Data Privacy Policy
Introduction and General Information
Responsible for GDPR
ESFORIN SE
Ruhrallee 201
45136 Essen
+49.201.220.38-100
info@esforin.com
Contact Details of the Data Protection Officer
Proliance GmbH / www.datenschutzexperte.de
Data Protection Officer
Leopoldstr. 21
80802 Munich
datenschutzbeauftragter@datenschutzexperte.de
Definitions
Our privacy policy is intended to be simple and understandable for everyone. In this privacy policy, the official terms of the General Data Protection Regulation (GDPR) are generally used. The official definitions are explained in Art. 4 GDPR.
Webhosting
This website is hosted by an external service provider (Mittwald GmbH). This website is hosted in Germany. Personal data collected on this website is stored on the hosts‘ servers. The collected data mainly includes IP addresses, contact requests, meta and communication data, website access and other data generated via a website.
We have concluded an order processing agreement with the provider in accordance with the requirements of Art. 28 GDPR, in which we oblige the provider to protect our customers‘ data and not to pass it on to third parties.
Access to and Storage of Information on Terminal Equipment
By using our website, information (e.g. IP address) may be accessed or stored (e.g. cookies) in your terminal equipment. This access or storage may involve further processing of personal data within the meaning of the GDPR.
In cases where such access to information or such storage of information is absolutely necessary for the technically error-free provision of our services, this is done on the basis of Section 25 (1) sentence 1, (2) no. 2 TTDSG.
In cases where such a process serves other purposes (e.g. the needs-based design of our website), this will only be carried out on the basis of § 25 para. 1 TTDSG with your consent in accordance with Art. 6 para. 1 lit. a DSGVO. The consent can be revoked at any time for the future. The provisions of the DSGVO and the Federal Data Protection Act (BDSG) apply to the processing of your personal data.
For further information on the processing of your personal data and the relevant legal bases in this context, please refer to the following sections on the specific processing activities on our website.
Server-Logfiles
When you access our website, it is technically necessary for data to be on our web server via your Internet browser. The following data is recorded during an ongoing connection for communication between your internet browser and our web server:
- Name and URL of the retrieved file
- Date and time of retrieval
- Data volume transferred
- Message about successful retrieval (HTTP response code)
- Browser type and browser version
- Operating system
- Referrer URL (i.e. the previously visited website)
- Websites that are called up by the user’s system via our website
- Internet service provider of the user
- IP address and the requesting provider
We collect the listed data to ensure a smooth connection setup of the website and to enable comfortable use of our website by the users. In addition, the log file serves the evaluation of system security and stability as well as administrative purposes. The legal basis for the temporary storage of the data or the log files is Art. 6 para. 1 lit. f GDPR.
For reasons of technical security, in particular, to defend against attempted attacks on our web server, this data is stored by us for a short period of time. Based on this data, it is not possible for us to draw conclusions about individual persons. After 90 days at the latest, the data is anonymized by shortening the IP address at the domain level so that it is no longer possible to establish a link to the individual user. In addition, the data is processed anonymously for statistical purposes, if necessary. This data is never stored together with other personal data of the user, compared with other data or passed on to third parties.
Cookies
Our website uses so-called "cookies". Cookies are small text files that are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your terminal device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your terminal device until you delete them yourself, or an automatic solution is provided by your web browser.
Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping cart function or language settings). Other cookies are used to evaluate user behaviour or to display advertising.
Technically necessary cookies are stored on the basis of Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in storing cookies for the technically error-free and optimized provision of our services. Other cookies are only stored with your consent on the basis of Art. 6 para. 1 lit. a GDPR. The consent can be revoked at any time for the future. The legal basis may also arise from Art. 6 (1) lit. b GDPR, if the processing is necessary for the performance of a contract to which the data subject is a party or for the performance of pre-contractual measures, which are carried out at the request of the data subject.
As far as cookies are used for analysis purposes, we will inform you separately about this within the framework of this data protection declaration and obtain your consent.
You can set your browser to allow you to
- be informed about the setting of cookies
- allow cookies only in individual cases,
- exclude the acceptance of cookies for certain cases or in general,
- enable the automatic deletion of cookies when closing the browser.
Cookie settings can be managed under the following links for the respective
browsers:
You can also manage cookies of many companies and functions used for
advertising individually. To do this, use the corresponding user tools, available at https://www.aboutads.info/choices/ or http://www.youronlinechoices.com/uk/your-ad-choices.
