Data protection information according to Art. 12-19, 21 GDPR towards data subjects
Cookie Policy (EU)
Data protection information according to Art. 12-19, 21 GDPR towards data subjects
This document provides you with information about the collection and processing of your personal data and your rights under data protection law.
Data processing office
protecfire GmbH, Weidekamp 10, D-23558 Lübeck, phone .: + +49 (0) 451 399 61-10, Fax: +49 (0) 451 399 61-20, Mail: info@protecfire.de Contact person in the field of data protection Mr. Andreas Sorge, DatCon GmbH, Ingenieurbüro für Datenschutz, Am Osterfeuer 26, 37176 Nörten-Hardenberg, phone +49 (0) 5503-9159648, Mail: sorge@datcon.de
Processing framework
– Categories of personal data processed
o Unsolicited applicants: master data (e.g. CV content, contact, family circumstances, health, knowledge, skills)
o Employees: master data (e.g.CV content, contact, family circumstances, health, knowledge, skills), contract and billing data, log data of IT systems (e.g. firewall, server logs), personal image/video data on company presentations
o Customers: Contract data, master data, billing data, services ordered.
o Interested parties; Contact data, transmitted content data
o Suppliers: Contract data, contact data, transmitted content data
o Participants in a video conference (e.g.
“MS teams”): first name, last name, e-mail address, subject
if applicable, participant IP addresses, MP4 files of the video, audio, and presentation recordings (in
the case of optional recordings), information on the incoming and outgoing call number (in the case of telephone dial-in), contents of chat histories.
Data protection information according to Art. 12-19, 21 GDPR towards data subjects
-Purposes for which the personal data are to be processed
o Unsolicited applicants: examinations of the application
o Employees: processing of all necessary and required measures in an employment relationship, ensuring that operations are as trouble-free as possible, marketing (image/video data on website and/or other online platforms, employee motivation when introducing new employees on e.g. “notice board”)
o Customers: Contract fulfillment
o Interested parties: Information exchange
o Suppliers: Services, orders
o Participants in a video conference (e.g.
“MS teams”): online meetings, telephone conferences, video conferences.
– Legal basis of processing according to Art. 6 para. 1
(Depending on the data processing, not every legal basis applies).
o Unsolicited applicants: performance of a contract or for the implementation of pre-contractual measures, consent to processing where applicable.
o Employees: fulfillment of a contract or for the implementation of pre-contractual measures,
consent to processing where applicable, fulfillment of a legal obligation, protection of legitimate interests.
o Customers: Fulfilment of a contract or to carry out pre-contractual measures, fulfillment of a legal obligation, protection of legitimate interests.
o Interested parties: of a contractor to carry out pre-contractual measures, safeguarding legitimate interests.
o Suppliers: Fulfilment of a contract or to carry out pre-contractual measures, fulfillment of a legal obligation.
o Participants in a video conference (e.g. “MS teams ): safeguarding legitimate interests, consent to processing.
-Duration for which the personal data are stored (depending on the purpose and target group) -Duration of the contract, legal time limits, withdrawal of consent (if necessary), objection to data
Data protection information according to Art. 12-19, 21 GDPR towards data subjects
processing, duration of online meeting.
– There is no automated decision-making including profiling according to Art. 22 (1) and (4) GDPR. Disclosure, source, and foreign reference
– Recipients or categories of recipients of the personal data (depending on the target group)
o Basic recipients: tax advisors, internal use (e.g. HR, IT), authorities, banks, insurance companies
o Own employees: for image data (provider, marketing agency, photographer)
o Customers and employees of customers: Subcontractors and cooperation partners (if contractually regulated or clarified).
o Participants of a videoconference: participants, providers
– Source of collection: directly / by client
Data processing outside the European Union
Data processing outside the European Union (EU) does not take place as a matter of principle, as we have restricted our primary storage location to data centers in the European Union. However, we cannot rule out the possibility that the routing of data from some applications takes place via internet servers that are located outside the EU. This can be the case in particular if, for example, participants in “online meetings” are located in a third country.
There is also the risk that, due to US jurisdiction, US authorities may view and process your data for control or monitoring purposes. This may also occur without any further legal remedy.
However, the data is encrypted during transport via the internet and thus protected against unauthorized access by third parties.
