Privacy Policy

 

1. Data protec­tion at a glance

 

General notes

The follo­wing notices provide a simple over­view of what happens to your personal data when you visit this website. Personal data is any data by which you can be perso­nally iden­ti­fied. For detailed infor­ma­tion on the subject of data protec­tion, please refer to our privacy policy listed below this text.

 

Data coll­ec­tion on this website

 

Who is the respon­sible party for the data coll­ec­tion on this website?

Data proces­sing on this website is carried out by the website operator. You can find the contact details of the website operator in the section “Infor­ma­tion on the data controller” in this privacy policy.

 

How do we collect your data?

On the one hand, your data is coll­ected when you provide it to us. This can be, for example, data that you enter in a contact form.

Other data are coll­ected auto­ma­ti­cally or with your consent by our IT systems when you visit the website. This is mainly tech­nical data (e.g. internet browser, opera­ting system or time of page view).

 

What do we use your data for?

Part of the data are coll­ected to ensure error-free provi­sion of the website. Other data may be used to analyse your user behaviour.

 

Analysis tools and third-party tools

When visi­ting this website, your surfing beha­viour may be statis­ti­cally evaluated. This is mainly done with so-called analysis programs.

Detailed infor­ma­tion on these analysis programmes can be found in the follo­wing privacy policy.

 

2. Hosting

 

External hosting

This website is hosted by an external service provider (hoster). The personal data coll­ected on this website are stored on the hoster’s servers. This may include, but is not limited to, IP addresses, contact requests, meta and commu­ni­ca­tion data, contrac­tual data, contact details, names, website accesses and other data gene­rated via the website.

The hoster is used for the purpose of contract fulfilment vis-à-vis our poten­tial and exis­ting custo­mers (Art. 6 para. 1 lit. b GDPR) and in the inte­rest of a secure, fast and effi­cient provi­sion of our online offer by a profes­sional provider (Art. 6 para. 1 lit. f GDPR).

Our hoster will only process your data to the extent that this is neces­sary for the fulfilment of its service obli­ga­tions and will follow our instruc­tions with regard to this data.

We use the follo­wing hoster:

1&1 IONOS SE
Elgen­dorfer Str. 57
56410 Monta­baur

 

Proces­sing on our behalf

We have concluded a contract on proces­sing on our behalf (DPA) with the above-mentioned provider. This is a contract required by data protec­tion law, which ensures that the provider only processes the personal data of our website visi­tors in accordance with our instruc­tions and in compli­ance with the GDPR.

 

3. General notes and manda­tory information

 

Data protec­tion

We take the protec­tion of your personal data very seriously. We treat your personal data confi­den­ti­ally and in accordance with the statu­tory data protec­tion regu­la­tions and this privacy policy.

When you use this website, various personal data are coll­ected. Personal data are data that can be used to iden­tify you perso­nally. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

We would like to point out that data trans­mis­sion on the Internet (e.g. commu­ni­ca­tion by e-mail) can have secu­rity gaps. Complete protec­tion of data against access by third parties is not possible.

 

Respon­sible Data Controller

The data controller for this website is:

PYREG GmbH
Trink­born­straße 15-17
56281 Dörth

Phone: 06747 95388 0
E-mail: info@pyreg.de

The controller is the natural or legal person who alone or jointly with others deter­mines the purposes and means of the proces­sing of personal data (e.g. names, e-mail addresses, etc.).

 

Storage period

Unless a more specific storage period has been speci­fied within this privacy policy, your personal data will remain with us until the purpose for proces­sing the data no longer applies. If you assert a justi­fied request for dele­tion or revoke consent to data proces­sing, your data will be deleted unless we have other legally permis­sible reasons for storing your personal data (e.g. reten­tion periods under tax or commer­cial law); in the latter case, the data will be deleted after these reasons no longer apply.

 

Data Protec­tion Officer

You can reach the data protec­tion officer of PYREG GmbH under the follo­wing contact details:

E-mail: datenschutzbeauftragter@pyreg.de

Herting Ober­beck Daten­schutz GmbH
Hallerstr. 76, 20146 Hamburg

https://www.datenschutzkanzlei.de”

 

Note on data transfer to the USA and other third countries

Our data proces­sing opera­tions may involve the transfer of certain personal data to third count­ries, i.e. count­ries where the GDPR is not appli­cable law. Such a transfer takes place in a permis­sible manner if the Euro­pean Commis­sion has deter­mined that an adequate level of data protec­tion is in place in such a third country. If such an adequacy decision by the Euro­pean Commis­sion does not exist, a transfer of personal data to a third country will only take place if appro­priate safe­guards are in place in accordance with Article 46 of the GDPR or if one of the condi­tions of Article 49 of the GDPR is met.

