+49 52 51 / 15 50 0

Data Protection

This privacy notice informs you about our handling of your personal data. We would like to present you with an overview of this processing to ensure that it is transparent and verifiable. In order to ensure fair processing, this privacy notice contains general information about our processing of your personal data and information about your rights in accordance with the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

We will also inform you in detail about:

I. General information
II. Data processing on our website
III. Data processing on our social media sites
IV. Further data processing

Janz Tec AG, Im Dörener Feld 8, 33100 Paderborn, Germany (hereinafter referred to as “we” or “us”) is responsible for the data processing.

I. General information

1. Contact
If you have any questions or suggestions regarding this information, or if you want to contact us to assert your rights, please address your query to

Janz Tec AG
Im Dörener Feld 8
33100 Paderborn
Germany
Phone: +49 52 51 / 15 50 0
E-Mail:

2. Legal basis

We process personal data taking the relevant data protection provisions into account, in particular those of the GDPR and BDSG. Data processing conducted by us is only done on the basis of a legal permit. We only process personal data with your consent (section 25 para. 1 TTDSG or Art. 6 para. 1 sentence 1 a) GDPR) to fulfil a contract to which you are a party, or in order to take steps at your request prior to entering into a contract (Art. 6 para. 1 sentence 1 b) GDPR), to comply with a legal obligation (Art. 6 para.1 sentence 1 c) GDPR) or when processing is necessary to maintain the legitimate interests pursued by us or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms which require protection of personal data (Art. 6 para. 1 sentence 1 f) GDPR).

3. Duration of storage

Unless the following information specifies otherwise, we shall only store your personal data as long as is necessary for achieving the processing purpose or for the performance of our contractual or legal obligations. Legal storage obligations may in particular arise from commercial or tax-related regulations.

4. Recipient of the data

We make use of commissioned service providers for individual processing operations. This includes, for example, hosting, maintenance and support of IT systems, marketing measures or destruction of files and data carriers. These service providers will only process the personal data following explicit instructions and are contractually obligated to guarantee the implementation of sufficient technical and organisational data protection measures. In addition, we may transfer personal data of our customers to parties such as postal and delivery services, payment and information services, banks, tax consultants/auditors or the tax authorities. Should your data be transferred to further recipients, you can find this information under the description of the respective processing activity.

5. Data transfer to third countries

Our data processing operations may involve the transfer of certain personal data to third countries, i.e. countries where the GDPR is not applicable law. Such a transfer takes place in a permissible manner if the European Commission has determined that an adequate level of data protection is required in such a third country. If such an adequacy decision by the European Commission does not exist, a transfer of personal data to a third country will only take place if appropriate safeguards pursuant to Art. 46 GDPR are in place or if one of the conditions of Art. 49 GDPR is met.

Unless otherwise stated below, we use the EU standard data protection clauses as appropriate safeguards for the transfer of personal data to third countries. You have the possibility to obtain a copy of these EU standard data protection clauses or to inspect them. To do so, please contact us at the address given under Contact. If you consent to the transfer of personal data to third countries, the transfer is made on the legal basis of Art. 49 para. 1 a GDPR.

6. Processing in the exercise of your rights pursuant to Art. 15 to 22 GDPR

If you exercise your rights pursuant to Art. 12 to 22 GDPR, we will process the personal data transmitted for the purpose of implementing these rights by us and to be able to provide proof of this. For the purpose of providing information and preparing such information, we will process stored data only for this purpose and for purposes of data protection control and otherwise restrict processing in accordance with Art. 18 GDPR.

These processing operations are based on the legal basis of Art. 6 para. 1 c) GDPR in connection with Art. 15 to 22 GDPR and section 34 para. 2 BDSG.

7. Your rights

As an affected person, you have the right to assert your rights as an affected person vis-à-vis our company. You have the following rights in particular:

  • In accordance with Art. 15 GDPR and section 34 BDSG, you have the right to demand information on whether we process your personal data, and if so, to what extent.
  • You have the right, in accordance with Art. 16 GDPR, to demand the rectification of your personal data.
  • You have the right, in accordance with Art. 17 GDPR and section 35 BDSG, to demand the deletion of your personal data. You have the right, in accordance with Art. 18 GDPR, to demand the limitation of the processing of your personal data. You have the right, in accordance with Art. 20 GDPR, to receive the data concerning your person which you have provided us with, in a structured, commonly used and machine-readable format, and to transmit this personal data to another controller.
  • You can withdraw granted consent in accordance with Art. 7 para. 3 GDPR. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
  • If you are of the opinion that the processing of your personal data violates the provisions of the GDPR, you have the right to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR.