This may apply to the following applications: MS Teams.
Participation in an online meeting (e.g. MS-Teams)
Participation in such an event is voluntary. By registering, you consent to data processing (including US data transfer). You can decide at any time whether you would like to transmit images and/or sound of yourself during the event. If and to the extent that one actively decides to do so, this consent also includes that special categories of personal data (e.g. wearers of glasses, stiff limbs, Data protection information according to Art. 12-19, 21 GDPR towards data subjects speech impediments, wearers of religious symbols) may be transmitted and processed. Participation also implies consent to a possible recording and, if applicable, dissemination of the event. Both will be communicated in advance.
Legal basis of data processing in the context of an online meeting:
– Insofar as personal data of employees of the company are processed, Section 26 BDSG is the legal basis for data processing.
– If, in connection with the use of the video conferencing software, personal data is not required for the establishment, implementation or termination of the employment relationship, but is nevertheless an elementary component of the use of the video conferencing software, the legal basis for data processing is Art. 6 (1) f) DSGVO. In these cases, our interest is in the effective implementation of “online meetings”.
– Otherwise, the legal basis for data processing when conducting “online meetings” is Art. 6 para. 1 lit. b) DSGVO, insofar as the meetings are conducted in the context of contractual relationships.
– If there is no contractual relationship, the legal basis is Art. 6 para. 1 lit. f) DSGVO. Here, too, our interest is in the effective conduct of “online meetings”.
Data subject rights
– Under Art. 7 Para. 3 GDPR, you have the right to revoke your consent at any time. The consequence is that we may no longer continue the data processing based on this consent in the future;
– You have the right to request information about your personal data processed by us under Art. 15 GDPR.
According to Art.16 GDPR, you have the right to request the correction of inaccurate or incomplete personal data stored by us without undue delay
– You have the right to request the deletion of your personal data stored by us under
Art. 17 GDPR, provided that there are no other reasons, such as the fulfillment of a legal obligation or the defense of legal claims, to the contrary.
– You have the right to request the restriction of the processing of your personal data under Art. 18 GDPR.
If your personal data are processed based on Art. 7. Para.3 of the GDPR, you have the right to object to the processing of your data under Art.3 21 of the GDPR, provided that there are grounds for doing so that arise from your particular situation.
Data protection information according to Art. 12-19, 21 GDPR towards data subjects
– The controller shall notify all recipients to whom personal data have been disclosed of any rectification or erasure of the personal data or restriction of processing under Article 19 of the GDPR.
– You have the right under Article 20 of the GDPR to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format or to request that it be transferred to another controller.
– You have the right, according to Article 22, not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
– You have the right to complain to a supervisory authority according to Art. 77 GDPR.
Supervisory authority Schleswig-Holstein
P.0. Box 7116, 24171 Kiel, Holstenstraße98, 24103 Kiel, phone: 04 31/988-12 00, fax: 04 31/988-12 23, e-mail: mail@datenschutzzentrum.de, homepage: http://www.datenschutzzentrum.de Supervisory authorities of all federal states: https://www.bfdi.bund.de/DE/lnfothek/Anschriften_Links/anschriften_links-node.html
Data protection information according to Art. 12-19, 21 GDPR towards data subjects
Data protection information according to Art. 12-19, 21 GDPR towards data subjects
This document provides you with information about the collection and processing of your personal data and your rights under data protection law.
Data processing office
protecfire GmbH, Weidekamp 10, D-23558 Lübeck, phone .: + +49 (0) 451 399 61-10, Fax: +49 (0) 451 399 61-20, Mail: info@protecfire.de Contact person in the field of data protection Mr. Andreas Sorge, DatCon GmbH, Ingenieurbüro für Datenschutz, Am Osterfeuer 26, 37176 Nörten-Hardenberg, phone +49 (0) 5503-9159648, Mail: sorge@datcon.de
Processing framework
– Categories of personal data processed
o Unsolicited applicants: master data (e.g. CV content, contact, family circumstances, health, knowledge, skills)
o Employees: master data (e.g.CV content, contact, family circumstances, health, knowledge, skills), contract and billing data, log data of IT systems (e.g. firewall, server logs), personal image/video data on company presentations
o Customers: Contract data, master data, billing data, services ordered.
o Interested parties; Contact data, transmitted content data
o Suppliers: Contract data, contact data, transmitted content data
o Participants in a video conference (e.g.
