We appreciate your interest in our company. The protection of your privacy is very important to us. Below we inform you in detail about the handling of your data.
1. name and address of the data controller
The controller within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other provisions with data protection character is:
Trans4mation IT GmbH
Glashütter Street 55
01309 Dresden
Phone: +49 351 50194-0
E-mail: info@t4m.de
Website: www.trans4mation.de
2. name and address of the data protection officer
The person responsible within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other provisions of a data protection nature is the:
For questions regarding the collection, processing or use of your personal data, for information, correction, blocking or deletion of data, as well as revocation of any consent given or objection to a particular use of data, please contact:
IfDDS GmbH
Institut für Datenschutz und Datensicherheit
Dresdner Straße 58a
01156 Dresden
Telefon: +49 351 27579057
E-Mail: datenschutz_T4M@ifdds.eu
3. rights of the data subjects
As a data subject, you have the following rights:
Pursuant to Art. 15 DSGVO, the right to request information about your personal data processed by us to the extent specified therein;
pursuant to Art. 16 DSGVO, the right to request without undue delay the correction of inaccurate or completion of your personal data stored by us;
in accordance with Art. 17 DSGVO, the right to request the erasure of your personal data stored by us, unless further processing is necessary
- for the exercise of the right to freedom of expression and information;
- for the fulfillment of a legal obligation;
- for reasons of public interest; or
- is necessary for the assertion, exercise or defense of legal claims;
in accordance with Art. 18 DSGVO, the right to request the restriction of the processing of your personal data, insofar as - the accuracy of the data is contested by you;
- the processing is unlawful, but you object to its erasure;
- we no longer need the data, but you require it for the assertion, exercise or defense of legal claims, or
- you have objected to the processing in accordance with Art. 21 DSGVO;
pursuant to Art. 20 DSGVO, the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format, such as CSV, or to request that it be transferred to another controller (data portability);
in accordance with Art. 77 DSGVO, the right to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters for this purpose.
In accordance with Art. 7 (3) DSGVO, to revoke a given consent at any time with effect for the future. This has the consequence that we may no longer continue the data processing based on this consent for the future;
pursuant to Article 21 (1) DSGVO, to object to the processing of your personal data on the basis of legitimate interests with effect for the future, insofar as there are grounds for doing so that arise from your particular situation or if the objection is directed against direct marketing. In the latter case, you have a general right to object, which will be implemented by us without specifying a particular situation.
You can send your revocation/objection either by post, by e-mail (datenschutz_T4M@ifdds.eu) or by fax (+49 351 501949099). You will not incur any costs other than the postage costs or the transmission costs according to the existing basic rates.
After exercising your right of revocation/objection, we will no longer process your personal data for these purposes unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves the purpose of asserting, exercising or defending legal claims.
4. access data and hosting
You can visit our websites without providing any personal information. However, every time you access a website, the web server automatically saves a so-called server log file, which contains the following data, for example:
IP address
Date and time of the request
An automatically generated identification number of your browser, with which survey data and tracking data are merged
The timestamps when the survey was called and when it was completed
The sequence of URLs of the pages called up (user flow or the path through the website)
The individual dwell time on a page in seconds
The status of the visibility of each individual page for a visitor in percent (Up to where was scrolled?)
The dimensions of the accessed page (height x width) depending on the window width
Names, IDs, classes or contents of clicked elements on each page
Chronological times of clicks on each page
The middle positions of the visible area after vertical scroll/swipe events (fixations)
The chronological sequence of fixations as well as the individual fixation duration
Time zone difference from Greenwich Mean Time (GMT)
Content of the request (concrete page)
Access status/HTTP status code
Amount of data transferred in each case
Website from which the request comes
Device type, operating system and its interface
Name, language and version of the browser software
The country the visitor comes from
Requesting provider (access data)
This access data is stored and evaluated solely for the purpose of ensuring trouble-free operation of our websites and improving our services. The legal basis for this data processing is Art. 6 para. 1 p. 1 lit. f DSGVO. It serves to protect our legitimate interests in a correct presentation of our offer, which are overriding in the context of a balancing of interests. In no case do we use the collected data for the purpose of drawing conclusions about your person.