Unless other­wise stated below, we use the EU stan­dard data protec­tion clauses as suitable safe­guards for the transfer of personal data in third count­ries. You have the possi­bi­lity to obtain a copy of these EU stan­dard data protec­tion clauses or to inspect them. To do so, please contact us at the address given under Contact.

If you consent to the transfer of personal data to third count­ries, the transfer will take place on the legal basis of Article 49 (1) a GDPR.

 

Revo­ca­tion of your consent to data processing

Many data proces­sing opera­tions are only possible with your express consent. You can revoke consent you have already given at any time. The lega­lity of the data proces­sing carried out until the revo­ca­tion remains unaf­fected by the revocation.

 

Right to object to the coll­ec­tion of data in specific cases and to direct marke­ting (Art. 21 GDPR)

IF THE DATA PROCES­SING IS BASED ON ART. 6 PARA. 1 LIT. E OR F GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCES­SING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTI­CULAR SITUA­TION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVI­SIONS. THE RESPEC­TIVE LEGAL BASIS ON WHICH PROCES­SING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN DEMONS­TRATE COMPEL­LING LEGI­TI­MATE GROUNDS FOR THE PROCES­SING WHICH OVER­RIDE YOUR INTE­RESTS, RIGHTS AND FREE­DOMS, OR THE PROCES­SING SERVES THE PURPOSE OF ASSER­TING, EXER­CISING OR DEFEN­DING LEGAL CLAIMS (OBJEC­TION UNDER ARTICLE 21 PARA 1) OF THE GDPR).

IF YOUR PERSONAL DATA ARE PROCESSED FOR THE PURPOSE OF DIRECT MARKE­TING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCES­SING OF PERSONAL DATA CONCER­NING YOU FOR THE PURPOSE OF SUCH MARKE­TING; THIS ALSO APPLIES TO PROFILING INSOFAR AS IT IS CONNECTED WITH SUCH DIRECT MARKE­TING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSE­QUENTLY NO LONGER BE USED FOR THE PURPOSE OF DIRECT MARKE­TING (OBJEC­TION PURSUANT TO ART. 21 PARA. 2 GDPR).

 

Right of appeal to the compe­tent super­vi­sory authority

In the event of brea­ches of the GDPR, affected persons shall have a right of appeal to a super­vi­sory autho­rity, in parti­cular in the Member State of their habi­tual resi­dence, their place of work or the place of the alleged breach. The right of appeal is without preju­dice to any other admi­nis­tra­tive or judi­cial remedy.

 

Right to data portability

You have the right to have data that we process auto­ma­ti­cally on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is tech­ni­cally feasible.

 

SSL or TLS encryption

For secu­rity reasons and to protect the trans­mis­sion of confi­den­tial content, such as orders or enqui­ries that you send to us as the site operator, this site uses SSL or TLS encryp­tion. You can reco­g­nise an encrypted connec­tion by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryp­tion is acti­vated, the data you transmit to us cannot be read by third parties.

 

Access, dele­tion and rectification

Within the frame­work of the appli­cable legal provi­sions, you have the right at any time to free infor­ma­tion about your stored personal data, its origin and reci­pient and the purpose of the data proces­sing and, if appli­cable, a right to recti­fi­ca­tion or dele­tion of this data. You can contact us at any time for this purpose and for further ques­tions on the subject of personal data.

 

Right to rest­rict processing

You have the right to request the rest­ric­tion of the proces­sing of your personal data. To do this, you can contact us at any time. The right to rest­ric­tion of proces­sing exists in the follo­wing cases:

  • If you dispute the accu­racy of your personal data stored by us, we usually need time to check this. For the dura­tion of the veri­fi­ca­tion, you have the right to request the rest­ric­tion of the proces­sing of your personal data.
  • If the proces­sing of your personal data happened/is happe­ning unlawfully, you can request the rest­ric­tion of data proces­sing instead of erasure.
  • If we no longer need your personal data, but you need it to exer­cise, defend or enforce legal claims, you have the right to request rest­ric­tion of the proces­sing of your personal data instead of deletion.
  • If you have lodged an objec­tion pursuant to Art. 21 PARA 1 GDPR, a balan­cing of your inte­rests and ours must be carried out. As long as it has not yet been deter­mined whose inte­rests prevail, you have the right to demand the rest­ric­tion of the proces­sing of your personal data.