8. Right to object

As stipulated in Art. 21 GDPR, you have the right to object to any processing which arises from the legal basis in Art. 6 para. 1 sentence 1 e) or f) GDPR. If we process personal data for direct marketing purposes, you can object to this processing in accordance with Art. 21 para. 2 and para. 3 GDPR.

9. Contact details data protection officer

E-Mail:
Herting Oberbeck Datenschutz GmbH
Hallerstraße 76, 20146 Hamburg
https://www.datenschutzkanzlei.de

II. Data processing on our website

When using the website, we collect information that you provide yourself. In addition, certain information about your use of the website is automatically collected during your visit to the website. In data protection law, the IP address is generally also considered a personal date. An IP address is assigned to every device connected to the internet by the internet provider so that it can send and receive data.

1. Processing of server log files

In case of a purely informative use of our website, general information which is transmitted by your browser to our server is automatically (hence not via registration) stored. By default, this includes: type of browser/version, operating system used, accessed page, previously accessed page (referrer URL), IP address, date and time of the server query and HTTP status code.

The processing is necessary for the purposes of pursuing our legitimate interests and is based on the legal foundation of Art. 6 para. 1 sentence 1 f) GDPR. This processing serves the technical administration and security of our website. The stored data is deleted when there are no specific indications that prompt us to suspect, on reasonable grounds, any illegal activity which requires the further review and processing of the information for this reason. We will not be able to identify you as a data subject from the information we hold. Therefore Art. 15 to 22 GDPR do not apply pursuant to Art. 11 para. 2 GDPR, unless you provide additional information to enable identification in order to exercise the rights set out in these articles.

2. Contact form

Our website contains a contact form which you can use to send us messages. The transfer of your personal data in these messages is encrypted. All data fields designated as mandatory fields are required to process your request. Your request cannot be processed if you do not provide all the necessary information. The disclosure of other personal data is voluntary. Alternatively, you can send us a message via the contact email address. We process the data for the purpose of responding to your request.
If your request is directed towards the conclusion or performance of a contract with us, Art. 6 para. 1 b) GDPR is the legal basis for the data processing. Otherwise, we process the data on the basis of our legitimate interest in contacting enquirers. The legal basis for the data processing is then Art. 6 para. 1 f) GDPR.

3. White Paper

You also have the option of receiving white papers on various specialist IT issues via our website. We collect the personal data available from the respective form in order to provide you with a white paper. The legal basis for the data processing is provided in Art. 6 para. 1 sentence 1 b) GDPR.

4. Support Platform

We offer a support platform through which our customers can submit support requests. Personalized access data (e-mail address and password) are required for use. Further personal data may be processed within the scope of use. The data will only be processed for the purpose of providing the service. The processing is based on the legal basis of Art. 6 para. 1 b) GDPR.

5. Newsletter

Our website also provides the option of subscribing to our newsletter. Once you subscribe, we will regularly provide you with news on our current offers. Subscribing to the newsletter requires a valid email address. If you subscribe to our newsletter on our website, we will process personal data such as your email address and possibly your name for dispatching purposes. We also track your reading behaviour and the access rates of our newsletter. Here, we analyse how often you accessed the newsletter and which links were clicked. The legal basis for this processing is provided in Art. 6 para. 1 sentence 1 a) GDPR. You can withdraw your consent at any time by unsubscribing from our newsletter.

To verify the email address, you will first receive a registration email which you must confirm via a link (double opt-in). When subscribing to the newsletter, we also store the IP address, as well as the date and time of the registration. Processing of this data is required to prove that consent has been issued. The legal basis arises from our legal obligation to document your consent (Art. 6 para. 1 sentence 1 c) in conjunction with Art. 7 para. 1 GDPR).

6. Cookies

We use cookies and similar technologies (“cookies”) on our website. Cookies are small sets of data that are stored by your browser when visiting a website. Through this your browser will be identified and can be recognized by webservers. You have full control over the use of cookies through your browser. You can delete the cookies in the security settings of your browser at any time. You can object to the use of cookies through your browser settings in general or for specific cases.

The use of cookies is partly technically necessary for the operation of our website and thus permissible without the consent of the user. In addition, we may use cookies to offer special features and content as well as for the purpose of analysis and marketing purposes. These may also include cookies from third party providers (so-called third-party cookies). We use such technically unnecessary cookies only with your consent pursuant to section 25 para. 1 TTDSG and, if applicable, Art. 6 para. 1 a) GDPR. You can find information about the purposes, providers, technologies used, data stored and the storage period of individual cookies in the cookie settings of our Consent Management Tool. You can access the Consent Management Tool again by going to “Cookie Settings” in the footer (baseboard) of the website.

