Data Protection Policy




Data Protection Regulations

Authority responsible for this internet service
CTE Entwicklungen GmbH
Max-von-Laue-Straße 5
86156 Augsburg
Telephone: +49 821 / 24640-0
Telefax: +49 821 / 24640-33
E-Mail: info[at]cte-entwicklungen.de


Name and address of data protection officer

SECUWING GmbH & Co. KG | Datenschutz Agentur
Maximilian Hartung
Frauentorstraße 9
86152 Augsburg
T +49 821 90786450
F +49 821 90786459
epost[at]datenschutz-agentur.de




General

Every citizen has the constitutional guaranteed right to determine the use of his private data. For this reason, we are obliged to protect the data which you entrust us while visiting our website. Subsequently we would like to give you details and show you what kind of data we collect, what happens to this data and finally what safety precautions we have taken to prevent unauthorised access to this data. We want to ensure our visitors and clients are well-informed about what kind of private information we collect, as well as the process and use through transparent and comprehensible information in our data protection regulations.




Personal data

Personal data includes information on all demographic data which refer to an identifiable real person (e.g. name, address, telephone number, date of birth, or e-mail address). You can basically use our online offers without giving any personal information. However, using certain services can require giving private data, e.g. when signing in or participating in the sweepstake / lottery. Whenever you choose to avail of contract services we shall ask you to register. In order to set up the contract details we collect necessary private information (e.g. first name, surname, date-of-birth, e-mail address, where appropriate preferred method of payment or account owner) and if necessary, other details at a voluntary level.




Types of Processing and Legal Status

We process your personal data for the following purposes:

• Providing this on-line service.
• Contact details to process your inquiry and order handling.
• Job applications.
• In-house and third-party advertisements as well as marketing research and rating measurements (coverage, reach) to the scope permitted by law, or rather based on given consent.
• Sending an e-mail newsletter.

Legal grounds which justifies data processing is found in Art. 6 paragraph 1 sentence 1 lit. f. DSGVO/GDPR. Our legitimate interest results from aforementioned data collection purposes.




Submitting your job application

Whenever I apply for a job opportunity or on my own initiative, I consent to CTE saving my forwarded documents and to using data contained in order to process my application. In case my candidacy holds special categories of data (e.g. details regarding my marital status, which could indicate my sex life or sexual orientation; information concerning my health; a photo revealing my ethnic roots, and possibly my visual acuity and or religion; similarly sensitive data as defined in Article 9 DSGVO/GDPR) my application may therefore only be processed after my explicit approval. I consent to CTE processing special category data contained in my application and documents for carrying out the application procedure. This consent is geared exclusively to enable acceptance of this candidature. Such details will not be considered in the job application procedure as long as there is no existing legal obligation to do so. CTE compiles an employee profile of its candidates which will be passed on to interested companies and for project enquiries.


I can withdraw my consent to processing my candidacy in the application procedure without giving any reasons and am entitled to withdraw an approval at any given time by sending CTE an e-mail. In case of revocation, my collected data will then be immediately deleted.


Consequently, data processing affected by this consent may no longer be pursued in the future. In case of non-conferral or revocation of consent, my already submitted application will not be considered in the present form. Should my job application be unsuccessful I give my consent that CTE can file my personal details (e.g. letter of application, curriculum vitae, certificates, candidate questionnaire, job interviews), beyond the application procedure. I consent to CTE using these details to contact me later and continue the application process should another position come into question for me.


If I have furnished my application or other related documents which include special categories as mentioned according to Article 9 of DSGVO/GDPR (e.g. a photo, revealing ethnic background, details of severe disability) my consent also extends to these data. Moreover my consent also extends to details about my qualifications and activities in freely accessible data sources (especially professionally used social networks), which CTE permissibly collects on the basis of the application process. My data will not be passed on to third parties.


This consent is voluntary and has no influence on my chances in the actual application procedure. I can withdraw my consent at any time. My data will be immediately deleted in this case as soon as the application process has been completed. This means that data processing based on this approval will no longer be allowed to be continued in the future.

We use the data you consent to in accordance with Article 6 Para. 1 section 1 lit. f. DSGVO/GDPR for contract handling and processing your job application.




Disclosure of data to third parties

We will only pass on your personal details to third parties whenever necessary to fulfill a contract, where we or a third-party have a legal interest, or at your explicit request, and all of the aforementioned which will be stated accordingly in the private policy. Moreover we are legally obliged to submit collected data to a third-party when administrative or judicial orders are enforced.