5. cookies
In order to make visiting our websites more attractive and to enable the use of certain functions, to display suitable products or for market research, we use so-called cookies on various pages. This serves to protect our legitimate interests in an optimized presentation of our offer, which prevail in the context of a balancing of interests, in accordance with Art. 6 para. 1 p. 1 lit. f DSGVO.
Cookies are small text files that are automatically stored on your terminal device. Some of the cookies we use are deleted at the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your end device and allow us to recognize your browser the next time you visit (persistent cookies). The duration of storage can be found in the overview in the cookie settings of your web browser.
You can set your browser so that you are informed about the setting of cookies and decide individually about their acceptance or exclude the acceptance of cookies for certain cases or in general. Each browser differs in the way it manages cookie settings. How you can change your cookie settings is described in the help menu of your browser. For the most widely used browsers, you can find this at the following links:
Internet Explorer™: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies Safari™: https://support.apple.com/kb/ph21411?locale=de_DE Chrome™: http://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647 Firefox™ https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen Opera™: http://help.opera.com/Windows/10.20/de/cookies.html
If cookies are not accepted, the functionality of our websites may be limited.
6. hosting services by third-party providers
As part of processing on our behalf, third-party providers provide services for us to host and display our websites. This serves to protect our legitimate interests in a correct presentation of our offer, which are outweighed in the context of a balancing of interests.
6.1 Use of Microsoft Cloud Services (Microsoft Azure, Microsoft 365).
You have received an invitation to use a Microsoft 365 application from Trans4mation IT GmbH or one of its affiliated subsidiaries (hereinafter referred to as "Trans4mation Group") as the controller within the meaning of the applicable data protection law or you access our website. If you require information about the processing by Microsoft, please refer to the relevant statement. Microsoft Privacy Statement: https://privacy.microsoft.com/de-de/privacystatement
6.1.1 Information about processing and categories of personal data affected by processing in the context of using Microsoft Cloud Services.
Certain information is already processed automatically as soon as you use Microsoft Cloud Services or our websites. We have summarized below for you exactly which personal data is processed and on which legal basis this is based:
6.1.1.1 Your IP address used to access Microsoft Cloud services applications. The legal bases for this are Art. 6 (1) a), b) and f) DSGVO, as well as Art. 88 DSGVO in conjunction with the national laws on employee data protection. 6.1.1.2 Your user name (access data to the Microsoft applications), data within the scope of the so-called multi-factor authentication, which you yourself have stored in your Microsoft account (e.g. optionally the (private) cell phone number). The legal basis for this is Art. 6 (1) a), b) and c) DSGVO. 6.1.1.3 Identification features: Information about you that identifies you as a user, sender, recipient of data within Microsoft Cloud Services. This includes in particular the following master data: Name, first name, business contact data such as telephone number, e-mail address, business fax number, if provided by you or transmitted by your organization. Other voluntary data (such as a profile picture you have provided) can also be viewed in your profile at any time. This information is visible in your profile, but also in Outlook in particular, for you and other Microsoft 365 users at any time and can be customized by you. The legal bases for this are Art. 6 para. 1 a), b), c) and f) DSGVO.
6.1.1.4 Data required for authentication, license use, logging and misuse detection. In the Microsoft cloud services, all user activities, such as time of access, date, type of access, information about the data/files/documents accessed and all activities related to the use, such as creating, modifying, deleting a document, setting up a team (and channels in teams), making notes in the notebook, starting a chat, replies in the chat are processed. The legal bases for this are Art. 6 para. 1 b) and c) DSGVO.
6.1.1.5 Usage data: The usage data collected by you or from you. This includes in particular communication content (text, audio, video), files created by you or. This depends on the application you use in Microsoft 365. If audio or video content is recorded, you will be informed of this and asked for consent. The legal bases for this are Art. 6 (1) b) and f) DSGVO.