7. Consent Management Tool

This website uses the Consent Management Tool Borlabs of Borlabs GmbH (Germany/EU) to control cookies and the processing of personal data.

The consent banner enables users of our website to give their consent to certain data processing procedures or to revoke their consent. By confirming the “Accept all” button or by saving individual cookie settings, you consent to the use of the associated cookies.

The legal basis under data protection law is your consent within the meaning of Art. 6 para. 1 a) GDPR.

In addition, the banner helps us to be able to provide evidence of the declaration of consent. For this purpose, we process information about the declaration of consent and further log data about this declaration. Cookies are also used to collect this data. The processing of this data is necessary in order to be able to prove that consent has been given. The legal basis results from our legal obligation to document your consent (Art. 6 para. 1 c) in conjunction with Art. 7 para. 1 GDPR).

You can withdraw your consent for cookies here: Cookie settings

8. Google AdWords Conversion Tracking

We use the online advertising programme Google AdWords by Google Ireland Limited, (Irland/EU) to run advertisements with Google. If you access our website via a Google advertisement, Google will set a cookie on your end device (“conversion cookie”). Each AdWords customer is assigned a different conversion cookie so that the cookies cannot be tracked via the websites of other AdWords customers. The information obtained through the cookie is used to compile conversion statistics. We use this to determine the total number of users who clicked one of our Google advertisements. However, we do not receive any information which can be used to personally identify the user.

Insofar as personal data is processed in this context, this is based on your consent as the legal basis (Art. 6 para.1 a) GDPR). You have the right to withdraw your consent at any time with effect for the future by adjusting the settings on our Consent banner. You can open the Consent Management Tool by calling up “Cookie Settings” in the footer (baseboard) of the website. The withdrawal of your consent does not affect the lawfulness of the processing carried out on the basis of your consent until the withdrawal.

9. Google Analytics

We use the Google Analytics service of the provider Google Ireland Limited (Ireland, EU) on our website.

Google Analytics is a web analytics service that enables us to collect and analyse data about the behaviour of visitors to our website. Google Analytics uses cookies to analyse the use of our website. This involves the processing of personal data in the form of online identifiers (including cookie identifiers), IP addresses, device identifiers and information about interaction with our website.

Some of this data is information stored in the terminal device you are using. In addition, further information is also stored on your end device via the cookies used. Such storage of information by Google Analytics or access to information already stored in your terminal device will only take place with your consent.
Google Ireland will process the data collected in this way on our behalf in order to evaluate the use of our website by users, to compile reports on the activities within our website and to provide us with other services associated with the use of our website and the use of the Internet. In doing so, pseudonymous user profiles of the users can be created from the processed data.

The setting of cookies and the further processing of personal data described here takes place with your consent. The legal basis for the data processing in connection with the Google Analytics service is therefore Art. 6 para. 1 a) GDPR. You can revoke this consent via our Consent Management Tool at any time with effect for the future.

The personal data processed on our behalf to provide Google Analytics may be transferred to any country in which Google Ireland or Google Ireland’s sub-processors maintain facilities. Please refer to the information in the section “Data transfer to third countries”.

We only use Google Analytics with IP anonymisation activated. This means that the IP address of the user is shortened by Google Ireland within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The IP address transmitted by the user’s browser is not merged with other data. Further information on the use of data for advertising purposes can be found in Google’s privacy policy at: www.google.com/policies/technologies/ads/.

We use the Google Analytics 4 variant, which allows us to track interaction data from different devices and from different sessions. This allows us to put individual user actions in context and analyse long-term relationships.

Data on user actions is stored for a period of 14 months and then automatically deleted. All other event data is stored for 2 months and then automatically deleted. The deletion of data whose storage period has expired takes place automatically once a month.

We also use the Google Analytics(remarketing) advertising features. This function enables us, in conjunction with the cross-device functions of Google, to display advertisements in a more targeted manner and to present users with ads that are tailored to their interests. Through remarketing, users are shown ads and products that have been identified as being of interest on other websites in the Google network. The function allows us to link advertising target groups created via Google Analytics Remarketing with the cross-device functions of Google Ads. In this way, interest-based, personalised advertising messages that have been adapted to a user depending on previous usage and surfing behaviour on one end device (e.g. mobile phone) can also be displayed on another end device of the user (e.g. tablet or PC).