If you have rest­ricted the proces­sing of your personal data, such data may – apart from being stored – only be processed with your consent or for the estab­lish­ment, exer­cise or defence of legal claims or for the protec­tion of the rights of another natural or legal person or for reasons of important public inte­rest of the Euro­pean Union or a Member State.

 

4. Data coll­ec­tion on this website

 

Cookies

Our internet pages uses so-called “cookies”. Cookies are small text files and do not cause any damage to your end device. They are stored either tempo­r­a­rily for the dura­tion of a session (session cookies) or perma­nently (perma­nent cookies) on your end device. Session cookies are auto­ma­ti­cally deleted at the end of your visit. Perma­nent cookies remain stored on your end device until you delete them yourself or until they are auto­ma­ti­cally deleted by your web browser.

In some cases, cookies from third-party compa­nies may also be stored on your end device when you enter our site (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for proces­sing payment services).

Cookies have various func­tions. Many cookies are tech­ni­cally neces­sary, as certain website func­tions would not work without them (e.g. the shop­ping cart func­tion or the display of videos). Other cookies are used to evaluate user beha­viour or to display advertising.

Cookies that are required to carry out the elec­tronic commu­ni­ca­tion process (neces­sary cookies) or to provide certain func­tions that you have requested (func­tional cookies, e.g. for the shop­ping basket func­tion) or to opti­mise the website (e.g. cookies to measure the web audi­ence) are stored on the basis of Art. 6 para. 1 lit. f GDPR, unless another legal basis is speci­fied. The website operator has a legi­ti­mate inte­rest in storing cookies for the tech­ni­cally error-free and opti­mised provi­sion of its services. If consent to the storage of cookies has been requested, the storage of the cookies in ques­tion is based exclu­si­vely on this consent (Art. 6 para. 1 lit. a GDPR); consent can be revoked at any time.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in indi­vi­dual cases, exclude the accep­tance of cookies for certain cases or in general and acti­vate the auto­matic dele­tion of cookies when closing the browser. If you deac­ti­vate cookies, the func­tion­a­lity of this website may be limited.

If cookies are used by third-party compa­nies or for analysis purposes, we will inform you about this sepa­ra­tely within the frame­work of this privacy policy and, if neces­sary, request your consent.

 

Consent with Borlabs Cookie

Our website uses Borlabs Cookie Consent tech­no­logy to obtain your consent to the storage of certain cookies in your browser or to the use of certain tech­no­lo­gies and to docu­ment this in accordance with data protec­tion law. The provider of this tech­no­logy is Borlabs – Benjamin A. Born­schein, Rüben­kamp 32, 22305 Hamburg (herein­after referred to as Borlabs).

When you enter our website, a Borlabs cookie is stored in your browser, which stores the cons­ents you have given or the revo­ca­tion of these cons­ents. This data is not shared with the Borlabs cookie provider.

The coll­ected data will be stored until you request us to delete it or until you delete the Borlabs cookie yourself or until the purpose for storing the data no longer applies. Manda­tory legal reten­tion periods remain unaf­fected. Details on the data proces­sing of Borlabs Cookie can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.

The use of Borlabs cookie consent tech­no­logy takes place in order to obtain the legally required cons­ents for the use of cookies. The legal basis for this is Art. 6 para. 1 lit. c GDPR.

To with­draw consent for cookies, close the browser, reopen it and access the PYREG website again.

 

Server log files

The provider of the pages auto­ma­ti­cally coll­ects and stores infor­ma­tion in so-called server log files, which your browser auto­ma­ti­cally trans­mits to us. These are:

  • Browser type and version
  • Opera­ting system used
  • Referrer URL
  • Host name of the acces­sing computer
  • Time of the server request
  • IP address

This data is not merged with other data sources.

The coll­ec­tion of this data is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legi­ti­mate inte­rest in the tech­ni­cally error-free presen­ta­tion and opti­mi­sa­tion of its website – for this purpose, the server log files must be collected.

 

Contact form

If you send us enqui­ries via the contact form, your details from the enquiry form, inclu­ding the contact details you provide there, will be stored by us for the purpose of proces­sing the enquiry and in the event of follow-up ques­tions. We do not pass on this data without your consent.

The proces­sing of this data is based on Art. 6 para. 1 lit. b GDPR if your request is related to the perfor­mance of a contract or is neces­sary for the imple­men­ta­tion of pre-contrac­tual measures. In all other cases, the proces­sing is based on our legi­ti­mate inte­rest in the effec­tive proces­sing of the enqui­ries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested.