6.1.1.6 Data backups and archiving: The data collected from you or about you is stored in our data backup. This serves the recoverability of the system and the data itself. Furthermore, your data will be (partially) archived insofar as this is required by a legal obligation. The legal basis for this is Art. 6 (1) c) and f) DSGVO.
6.1.2 Disclosure and transfer of data.
In addition to the cases explicitly mentioned in this data protection declaration, your personal data will only be passed on without your express prior consent if this is permitted or required by law. This may be the case, among other things, if the processing is necessary to protect vital interests of the user or another natural person. Another recipient outside the Trans4mation group is the company Microsoft, with headquarters in the USA, with regard to the provision of Microsoft services. In the course of data processing, your data may be transferred to a third country, in this case the USA. A third country is a country outside the European Union or the European Economic Area. The European Commission has not adopted a decision confirming an adequate level of data protection for this country/these countries. Therefore, we would like to point out that there may be additional risks when transferring your data to a third country. This means in particular that: - You may not be able to invoke your rights under the General Data Protection Regulation (GDPR) and you may not be supported by the local independent supervisory authorities in this regard; - Third country authorities, organizations and companies only comply with the data protection laws of the third country and you can only invoke the rights under the data protection laws of the third country; - The same controls are not carried out in the third country as are carried out by the European data protection authorities; - Third country authorities, organizations and companies may have access to your personal data.
The appropriate safeguards for the protection of data subjects' rights (Article 46(1) of the GDPR) are ensured by the conclusion of the so-called EU standard contractual clauses. Despite the agreements made, there is a risk that government agencies may access your data, although this would not be permitted under European data protection law. The Trans4mation Group has taken technical organizational measures to prevent the transfer of personal data to the USA. However, we cannot completely rule out the possibility that your data may be viewed by US investigative authorities.
6.1.2.1 The data provided by you during registration will be shared within our group of companies for internal administrative purposes, including joint customer and supplier support, to the extent necessary. The legal basis for this is Art. 6 para. 1 f).
Any disclosure of personal data is justified by the fact that we have a legitimate interest in disclosing the data for administrative purposes within our group of companies and that your rights and interests in the protection of your personal data within the meaning of Art. 6 para. 1 lit. f) DSGVO are not overridden.
6.1.2.2 If it is necessary for the clarification of an illegal or abusive use of Microsoft Cloud services or for legal prosecution, personal data will be forwarded to law enforcement agencies or other authorities and, if applicable, to injured third parties or legal advisors. However, this will only happen if there are indications of unlawful or abusive behavior. A transfer may also take place if this serves the enforcement of terms of use or other legal claims. We are also legally obligated to provide information to certain public authorities upon request. These are law enforcement agencies, authorities that prosecute administrative offenses subject to fines, and the tax authorities. Such disclosure of personal data is justified by the fact that - The processing is necessary for compliance with a legal obligation to which we are subject pursuant to Art. 6 para. 1 lit. c) DSGVO in conjunction with. national legal requirements to disclose data to law enforcement authorities, or - We have a legitimate interest in disclosing the data to the aforementioned third parties if there are indications of abusive behavior or to enforce our legal claims and your rights and interests in the protection of your personal data within the meaning of Art. 6 (1) f) DSGVO do not override or - We process on the basis of Art. 88 DSGVO in conjunction with the nationally applicable data protection law on the employment relationship to detect criminal acts.
6.1.2.3 We rely on Microsoft for the use of Microsoft Cloud Services. Microsoft is a so-called processor and is subject to our instructions as a controller within the meaning of the GDPR when processing personal data within the scope of the Microsoft cloud services used by us. In accordance with the legal obligation, we have entered into contractual agreements with Microsoft and other processors for the transfer of data. The processing of personal data by Microsoft takes place on servers within the EU.
6.1.3 Data transfers to third countries A transfer to third countries, both internally and through the commissioning of processors and third parties, cannot be excluded when using Microsoft cloud services. We have taken appropriate measures to protect your data in such a case. If you wish, you can request this information from the data protection officer.