“MS teams”): first name, last name, e-mail address, subject
if applicable, participant IP addresses, MP4 files of the video, audio, and presentation recordings (in
the case of optional recordings), information on the incoming and outgoing call number (in the case of telephone dial-in), contents of chat histories.
Data protection information according to Art. 12-19, 21 GDPR towards data subjects
-Purposes for which the personal data are to be processed
o Unsolicited applicants: examinations of the application
o Employees: processing of all necessary and required measures in an employment relationship, ensuring that operations are as trouble-free as possible, marketing (image/video data on website and/or other online platforms, employee motivation when introducing new employees on e.g. “notice board”)
o Customers: Contract fulfillment
o Interested parties: Information exchange
o Suppliers: Services, orders
o Participants in a video conference (e.g.
“MS teams”): online meetings, telephone conferences, video conferences.
– Legal basis of processing according to Art. 6 para. 1
(Depending on the data processing, not every legal basis applies).
o Unsolicited applicants: performance of a contract or for the implementation of pre-contractual measures, consent to processing where applicable.
o Employees: fulfillment of a contract or for the implementation of pre-contractual measures,
consent to processing where applicable, fulfillment of a legal obligation, protection of legitimate interests.
o Customers: Fulfilment of a contract or to carry out pre-contractual measures, fulfillment of a legal obligation, protection of legitimate interests.
o Interested parties: of a contractor to carry out pre-contractual measures, safeguarding legitimate interests.
o Suppliers: Fulfilment of a contract or to carry out pre-contractual measures, fulfillment of a legal obligation.
o Participants in a video conference (e.g. “MS teams ): safeguarding legitimate interests, consent to processing.
-Duration for which the personal data are stored (depending on the purpose and target group) -Duration of the contract, legal time limits, withdrawal of consent (if necessary), objection to data
Data protection information according to Art. 12-19, 21 GDPR towards data subjects
processing, duration of online meeting.
– There is no automated decision-making including profiling according to Art. 22 (1) and (4) GDPR. Disclosure, source, and foreign reference
– Recipients or categories of recipients of the personal data (depending on the target group)
o Basic recipients: tax advisors, internal use (e.g. HR, IT), authorities, banks, insurance companies
o Own employees: for image data (provider, marketing agency, photographer)
o Customers and employees of customers: Subcontractors and cooperation partners (if contractually regulated or clarified).
o Participants of a videoconference: participants, providers
– Source of collection: directly / by client
Data processing outside the European Union
Data processing outside the European Union (EU) does not take place as a matter of principle, as we have restricted our primary storage location to data centers in the European Union. However, we cannot rule out the possibility that the routing of data from some applications takes place via internet servers that are located outside the EU. This can be the case in particular if, for example, participants in “online meetings” are located in a third country.
There is also the risk that, due to US jurisdiction, US authorities may view and process your data for control or monitoring purposes. This may also occur without any further legal remedy.
However, the data is encrypted during transport via the internet and thus protected against unauthorized access by third parties.
This may apply to the following applications: MS Teams.
Participation in an online meeting (e.g. MS-Teams)
Participation in such an event is voluntary. By registering, you consent to data processing (including US data transfer). You can decide at any time whether you would like to transmit images and/or sound of yourself during the event. If and to the extent that one actively decides to do so, this consent also includes that special categories of personal data (e.g. wearers of glasses, stiff limbs, Data protection information according to Art. 12-19, 21 GDPR towards data subjects speech impediments, wearers of religious symbols) may be transmitted and processed. Participation also implies consent to a possible recording and, if applicable, dissemination of the event. Both will be communicated in advance.
Legal basis of data processing in the context of an online meeting:
– Insofar as personal data of employees of the company are processed, Section 26 BDSG is the legal basis for data processing.
– If, in connection with the use of the video conferencing software, personal data is not required for the establishment, implementation or termination of the employment relationship, but is nevertheless an elementary component of the use of the video conferencing software, the legal basis for data processing is Art. 6 (1) f) DSGVO. In these cases, our interest is in the effective implementation of “online meetings”.
