|
Thank you for
visiting our website. The protection and security of your personal information
when using our website is very important to us. We would therefore like to give
you an overview of the personal data that is collected when visiting our
website and what purposes it is used for. This privacy policy
applies to the web presence of Schoppe, Zimmermann, Stöckeler,
Zinkler, Schenk & Partner mbB, which is accessible under this domain and
the various subdomains ("our website"). Objection to Advertising
Emails We hereby object to
the use of contact data published in the context of the imprint obligation, the
data protection notice, or any other contact data published on the website for
sending unsolicited advertising and information material. The operators of this
website expressly reserve the right to take legal action in the event of
unsolicited sending of advertising information, such as via spam emails. Party Responsible and Contact
Information Responsible for processing
personal data within the meaning of the EU General Data Protection Regulation (GDPR)
is Schoppe,
Zimmermann, Stöckeler, Zinkler, Schenk &
Partner mbB Data protection officer Stephan Krischke,
datenschutz@schoppe-zimmermann.com What is this about? This privacy policy
fulfills the legal requirements for transparency in the processing of personal
data. This is all information that relates to an identified or identifiable
natural person. This includes, for example, information such as your name, age,
address, telephone number, date of birth, email address, IP address or user
behavior when visiting a website. Any information for which we cannot establish
a connection to your person at all (or only with disproportionate effort), e.g.
through anonymization, is not personal data. The processing of personal data
(e.g. the collection, retrieval, use, storage or transmission) always requires
a legal basis and a defined purpose. Stored personal
data will be deleted as soon as the purpose of the processing has been achieved
and there are no legitimate reasons for further storage of the data. We will
inform you about the specific storage periods or criteria for storage in the
individual processing operations. Regardless of this, we will store your
personal data in individual cases for the assertion, exercise, or defense of
legal claims and in the event of statutory retention obligations. Who receives my data? Your personal data
will not be transmitted to third parties for purposes other than those listed
below. We will only share
your personal data with third parties if: §
you
have granted your express consent to do so in accordance with Art. 6 (1) (a)
GDPR, §
sharing
is permitted in accordance with Art. 6 (1) (f) GDPR to protect our legitimate
interests and there is no reason to assume that you have an overriding interest
worthy of protection in the non-disclosure of your data, §
there
is a legal obligation to do so in accordance with Art. 6 (1) (c) GDPR, and §
it is
legally permissible and necessary for processing contractual relationships with
you in accordance with Art. 6 (1) (b) GDPR. In order to protect
your data and, if necessary, enable us to transfer data to third countries
(outside the EU/EEA), we have concluded data processing agreements based on the
European Commission's standard contractual clauses. Should the standard
contractual clauses not be sufficient for establishing an appropriate level of
security, your consent may serve as the legal basis for the transfer to third
countries in accordance with Art. 49 (1) (a) GDPR. This sometimes does not
apply to data transfers to third countries for which the European Commission
has issued an adequacy decision pursuant to Art. 45 GDPR. As part of the
processing operations described in this privacy policy, personal data may be
transferred to the USA. The USA does not provide an adequate level of data
protection (ECJ: Schrems II ruling). In particular, US investigative authorities
can oblige US companies to hand over or disclose personal data without the data
subjects being able to take effective legal action against this. It is thus
generally possible for your personal data to be processed by US investigative
authorities. We have no influence on these processing activities. In order to
protect your data, we have concluded data processing agreements based on the
standard contractual clauses of the European Commission. Should the standard
contractual clauses not be sufficient for establishing an appropriate level of
security, your consent may serve as the legal basis for the transfer to third
countries in accordance with Art. 49 (1) (a) GDPR. This sometimes does not
apply to data transfers to third countries for which the European Commission
has issued an adequacy decision pursuant to Art. 45 GDPR. Do You Use Cookies? Cookies are small
text files that are sent by us to the browser of your end device and stored
there when vising our website. As an alternative to the use of cookies,
information can also be stored in the local storage of your browser. Some
functions of our website cannot be offered without the use of cookies or local
storage (technically necessary cookies). Other cookies, however, enable us to
carry out various analyses to make it possible, for example, to recognize the
browser you are using when you visit our website again and to transmit various
information to us (non-essential cookies). With the help of cookies, we can,
among other things, make our website more user-friendly and effective for you,