7. Forum or comment function
In order to be able to post contributions in our forum/blog, you must register with your name, e-mail address and a pseudonym. All other information is optional. The use of the forum/comment function takes place under the pseudonym. When you post, your IP address will be stored. An evaluation or a combination of pseudonym and real name will only take place if the contribution contains illegal content (insults, etc.). The IP address will be deleted as soon as we have taken note of your contribution.
8. application management for internal and external employees
Insofar as their personal data is required for the implementation and processing of an application procedure, we process it strictly in accordance with the requirements of the Federal Data Protection Act and the DSGVO. The processing is carried out in order to check the accuracy of your application and, if necessary, for the purpose of fulfilling the contract. The processing of your data is based on Art. 6(1)(a), (b) DSGVO.
For our internal application management as well as for the management of external service providers (freelancers and employees of subcontractors), we use the StaffITpro recruiting software. This constitutes a transfer of your data to external contractors pursuant to Art. 28 DSGVO (processing or use of personal data on behalf).
If you apply to us as an employee, we collect and process your personal data electronically for the purpose of handling the application process. If no employment contract is concluded, your application documents will be automatically deleted no later than six months after notification of the rejection decision, unless you have consented to further storage and no other legitimate interests on our part prevent deletion. Another legitimate interest in this sense would be, for example, a duty to provide evidence in proceedings under the General Equal Treatment Act (AGG). If an employment contract is concluded, we store your personal data for the purpose of processing the employment relationship in compliance with the statutory provisions. The stored data is also linked to our StaffITpro recruiting software.
If you apply to us as an external service provider, we will link your data stored with us to our StaffITpro recruiting software at the start of the application process, provided you have consented to the storage and linking.
The link with our StaffITpro recruiting software concerns the following data, among others:
Name,
phone number,
e-mail address,
the position applied for,
current availability,
professional experience.
We use the data linked to the Recruiting Software for the following purposes:
Linking applicant data in the CRM to other visited job listings on our websites prior to application;
Marketing other job offers to applicants who are similar to the job offer;
Your data will be made available to the branches and sites as well as to the central HR department;
We share your data with (potential) clients to the extent necessary for a possible cooperation. The data of employees in the internal sales and administration departments are not affected by this.
For more information about data processing by StaffITpro, please refer to the privacy policy of audeoSoft GmbH: Privacy Policy StaffIT.
9. web analytics services
Leadfeeder
We use the service LeadFeeder as a lead generation tool. LeadFeeder accesses the list of IP addresses of website visitors provided by Google Analytics in the analysis and links the list of IP addresses with information about the companies that can be found on the Internet under these IP addresses. Due to the shortening of the IP address of the website visitors, which is already performed when using Google Analytics, a direct personal reference is not established.
Only company visitors can be assumed. Leadfeeder is integrated into our CRM system & email marketing tool. LeadFeeder is a service of Liidio Oy, Mikonkatu 17 C, Helsinki 00100, Finland. Leadfeeder's privacy policy can be found at: https://www.leadfeeder.com/privacy/
You can prevent Leadfeeder from storing a user profile or data about your use of our site by means of an "opt-out". You can find the option and information on this at: https://yourdata.leadfeeder.com/.
If you click on "Accept all" in the cookie banner of this website - www.trans4mation.de or www.trans4mation.com - you give your consent according to Art. 6 para. 1 p. 1 lit. a in conjunction with. Art. 49 para. 1 a) DS-GVO that your personal data may be processed in the USA.
ActiveCampaign
Dispatch of our e-mail newsletter via "Active Campaign" The information provided in this section explains how the registration, dispatch, evaluation and content of our e-mail newsletter are structured. If you would like to subscribe to our e-mail newsletter and read it regularly, then your registration with a valid e-mail address and thus your consent to the processing of your personal data by us is required. Please refer to the declaration of consent on the newsletter registration form. Before sending the newsletter, you must explicitly confirm to us that you want us to activate the e-mail newsletter service for you as part of the so-called double opt-in procedure. We do this to prevent third-party e-mail addresses from being used for registrations. For this purpose, you will receive a confirmation and authorization e-mail from us, with which we ask you to click on the link contained in this e-mail and thus confirm to us that you would like to receive our newsletter. If no confirmation is received from you, your personal data will be deleted within 365 days.