– Otherwise, the legal basis for data processing when conducting “online meetings” is Art. 6 para. 1 lit. b) DSGVO, insofar as the meetings are conducted in the context of contractual relationships.
– If there is no contractual relationship, the legal basis is Art. 6 para. 1 lit. f) DSGVO. Here, too, our interest is in the effective conduct of “online meetings”.
Data subject rights
– Under Art. 7 Para. 3 GDPR, you have the right to revoke your consent at any time. The consequence is that we may no longer continue the data processing based on this consent in the future;
– You have the right to request information about your personal data processed by us under Art. 15 GDPR.
According to Art.16 GDPR, you have the right to request the correction of inaccurate or incomplete personal data stored by us without undue delay
– You have the right to request the deletion of your personal data stored by us under
Art. 17 GDPR, provided that there are no other reasons, such as the fulfillment of a legal obligation or the defense of legal claims, to the contrary.
– You have the right to request the restriction of the processing of your personal data under Art. 18 GDPR.
If your personal data are processed based on Art. 7. Para.3 of the GDPR, you have the right to object to the processing of your data under Art.3 21 of the GDPR, provided that there are grounds for doing so that arise from your particular situation.
Data protection information according to Art. 12-19, 21 GDPR towards data subjects
– The controller shall notify all recipients to whom personal data have been disclosed of any rectification or erasure of the personal data or restriction of processing under Article 19 of the GDPR.
– You have the right under Article 20 of the GDPR to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format or to request that it be transferred to another controller.
– You have the right, according to Article 22, not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
– You have the right to complain to a supervisory authority according to Art. 77 GDPR.
Supervisory authority Schleswig-Holstein
P.0. Box 7116, 24171 Kiel, Holstenstraße98, 24103 Kiel, phone: 04 31/988-12 00, fax: 04 31/988-12 23, e-mail: mail@datenschutzzentrum.de, homepage: http://www.datenschutzzentrum.de Supervisory authorities of all federal states: https://www.bfdi.bund.de/DE/lnfothek/Anschriften_Links/anschriften_links-node.html
Data protection information according to Art. 12-19, 21 GDPR towards data subjects
Data protection information according to Art. 12-19, 21 GDPR towards data subjects
This document provides you with information about the collection and processing of your personal data and your rights under data protection law.
Data processing office
protecfire GmbH, Weidekamp 10, D-23558 Lübeck, phone .: + +49 (0) 451 399 61-10, Fax: +49 (0) 451 399 61-20, Mail: info@protecfire.de Contact person in the field of data protection Mr. Andreas Sorge, DatCon GmbH, Ingenieurbüro für Datenschutz, Am Osterfeuer 26, 37176 Nörten-Hardenberg, phone +49 (0) 5503-9159648, Mail: sorge@datcon.de
Processing framework
– Categories of personal data processed
o Unsolicited applicants: master data (e.g. CV content, contact, family circumstances, health, knowledge, skills)
o Employees: master data (e.g.CV content, contact, family circumstances, health, knowledge, skills), contract and billing data, log data of IT systems (e.g. firewall, server logs), personal image/video data on company presentations
o Customers: Contract data, master data, billing data, services ordered.
o Interested parties; Contact data, transmitted content data
o Suppliers: Contract data, contact data, transmitted content data
o Participants in a video conference (e.g.
“MS teams”): first name, last name, e-mail address, subject
if applicable, participant IP addresses, MP4 files of the video, audio, and presentation recordings (in
the case of optional recordings), information on the incoming and outgoing call number (in the case of telephone dial-in), contents of chat histories.
Data protection information according to Art. 12-19, 21 GDPR towards data subjects
-Purposes for which the personal data are to be processed
o Unsolicited applicants: examinations of the application
o Employees: processing of all necessary and required measures in an employment relationship, ensuring that operations are as trouble-free as possible, marketing (image/video data on website and/or other online platforms, employee motivation when introducing new employees on e.g. “notice board”)
o Customers: Contract fulfillment
o Interested parties: Information exchange
o Suppliers: Services, orders
o Participants in a video conference (e.g.
“MS teams”): online meetings, telephone conferences, video conferences.
