Privacy

Privacy policy

1. Name and contact details of the person responsible for the processing of personal data and of the company data protection officer

This data protection information sheet applies in relation to the processing of personal data by:

Person responsible:
DATAWIN GmbH
Etzstraße 37
84030 Ergolding
Germany
Phone: +49 871 430 599 0
Fax: +49 871 430 599 29
E-mail: info@bapimaging.com

The company data protection officer of the person responsible is:
coach4you, represented by Mr. Udo Nahrmann
Etzstraße 37
84030 Ergolding
Germany
Phone: +49 8133 9396 70
E-mail: datenschutzbeauftragter@datawin.de

2. Collection and storage of personal data (including type and purpose of use)

When visiting the website

When accessing our website https://www.bapis.de the browser in use on your terminal device automatically sends information to our website server. This information is temporarily stored in a so-called log file. The following information is recorded without any action on your part and stored until automatically deleted:

  • IP-address of the inquiring computer,
  • date and time of access,
  • name and URL of the file accessed,
  • the website through which the file is accessed (Referrer-URL),
  • the browser in use and if applicable your computer’s operating system as well as the name of your access provider,
  • message about successful retrieval (HTTP response code).

The data referred to above is processed by us for the following purposes:

  • to warrant a smooth connection set-up to our website,
  • to warrant comfortable use of our website,
  • to evaluate the security and stability of the system as well as
  • for other administrative purposes.

We process personal data in accordance with Art. 6 (1) S. 1 lit. f of the General Data Protection Regulation (DSGVO). Our justified interest is based on the purposes of our data collection listed above. In no event do we use the data collected to identify you.

In addition we advise that cookies are in use when visiting our website. Further details are available under clause 4 of this data protection statement.

3. Disclosure of data

We do not share personal data with third countries.

We do not transmit your personal data to third parties other than in the following circumstances.

We only disclose your personal data to third parties where:

  • you have expressly consented thereto in accordance with Art. 6 (1) S. 1 lit. a General Data Protection Regulation (DSGVO),
  • in accordance with Art. 6 (1) S. 1 lit. f General Data Protection Regulation (DSGVO) disclosure is necessary to assert, exercise or defend legal rights and there is no reason to believe that you have an overriding interest warranting protection against disclosure of your data,
  • there is an obligation by law to disclose the data in accordance with Art. 6 (1) S. 1 lit. c General Data Protection Regulation (DSGVO) as well as
  • disclosure is permitted by law and in accordance with Art. 6 Abs. 1 S. 1 lit. b General Data Protection Regulation (DSGVO) is necessary to execute the contract.

4. Cookies

We use cookies on our website. Cookies are small files which are automatically generated by your browser and which are stored on your terminal device (e.g. laptop, tablet, smartphone) when visiting our website. Cookies do not cause any damage to your terminal device. They do not contain viruses, trojans or any other malicious software.

Cookies store information that arises in each case in connection with the terminal device used by you when you call up our website. We do not necessarily gain direct knowledge of your identity.
The cookie stores information which is produced in conjunction with the terminal device in use. This does not mean that we can identify you as a result.

On the one hand the use of cookies helps us to make the use of our website more comfortable for you. For example we use so called session cookies, in order to ascertain whether you have previoulsy visited our website. These are automatically deleted after you have left the website.

In addition we also use temporary cookies in order to optimize the ease of use of our website, which are stored on your terminal device for a certain period of time. If you re-visit our website in order to make use of our services again, it will automatically be detected that you have already visited our site and which entries and settings you have made so that you need not re-enter the same.

The data processed by the cookies for the purposes set out aforesaid are necessary to preserve our legitimate interests and those of third parties in accordance with Art. 6 (1) S. 1 lit. f General Data Protection Regulation (DSGVO).

Most browsers accept cookies automatically. You can configurate your browser so that no cookies are automatically stored on your computer or that a notice appears before a cookie is created. In the event that cookies are fully deactivated you may not be able to use fully all functions offered by our website.

Borlabs Cookie

This website uses a Borlabs cookie, which sets a technically necessary cookie to store your cookie consents.

The Borlabs cookie does not process any personal data. The cookie stores your consents that you gave when you entered the website. If you wish to revoke these consents, simply delete the cookie in your browser. When you re-enter/reload the website, you will be asked again for your cookie consent.

The following cookies, which are set by this website, are related to Borlabs cookie:

Name of the cookieStorage period of the cookie
borlabs-cookie1 year

5. Analytical and Third Party Tools

Tracking-Tools

The following tracking measures are implemented by us in accordance with Art. 6 Abs. 1 S. 1 lit. f General Data Protection Regulation (DSGVO). Such tracking measures are implemented in order to ensure that our website is in conformity with the requirements of its users and is continually optimized. We also implement tracking measures to statisically record the use of our website and to evaluate the same for the purpose of improving our service.

The respective data processing purpose and data categories can be taken from the tools listed below.

6. Receipt of Applications

Purpose of data processing / lawful basis:

In addition to sending us your application by mail, you can also forward your application documents by email or via an application form for a quick and comfortable application. The application documents sent to us will only be used for the application process. Please note that applications sent to us by email will be transferred unencrypted and the data may possibly be noticed by unauthorised persons or may also be modified. You are welcome to also send us your documents by mail.

The purpose of processing your personal data is to deal with the application process in our company and therefore the possible establishment of a new employment relationship.

The lawful basis for the processing is Article 88 (1) of the GDPR, in connection with § 26 (1) of the new Federal Data Protection Act.

Recipient / categories of recipients:

As a basic principle, we do not disclose your data to any third parties. Within the company where you are applying for the job, your personal data is only made available to those persons, who are involved in the decision-making process.