The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. after we have completed proces­sing your enquiry). Manda­tory legal provi­sions – in parti­cular reten­tion periods – remain unaffected.

 

Request by e-mail, tele­phone or fax

If you contact us by e-mail, tele­phone or fax, your enquiry inclu­ding all resul­ting personal data (name, enquiry) will be stored and processed by us for the purpose of proces­sing your request. We will not pass on this data without your consent.

The proces­sing of this data is based on Art. 6 para. 1 lit. b GDPR if your request is related to the perfor­mance of a contract or is neces­sary for the imple­men­ta­tion of pre-contrac­tual measures. In all other cases, the proces­sing is based on our legi­ti­mate inte­rest in the effec­tive proces­sing of the enqui­ries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested.

The data you send to us via contact requests will remain with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. after we have completed proces­sing your request). Manda­tory statu­tory provi­sions – in parti­cular statu­tory reten­tion periods – remain unaffected.

 

Comment func­tion on this website

For the comment func­tion on this page, in addi­tion to your comment, details of when the comment was created, your e-mail address and, if you do not post anony­mously , the user name you have chosen will be stored.

 

Storage of the IP address

Our comment func­tion stores the IP addresses of users who post comm­ents. Since we do not check comm­ents on this website before they are acti­vated, we need this data in order to be able to take action against the author in the event of legal viola­tions such as insults or propaganda.

 

Storage period of the comments

The comm­ents and the asso­ciated data are stored and remain on this website until the commented content has been comple­tely deleted or the comm­ents have to be deleted for legal reasons (e.g. offen­sive comments).

 

Legal basis

The storage of the comm­ents is based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent at any time. For this purpose, an informal commu­ni­ca­tion by e-mail to us is suffi­cient. The lega­lity of the data proces­sing opera­tions already carried out remains unaf­fected by the revocation.

 

5. Analysis tools and advertising

 

Google Tag Manager

We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The Google Tag Manager is a tool that enables us to inte­grate tracking or statis­tical tools and other tech­no­lo­gies on our website. The Google Tag Manager itself does not create user profiles, does not store cookies and does not perform any inde­pen­dent analyses. It only serves to manage and play out the tools inte­grated via it. However, the Google Tag Manager coll­ects your IP address, which may also be trans­mitted to Google’s parent company in the United States.

The use of the Google Tag Manager is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legi­ti­mate inte­rest in a quick and uncom­pli­cated inte­gra­tion and manage­ment of various tools on his website. Insofar as a corre­spon­ding consent has been requested, the proces­sing is carried out exclu­si­vely on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.

 

Google Analy­tics

We use the Google Analy­tics service of the provider Google Ireland Limited (Google Ireland/EU) on our website.

Google Analy­tics is a web analy­tics service that enables us to collect and analyse data about the beha­viour of visi­tors to our website. Google Analy­tics uses cookies to analyse the use of our website. This involves the proces­sing of personal data in the form of online iden­ti­fiers (inclu­ding cookie iden­ti­fiers), IP addresses, device iden­ti­fiers and infor­ma­tion about inter­ac­tion with our website.

Some of this data is infor­ma­tion stored in the end device you are using. In addi­tion, further infor­ma­tion is also stored on your end device via the cookies used. Such storage of infor­ma­tion by Google Analy­tics or access to infor­ma­tion already stored in your terminal device will only take place with your consent.

Google Ireland will process the data coll­ected in this way on our behalf in order to evaluate the use of our website by users, to compile reports on the acti­vi­ties within our website and to provide us with other services asso­ciated with the use of our website and the use of the Internet. In doing so, pseud­ony­mous user profiles of the users can be created from the processed data.

The setting of cookies and the further proces­sing of personal data described here takes place with your consent. The legal basis for the data proces­sing in connec­tion with the Google Analy­tics service is ther­e­fore Art. 6 para. 1 lit. a GDPR. You can revoke this consent via our Consent Manage­ment Tool at any time with effect for the future.

The personal data processed on our behalf to provide Google Analy­tics may be trans­ferred to any country in which Google Ireland or Google Ireland’s sub-proces­sors main­tain faci­li­ties. Please refer to the infor­ma­tion in the section “Data transfer to third countries”.

We only use Google Analy­tics with IP anony­mi­sa­tion acti­vated. This means that the IP address of the user is shor­tened by Google Ireland within member states of the Euro­pean Union or in other contrac­ting states of the Agree­ment on the Euro­pean Economic Area. The IP address trans­mitted by the user’s browser is not merged with other data. Further infor­ma­tion on the use of data for adver­ti­sing purposes can be found in Google’s privacy policy at: www.google.com/policies/technologies/ads/.