for example by tracking your use of our website and determining your preferred
settings (e.g. country and language settings). If third parties process
information via cookies, they collect the information directly via your
browser. Cookies do not cause any damage to your end device. They cannot
execute programs or contain viruses. We provide
information on the respective services for which we use cookies in the specific
processing operations. Detailed information on the cookies used can be found in
the cookie settings or in the Consent Manager of this website. What Are My Rights? Under the
conditions of the statutory provisions of the General Data Protection
Regulation (GDPR), you have the following rights as a data subject: §
Information, pursuant to Art. 15 GDPR, on your personal data that
is stored in the form of meaningful information on the details of the
processing and a copy of your data; §
Correction, pursuant to Art. 16 GDPR, of incorrect or incomplete
data stored by us; §
Deletion, pursuant to Art. 17 GDPR, of the data stored by us,
unless processing is necessary to exercise the right to freedom of expression
and information, to fulfill a legal obligation, for reasons of public interest,
or to assert, exercise or defend legal claims; §
Restriction of processing, pursuant to Art. 18 GDPR, if the accuracy
of the data is contested, the processing is unlawful, we no longer need the
data and you object to the erasure of the data because you need it for
asserting, exercising or defending legal claims, or you have objected to
processing pursuant to Art. 21 GDPR. §
Data portability, pursuant to Art. 20 GDPR, if you have
provided us with personal data in the context of consent pursuant to Art. 6 (1)
(a) GDPR or on the basis of a contract pursuant to Art. 6 (1) (b) GDPR, and this
has been processed by us using automated procedures. You will receive your data
in a structured, commonly used and machine-readable format or we will transmit
the data directly to another person responsible if this is technically feasible. §
Objection, pursuant to Art. 21 GDPR, to the processing of your
personal data, insofar as this is carried out on the basis of Art. 6 (1) (e, f)
GDPR and there are reasons for this arising from your particular situation, or
the objection is directed against direct advertising. The right to object does
not exist if overriding, compelling grounds worthy of protection for the
processing can be demonstrated, or processing is carried out to assert,
exercise or defend legal claims. If the right to object does not exist for
individual processing operations, this is indicated there. §
Revocation, pursuant to Art. 7 (3) GDPR, of your given consent with
effect for the future. §
Complaint to a supervisory authority, pursuant to Art. 77 GDPR,
if you believe that the processing of your personal data violates the GDPR. Generally,
you can contact the supervisory authority of your usual place of residence,
your place of work or our company headquarters. How Is My Data Processed in
Detail? Below, we provide
information on the individual processing operations, the scope and purpose of
the data processing, the legal basis, the obligation to provide your data and
the respective storage period. Automated decision-making in individual cases,
including profiling, does not occur. Provision of the Website Type and Scope of Processing When you access and
use our website, we collect the personal data that your browser automatically
transmits to our server. The following information is temporarily stored in a
so-called log file: §
IP
address of the computer requesting access §
Date
and time of access §
Name and
URL of the retrieved file §
Website from which the
access is made (Referrer URL) §
Browser
used and, if applicable, the operating system of your computer, as well as the
name of your access provider Our website is not
hosted by us, but by a service provider who processes the aforementioned data
on our account pursuant to Art. 28 GDPR for this purpose. Purpose and Legal Basis Processing is
carried out to safeguard our overriding legitimate interest in displaying our
website and ensuring security and stability on the basis of Art. 6 (f) GDPR. The
collection of data and storage in log files is absolutely necessary for the
operation of the website. There is no right to object to the processing due to
the exception under Art. 21 (1) GDPR. Insofar as further storage of the log
files is required by law, the processing is carried out on the basis of Art. 6
(1) (c) GDPR. While there is no legal or contractual obligation to provide the
data, it is not technically possible to access our website without providing
the data. Storage Period The aforementioned
data is stored for the duration of the display of the website and - for
technical reasons - for a maximum of 7 days thereafter. Contact Type and Scope of Processing Personal data is
collected when you contact us (e.g. via contact form or email). The data being collected
when using a contact form is evident in the respective contact form. Beyond
this, you may also voluntarily provide additional information that you believe
is necessary for processing your contact request. When using the
contact form, your personal data will not be passed on to third parties. Purpose and Legal Basis The processing of
your data by using our contact form is carried out for the purpose of
communication and processing your request on the basis of your consent pursuant