In connection with the registration, in addition to the e-mail address, the registration time, the confirmation time, the IP address and the consent text are stored and we use the e-mail address exclusively for the delivery of the newsletter unless you have expressly consented to any other use. Small, "invisible" files (beacons) that are sent with the newsletter can be used for various evaluations to improve our offers. In doing so, IP address, browser as well as time of retrieval and opening of the newsletter and the click behavior on links contained in the newsletter are recorded and statistically evaluated. The newsletter is sent on the basis of the recipients' consent pursuant to Art. 6 Para. 1 lit. a, Art. 7 DSGVO in conjunction with § 7 Para. 2 No. 3 UWG. The analysis of opening and click rates is based on our legitimate interest pursuant to Art. 6 para. 1 lit. f DSGVO. Our interest is to create the most suitable offers possible for our users and to achieve this by analyzing user behavior as well as to continuously optimize it.
Service provider for dispatch: The newsletter is dispatched with the help of ActiveCampaign, Inc, 1 N Dearborn, 5th Floor, Chicago, IL 60601, USA (hereinafter referred to as "dispatch service provider"). You can view the privacy policy of the shipping service provider at https://www.activecampaign.com/privacy-policy/. The shipping service provider is certified under the Privacy Shield agreement and thereby offers a guarantee of compliance with the European level of data protection, the related information can be found at: (https://www.privacyshield.gov/participant?id=a2zt0000000GnH6AAK). We have concluded a Data Processing Agreement with the provider in accordance with a contract for order processing pursuant to Art. 28 DSGVO.
They can cancel the receipt by revoking their consents. Unsubscribing from the newsletter is thus possible at any time. Please use the provided link in the newsletter for this purpose. A separate revocation of the dispatch or evaluation of user behavior is unfortunately not possible.
ActiveCampaign Site Tracking
Our websites may also use the site tracking function of the provider ActiveCampaign. For further data protection information on the provider, please refer to the previous section. ActiveCampaign Site Tracking allows us to determine which pages you have visited on our website after interacting with an ActiveCampaign. We use this data to provide relevant content to newsletter readers. We use ActiveCampaign Site Tracking due to our legitimate interest in analyzing and optimizing based on user interest as well as the profitability of our web offering. The legal basis for this processing of data is consequently Art. 6 para. 1 lit. f DSGVO.
10. integration of services and content of third parties
Youtube
We integrate the videos of the platform "YouTube" of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.
Google Fonts
We integrate the fonts ("Google Fonts") of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.
Google ReCaptcha
We integrate the function for the recognition of bots, e.g. for entries in online forms ("ReCaptcha") of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.
Twitter
Within our online offer, functions and contents of the service Twitter, offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, may be integrated. This may include, for example, content such as images, videos or texts and buttons with which users can announce their liking of the content, the authors of the content or subscribe to our posts. If the users are members of the Twitter platform, Twitter can assign the call of the above-mentioned content and functions to the profiles of the users there. Twitter is certified under the Privacy Shield agreement and thereby offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active). Privacy policy: https://twitter.com/de/privacy, Opt-Out: https://twitter.com/personalization.
LinkedIn
We collect the contact data of interested parties via LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. Privacy Policy: https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy.
Collection and Sharing of Information: Using the Google+ button, you can post information around the world. Through the Google+ button, you and other users receive personalized content from Google and our partners. Google stores both the information that you have given +1 for a content and information about the page you were viewing when you clicked +1. Your +1s may be displayed as notices along with your profile name and photo in Google services, such as search results or your Google profile, or elsewhere on websites and ads on the Internet. Google records information about your +1 activities to improve Google services for you and others. To use the Google+ button, you need a globally visible, public Google profile, which must contain at least the name chosen for the profile. This name is used in all Google services. In some cases, this name may also replace another name you used when sharing content through your Google Account. The identity of your Google profile may be displayed to users who know your email address or have other identifying information about you.