We use the Google Analy­tics 4 variant, which allows us to track inter­ac­tion data from diffe­rent devices and from diffe­rent sessions. This allows us to put indi­vi­dual user actions in context and analyse long-term relationships.

User action data is stored for a period of 14 months and then auto­ma­ti­cally deleted. All other event data is stored for 2 months and then auto­ma­ti­cally deleted. The dele­tion of data whose storage period has expired takes place auto­ma­ti­cally once a month.

 

Browser plugin

You can prevent the coll­ec­tion and proces­sing of your data by Google by down­loa­ding and instal­ling the browser plugin available at the follo­wing link: https://tools.google.com/dlpage/gaoptout?hl=de.

You can find more infor­ma­tion on how Google Analy­tics handles user data in Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

 

Proces­sing on our behalf

We have concluded a Data Proces­sing Agree­ment (DPA) with Google. This is a contract required by data protec­tion law, which ensures that the provider only processes the personal data of our website visi­tors in accordance with our instruc­tions and in compli­ance with the GDPR.

 

Hotjar

This website uses Hotjar. The provider is Hotjar Ltd, Level 2, St Julians Busi­ness Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe (website: https://www.hotjar.com).

Hotjar is a tool for analy­sing your user beha­viour on this website. With Hotjar, we can record your mouse move­ments, scrol­ling move­ments and clicks, among other things. Hotjar can also deter­mine how long you have stayed with the mouse pointer on a certain spot. From this infor­ma­tion, Hotjar creates so-called heat maps, which can be used to deter­mine which website areas are viewed prefe­ren­ti­ally by the website visitor.

Further­more, we can deter­mine how long you stayed on a page and when you left it. We can also deter­mine at which point you aban­doned your entries in a contact form (so-called conver­sion funnels).

In addi­tion, Hotjar can be used to obtain direct feed­back from website visi­tors. This func­tion serves to improve the website operator’s web offerings.

Hotjar uses tech­no­lo­gies that enable the reco­gni­tion of the user for the purpose of analy­sing user beha­viour (e.g. cookies or use of device fingerprinting).

This analysis tool is used exclu­si­vely on the basis of Art. 6 para. 1 lit. a GDPR; consent can be revoked at any time.

For more infor­ma­tion about Hotjar’s privacy prac­tices, please see Hotjar’s privacy policy at https://www.hotjar.com/legal/policies/privacy/.

 

Proces­sing on our behalf

We have concluded a Data Proces­sing Agree­ment (DPA) with the above-mentioned provider. This is a contract required by data protec­tion law, which ensures that the provider only processes the personal data of our website visi­tors in accordance with our instruc­tions and in compli­ance with the GDPR.

 

Google Conver­sion Tracking

This website uses Google Conver­sion Tracking. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

With the help of Google conver­sion tracking, Google and we can reco­g­nise whether the user has performed certain actions. For example, we can evaluate which buttons on our website were clicked how often and which products were viewed or purchased parti­cu­larly frequently. This infor­ma­tion is used to create conver­sion statis­tics. We learn the total number of users who clicked on our ads and what actions they took. We do not receive any infor­ma­tion with which we can perso­nally iden­tify the user. Google itself uses cookies or compa­rable reco­gni­tion tech­no­lo­gies for identification.

Google conver­sion tracking is used exclu­si­vely on the basis of Art. 6 para. 1 lit. a GDPR; consent can be revoked at any time.

You can find more infor­ma­tion on Google conver­sion tracking in Google’s privacy policy: https://policies.google.com/privacy?hl=de.

 

6. Plugins and tools

 

Vimeo

This website uses plugins from the video portal Vimeo. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.

When you visit one of our pages equipped with a Vimeo video, a connec­tion to the Vimeo servers is estab­lished. This tells the Vimeo server which of our pages you have visited. In addi­tion, Vimeo obtains your IP address. This also applies if you are not logged in to Vimeo or do not have an account with Vimeo. The infor­ma­tion coll­ected by Vimeo is trans­mitted to the Vimeo server in the USA.

If you are logged into your Vimeo account, you enable Vimeo to assign your surfing beha­viour directly to your personal profile. You can prevent this by logging out of your Vimeo account.

Vimeo uses cookies or compa­rable reco­gni­tion tech­no­lo­gies (e.g. device finger­prin­ting) to reco­g­nise website visitors.