to Art. 6 (1) (a) GDPR. If your request relates to an existing contractual
relationship with us, the processing is carried out for the purpose of
fulfilling the contract on the basis of Art. 6 (1) (b) GDPR. While there is no
legal or contractual obligation to provide your data, processing your request
without the information in the mandatory fields is not possible. If you do not
wish to provide this data, please contact us by other means. Storage Period If you use the
contact form on the basis of your consent, we will store the data collected for
each inquiry for a period of three years, starting from the time your inquiry
is dealt with or until you withdraw your consent. Should you use the
contact form as part of a contractual relationship, we store the data collected
for each inquiry for a period of three years from the end of the contractual
relationship. Handling of Applicant Data Type and Scope of Processing We collect and
process the personal data of applicants. Corresponding data processing may also
be carried out electronically, for example when applicants send us application
documents by email or via a web form on our website. On our website, we provide
the option to send us applications for advertised vacancies by email. Your data will also
only be stored in an applicant database beyond the current application process
if you have given us your separate consent to do so. Purpose and Legal Basis The processing of your
data in connection with your application is carried out for the purpose of
processing your application and deciding on the establishment of an employment
relationship on the basis of Section 26 of the German data protection act BDSG.
Should your application documents be forwarded to third parties, in particular
to companies affiliated with us, and should your data be stored beyond the
current application process, your data will be processed on the basis of Art. 6
(1) sentence 1 (a) GDPR. While there is no legal or contractual obligation to
provide your data, processing your application without the information is not
possible. Storage Period Applicant data will
be deleted after 6 months in the event of rejection. In the event that you have
consented to further storage of your personal data, we will transfer your data
to our applicant pool. There, the data will be deleted after 24 months. Technology SSL/TLS encryption This site uses SSL
or TLS encryption to ensure the
security of data processing and to protect the transmission of confidential
content, such as orders, login data or contact requests that you send to us as
the operator. An encrypted connection can be recognized by the address line of
the browser containing "https://" instead of "http://" and
by the lock symbol in your browser line. If SSL or TLS
encryption is active, the data you transmit to us cannot be read by third
parties. Google Fonts Type and Scope of Processing We use Google Fonts
from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as
a service to provide fonts for our online offering. To obtain these fonts, you
establish a connection to the servers of Google Ireland Limited, whereby your
IP address is transmitted. Purpose and Legal Basis The use of Google
Fonts is based on your consent pursuant to Art. 6 (1) (a) GDPR and Section 25
(1) of the German Telecommunications-Telemedia Data Protection Act TTDSG. We intend to
transfer personal data to third countries outside the European Economic Area,
in particular the USA. The data transfer to the USA is carried out pursuant to
Art. 45 (1) GDPR on the basis of the adequacy decision of the European
Commission. The US companies involved and/or their US subcontractors are
certified in accordance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF). In cases where
there is no adequacy decision by the European Commission (including US
companies that are not certified under the EU-U.S. DPF), we have agreed on
other appropriate safeguards with the recipients of the data within the meaning
of Art. 44 et seq. GDPR. Unless otherwise stated, these are standard
contractual clauses of the EU Commission in accordance with Implementing
Decision (EU) 2021/914 of June 4, 2021. You can view a copy of these standard
contractual clauses at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE. Additionally,
before such a third country transfer, we obtain your consent in accordance with
Art. 49 (1) sentence 1 (a) GDPR, which you give via the consent in the Consent
Manager (or other forms, registrations, etc.). We would like to point out that
in the case of third country transfers, there may be risks that are unknown in
detail (e.g. data processing by security authorities in the third country, the
exact scope and consequences of which for you we do not know, over which we
have no influence and of which you may not become aware). Storage Period The specific
storage period of the processed data cannot be influenced by us, but is
determined by Google Ireland Limited. Further information can be found in the
privacy policy for Google Fonts: https://policies.google.com/privacy. Google Maps Type and Scope of Processing We use the map
service Google Maps to create directions. Google Maps is a service provided by
Google Ireland Limited, which displays a map on our website. When you access
this content on our website, you establish a connection to servers of Google
Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, whereby your
IP address and possibly browser data such as your user agent are transmitted.