– Legal basis of processing according to Art. 6 para. 1
(Depending on the data processing, not every legal basis applies).
o Unsolicited applicants: performance of a contract or for the implementation of pre-contractual measures, consent to processing where applicable.
o Employees: fulfillment of a contract or for the implementation of pre-contractual measures,
consent to processing where applicable, fulfillment of a legal obligation, protection of legitimate interests.
o Customers: Fulfilment of a contract or to carry out pre-contractual measures, fulfillment of a legal obligation, protection of legitimate interests.
o Interested parties: of a contractor to carry out pre-contractual measures, safeguarding legitimate interests.
o Suppliers: Fulfilment of a contract or to carry out pre-contractual measures, fulfillment of a legal obligation.
o Participants in a video conference (e.g. “MS teams ): safeguarding legitimate interests, consent to processing.
-Duration for which the personal data are stored (depending on the purpose and target group) -Duration of the contract, legal time limits, withdrawal of consent (if necessary), objection to data
Data protection information according to Art. 12-19, 21 GDPR towards data subjects
processing, duration of online meeting.
– There is no automated decision-making including profiling according to Art. 22 (1) and (4) GDPR. Disclosure, source, and foreign reference
– Recipients or categories of recipients of the personal data (depending on the target group)
o Basic recipients: tax advisors, internal use (e.g. HR, IT), authorities, banks, insurance companies
o Own employees: for image data (provider, marketing agency, photographer)
o Customers and employees of customers: Subcontractors and cooperation partners (if contractually regulated or clarified).
o Participants of a videoconference: participants, providers
– Source of collection: directly / by client
Data processing outside the European Union
Data processing outside the European Union (EU) does not take place as a matter of principle, as we have restricted our primary storage location to data centers in the European Union. However, we cannot rule out the possibility that the routing of data from some applications takes place via internet servers that are located outside the EU. This can be the case in particular if, for example, participants in “online meetings” are located in a third country.
There is also the risk that, due to US jurisdiction, US authorities may view and process your data for control or monitoring purposes. This may also occur without any further legal remedy.
However, the data is encrypted during transport via the internet and thus protected against unauthorized access by third parties.
This may apply to the following applications: MS Teams.
Participation in an online meeting (e.g. MS-Teams)
Participation in such an event is voluntary. By registering, you consent to data processing (including US data transfer). You can decide at any time whether you would like to transmit images and/or sound of yourself during the event. If and to the extent that one actively decides to do so, this consent also includes that special categories of personal data (e.g. wearers of glasses, stiff limbs, Data protection information according to Art. 12-19, 21 GDPR towards data subjects speech impediments, wearers of religious symbols) may be transmitted and processed. Participation also implies consent to a possible recording and, if applicable, dissemination of the event. Both will be communicated in advance.
Legal basis of data processing in the context of an online meeting:
– Insofar as personal data of employees of the company are processed, Section 26 BDSG is the legal basis for data processing.
– If, in connection with the use of the video conferencing software, personal data is not required for the establishment, implementation or termination of the employment relationship, but is nevertheless an elementary component of the use of the video conferencing software, the legal basis for data processing is Art. 6 (1) f) DSGVO. In these cases, our interest is in the effective implementation of “online meetings”.
– Otherwise, the legal basis for data processing when conducting “online meetings” is Art. 6 para. 1 lit. b) DSGVO, insofar as the meetings are conducted in the context of contractual relationships.
– If there is no contractual relationship, the legal basis is Art. 6 para. 1 lit. f) DSGVO. Here, too, our interest is in the effective conduct of “online meetings”.
Data subject rights
– Under Art. 7 Para. 3 GDPR, you have the right to revoke your consent at any time. The consequence is that we may no longer continue the data processing based on this consent in the future;
– You have the right to request information about your personal data processed by us under Art. 15 GDPR.
According to Art.16 GDPR, you have the right to request the correction of inaccurate or incomplete personal data stored by us without undue delay
– You have the right to request the deletion of your personal data stored by us under
Art. 17 GDPR, provided that there are no other reasons, such as the fulfillment of a legal obligation or the defense of legal claims, to the contrary.
– You have the right to request the restriction of the processing of your personal data under Art. 18 GDPR.
If your personal data are processed based on Art. 7. Para.3 of the GDPR, you have the right to object to the processing of your data under Art.3 21 of the GDPR, provided that there are grounds for doing so that arise from your particular situation.