Most browsers also offer a so-called "do-not-track" function. When this feature is enabled, the respective browser tells advertising networks, websites, and applications that you do not want to be "tracked" for behavioural advertising and the like.
For information and instructions on how to edit this feature, depending on your browser provider, see the links below:
Additionally, you can prevent the loading of so-called scripts by default.
"NoScript" allows JavaScripts, Java and other plug-ins to run only on trusted
domains of your choice. Information and instructions on how to edit this feature
are available from your browser vendor (e.g. for Mozilla Firefox under: https://addons.mozilla.org/de/firefox/addon/noscript/).
Please note that if you disable cookies, the functionality of our website may be limited.
Change Cookie Settings
You can revoke or change your cookie settings at any time. To do this, call up the cookie settings again via this link .
External Links
Social networks (LinkedIn) are only integrated on our website as a link to the corresponding services. After clicking on the embedded text/image link, you will be redirected to the page of the respective provider. User information is only transferred to the respective provider after the forwarding. For information on the handling of your personal data when using these websites, please refer to the respective data protection provisions of the providers you use.
Data Sharing and Recipients
A transfer of your personal data to third parties does not take place unless
- if we explicitly referred to this in the description of the respective data processing,
- if you have given your explicit consent to this accordance with Art. 6 (1) p.1 lit. a GDPR,
- the disclosure is necessary pursuant to Art. 6 (1) p. 1 lit. f GDPR for the assertion, exercise or defence of legal claims and there is no reason to assume you have an overriding legitimate interest in the non-disclosure of your data,
- in the event that there is a legal obligation for the disclosure pursuant to Art. 6 (1) sentence 1 lit. c GDPR and
- as far as this is necessary for the processing of contractual relationships with you according to Art. 6 para. 1 p. 1 lit. b GDPR. In addition, we use external service providers for the processing of our services, which we have carefully selected, commissioned in writing and with which we have concluded order processing agreements pursuant to Art. 28 GDPR, if necessary. These are bound by our instructions and are regularly monitored by us. These are, among others, service providers for hosting, sending e-mails and maintenance care of our IT systems, etc. The service providers will not disclose this data to third parties.
Contact Form and Contact by E-Mail
If you send us inquiries via the contact form or e-mail, your information from the inquiry form or your e-mail, including the personal data you provide there, will be stored by us to process the inquiry and in case of follow-up questions. The specification of an e-mail address and your first and last name are required to contact you. Your telephone number is voluntary. We will not pass on this data in any case without your consent. The legal basis for processing the data is our legitimate interest in responding to your request pursuant to Art. 6 (1) lit. f GDPR and, if applicable, Art. 6 (1) lit. b GDPR, if your request is aimed at concluding a contract. Your data will be deleted after the final processing of your request, provided that there are no legal obligations to retain data. You can object to the processing of your personal data at any time in the case of Art. 6 para. 1 lit. f GDPR.
Newsletter
If you would like to receive the newsletter offered on the website with regular information about our offers and products, we require your e-mail as mandatory information.
Additional data may be provided in order to address you personally in the newsletter and/or to identify you if you wish to exercise your rights as a data subject.
We use the so-called double opt-in procedure for sending the newsletter. This means that we will only send you our newsletter by e-mail if you have expressly confirmed that you consent to the sending of newsletters. In the first step, you will receive an e-mail with a link that you can use to confirm that you, as the owner of the corresponding e-mail address, want to receive the newsletter in the future. With the confirmation, you give us consent pursuant to Art. 6 para. 1 lit. a GDPR that we may use your personal data for the purpose of the desired newsletter dispatch.
When registering for the newsletter, we store, in addition to the e-mail address required for sending, the IP address through which you registered for the newsletter, as well as the date and time of registration and confirmation, in order to be able to track possible misuse at a later date.
You can unsubscribe from the newsletter at any time via the link included in each newsletter or by sending an e-mail to the responsible person named above. After unsubscribing, your e-mail address will be deleted immediately from our newsletter distribution list unless you have expressly consented to the continued use of the data collected or the continued processing is otherwise permitted by law.
Sending Job Applications
If you apply to us via our contact form or by e-mail, we collect personal data. This includes, in particular, your contact data (such as first and last name, telephone number and e-mail address of the user) as well as other data provided by you regarding your career (e.g. resume, qualifications, degrees and work experience) and your person (e.g. cover letter, personal interests). This may also include special categories of personal data (e.g. information on a severe disability. As a rule, your personal data is collected directly from you as part of the application process and encrypted during electronic transmission. The primary legal basis for this is Art. 6 (1) b GDPR in conjunction with Section 26 (1) BDSG. In addition, consent pursuant to Art. 6 Para. 1 lit. a, 7 GDPR in conjunction with § 26 Para. 2 BDSG can be used as a data protection permission provision. If the processing of your data is based on consent, you have the right to revoke the consent at any time with effect for the future.