Use of Collected Information: In addition to the uses explained above, the information you provide will be used in accordance with applicable Google privacy policies. Google may publish aggregate statistics about users' +1 activities or share them with users and partners, such as publishers, advertisers, or affiliated websites.
AddToAny share buttons
This website offers the possibility to share content on social services via the AddToAny service. Data is only collected when these services are accessed by you. Since you can only use these services if you have a user account there and have to log in with your access data, the responsibility from this point on is no longer with us, because the creation of user accounts, i.e. membership of social services, requires your consent of the respective data protection regulations. According to their privacy policy, the AddToAny service does not store any personal data. We also do not receive any data from AddToAny or data resulting from the use of the share buttons. AddToAny provides an opt-out option for a large number of advertising networks. You can opt-out directly through this link.
11. contact form and other data collection
Further personal data will only be collected by us if you provide us with this data voluntarily, for example in the context of an inquiry. The processing of your data and, if applicable, the transfer to other companies of the Trans4mation group of companies will only take place in order to answer your inquiries, to process the contracts concluded with you, for technical administration, to carry out application procedures or to safeguard legitimate interests (Article 6 (1) (a) and/or (f) DSGVO, Section 26 (1) sentence 1 BDSG). A transfer to other third parties does not take place without your consent.
12. Newsletter
If you register for one of our newsletters, you must provide your email address. Via a double opt-in procedure, we ensure that the subscription to the newsletter is desired for the specified mail address. After confirmed registration to the newsletter, you will receive at your specified mail address at irregular intervals information that is thematically related to this website. You can unsubscribe from the newsletter by clicking on an unsubscribe link in each newsletter mail and thus revoke your consent.
13. links to third party sites
Our websites may contain links to the websites of other providers. We have no influence on whether these providers comply with the statutory data protection provisions. You should therefore always check the data protection declarations offered.
14. Duration of storage of personal data
The duration of the storage of personal data is measured on the basis of the respective statutory retention period (e.g. retention periods under commercial and tax law). After expiry of the period, the corresponding data will be routinely deleted, provided that they are no longer required for the fulfillment or initiation of the contract and/or there is no legitimate interest on our part to continue storing them.
15. data security
Your personal data should be safe with us. Therefore, we maintain technical measures to ensure data security, in particular to protect your personal data from dangers during data transmissions and from third parties gaining knowledge. These measures are always adapted to the current state of the art.
16. existence of automated decision-making/profiling
As a responsible company, we refrain from automated decision-making in individual cases, including profiling.
17. legal or contractual provisions on the provision of personal data; necessity for the conclusion of the contract; obligation to provide personal data; possible consequences of non-provision.
In certain cases, the provision of personal data is required by law (e.g. according to tax laws). It may also result from contractual regulations (e.g. information on the contractual partner). Sometimes it may be necessary for the conclusion of a contract that you provide us with personal data, which must subsequently be processed by us. Failure to provide the personal data would mean that the contract with us could not be concluded. Before you provide personal data, you can contact our data protection officer. He will inform you on a case-by-case basis whether the provision of personal data is required by law or contract or necessary for the conclusion of the contract, whether there is an obligation to provide the personal data and what the consequences of not providing the personal data would be.
18. data protection information in accordance with Art. 13 and 14 of the General Data Protection Regulation (EU-DSGVO).
Information Sheet Video Surveillance Trans4mation
19. changes to this privacy policy
We reserve the right to change our security and data protection measures at any time, especially insofar as this becomes necessary due to technical developments. In these cases, we will also adapt this information on data protection accordingly, if necessary. Please therefore refer to the latest version of this data protection declaration.
This policy is effective from 2022-07-08 12:14:00 +0000