If you have given your consent, Google will link your web and app browsing history to your Google account for this purpose. In this way, the same personalised advertising messages can be displayed on every end device on which you log in with your Google account. The aggregation of the collected data in your Google Account is based solely on your consent, which you can give or revoke at Google. For these linked services, data is then collected via Google Analytics for advertising purposes. To support the remarketing function, Google Analytics collects users’ Google-authenticated IDs, which are temporarily linked to our Google Analytics data. This is used to define and create target groups for cross-device ad advertising.

10. Google reCAPTCHA

We use the reCAPTCHA service of Google Ireland Limited (Ireland/EU) when registering for the corporate customer portal. For such integration, processing of your IP address is technically necessary so that the content can be sent to your browser. Therefore, your IP address is transmitted to Google Ireland. In addition, Google Ireland collects further data, e.g., about your browser and your click patterns. For security reasons, we use the service to check whether form entries are submitted by a natural person. Thus, automated access attempts and attacks can be detected and warded off. We are required by law to take technically and commercially reasonable measures to ensure the security of the portal. The legal basis is Art. 6 (1) lit. c GDPR in conjunction with Art. 32 GDPR and section 19 para. 4 TTDSG.

When using the service, a transfer of your data to the USA cannot be ruled out. Please note the information in the section “Data transfer to third countries”. Further information on data protection at Google can be found in Google’s privacy policy at https://www.google.com/policies/privacy.

III. Data processing on our social media sites

We are represented on several social media platforms with a company profile. Through this, we would like to offer further opportunities to obtain information about our company and to interact. Our company has company profiles on the following social media platforms:

  • Facebook und Instagram
  • LinkedIn
  • Twitter
  • Xing
  • YouTube

When you visit or interact with our profiles on social media platforms, personal data may be processed. The information associated with a social media profile used also regularly constitute as personal data. This also includes messages and statements made using the profile. In addition, certain information is often automatically collected during your visit of social media platforms, which may also be considered as personal data.

1. Visit a social media site

a. Facebook and Instagram

When you visit our Facebook or Instagram page, through which we present our company or individual products from our range, certain information about you is processed. Meta Platforms Ireland Limited (Ireland/EU – “Meta”) is solely responsible for this processing of personal data. Further information about the processing of personal data by Meta can be found at https://www.facebook.com/privacy/explanation. Meta offers the possibility to object to certain data processing; information and opt-out options in this regard can be found at https://www.facebook.com/settings?tab=ads.

Meta provides us with anonymized statistics and insights for our Facebook and Instagram page that help us gain insights into the types of actions people take on our page (known as “page insights”). These page insights are created based on certain information about individuals who have visited our page. This processing of personal data is carried out by Meta and us as joint controllers. The processing serves our legitimate interest of evaluating the types of actions performed on our page and to improve our page based on these findings. The legal basis for this processing is Art. 6 (1) lit. f GDPR. We cannot associate the information obtained through page insights with individual user profiles that interact with our Facebook and Instagram pages. We have entered into a joint controller agreement with Meta, which sets out the distribution of data protection between us and Meta. Details about the processing of personal data for the creation of the page insights and the agreement concluded between us and Meta can be found at https://www.facebook.com/legal/terms/information_about_page_insights_data. Regarding this data processing, you also have the option of asserting your data subject rights (see “Your rights”) against Meta. Further information on this can be found in Meta’s privacy policy at https://www.facebook.com/privacy/explanation.

Please note that according to Meta Privacy Policy, user data is also processed in the U.S. or other third countries. Meta transfers user data only to countries for which an adequacy decision has been issued by the European Commission in accordance with Art. 45 GDPR or on the basis of appropriate guarantees in accordance with Art. 46 GDPR.

b. LinkedIn

LinkedIn Ireland Unlimited Company (Ireland/EU – “LinkedIn”) is the sole responsible party for the processing of personal data when you visit our LinkedIn page. You can obtain further information about the processing of personal data by LinkedIn at https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy.