Within our company, only those persons and departments (e.g. Human Resources) have access to your personal data that absolutely need it to carry out the application process or to fulfil our legal obligations. If necessary, your applications will be forwarded to the relevant responsible persons for review. Under no circumstances will your personal data be passed on to third parties without authorization.
Your data relating to an application for a specific job posting will be stored and processed by us during the ongoing application process. After completion of the application process (e.g. in the form of an acceptance or rejection), the application process, including all personal data, will be deleted from the system no later than six months after completion of the application process. You can revoke your consent at any time with effect for the future. An informal e-mail addressed to the contact person mentioned above is sufficient for this purpose. In the event of an acceptance, your application documents will be transferred to the personnel file.
Registration Customer Portal
You have the option of registering for certain services provided on our website and thus creating a user profile (customer portal). In the course of registration and setup, we collect and use the following personal data:
- First and last name
- E-mail address
- Date and time of registration
In addition, voluntary information can be provided (e.g. telephone number, etc.). Mandatory information provided for the purpose of registration is marked as mandatory in the input mask with an asterisk. With your user account, you will be given the opportunity to use further parts of our website and to log in for the offers you have purchased. The legal basis for data processing is Art. 6 para. 1 lit. a GDPR in the case of consent or Art. 6 para. 1 lit. b GDPR if the processing is necessary to provide the requested services. Your data will be deleted as soon as the user account on our website is deleted and insofar as no legal retention obligations exists. A change and/or deletion of their user account, including the data provided by you, can usually be made after a login directly in your user account or by sending a message to the responsible person mentioned in the introduction.
Google Analytics
Our website uses Google Analytics, an internet analysis service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Analytics uses so-called "cookies". Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity. Google will also use this information to provide the website operator with other services related to the use of the website and the Internet. The IP address sent by your browser as part of Google Analytics is not combined with other data from Google. The processing is carried out in accordance with Art. 6 para. 1 lit a GDPR on the basis of the consent given by you.
We use Google Analytics only with enabled IP anonymization. This means that your IP address is only processed by Google in a shortened form.
We have concluded an order processing agreement with the service provider, in which we oblige him to protect our customers‘ data and not to pass it on to third parties.
Since a transfer of personal data to the US takes place, further protection mechanisms are required to ensure the level of data protection of the GDPR. To ensure this, we have agreed to standard data protection clauses with the provider in accordance with Art. 46 (2) lit. c GDPR. These oblige the recipient of the data in the US to process the data in accordance with the level of protection in Europe. In cases where this cannot be ensured even through this contractual extension, we endeavour to obtain additional regulations and commitments from the recipient in the US.
The Google Analytics terms of use and information on data protection can be accessed via the following links: http://www.google.com/analytics/terms/de.html https://www.google.de/intl/de/policies/
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. Deletion of user-level and event-level data linked to cookies, user identifiers (e.g., user ID), and advertising IDs), e.g. DoubleClick cookies, Android advertising ID, IDFA [Apple identifier for advertisers]) takes place no later than 14 months after their collection.
You can prevent the storage of cookies by adjusting the settings of your browser software accordingly. However, we would like to point out that in this case, you may not be able to use all functions of this website without restrictions. You can also prevent Google from collecting the data generated by the cookie and from analysing your use of the website (including your IP address) and from having this data processed by Google by downloading and installing the browser plug-in available under https://tools.google.com/dlpage/gaoptout?hl=de .
Leadinfo
We use the lead generation service of Leadinfo B.V., Rotterdam, Netherlands. This recognizes visits by companies to our website based on IP addresses and shows us publicly available information for this purpose, such as company names or addresses. In addition, Leadinfo sets two first-party cookies to evaluate user behaviour on our website and processes domains from form entries (e.g., "leadinfo.com") to correlate IP addresses with companies and improve the services. For more information, please visit www.leadinfo.com. On this page: www.leadinfo.com/en/opt-out , you have an opt-out option. If you opt-out, your information will no longer be collected by Leadinfo.
The legal basis for the processing is your consent, according to Art. 6 para. 1 lit. a GDPR.
