 Kempten (Allgäu)
Germany
Commercial Register No.: HRB 11178
Managing Director: Dr.-Ing. Christoph Karrer
Tel.: +49-151-11660170
E-Mail: info@quantec-engineering.com
Our Data Protection Officer
Sven Lenz
Deutsche Datenschutzkanzlei – Datenschutzkanzlei Lenz GmbH & Co. KG
Bahnhofstraße 50
87437 Kempten
Germany
If you have any questions regarding data protection or other data protection concerns, please feel free to send an email to the following email address: christoph.karrer@quantec-engineering.com
A. General
For better understanding, we refrain from gender-specific differentiation. In the spirit of equal treatment, corresponding terms apply to all genders.
The meanings of terms used, such as “personal data” or its “processing,” can be found in Art. 4 GDPR.
The personal data processed within the scope of this website include:
- Inventory data (e.g., name and addresses of customers),
- Contract data (e.g., services used, names of contact persons, payment information),
- Usage data (e.g., pages visited on our website, interest in our products), and
- Content data (e.g., entries in the contact form).
B. Specific
Data Protection
Information We ensure that we only process your data in connection with handling your inquiries and to provide services requested by you or to provide content for internal purposes.
Foundations of Data Processing
We process your personal data only in compliance with the relevant data protection regulations. The legal basis(es) are:
- Provision of our contractual services (e.g., processing of orders) and online services
- Existence of your electronic consent (e.g., newsletter subscription or in the online application process for longer retention)
- Enforcement of our legitimate interests (i.e., interest in analysis, optimization, and economic operation and security of our website, especially in terms of reach measurement, creation of profiles for advertising and marketing purposes, and collection of access data and use of services from third-party providers)
We are happy to show you where the above legal basis(es) are regulated:
Processing to fulfill our services and perform contractual measures: Art. 6 para. 1 lit. b) GDPR
Consent: Art. 6 para. 1 lit. a) and Art. 7 GDPR
Processing to safeguard our legitimate interests: Art. 6 para. 1 lit. f) GDPR
Data Transmission to Third Parties
We would like to inform you that data transmission to third parties occurs.
The transfer of your data to third parties only takes place within the framework of legal requirements. We only disclose your data if it is necessary, for example, for contractual purposes or based on legitimate interests in the economic and efficient operation of our business.
If we use subcontractors to provide our services, we take appropriate legal precautions as well as corresponding technical and organizational measures to ensure the protection of personal data in accordance with relevant legal provisions.
Data Transmission to a Third Country or International Organization
A third country refers to countries where the GDPR is not directly applicable. This generally includes all countries outside the EU or the European Economic Area.
Data transmission to a third country or international organization occurs. It is ensured that appropriate/adequate guarantees are in place, and you have enforceable rights and effective remedies available.
A copy of the appropriate guarantees can be obtained from the following links:
Privacy Shield: https://www.privacyshield.gov/list
Standard Contractual Clauses: http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2010:039:0005:0018:DE:PDF
Storage Duration of Your Personal Data
We adhere to the principles of data minimization and avoidance. This means we only store your data for as long as necessary to fulfill the aforementioned purposes or as required by various statutory retention periods set by the legislator. Once the respective purpose has been fulfilled or upon expiration of the relevant deadlines, your data will be routinely blocked or deleted in accordance with legal requirements.
For this purpose, we have developed an internal concept to ensure compliance with these procedures.
Contact
If you contact us via email or contact form, you consent to electronic communication. Personal data will be processed as part of electronic communication with us. The data collected in case of a contact form is evident from the respective contact form. Your data will be transmitted encrypted via SSL. The information you provide will be stored solely for the purpose of processing the inquiry and any follow-up questions.
You also have the option to contact us by phone and fax. Your data will also be processed for further communication in these cases.
We would like to provide you with the legal basis for this:
Processing to fulfill our services and perform contractual measures: Art. 6 para. 1 lit. b) GDPR
Verarbeitung zur Wahrung unserer berechtigten Interessen: Art. 6 Abs. 1 lit. f) DSGVO
We have entered into a contract with the provider containing so-called Standard Contractual Clauses (http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2010:039:0005:0018:DE:PDF), in which the provider commits to processing user data only in accordance with our instructions and to complying with the EU data protection level. Furthermore, the provider is certified under the Privacy Shield Agreement, thereby providing an additional guarantee of compliance with European data protection law: https://www.privacyshield.gov/participant?id=a2zt0000000KzX1AAK&status=Active
We would like to inform you that emails can be read or altered without authorization during transmission. Additionally, we utilize software for filtering unwanted emails (spam filter). Through the spam filter, emails may be rejected if they are incorrectly identified as spam based on certain characteristics.