The use of Vimeo is in the inte­rest of an appe­aling presen­ta­tion of our online offers. This consti­tutes a legi­ti­mate inte­rest within the meaning of Art. 6 (1) f GDPR. Insofar as a corre­spon­ding consent has been requested, the proces­sing is carried out exclu­si­vely on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.

The data transfer to the USA is based on the stan­dard contrac­tual clauses of the EU Commis­sion and, accor­ding to Vimeo, on “legi­ti­mate busi­ness inte­rests”. Details can be found here: https://vimeo.com/privacy.

Further infor­ma­tion on the hand­ling of user data can be found in Vimeo’s privacy policy at: https://vimeo.com/privacy.

 

7. Audio and video conferencing

 

Data proces­sing

One of the tools we use to commu­ni­cate with our clients is online confe­ren­cing. The indi­vi­dual tools we use are listed below. If you commu­ni­cate with us by video or audio confe­rence via the Internet, your personal data will be coll­ected and processed by us and the provider of the respec­tive confe­rence tool.

The confe­rence tools collect all data that you provide/enter to use the tools (e-mail address and/or your tele­phone number). Further­more, the confe­rence tools process the dura­tion of the confe­rence, start and end (time) of parti­ci­pa­tion in the confe­rence, number of parti­ci­pants and other “contex­tual infor­ma­tion” related to the commu­ni­ca­tion process (meta­data).

Further­more, the provider of the tool processes all tech­nical data that is required to handle the online commu­ni­ca­tion. This includes in parti­cular IP addresses, MAC addresses, device IDs, device type, opera­ting system type and version, client version, camera type, micro­phone or loud­speaker and the type of connection.

If content is shared, uploaded or other­wise made available within the tool, it will also be stored on the servers of the tool provi­ders. Such content includes, but is not limited to, cloud recor­dings, chat/instant messages, voice­mails, uploaded photos and videos, files, white­boards and other infor­ma­tion shared while using the service.

Please note that we do not have full influence on the data proces­sing proce­dures of the tools used. Our options are largely deter­mined by the corpo­rate policy of the respec­tive provider. For further infor­ma­tion on data proces­sing by the confe­rence tools, please refer to the data protec­tion state­ments of the respec­tive tools used, which we have listed below this text.

 

Purpose and legal basis

The confe­rence tools are used to commu­ni­cate with pros­pec­tive or exis­ting contrac­tual part­ners or to offer certain services to our custo­mers (Art. 6 para. 1 lit. b GDPR). Further­more, the use of the tools serves the general simpli­fi­ca­tion and acce­le­ra­tion of commu­ni­ca­tion with us or our company (legi­ti­mate inte­rest within the meaning of Art. 6 para. 1 lit. f GDPR). Insofar as consent has been requested, the tools in ques­tion are used on the basis of this consent; consent can be revoked at any time with effect for the future.

 

Storage period

The data coll­ected directly by us via the video and confe­rence tools is deleted from our systems as soon as you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies. Stored cookies remain on your end device until you delete them. Manda­tory legal reten­tion periods remain unaffected.

We have no influence on the storage period of your data, which is stored by the opera­tors of the confe­rence tools for their own purposes. For details, please contact the opera­tors of the confe­rence tools directly.

 

Confe­rence tools used

We use the follo­wing confe­rence tools:

 

Micro­soft Teams

We use Micro­soft Teams. The provider is Micro­soft Corpo­ra­tion, One Micro­soft Way, Redmond, WA 98052-6399, USA. For details on data proces­sing, please refer to the Micro­soft Teams privacy policy: https://privacy.microsoft.com/de-de/privacystatement.

 

Proces­sing on our behalf

We have concluded a data proces­sing agree­ment (DPA) with the above-mentioned provider. This is a contract required by data protec­tion law, which ensures that the provider only processes the personal data of our website visi­tors in accordance with our instruc­tions and in compli­ance with the GDPR.

 

8. Own services

 

Proces­sing of customer data

The proces­sing of the personal master, contract and payment data provided by you is regu­larly required for the estab­lish­ment or imple­men­ta­tion of the contrac­tual rela­ti­onship. The legal basis for this proces­sing is Art. 6 para. 1 b) GDPR. We also process customer and pros­pec­tive customer data for evalua­tion and marke­ting purposes. This proces­sing is carried out on the legal basis of Art. 6 para. 1 (f) GDPR and serves our inte­rest in further deve­lo­ping our range of products and services and informing you speci­fi­cally about the offers of PYREG GmbH. Further data proces­sing may take place if you have consented (Art. 6 para. 1 lit. a) GDPR) or if this serves the fulfilment of a legal obli­ga­tion (Art. 6 para. 1 lit. c) GDPR).