Marketo
We use the Marketo tool on our website, a service provided by Marketo EMEA Ltd, Red Oak North, South County Business Park, Leopardstown, Dublin 18, Ireland ("Marketo"), to collect statistical data on the use of our website and to optimize our offering accordingly, to provide system-related e-mails, information on individual surfing behaviour, downloads of white papers, fact sheets, case studies and similar materials, and to conduct e-mail marketing.
For this purpose, one or more cookies are stored on your computer, with the help of which data is collected for marketing and optimization purposes and stored and processed on Marketo’s servers. The data collected may be combined with the personal data you voluntarily provided on the website for profiling purposes. You can object to the profiling by deactivating the cookie function in your browser. For more information, please refer to Marketo’s privacy policy at: en.marketo.com/trust/legal/privacy
For this evaluation, the emails sent contain so-called web beacons, also called tracking pixels. These single-pixel image files make it possible to record your user behaviour. Tracking is not possible if you have deactivated the display of images by default in your e-mail programme. If you display the images manually, the tracking mentioned above takes place.
We record when you read our e-mails, which links you click on in them and deduce your personal interests from this. We link this data to actions you have taken on our website. Marketo stores this information on its server in the European Union or the European Economic Area (EU or EEA).
If you use one of our digital services for which you have completed the registration process (for example, for our newsletter), Marketo also helps us to analyse your usage behaviour on our website. For this purpose, a text file (see “Cookies”) is stored on your computer, which enables us to recognise you when you visit our website again.
We analyse how you use our website and other digital content such as videos, banners and downloads that are placed online on our website. This allows us to tailor our offers to your individual needs so that you receive less randomly scattered offers overall. With the data obtained in this way, we tailor our digital services to your interests and make them available to you accordingly.
The cookie on your system expires after 24 months. You can prevent the cookie from being stored by setting your browser software accordingly. If you register for one of our digital services and in this context provide personal data via a registration form, we will obtain your separate declaration of consent. In this declaration, you consent to the processing of data to the extent described in the context of the use of our digital services, such as newsletters, invitations to webinars and events and the associated analysis of your user behaviour as described in this section. As a user, you have the option to cancel your registration at any time. You can have the data stored about you changed at any time. Please contact the following e-mail address: datenschutz@esforin.com
The data collected may also be processed outside the EU. In order to ensure the level of data protection of the GDPR in other countries as well, we have agreed standard data protection clauses with Marketo. For more information on the purpose and scope of data collection and its processing by Marketo, please refer to Marketo's privacy policy: https://documents.marketo.com/legal/privacy/ There you will also receive further information on your rights in this regard.
The legal basis for the processing is your consent, according to Art. 6 para. 1 lit. a GDPR.
virtrex
Gleiches wie für „Marketo“ gilt für virtrex der Convidera GmbH, Stolberger Strasse 90D50933 Köln, Deutschland
Link zur Datenschutzerklärung virtrex
YouTube
On our website, we integrate videos from "YouTube", a social media platform of Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland (hereinafter referred to as "Google"). The legal basis for the processing of your personal data is your consent granted for this purpose pursuant to Art. 6 (1) p. 1 lit. a GDPR.
If the playback of embedded YouTube videos is started by your consent, the provider "YouTube" uses cookies to collect information about user behaviour. According to information from "YouTube", these are used, among other things, to collect video statistics, improve user-friendliness and prevent abusive behaviour. If you are logged in to Google, your data is directly assigned to your account when you clock on a video. If you do not want the assignment with your profile on YouTube, you must log out before activating the button. Google stores this data as usage profiles and uses them for the purpose of advertising, market research and/or the needs-based design of its websites. Such an evaluation is carried out in particular (also for users who are not logged in) for the display of needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles. Please contact Google directly for this purpose.
Since a transfer of personal data to the US takes place, further protection mechanisms are required to ensure the level of data protection of the GDPR. To ensure this, Google uses standard data protection clauses in accordance with Art. 46 (2) lit. c GDPR. These oblige the recipient of the data in the US to process the data in accordance with the level of protection in Europe. In cases where this cannot be ensured by this contractual extension, we seek to obtain additional regulations and commitments from the recipient in the US.
Further information on data protection and data used by Google can be found on the following Google website: https://policies.google.com/privacy?hl=de&gl=de
Google Maps
Our homepage uses the online map service provider Google Maps via an interface. This allows us to display interactive maps directly on the website and enables you to use the map function conveniently. The provider of the map service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. To use the functionalities of Google Maps, it is necessary to store your IP address.