When you visit, follow, or engage with our LinkedIn company page, LinkedIn processes personal data to provide us with anonymized statistics and insights. This provides us with insights about the types of actions people take on our site (known as Page Insights). For this purpose, LinkedIn processes in particular information that you already provided to LinkedIn in your profile, such as information on function, country, industry, seniority, company size and employment status. In addition, LinkedIn will process information about how you are interacting with our LinkedIn company page, e.g., whether you are a follower of our LinkedIn company page. With Page Insights, LinkedIn does not provide us with any personal data about you. We only have access to the summarized Page Insights. It is also not possible to draw conclusions about individual members from the information of the Page Insights. This processing of personal data in the context of Page Insights is carried out by LinkedIn and us as joint controllers. The processing serves our legitimate interest to evaluate the types of actions taken on our LinkedIn company page and to improve our company page based on these findings. The legal basis for this processing is Art. 6 (1) lit. GDPR. We have entered into a joint controller agreement with LinkedIn. This agreement is available at: https://legal.linkedin.com/pages-joint-controller-addendum. Thereafter, the following applies:

  • LinkedIn and we have agreed that LinkedIn is responsible for enabling you to exercise your rights under the GDPR. You can contact LinkedIn about this online via the following (https://www.linkedin.com/help/linkedin/ask/PPQ?lang=de) or reach LinkedIn via the contact details in the privacy policy. You can contact the Data Protection Officer at LinkedIn Ireland via the following link https://www.linkedin.com/help/linkedin/ask/TSO-DPO. You may also contact us at our contact details provided regarding the exercise of your rights in connection with the processing of personal data in the context of Page Insights. In this case we will forward your request to LinkedIn.
  • LinkedIn and we have agreed that the Irish Data Protection Commission is the lead supervisory authority overseeing processing for Page Insights. You always have the right to lodge a complaint with the Irish Data Protection Commission (see at www.dataprotection.ie) or any other supervisory authority.

Please note that according to the LinkedIn privacy policy, personal data may also be processed by LinkedIn in the U.S. or other third countries. LinkedIn transfers personal data only to countries for which the European Commission has issued an adequacy decision pursuant to Art. 45 of the GDPR or based on appropriate safeguards pursuant to Art. 46 of the GDPR.

c. Twitter

For the processing of personal data when visiting our Twitter profile, Twitter Inc. (USA) is the sole responsible party. Further information about the processing of personal data by Twitter Inc. can be found at https://twitter.com/de/privacy.

d. XING

For the processing of personal data when visiting our Xing profile, New Work SE (Germany/EU) is the sole responsible party. Further information about the processing of personal data by New Work SE can be found at https://privacy.xing.com/de/datenschutzerklaerung.

e. YouTube

For the processing of personal data when visiting our YouTube channel, Google Ireland Limited (Ireland/EU) us the sole responsible party. Further information about the processing of personal data by YouTube or Google Ireland Limited can be found at https://policies.google.com/privacy.

2. Comments and Direct Messages

We also process information that you have provided to us via our company page on the respective social media platform. Such information may be the username used, contact details or a message to us. These processing operations are carried out by us as the sole data controller. We process this data based on our legitimate interest to get in contact with requesting persons. The legal basis for data processing is Art. 6 (1) lit. f GDPR. Further data processing may take place if you have consented (Art. 6 (1) lit. a GDPR) or if this is necessary for the fulfillment of a legal obligation. (Art. 6 (1) lit. c GDPR).

IV. Further data processing

1. Contractual relations

For the establishment or implementation of the contractual relationship with our customers, the processing of the personal, contract and payment data provided to us is regularly necessary. The legal basis for this processing is Art. 6 para. 1 b) GDPR. In addition, we process customer and prospect data for evaluation and marketing purposes. This processing takes place on the legal basis of Art. 6 para. 1 f) GDPR and serves our interest in further developing our services and to inform you specifically about offers from Janz Tec AG. Further data processing can take place with your consent (Art. 6 para. 1 a) GDPR) or if this serves to fulfil a legal obligation (Art. 6 para. 1 c) GDPR).

A transfer of your personal data cannot be excluded when using the services Confluence and Jira (provided by Atlassian Pty. Ltd. based in Australia and Atlassian Inc. based in the USA). For more information, please see “Data transfers to third countries”.

2. Employment Applications

When you apply to us for employment, we only process application data for purposes related to your interest in current or future employment at our company and the processing of your employment application. Your application will only be processed and taken note of by the respective contact persons. All employees entrusted with data processing are obligated to maintain confidentiality of your personal data.

Should we not be able to offer you employment, we shall store your application data for up to six months after a respective rejection in order to be able to answer questions arising in relation to your application and rejection. This shall not apply in the event that legal provisions prevent deletion, when further storage is required for providing proof or when you have explicitly consented to a longer storage period.

The legal basis for the data processing is provided in section 26 para. 1 sentence 1 BDSG or Art. 6 para 1. b) GDPR. Should we store your application data for a period exceeding six months and you have provided explicit consent, we wish to point out that you can withdraw this consent at any time in accordance with Art. 7 para. 3 GDPR. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.