Data protection information according to Art. 12-19, 21 GDPR towards data subjects
– The controller shall notify all recipients to whom personal data have been disclosed of any rectification or erasure of the personal data or restriction of processing under Article 19 of the GDPR.
– You have the right under Article 20 of the GDPR to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format or to request that it be transferred to another controller.
– You have the right, according to Article 22, not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
– You have the right to complain to a supervisory authority according to Art. 77 GDPR.
Supervisory authority Schleswig-Holstein
P.0. Box 7116, 24171 Kiel, Holstenstraße98, 24103 Kiel, phone: 04 31/988-12 00, fax: 04 31/988-12 23, e-mail: mail@datenschutzzentrum.de, homepage: http://www.datenschutzzentrum.de Supervisory authorities of all federal states: https://www.bfdi.bund.de/DE/lnfothek/Anschriften_Links/anschriften_links-node.html
Cookie Policy (EU)
This Cookie Policy was last updated on October 25, 2024 and applies to citizens and legal permanent residents of the European Economic Area and Switzerland.
1. Introduction
Our website, https://www.protecfire.de (hereinafter: "the website") uses cookies and other related technologies (for convenience all technologies are referred to as "cookies"). Cookies are also placed by third parties we have engaged. In the document below we inform you about the use of cookies on our website.
2. What are cookies?
A cookie is a small simple file that is sent along with pages of this website and stored by your browser on the hard drive of your computer or another device. The information stored therein may be returned to our servers or to the servers of the relevant third parties during a subsequent visit.
3. What are scripts?
A script is a piece of program code that is used to make our website function properly and interactively. This code is executed on our server or on your device.
4. What is a web beacon?
A web beacon (or a pixel tag) is a small, invisible piece of text or image on a website that is used to monitor traffic on a website. In order to do this, various data about you is stored using web beacons.
5. Cookies
5.1 Technical or functional cookies
Some cookies ensure that certain parts of the website work properly and that your user preferences remain known. By placing functional cookies, we make it easier for you to visit our website. This way, you do not need to repeatedly enter the same information when visiting our website and, for example, the items remain in your shopping cart until you have paid. We may place these cookies without your consent.
5.2 Statistics cookies
We use statistics cookies to optimise the website experience for our users. With these statistics cookies we get insights in the usage of our website. We ask your permission to place statistics cookies.
5.3 Marketing/Tracking cookies
Marketing/Tracking cookies are cookies or any other form of local storage, used to create user profiles to display advertising or to track the user on this website or across several websites for similar marketing purposes.
5.4 Social media
On our website, we have included content from Facebook, Twitter, LinkedIn and Instagram to promote web pages (e.g. “like”, “pin”) or share (e.g. “tweet”) on social networks like Facebook, Twitter, LinkedIn and Instagram. This content is embedded with code derived from Facebook, Twitter, LinkedIn and Instagram and places cookies. This content might store and process certain information for personalised advertising.
Please read the privacy statement of these social networks (which can change regularly) to read what they do with your (personal) data which they process using these cookies. The data that is retrieved is anonymised as much as possible. Facebook, Twitter, LinkedIn and Instagram are located in the United States.
6. Placed cookies
7. Consent
When you visit our website for the first time, we will show you a pop-up with an explanation about cookies. As soon as you click on "Save preferences", you consent to us using the categories of cookies and plug-ins you selected in the pop-up, as described in this Cookie Policy. You can disable the use of cookies via your browser, but please note that our website may no longer work properly.
7.1 Manage your consent settings
You have loaded the Cookie Policy without JavaScript support. On AMP, you can use the manage consent button on the bottom of the page.
8. Enabling/disabling and deleting cookies
You can use your internet browser to automatically or manually delete cookies. You can also specify that certain cookies may not be placed. Another option is to change the settings of your internet browser so that you receive a message each time a cookie is placed. For more information about these options, please refer to the instructions in the Help section of your browser.
Please note that our website may not work properly if all cookies are disabled. If you do delete the cookies in your browser, they will be placed again after your consent when you visit our website again.
9. Your rights with respect to personal data
You have the following rights with respect to your personal data:
- You have the right to know why your personal data is needed, what will happen to it, and how long it will be retained for.
- Right of access: You have the right to access your personal data that is known to us.