Service Provider

We retain the right to engage service providers when gathering and / or processing data. Service providers are only given access to your personal details relevant for your actual job. For example in order for a service provider to send you an ordered newsletter he/she will have your e-mail. Service providers can also be engaged in organising the availability of server capacity. Generally speaking, service providers are usually engaged as so-called data processors, who act strictly according to our instructions, managing private data of users visiting our online offers.




E-mail Newsletter

We shall need your e-mail and other details in order to verify your identity as well as your consent to receiving the newsletter. In order to guarantee an approved newsletter subscription, we make use of the double-opt-procedure. This enables the potential recipient to be included in a mailing list. Finally, the user has the possibility by means of his/her confirmation e-mail to confirm the subscription making it legally binding. The e-mail address can only be actively accepted in the mailing list when the confirmation e-mail has been sent. These data are used exclusively for the delivery of requested information and offers.

Newsletter2Go is used as newsletter software. Your personal details are passed on to Newsletter2Go GmbH. Newsletter2Go may neither sell your data nor use it for other purposes other than delivering the newsletter. Newsletter2Go is a German certified service which was chosen according to data protection regulations and the German federal data protection act.

For further information: https://www.newsletter2Go.de/information-newsletter-empaenger/

You can withdraw your given consent to storing data, e-mail address as well the use of such for the delivery of newsletters at any time through clicking the “unsubscribe” link in the newsletter. The data protection measures are subject to regular updates, for these reasons please inform yourself of our private policy at regular intervals.




Storage time

Your data will be saved depending on how long we need to set up our online offers and related services or have a justified interest in storing the data. In all other cases we delete your private details except for data needed to meet contractual or legal retention periods (taxes or commercial-based) which must be kept longer (e.g. bills). That is, contractual retention periods can also originate from third-party contracts (e.g. owners of copyright and neighbouring / service protection rights). Data which is subject to a retention period shall be blocked until it expires.




Log-Files

Certain information is automatically transferred via browser after every Internet visit and stored in so-called log files. Log files are solely used to communicate disturbances and security measures (e.g. to investigate hacking attacks) and are saved for 7-10 days and then deleted after 7-10 days. Log files which have to be stored as subsequent evidence are exempt from deletion until the incident has been finally settled, and in some cases passed on to the investigating authorities.
Following information will be filed in the log files:

• IP address (internet protocol address) of the mobile devices from which the online offer was accessed;

• Website Internet address from where the online-offer was called up (so-called Source-, or Referrer-URL: Uniform Resource Locators);

• Name of service provider from which the online-offer was accessed;

• Name of requested files or information;

• Date, time and duration of access;

• Transferred data volume;

• Operating system and information on the Internet browser including installed add-ons (e.g. for the flash player);

• Http-status-code (e.g. 'successful request' or 'requested data unavailable'). Supplying private data can also be legally enforced (for example through tax recommendations).




Cookies

What are cookies?

Cookies are small text files, which our website automatically sends to your web browser which are then stored on your PC. The next time you visit our website, your internet browser will send previously received cookies to our web server, allowing user recognition. Certain cookies are automatically deleted (from your hard disc) at the end of the browser session (so-called session cookies), others are stored permanently or for a set period of time on your browser and are automatically deleted later on (known as permanent or temporary cookies).




Which details are stored in cookies?

Cookies do not collect identifiable data, only an online code, so-called pseudonymous data. Cookies do not harm your computer nor do they contain viruses.




How can I delete or disable cookies?

You may refuse to accept cookies or delete existing ones by activating the browser settings to switch them off and remove them at anytime. However, please keep in mind though, that our online service may only function to a limited extent without cookies. However, please note, your objections to creating user profiles can be activated by the so-called “opt-out-cookie”. Should you delete all cookies an objection will no longer be considered, so you may have to give repeated notice of your objection.




What kind of cookies do we use?

Essential cookies

Certain cookies are necessary so we can provide a safe online-offer. Categories include cookies necessary in identifying or in the authentication of our visitors; cookies which temporarily store user input (contents of a shopping basket or of an online form); cookies which save defined user preferences (e.g. file search or language settings); cookies which save data in order to warrant interference-free playback of video or audio contents.




Google Analytics

This website uses Google Analytics, a web analysis service from Google Inc. (“Google”). Google Analytics uses so-called “cookies”, text files which are stored on your computer that allow an analysis of your usage of this website. Information generated by cookies about your visits to our website is usually transferred and stored on a Google server in the USA. However, in the event of activation of IP-anonymisation on this website, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement in the European Economic Area. Only in very exceptional cases will the full IP address be sent to a Google server in the US and shortened there. Google will use this information on behalf of the website provider to analyse and create marketing reports on website activity as well as to develop and provide other services which can be availed of when in internet. Your IP address sent from your browser used in relation to Google Analytics will not be linked up/merged with other Google data. You can prevent cookies from saving information by activating a corresponding setting on your browser software; however we would like to point out that if you do this, you may not be able to use all the features of this website to the fullest extent possible.