What rights do you have?
a) Right to information
You have the right to obtain free information about your stored data. Upon request, we will inform you in writing about which personal data we have stored about you. This also includes information about the origin and recipients of your data, as well as the purpose of data processing.
b) Right to correction
You have the right to have your data corrected if it is incorrect. You can also request a restriction of processing if the accuracy of your personal data is disputed.
c) Right to block
Furthermore, you can have your data blocked. In order to ensure that your data can be blocked at any time, these data must be stored in a blocking file for control purposes.
d) Right to deletion
You can request the deletion of your personal data, provided there are no legal retention obligations. If such an obligation exists, we will block your data upon request. If the relevant legal requirements are met, we will also delete your personal data without your request.
e) Right to data portability
You are entitled to request from us the provision of the personal data transmitted to us in a format that allows transmission to another location.
f) Right to lodge a complaint with a supervisory authority
You have the option to lodge a complaint with one of the data protection supervisory authorities.
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 27, 91522 Ansbach, Germany
Phone: +49 981 53-1300
Fax: +49 981 53-981300
You can open the complaint form using the following link: https://www.lda.bayern.de/en/complaint.html
g) Right to object
You have the option to revoke your consent to the processing of your data at any time with effect for the future. To do so, simply send an email to christoph.karrer@quantec-engineering.com.
However, such a revocation does not affect the lawfulness of the processing carried out up to that point. This does not affect data processing based on other legal bases, such as contract initiation (see “Foundations of Data Processing”).
Protection of Your Personal Data
We implement contractual, technical, and organizational security measures in accordance with the state of the art to ensure compliance with data protection laws and to protect the processed data against accidental or intentional manipulation, loss, destruction, or unauthorized access by third parties.
Among the security measures is the encrypted transmission of data between your browser and our server. For this purpose, a 256-bit SSL (AES 256) encryption technique is used.
Your personal data is protected within the following points (excerpt):
a) Confidentiality of Your Personal Data To maintain the confidentiality of your data stored with us, we have implemented various measures for access control.
b) Integrity of Your Personal Data To maintain the integrity of your data stored with us, we have implemented various measures for transmission and input control.
c) Availability of Your Personal Data To maintain the availability of your data stored with us, we have implemented various measures for order and availability control.
The security measures in place are continuously improved in line with technological advancements. Despite these precautions, due to the inherently insecure nature of the internet, we cannot guarantee the security of your data transmission to our website. Therefore, any data transmission by you is at your own risk.
Protection of Minors
Personal information may only be provided to us by individuals under the age of 16 with the explicit consent of their legal guardians. This data will be processed in accordance with this privacy policy.
Server Log Files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type and version
- Operating system used
- Referrer URL
- Hostname of the accessing computer
- Time of the server request
- IP address
The user data will be transferred to us in encrypted form and processed exclusively for the purpose of processing the application.
The legal basis for data processing is according to Article 6(1)(f) GDPR our legitimate interest in providing and implementing protective measures to prevent misuse of our website, and according to Article 6(1)(b) GDPR, which allows the processing of data for the performance of a contract or pre-contractual measures.
Online Applications via a Form
We offer applicants on our website the opportunity to apply online via a corresponding form. Admission to the application process requires applicants to provide us with all personal data necessary for a thorough and informed assessment and selection via the form.
The required information includes general personal information (name, address, telephone or electronic contact details), as well as performance-specific evidence of qualifications necessary for a position. Additionally, health-related information may be required, which, in the interest of the applicant’s social protection, must receive special consideration under labor and social law.
Upon submission of the form, your data will be transmitted to us in encrypted form according to the state of the art and processed exclusively for the purpose of processing the application.
The legal basis for these processing activities is Article 6(1)(b) GDPR in conjunction with § 26(1) BDSG, whereby the progression of the application process is considered as the initiation of an employment contract. Where special categories of personal data within the meaning of Article 9(1) GDPR (e.g., health data such as information about severe disabilities) are requested from applicants during the application process, the processing is carried out in accordance with Article 9(2)(b) GDPR, allowing us to exercise rights arising from labor law and social security law and to fulfill our obligations.
Alternatively, the processing of special categories of data may also be based on Article 9(1)(h) GDPR if it serves purposes of preventive healthcare or occupational medicine, for assessing the applicant’s ability to work, for medical diagnostics, care, or treatment in the health or social sector, or for managing systems and services in the health or social sector.
If, as a result of the evaluation described above, no selection of the applicant is made or if an applicant withdraws their application prematurely, the provided data will be deleted after a corresponding notification, no later than six months. This period is based on our legitimate interest in being able to respond to any follow-up questions regarding the application and, if necessary, to meet our obligations under the regulations on equal treatment of applicants.