We use contracted service provi­ders for indi­vi­dual proces­sing opera­tions. This includes, for example, hosting, main­ten­ance and support of IT systems, customer admi­nis­tra­tion, marke­ting measures or file and data medium destruc­tion. These service provi­ders only process data accor­ding to explicit instruc­tions and are contrac­tually obliged to ensure appro­priate tech­nical and orga­ni­sa­tional data protec­tion measures. In addi­tion, we may transmit personal data of our custo­mers to bodies such as postal and deli­very services, payment and infor­ma­tion services, house bank, tax advisor/auditor or the finan­cial administration.

 

Hand­ling of appli­cant data

We offer you the oppor­tu­nity to apply to us (e.g. by e-mail, post or via the online appli­ca­tion form). In the follo­wing, we inform you about the scope, purpose and use of your personal data coll­ected as part of the appli­ca­tion process. We assure you that the coll­ec­tion, proces­sing and use of your data will be carried out in accordance with appli­cable data protec­tion law and all other legal provi­sions and that your data will be treated in strict confidence.

 

Scope and purpose of data collection

When you send us an appli­ca­tion, we process your asso­ciated personal data (e.g. contact and commu­ni­ca­tion data, appli­ca­tion docu­ments, notes taken during inter­views, etc.) to the extent that this is neces­sary to decide whether to estab­lish an employ­ment rela­ti­onship. The legal basis for this is § 26 BDSG under German law (initia­tion of an employ­ment rela­ti­onship), Art. 6 para. 1 lit. b GDPR (general contract initia­tion) and – if you have given your consent – Art. 6 para. 1 lit. a GDPR. The consent can be revoked at any time. Your personal data will only be passed on within our company to persons who are involved in proces­sing your application.

If the appli­ca­tion is successful, the data submitted by you will be stored in our data proces­sing systems on the basis of § 26 BDSG and Art. 6 (1) lit. b GDPR for the purpose of imple­men­ting the employ­ment relationship.

 

Reten­tion period of the data

If we are unable to make you a job offer, if you reject a job offer or with­draw your appli­ca­tion, we reserve the right to retain the data you have provided on the basis of our legi­ti­mate inte­rests (Art. 6 para. 1 lit. f GDPR) for up to 6 months from the end of the appli­ca­tion process (rejec­tion or with­drawal of the appli­ca­tion). The data will then be deleted and the physical appli­ca­tion docu­ments destroyed. This storage serves in parti­cular as evidence in the event of a legal dispute. If it is evident that the data will be required after the 6-month period has expired (e.g. due to an impen­ding or pending legal dispute), the data will only be deleted when the purpose for continued storage no longer applies.

Longer storage may also take place if you have given your consent (Art. 6 para. 1 lit. a GDPR) or if legal storage obli­ga­tions prevent deletion.

 

Admis­sion to the appli­cant pool

If we do not make you a job offer, it may be possible to include you in our appli­cant pool. In the event of inclu­sion, all docu­ments and details from the appli­ca­tion will be trans­ferred to the appli­cant pool in order to contact you in the event of suitable vacancies.

Inclu­sion in the appli­cant pool is based exclu­si­vely on your express consent (Art. 6 para. 1 lit. a GDPR). The provi­sion of consent is volun­tary and is not related to the current appli­ca­tion process. The person concerned can revoke his/her consent at any time. In this case, the data will be irre­vo­cably deleted from the appli­cant pool, unless there are legal reasons for retention.

The data from the appli­cant pool will be irre­vo­cably deleted no later than two years after consent has been given.

 

9. Our social media presences

 

Data proces­sing by social networks

We main­tain publicly acces­sible profiles on social networks. The indi­vi­dual social networks we use can be found below.

Social networks such as Face­book, Twitter, etc. can usually compre­hen­si­vely analyse your user beha­viour when you visit their website or a website with inte­grated social media content (e.g. like buttons or adver­ti­sing banners). By visi­ting our social media presences, nume­rous data protec­tion-rele­vant proces­sing opera­tions are trig­gered. In detail:

If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be coll­ected under certain circum­s­tances if you are not logged in or do not have an account with the respec­tive social media portal. In this case, this data coll­ec­tion takes place, for example, via cookies that are stored on your end device or by recor­ding your IP address.