- Right to rectification: you have the right to supplement, correct, have deleted or blocked your personal data whenever you wish.
- If you give us your consent to process your data, you have the right to revoke that consent and to have your personal data deleted.
- Right to transfer your data: you have the right to request all your personal data from the controller and transfer it in its entirety to another controller.
- Right to object: you may object to the processing of your data. We comply with this, unless there are justified grounds for processing.
To exercise these rights, please contact us. Please refer to the contact details at the bottom of this Cookie Policy. If you have a complaint about how we handle your data, we would like to hear from you, but you also have the right to submit a complaint to the supervisory authority (the Data Protection Authority).
10. Contact details
For questions and/or comments about our Cookie Policy and this statement, please contact us by using the following contact details:
protecfire GmbH
Weidekamp 10 23558 Lübeck GERMANY
Germany
Website: https://www.protecfire.de
Email: info@protecfire.de
Phone number: +49 (0) 451 399 61-10
This Cookie Policy was synchronised with cookiedatabase.org on November 19, 2024.
Gliederung
Datenschutzrechtliche Information gem. Art. 12-19, 21 DSGVO gegenüber betroffenen Personen
Data protection information according to Art. 12-19, 21 GDPR towards data subjects
Data protection information according to Art. 12-19, 21 GDPR towards data subjects
This document provides you with information about the collection and processing of your personal data and your rights under data protection law.
Data processing office
protecfire GmbH, Weidekamp 10, D-23558 Lübeck, phone .: + +49 (0) 451 399 61-10, Fax: +49 (0) 451 399 61-20, Mail: info@protecfire.de Contact person in the field of data protection Mr. Andreas Sorge, DatCon GmbH, Ingenieurbüro für Datenschutz, Am Osterfeuer 26, 37176 Nörten-Hardenberg, phone +49 (0) 5503-9159648, Mail: sorge@datcon.de
Processing framework
– Categories of personal data processed
o Unsolicited applicants: master data (e.g. CV content, contact, family circumstances, health, knowledge, skills)
o Employees: master data (e.g.CV content, contact, family circumstances, health, knowledge, skills), contract and billing data, log data of IT systems (e.g. firewall, server logs), personal image/video data on company presentations
o Customers: Contract data, master data, billing data, services ordered.
o Interested parties; Contact data, transmitted content data
o Suppliers: Contract data, contact data, transmitted content data
o Participants in a video conference (e.g.
“MS teams”): first name, last name, e-mail address, subject
if applicable, participant IP addresses, MP4 files of the video, audio, and presentation recordings (in
the case of optional recordings), information on the incoming and outgoing call number (in the case of telephone dial-in), contents of chat histories.
Data protection information according to Art. 12-19, 21 GDPR towards data subjects
-Purposes for which the personal data are to be processed
o Unsolicited applicants: examinations of the application
o Employees: processing of all necessary and required measures in an employment relationship, ensuring that operations are as trouble-free as possible, marketing (image/video data on website and/or other online platforms, employee motivation when introducing new employees on e.g. “notice board”)
o Customers: Contract fulfillment
o Interested parties: Information exchange
o Suppliers: Services, orders
o Participants in a video conference (e.g.
“MS teams”): online meetings, telephone conferences, video conferences.
– Legal basis of processing according to Art. 6 para. 1
(Depending on the data processing, not every legal basis applies).
o Unsolicited applicants: performance of a contract or for the implementation of pre-contractual measures, consent to processing where applicable.
o Employees: fulfillment of a contract or for the implementation of pre-contractual measures,
consent to processing where applicable, fulfillment of a legal obligation, protection of legitimate interests.
o Customers: Fulfilment of a contract or to carry out pre-contractual measures, fulfillment of a legal obligation, protection of legitimate interests.
o Interested parties: of a contractor to carry out pre-contractual measures, safeguarding legitimate interests.
o Suppliers: Fulfilment of a contract or to carry out pre-contractual measures, fulfillment of a legal obligation.
o Participants in a video conference (e.g. “MS teams ): safeguarding legitimate interests, consent to processing.
-Duration for which the personal data are stored (depending on the purpose and target group) -Duration of the contract, legal time limits, withdrawal of consent (if necessary), objection to data
Data protection information according to Art. 12-19, 21 GDPR towards data subjects
processing, duration of online meeting.