You may however prevent information from being generated by cookies, plus gathered website user-details (including IP address) sent to Google and data processing through Google, by visiting the following link http://tools.google.com/dlpage/gaoptout?hl=de, supplying you with an available browser-plugin which you can download and install.

You can prevent Google Analytics from collecting information by clicking the following link. An opt-out-cookie will be stored which will prevent data collection when you are visiting this website. You should log out of Google before you visit CTE website and delete any Google cookies from your browser.

Click here to be excluded from Google Analytics Measurements.




Twitter

Twitter service has integrated features in our pages. These features have been made available from Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. By using Twitter and the “Re-tweet” feature, your website visits will be linked up with your Twitter account and so disclosed to other users. Data will also be transferred to Twitter. We would also like to point out that as website provider we have no influence on the use of these cookies as they can only be accessed by Twitter which originally set them, nor knowledge of what details are sent to or used by Twitter. For further information, see Twitter’s privacy policy under: http://twitter.com/policy. You can change your Twitter privacy preferences in account settings under: https://twitter.com/account/settings




GOOGLE+

Our website uses Google+ features. Provider is Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.

Gathering and sharing of information: you can publish information worldwide by clicking the Google+ button. Google and our partners send you and other users personalised contents via the Google+ button. Google stores information you give for +1 content along with information from the +1 site you visited. Your +1 can be displayed with your profile names and photos in Google services, such as search results or in your Google profile or elsewhere on other websites and ads in internet. Google records all your +1 activities in order to keep their services up-to-date. You require a worldwide publicly visible Google profile which should have at least a name included so that you can avail of the Google+ button. This name will be used for every Google service. Sometimes it is possible to use this name to replace another name used in sharing contents in your Google account. Users who have access to your e-mail address or other identifiable information can view your Google profile identity.

Intended use of collected information: Besides the above mentioned usages, information made available by your visits will be used according to Google data protection regulations. It is usual for Google to publish summarized statistics about users’ +1 activities and pass these on to users, partners such as publishers, advertisers or linked/affiliated websites.




LINKEDIN

Our website uses Networks LinkedIn features. Provider is LinkedIn Corporation, Stierlin Court, Mountain View, CA 94043, USA. A connection to LinkedIn servers will be established every time one of our websites containing LinkedIn features is visited. LinkedIn is informed when you visit our website with your IP address. By clicking LinkedIn`s “Recommend-Button” while being logged into LinkedIn, they can identify you and your user account while visiting our website. We need to point out that as website provider we have no knowledge of what contents are transferred or how LinkedIn use them.

For further information please view LinkedIn’s private policy under: https://www.linkedin.com/legal/privacy-policy




GOOGLE WEB FONTS

This page uses so-called Web Fonts, made available through Google enabling standardised presentation of scripts styles. By calling up a website your browser can download Web Fonts suitable for your Browser cache in order to display texts and scripts correctly. Your computer will use a standard script if your browser doesn’t accept Web Fonts. For further information on Google Web Fonts please view https://developers.google.com/fonts/faq and in Google's privacy policy: https://www.google.com/policies/privacy/




GOOGLE MAPS

This page uses cartographic service Google Maps by means of an API. Provider is Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. You need to save your IP address if you want to avail of Google Maps features. Normally this information is transferred to a Google server in the US and stored there. This website provider has no influence on data transfer.

For further information on managing users data see Google’s private policy: https://www.google.de/intl/de/policies/privacy/




XING

Our website uses Networks XING features. Provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Deutschland. Every time one of our sites containing XING features is opened up a link is established to XING servers. No personalised details are stored in this case to best of our knowledge. In particular neither IP address nor user preferences are analysed.

For further information on data protection and XING’s share button please view XING’s private policy under https://www.xing.com/app/share?op=data_protection




INSTAGRAM

We also have features of Instagram’s online-service embedded on our website. Provider of these functions is Instagram Inc. It has its base in the USA, CA 94025, 1601 Willow Road, Menlo Park. Your visit to our website with integrated Instagram button will connect you to your Instagram account if you are logged in. Instagram thus registers your visit to our website linking it to your profile. We have no access to which details are being transferred neither how Instagram manages this data.

Please find further information on collection and usage of data in Instagram’s private policy under http://instagram.com/about/legal/privacy/.




Use of Facebook Connect

It is possible to register into your Facebook account on our website.