With the help of the data coll­ected in this way, the opera­tors of the social media portals can create user profiles in which your prefe­rences and inte­rests are stored. In this way, inte­rest-based adver­ti­sing can be displayed to you inside and outside the respec­tive social media presence. If you have an account with the respec­tive social network, the inte­rest-based adver­ti­sing can be displayed on all devices on which you are or were logged in.

Please also note that we cannot track all proces­sing opera­tions on the social media portals. Depen­ding on the provider, further proces­sing proce­dures may ther­e­fore be carried out by the opera­tors of the social media portals. For details, please refer to the terms of use and data protec­tion provi­sions of the respec­tive social media portals.

 

Legal basis

Our social media presences are intended to ensure the most compre­hen­sive presence possible on the internet. This is a legi­ti­mate inte­rest within the meaning of Art. 6 (1) lit. f GDPR. The analysis processes initiated by the social networks may be based on diffe­rent legal grounds, which are to be stated by the opera­tors of the social networks (e.g. consent within the meaning of Art. 6 para. 1 lit. a GDPR).

 

Data Controller and asser­tion of rights

If you visit one of our social media sites (e.g. Face­book), we are jointly respon­sible with the operator of the social media plat­form for the data proces­sing opera­tions trig­gered during this visit. In prin­ciple, you can assert your rights (infor­ma­tion, correc­tion, dele­tion, rest­ric­tion of proces­sing, data porta­bi­lity and complaint) both vis-à-vis us and vis-à-vis the operator of the respec­tive social media portal (e.g. vis-à-vis Facebook).

Please note that despite the joint respon­si­bi­lity with the social media portal opera­tors, we do not have full influence on the data proces­sing opera­tions of the social media portals. Our options are largely deter­mined by the corpo­rate policy of the respec­tive provider.

 

Storage period

The data coll­ected directly by us via the social media presence will be deleted from our systems as soon as you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies. Stored cookies remain on your end device until you delete them. Manda­tory legal provi­sions – in parti­cular reten­tion periods – remain unaffected.

We have no influence on the storage period of your data, which is stored by the opera­tors of the social networks for their own purposes. For details, please contact the opera­tors of the social networks directly (e.g. in their privacy policy, see below).

 

Social networks in detail

 

Face­book

We have a profile on Face­book. The provider of this service is Face­book Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. Accor­ding to Face­book, the data coll­ected is also trans­ferred to the USA and other third countries.

We have entered into a Joint Proces­sing Agree­ment (Controller Addendum) with Face­book. This agree­ment speci­fies which data proces­sing opera­tions we or Face­book are respon­sible for when you visit our Face­book page. You can view this agree­ment at the follo­wing link: https://www.facebook.com/legal/terms/page_controller_addendum.

You can adjust your adver­ti­sing settings inde­pendently in your user account. To do so, click on the follo­wing link and log in: https://www.facebook.com/settings?tab=ads.

Data transfer to the USA is based on the stan­dard contrac­tual clauses of the EU Commis­sion. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.

For details, please refer to Facebook’s privacy policy: https://www.facebook.com/about/privacy/.

 

Twitter

We use the short message service Twitter. The provider is Twitter Inter­na­tional Company, One Cumber­land Place, Fenian Street, Dublin 2, D02 AX07, Ireland.

You can adjust your Twitter privacy settings yourself in your user account. To do so, click on the follo­wing link and log in: https://twitter.com/personalization.

Data transfer to the USA is based on the stan­dard contrac­tual clauses of the EU Commis­sion. Details can be found here: https://gdpr.twitter.com/en/controller-to-controller-transfers.html.

For details, please refer to Twitter’s privacy policy: https://twitter.com/de/privacy.

 

LinkedIn

We have a profile on LinkedIn. The provider is LinkedIn Ireland Unli­mited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses adver­ti­sing cookies.

If you would like to deac­ti­vate LinkedIn adver­ti­sing cookies, please use the follo­wing link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Data transfer to the USA is based on the stan­dard contrac­tual clauses of the EU Commis­sion. Details can be found here: https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs.

For details on how they handle your personal data, please refer to LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy.

 

Vimeo

We have a profile on Vimeo. The provider is Vimeo, Inc., 555 West 18th Street, New York 10011, USA.

The data transfer to the USA is based on the stan­dard contrac­tual clauses of the EU Commis­sion and, accor­ding to Vimeo, on “legi­ti­mate busi­ness inte­rests”. Details can be found here: https://vimeo.com/privacy.

For details on their hand­ling of your personal data, please refer to Vimeo’s privacy policy: https://vimeo.com/privacy.