Google uses cookies to collect information about user behaviour. The legal basis for the processing of your personal data is your consent granted for this purpose in accordance with Art. 6 (1) p. 1 lit. a GDPR.
Since a transfer of personal data to the US takes place, further protection mechanisms are required to ensure the level of data protection of the GDPR. To ensure this, Google uses standard data protection clauses in accordance with Art. 46 (2) lit. c GDPR. These oblige the recipient of the data in the US to process the data in accordance with the level of protection in Europe. In cases where this cannot be ensured by this contractual extension, we seek to obtain additional regulations and commitments from the recipient in the US.
For more information on the handling of user data, please see Google’s privacy policy: https://www.google.de/intl/de/policies/privacy/ Opt-out: https://www.google.com/settings/ads/
Letscast
For our podcast on this website, we use the podcast hosting service LetsCast.fm of Produktgenuss GmbH, Vereinsstraße 51, 20357 Hamburg.
Produktgenuss GmbH is a German company and stores the collected data in a DSGVO-compliant manner on servers in Germany. When using the podcast player, only information about the podcast episode, the IP address and the version of the browser and operating system are transmitted. The IP address is stored anonymously or pseudonymously in the LetsCast.fm database.
The use is based on our legitimate interests, i.e. interest in a secure and efficient provision, analysis and optimisation of our podcast offer pursuant to Art. 6 Para. 1 lit. f. DSGVO.
For more information, please see the LetsCast.fm privacy policy: https://letscast.fm/privacy.
Data Security
We take appropriate technical and organizational measures in accordance with Article 32 of the GDPR, taking into account the state of technology, the costs of implementation and the nature, scope, circumstances and purposes of the processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons, in order to ensure a level of protection appropriate to the risk. This website uses SSL encryption for security reasons and to protect the transmission of confidential content.
Duration of the Storage of Personal Data
The duration of the storage of personal data is measured by the relevant statutory retention periods (e.g. from commercial law and tax law). After the expiry of the respective period, the corresponding data is routinely deleted. If data is required for the fulfilment or initiation of a contract or if we have a legitimate interest in continuing to store it, the data will be deleted when it is no longer required for the purposes, or you have exercised your right of revocation or objection.
Your Rights
In the following, you will find information on which affected rights the applicable data protection law grants you regarding the responsible with regard to the processing of your personal data:
The right to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it was not collected by us, as well as the existence of automated decision-making, including profiling, and, if applicable, meaningful information about its details.
The right to request the correction of inaccurate or incomplete personal data stored by us without undue delay in accordance with Art. 16 GDPR.
The right to request the deletion of your personal data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims.
The right to request the restriction of the processing of your personal data in accordance with Art. 18 GDPR, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its deletion, and we no longer need the data, but you need it for the assertion, exercise or defence of legal claims or you have objected to the processing in accordance with Art. 21 GDPR.
The right, pursuant to Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transferred to another controller.
The right to complain to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of the federal state of our registered office stated above or, if applicable, that of your usual place of residence or workplace.
The right to revoke the consent given in accordance with Art. 7 (3) GDPR: You have the right to revoke consent to the processing of data once given at any time with effect for the future. In the event of revocation, we will delete the data concerned without delay unless further processing can be based on a legal basis for processing without consent. The revocation of consent shall not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
Right of Objection
Insofar as your personal data is processed by us on the basis of legitimate interests pursuant to Art. 6 (1) p. 1 lit. f GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, insofar as this is done for reasons arising from your particular situation. Insofar as the objection is directed against the processing of personal data for the purpose of direct marketing, you have a general right of objection without the requirement to specify a particular situation.
If you would like to make use of your right of revocation or objection, it is sufficient to send an e-mail to: datenschutz@esforin.com
Legal Obligations
The provision of personal data for the decision on the conclusion of a contract, the fulfilment of the contract or for the implementation of pre-contractual measures is voluntary. However, we can only make the decision in the context of contractual measures if you provide such personal data that is required for the conclusion of the contract, the fulfilment of the contract or pre-contractual measures.
Automated Decision Making
Automated decision making or profiling according to Art. 22 GDPR does not take place.
Subject to Change
We reserve the right to adapt or update this data protection declaration if necessary in compliance with the applicable data protection regulations. In this way, we can adapt it to the current legal requirements and take into account changes to our services, e.g. when introducing new services. The current version applies to your visit.
Status of this data protection declaration: 16.11.2021