This data is processed exclusively for the above-mentioned purposes and to
maintain the security and functionality of Google Maps. Purpose and Legal Basis The use of Google
Maps is based on your consent pursuant to Art. 6 (1) (a) GDPR and Section 25
(1) of the German Telecommunications-Telemedia Data Protection Act TTDSG. We intend to
transfer personal data to third countries outside the European Economic Area,
in particular the USA. The data transfer to the USA is carried out pursuant to
Art. 45 (1) GDPR on the basis of the adequacy decision of the European
Commission. The US companies involved and/or their US subcontractors are
certified in accordance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF). In cases where
there is no adequacy decision by the European Commission (including US
companies that are not certified under the EU-U.S. DPF), we have agreed on
other appropriate safeguards with the recipients of the data within the meaning
of Art. 44 et seq. GDPR. Unless otherwise stated, these are standard
contractual clauses of the EU Commission in accordance with Implementing
Decision (EU) 2021/914 of June 4, 2021. You can view a copy of these standard
contractual clauses at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE. Additionally,
before such a third country transfer, we obtain your consent in accordance with
Art. 49 (1) sentence 1 (a) GDPR, which you give via the consent in the Consent
Manager (or other forms, registrations, etc.). We would like to point out that
in the case of third country transfers, there may be risks that are unknown in
detail (e.g. data processing by security authorities in the third country, the
exact scope and consequences of which for you we do not know, over which we
have no influence and of which you may not become aware). Storage Period The specific
storage period of the processed data cannot be influenced by us, but is
determined by Google Ireland Limited. Further information can be found in the
privacy policy for Google Maps: https://policies.google.com/privacy. Google reCAPTCHA Type and Scope of Processing We have integrated
Google reCAPTCHA components on our website. Google reCAPTCHA is a service of
Google Ireland Limited and enables us to distinguish whether a contact request
comes from a natural person or is automated by means of a program. When you
access this content, you establish a connection to the servers of Google
Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, whereby your
IP address and possibly browser data such as your user agent are transmitted. Furthermore,
Google reCAPTCHA records the time spent on the website and the user's mouse
movements in order to distinguish automated requests from human requests. This
data is processed exclusively for the above-mentioned purposes and for
maintaining the security and functionality of Google reCAPTCHA. Purpose and Legal Basis The use of Google
reCAPTCHA is based on your consent pursuant to Art. 6 (1) (a) GDPR and Section
25 (1) of the German Telecommunications-Telemedia Data Protection Act TTDSG. We intend to
transfer personal data to third countries outside the European Economic Area,
in particular the USA. The data transfer to the USA is carried out pursuant to
Art. 45 (1) GDPR on the basis of the adequacy decision of the European
Commission. The US companies involved and/or their US subcontractors are
certified in accordance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF). In cases where
there is no adequacy decision by the European Commission (including US
companies that are not certified under the EU-U.S. DPF), we have agreed on
other appropriate safeguards with the recipients of the data within the meaning
of Art. 44 et seq. GDPR. Unless otherwise stated, these are standard
contractual clauses of the EU Commission in accordance with Implementing
Decision (EU) 2021/914 of June 4, 2021. You can view a copy of these standard
contractual clauses at https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32021D0914&from=DE. Additionally,
before such a third country transfer, we obtain your consent in accordance with
Art. 49 (1) sentence 1 (a) GDPR, which you give via the consent in the Consent
Manager (or other forms, registrations, etc.). We would like to point out that
in the case of third country transfers, there may be risks that are unknown in
detail (e.g. data processing by security authorities in the third country, the
exact scope and consequences of which for you we do not know, over which we
have no influence and of which you may not become aware). Storage Period The specific
storage period of the processed data cannot be influenced by us, but is
determined by Google Ireland Limited. Further information can be found in the
privacy policy for Google reCAPTCHA: https://policies.google.com/privacy?hl=en-US. October 2023 |
|
Schoppe,
Zimmermann, Stöckeler, Zinkler, Schenk & Partner mbB - European
Patent Attorneys Welcome | Our Services | Professionals | Contact | Legal Notice | Privacy Policy |