Facebook Connect is a Facebook service, Inc. You are subject to Facebook’s data protection policy and user regulations when using Facebook Connect.

Facebook-Profile data and publicly accessible *data from your Facebook profile are transferred to spd.de, when using Facebook Connect, and vice versa spd.de data can also be sent to your Facebook profile. We save and manage your transferred data in order to register you on the spd.de page.

When registering through Facebook Connect on to our website, you agree to having your profile data from Facebook sent to us as well as us transferring managed data to back Facebook. Only publicly accessible Facebook profile data will be sent. Please be aware of the fact that due to alterations in Facebook's data protection policy and user regulations, the Facebook profiler “list of friends” may also be transferred if they are marked as public in privacy settings. Find further information here>>




Right of access by the data subject

According to Article 15 DSGVO /GPDR (General Data Protection Regulation) you have the right to obtain confirmation from us as to whether or not personal data concerning you is being processed, and, if so, to have access to this personal data and the following information: reasons for processing, the categories of personal data, the categories of beneficiaries to whom said personal data have been or may be disclosed, the envisaged period for which your personal data will be stored, the right to amendment, adjustment, correction, deletion, restricting or limiting or to withdrawal of consent to processing, the right to lodge a complaint, where personal data is not collected from the data subject, any available information as to their source, the existence of automated decision-making including profiling, and if necessary, meaningful information about the logic involved as well as the significance and envisaged consequences for processing such data.

According to Article 16 DSGVO /GPDR you have the right to request from us without undue delay rectification of inaccurate or have incompleted personal data completed.

According to Article 17 DSGVO /GPDR you have the right to insist on the deletion of your collected data which we have saved, as long as exercising the right of freedom of speech and Information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise or defense of legal claims are not necessary.

According to article 18 DSGVO /GPDR you have the right to restrict us from processing your personal data, especially when you contest the accuracy of your personal details, or the processing is illegal and you object to the deletion of your personal data even though we have no further use for it, but you require the data for the establishment, exercise or defence of legal claims or you have objected to processing pursuant to Article 21 and lodged a complaint;

According to Article 20 DSGVO /GPDR you have the right to receive your personal data, which you provided us, in a structured, commonly used and machine-legible format or to have it transmitted directly to another controller where technically feasible.

According to Article 7 (3) DSGVO /GDPR you have the right to withdraw your consent to us processing your personal data. As a consequence we may no longer continue to use your personal data in the future and according to,

Article 77 DSGVO/GDPR you have the right to lodge a complaint with a supervisory authority. In particular you can avail of supervisory authorities locally, or from your place of work or through our head (law) office.




Right to lodge a complaint with a supervisory authority

You have the right to lodge a complaint with a data protection officer. Please get in contact with data protection authorities who are assigned to your place of residence or county /shire or to our assigned data protection authorities. This is: Bayerisches Landesamt für Datenschutzaufsicht (BayLDA), Promenade 27, D-91522 Ansbach, poststelle@lda.bayern.de




Contact

We or rather our data protection officer would be pleased to provide you with information and receive suggestions on the subject under epost@datenschutz-agentur.de If you wish to contact us, you can reach us via the contact details given at the beginning of this private policy.




Right to object

You have the right, according to Article 21 DSGVO / GDPR to object, for reasons relating to your particular situation, to object at any time to processing of your personal data based on point (f) of Article 6 (1) lit. f DSGVO / GDPR or for direct marketing purposes. You have a general right to object in the aforementioned without having to give any reasons so that we will cease processing your personal data. You need only send an e-mail to us at info[at]cte-entwicklungen.de, if you want to make use of your right to object.




Security and Technical Advice

All our staff receive regular training on information and data protection and are obliged to comply with data protection policies. Our computer / server centre and in-house IT department continually adapts its technical safety precautions to current conditions and requirements. Both are subject to continuous controlling through our internal procedures and data protection officer. Nevertheless, internet technologies are subject to security breaches and can not guarantee 100% protection. Therefore our users can resort to alternative means of contact such as telephone or telefax.




The following technical advice / links enable you to adjust your browsers data protection

Internet Explorer: Support under https://windows.microsoft.com/de-de/internet-explorer/delete-manage-cookies#ie=ie-11-win-7

Mozilla Firefox: Support under https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen

Google Chrome: Support under https://support.google.com/chrome/answer/95647

Safari: Support under https://help.apple.com/




Actuality and changes in this data protection policy

This data protection policy is valid as from May 2018. However, we reserve the right to change these guidelines at any time in compliance with the data protection regulations, or when updating our website and offers. You may view and print the latest data protection policy on our website under https://cte-entwicklungen.de/datenschutzerklaerung at any time.