In the event of a successful application, the data provided will be further processed on the basis of Art. 6 Para. 1 lit. b) GDPR in conjunction with § 26 Para. 1 BDSG for the purpose of carrying out the employment relationship.
Cookies
Cookies are small text files that are locally stored in your internet browser’s cache. These cookies enable, for example, the recognition of the internet browser. The files are used to assist the browser in navigating through the website and to fully utilize all functions.
We use browser cookies.
User Control of Cookies:
Browser Cookies: You can configure all browsers to accept cookies only upon request. Additionally, you can set them to accept only cookies from the currently visited site. All browsers offer functions that enable selective deletion of cookies. Acceptance of cookies can also be disabled altogether, although this may lead to limitations in the user-friendliness of this website.
Lifetime of Deployed Cookies:
Cookies are managed by the web server of our website. This website uses:
Session Cookies (for one-time usage) Lifetime: Until this website is closed
Persistent Cookies (for persistent browser identification)
Lifetime: 30 days
Disable or Remove Cookies (Opt-Out):
Every web browser provides options to restrict and delete cookies. Further information can be found on the following websites:
- Internet Explorer:
http://windows.microsoft.com/en-GB/windows7/How-to-manage-cookies-in-Internet-Explorer-9 - Firefox:
https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer?redirectlocale=en-US&redirectslug=Cookies - Google Chrome:
https://support.google.com/chrome/answer/95647?hl=en - Safari:
https://support.apple.com/de-de/HT201265
Usage of Google reCaptcha
To protect your contact form submissions on the internet, we utilize the reCAPTCHA service provided by Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (Google). This query serves to differentiate whether the input is made by a human or fraudulently via automated, machine processing. The query involves the transmission of the IP address and potentially other data required by Google for the reCAPTCHA service, and is carried out in accordance with Art. 6 para. 1 lit. f GDPR based on our legitimate interest in determining the individual intentionality of actions on the internet and preventing abuse and spam. For this purpose, your input is transmitted to Google and used there. By using reCaptcha, you agree that the recognition performed by you contributes to the digitization of old works.
On our behalf, Google will use this information to evaluate your use of this service. The IP address transmitted by your browser as part of reCaptcha will not be merged with other data from Google. Different privacy policies apply to this data from Google.
In the context of using Google reCAPTCHA, personal data may also be transmitted to servers of Google LLC. in the United States. If IP anonymization is activated on this website, your IP address will be truncated by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area before being transmitted.
In the event of the transmission of personal data to Google LLC. located in the United States, Google LLC. has certified itself for the US-European data protection agreement “Privacy Shield.” This ensures compliance with the level of data protection applicable in the EU. The current certificate can be viewed at the following link: https://www.privacyshield.gov/list
For more information on Google’s privacy policies, please visit: https://www.google.com/intl/en/policies/privacy/
Web Analytics Service Google (Universal) Analytics
We use Google Analytics, a web analytics service provided by Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). Google Analytics uses “cookies,” which are text files placed on your computer, to help analyze how users use the online offering. The information generated by the cookie about your use of the online offering (including your IP address, which is abbreviated before being stored) is usually transmitted to a Google server and stored there. This may also involve transmission to Google LLC servers in the United States.
We would like to point out that this online offering uses Google Analytics with the extension “_anonymizeIp()” and, therefore, IP addresses are only processed in abbreviated form to exclude direct personal references. With this extension, your IP address is shortened by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area before being transmitted. Only in exceptional cases is the full IP address transmitted to a Google LLC server in the United States and abbreviated there. In these exceptional cases, this processing is carried out in accordance with Art. 6 para. 1 lit. f) GDPR based on our legitimate interests.
The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
On our behalf, Google will use this information for the purpose of statistical analysis of user behavior, for optimization, and for marketing purposes, based on our legitimate interest. This means:
• to compile reports on the activities of our online offering.
• to provide further services related to the use of the online offering and internet usage to us.
• to conduct cross-device analysis of visitor traffic by using a User-ID.
Upon the initial visit to a page, the user is assigned a unique, persistent, and anonymized ID that is set across devices. This allows for interaction data from different devices and sessions to be attributed to a single user. The User-ID does not contain any personally identifiable information and does not transmit such information to Google.
The data collection and storage via the User-ID can be objected to at any time with effect for the future. To do so, you must disable Google Analytics on all systems you use, for example, in a different browser or on your mobile device.
Furthermore, we use Google Analytics reports to capture demographic characteristics and interests.
The data sent by us and associated with cookies, user IDs (e.g., User-ID), or advertising IDs are automatically deleted after 14 months. The deletion of data whose retention period has been reached occurs automatically once a month. For more detailed information on terms of use and privacy, please visit https://www.google.com/analytics/terms/de.html and https://policies.google.com/?hl=de .