– There is no automated decision-making including profiling according to Art. 22 (1) and (4) GDPR. Disclosure, source, and foreign reference
– Recipients or categories of recipients of the personal data (depending on the target group)
o Basic recipients: tax advisors, internal use (e.g. HR, IT), authorities, banks, insurance companies
o Own employees: for image data (provider, marketing agency, photographer)
o Customers and employees of customers: Subcontractors and cooperation partners (if contractually regulated or clarified).
o Participants of a videoconference: participants, providers
– Source of collection: directly / by client
Data processing outside the European Union
Data processing outside the European Union (EU) does not take place as a matter of principle, as we have restricted our primary storage location to data centers in the European Union. However, we cannot rule out the possibility that the routing of data from some applications takes place via internet servers that are located outside the EU. This can be the case in particular if, for example, participants in “online meetings” are located in a third country.
There is also the risk that, due to US jurisdiction, US authorities may view and process your data for control or monitoring purposes. This may also occur without any further legal remedy.
However, the data is encrypted during transport via the internet and thus protected against unauthorized access by third parties.
This may apply to the following applications: MS Teams.
Participation in an online meeting (e.g. MS-Teams)
Participation in such an event is voluntary. By registering, you consent to data processing (including US data transfer). You can decide at any time whether you would like to transmit images and/or sound of yourself during the event. If and to the extent that one actively decides to do so, this consent also includes that special categories of personal data (e.g. wearers of glasses, stiff limbs, Data protection information according to Art. 12-19, 21 GDPR towards data subjects speech impediments, wearers of religious symbols) may be transmitted and processed. Participation also implies consent to a possible recording and, if applicable, dissemination of the event. Both will be communicated in advance.
Legal basis of data processing in the context of an online meeting:
– Insofar as personal data of employees of the company are processed, Section 26 BDSG is the legal basis for data processing.
– If, in connection with the use of the video conferencing software, personal data is not required for the establishment, implementation or termination of the employment relationship, but is nevertheless an elementary component of the use of the video conferencing software, the legal basis for data processing is Art. 6 (1) f) DSGVO. In these cases, our interest is in the effective implementation of “online meetings”.
– Otherwise, the legal basis for data processing when conducting “online meetings” is Art. 6 para. 1 lit. b) DSGVO, insofar as the meetings are conducted in the context of contractual relationships.
– If there is no contractual relationship, the legal basis is Art. 6 para. 1 lit. f) DSGVO. Here, too, our interest is in the effective conduct of “online meetings”.
Data subject rights
– Under Art. 7 Para. 3 GDPR, you have the right to revoke your consent at any time. The consequence is that we may no longer continue the data processing based on this consent in the future;
– You have the right to request information about your personal data processed by us under Art. 15 GDPR.
According to Art.16 GDPR, you have the right to request the correction of inaccurate or incomplete personal data stored by us without undue delay
– You have the right to request the deletion of your personal data stored by us under
Art. 17 GDPR, provided that there are no other reasons, such as the fulfillment of a legal obligation or the defense of legal claims, to the contrary.
– You have the right to request the restriction of the processing of your personal data under Art. 18 GDPR.
If your personal data are processed based on Art. 7. Para.3 of the GDPR, you have the right to object to the processing of your data under Art.3 21 of the GDPR, provided that there are grounds for doing so that arise from your particular situation.
Data protection information according to Art. 12-19, 21 GDPR towards data subjects
– The controller shall notify all recipients to whom personal data have been disclosed of any rectification or erasure of the personal data or restriction of processing under Article 19 of the GDPR.
– You have the right under Article 20 of the GDPR to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format or to request that it be transferred to another controller.
– You have the right, according to Article 22, not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
– You have the right to complain to a supervisory authority according to Art. 77 GDPR.
Supervisory authority Schleswig-Holstein
P.0. Box 7116, 24171 Kiel, Holstenstraße98, 24103 Kiel, phone: 04 31/988-12 00, fax: 04 31/988-12 23, e-mail: mail@datenschutzzentrum.de, homepage: http://www.datenschutzzentrum.de Supervisory authorities of all federal states: https://www.bfdi.bund.de/DE/lnfothek/Anschriften_Links/anschriften_links-node.html