In the event of a transfer of personal data to Google LLC. in the USA, Google LLC. has certified itself under the US-European Privacy Shield Agreement. This ensures compliance with the level of data protection applicable in the EU. The current certificate can be viewed https://www.privacyshield.gov/list .
You can prevent the storage of cookies by adjusting your browser settings accordingly. However, please note that in this case, not all functions of this online offering may be fully available.
Additionally, you can prevent the collection of data generated by the cookie and related to your use of the online offering (including your IP address) by Google, as well as the processing of this data by Google, by downloading and installing a browser plug-in via http://tools.google.com/dlpage/gaoptout?hl=de.
Alternatively, for mobile browsers or within browsers on mobile devices, you can use the following link to set an opt-out cookie, which will prevent Google Analytics from collecting data within this online offering in the future (this opt-out cookie only works in this browser and only for this domain, delete cookies in this browser, click the link again): Opt-Out of Google Analytics.
Deactivate Google Analytics
For more information about the privacy practices of Google (Universal) Analytics, you can click on the following link:https://policies.google.com/privacy?hl=de&gl=de
If legally required, we have obtained your consent according to Art. 6 para. 1 lit. a) GDPR for the processing of your data as described above. You can revoke your consent at any time with effect for the future. To revoke your consent, please refer to the aforementioned options for revocation.
Usage of Youtube
Regarding the use of YouTube on our online offering, YouTube’s features for displaying and playing videos are integrated. “YouTube” is owned by Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).
The enhanced privacy mode is used, which according to the provider, only starts storing user information when the video(s) are played.
When playing embedded YouTube videos, YouTube uses cookies to collect information about user behavior. According to YouTube, these cookies are used, among other things, to record video statistics, improve user friendliness, and prevent abusive actions.
If you are logged in to Google, your data will be directly associated with your account when you click on a video. If you do not wish for this association with your YouTube profile, you must log out before activating the button. Google stores your data (even for non-logged-in users) as usage profiles and evaluates them. Such evaluation is carried out, particularly pursuant to Art. 6 para. 1 lit. f GDPR, based on Google’s legitimate interests in displaying personalized advertising, market research, and/or the demand-oriented design of its website. You have the right to object to the creation of these user profiles, but you must contact YouTube to exercise this right.
In the context of using YouTube, personal data may also be transmitted to the servers of Google LLC. in the USA. Regardless of whether the embedded videos are played, accessing this website establishes a connection to the Google network, which may trigger further data processing operations beyond our control.
In case of transferring personal data to Google LLC. in the USA, Google LLC. has certified itself under the US-European Privacy Shield Agreement, which ensures compliance with the level of data protection applicable in the EU. You can view the current certificate at https://www.privacyshield.gov/list .
Regardless of whether the embedded videos are played, accessing our online offering establishes a connection to the Google network “DoubleClick,” which may trigger further data processing operations beyond our control.
For further details about the use of cookies at YouTube, please refer to YouTube’s privacy policy at: YouTube Privacy Policy.
Submitting a review via the Recommendations Feed
Within our website, you have the option to leave a review for our company. When you click on the “Review Now” button, you will be redirected to our Facebook fan page. To create a review, it is necessary for you to log in with your Facebook profile.
The review will be displayed within our Facebook fan page. Due to the Recommendations Feed, there is a connection between our Facebook fan page and our website, which enables us to display your review within our online offering. For this purpose, the following data will be processed:
• First and last name
• Facebook profile name
• Facebook profile picture
The legal basis for data processing is your consent according to Art. 6 para. 1 lit. a) GDPR.
We assume that you consent to the publication of your review on our website if you post one on our Facebook fan page. Due to technical circumstances, it is not possible for us to separate the publication across different channels.
If you later disagree with the publication of your review, revoke it by sending an email to us (christoph.karrer@quantec-engineering.com) or delete your review on our Facebook fan page. After deleting your review, it will automatically be removed from our website. This process may take some time as there is no real-time synchronization.
For more information on data processing by Facebook, click on the following link: https://www.facebook.com/about/privacy/
Change to our Privacy Policy
We reserve the right to make short-term adjustments to our privacy policy to ensure that it always complies with current legal requirements or to implement changes to our services. This may include, for example, the introduction of new services. The new privacy policy will apply to your subsequent visits.
Trademark Protection
Any company or trademark mentioned here is the property of the respective company. The mention of brands and names is purely for informational purposes.
C. Russia-Specific Provisions
For users residing in the Russian Federation, the following applies:
The services provided on our website are not intended for citizens of the Russian Federation who are residing in Russia.
If you are a Russian citizen residing in Russia, you are expressly informed that any personal data you provide to us through this website is solely at your own risk and responsibility. You further agree that you will not hold us responsible for any non-compliance with the laws of the Russian Federation.