Storage period/ criteria to determine the storage period:

In case of a successful application, your personal data will be stored for the duration of your employment. After termination of the employment relationship, your tax-relevant data will be archived for a period of up to 10 years in line with the legal retention periods under § 257 (1) point 1 and § 257 (4) of the German Commercial Code, § 147 of the German Fiscal Code. In case of an unsuccessful application, your personal data will be deleted three months after the negative message. A longer storage period despite the negative message is only possible with your consent.

7. Microsoft Teams

General:

If you participate in an online meeting as an external participant, you will receive an access link by e-mail from the meeting host. When registering for the online meeting, you must then enter your name and, if required, your e-mail address.

If you do not wish to exchange data with us via Microsoft Teams in accordance with Art. 9 GDPR, we ask you to black out this data in advance or otherwise make it unrecognizable.

Microsoft Teams is a service of Microsoft Corporation. For more information about the processing of your data when using “Teams”, please visit: https://privacy.microsoft.com/de-de/privacystatement and https://news.microsoft.com/de-de/datenschutz-und-sicherheit-in-microsoft-teams-nutzer/.

Purpose of data processing/ lawful basis:

We use the tool “Microsoft Teams” to perform online meetings, video conferences and/or webinars and, if necessary, also to exchange documents with the participants.

The legal basis for data processing regarding contact persons at external offices is 6 para. 1 lit. f) GDPR. Our interest lies in an improved organization and communication with our contact persons as well as the reduction of previously used tools. If our contact person is a direct contractual partner and a natural person, Art. 6 para. 1 lit. b) GDPR is the legal basis.

If special categories of personal data within the meaning of Art. 9 (1) GDPR are processed, e.g. within documents provided, the legal basis is Art. 9 (2) a) GDPR. You expressly give your consent for this.

Furthermore, in accordance with Art. 49 (1) a) of the GDPR, you expressly consent to the fact that, under certain circumstances, data may also be transferred to locations outside the EU/EEA where there is no adequate level of data protection within the meaning of the GDPR. You are aware of the risks associated with this, such as the lack of enforcement of data subject rights and possible access by government authorities.

You can revoke these consents at any time with effect for the future. In the event of a revocation, the documents will be deleted from Microsoft Teams.

Recipient/ categories of recipients:

Personal data that is processed in connection with the storage of documents in Microsoft Teams is generally not disclosed to third parties unless it is intended for disclosure. Please note that content from the stored documents, as well as from personal meetings, is often used to communicate information with customers, prospects or third parties and is therefore intended for disclosure. Other recipients: The provider of “Microsoft Teams” necessarily receives knowledge of the above-mentioned data, insofar as this is provided for in the context of our order processing agreement with “Microsoft Teams”.

Data processing outside the European Union

Data processing outside the European Union (EU) does not occur as a matter of principle, as we have limited our storage location to data centers in the European Union. However, we cannot exclude the routing of data via Internet servers located outside the EU or EEA. In some countries, there is a risk that authorities may access the data for security and surveillance purposes without informing you or allowing you to seek redress. We have agreed to EU standard contractual clauses with the provider of “Microsoft Teams”.

You are not required to communicate with us via Microsoft Teams. If you wish, communication may take place by other means (such as email or telephone).

Storage period/ criteria to determine the storage period:

As a matter of principle, we delete personal data when there is no need for further storage. A requirement may exist in particular if the data is still needed to fulfill contractual services, to check and grant or ward off warranty and, if applicable, guarantee claims. In the case of statutory retention obligations, deletion will only be considered after expiry of the respective retention obligation.

8. Data subject rights

You have the right:

  • in accordance with Art. 15 General Data Protection Regulation (DSGVO) to obtain confirmation as to whether or not your personal data is being processed by us. In particular you have the right to obtain information concerning the purposes of the processing, the categories of the personal data concerned, the categories of recipients to whom the personal data has been or will be disclosed, the envisaged period for which the personal data will be stored. You also have the right to request rectification or erasure of your personal data or restriction of the processing of your personal data, to lodge a complaint, to obtain information as to the source of personal data not collected fom us and to the existence of an automated decision-making process, including profiling, as well as meaningful information about the logic involved;
  • in accordance with Art. 16 General Data Protection Regulation (DSGVO) to have inaccurate or incomplete personal data concerning you rectified or completed without undue delay;
  • in accordance with Art. 17 General Data Protection Regulation (DSGVO) to obtain the erasure of your personal data which is stored by us except where the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation or for the perfomance of a task carried out in the public interest or for the establishment, exercise or defence of legal claims;
  • in accordance with Art. 18 General Data Protection Regulation (DSGVO) to obtain the restriction of the processing of your personal data where
    • the accuracy of the personal data is contested and it was within our range to examine the accuracy of the data, or
    • the processing is unlawful and you oppose the erasure of the personal data and require the restriction of using the personal data, or
    • where we no longer need the personal data but they are required by you for the establishment, exercise or defence of legal claims, or
    • you have objected to processing as long as it has not been clarified whether our or your legitimate reasons predominate.
  • in accordance with Art. 20 General Data Protection Regulation (DSGVO) to receive your personal data which you have provided to us, in a structured, commonly used and machine-readable format or to have the data transmitted to another controller;
  • in accordance with Art. 7 Abs. 3 General Data Protection Regulation (DSGVO) to withdraw your consent at any time with the result that we are no longer permitted to continue to process the data to which you previously consented and
  • to lodge a written complaint with a supervisory authority pursuant to Art. 77 DSGVO, without prejudice to any other administrative or judicial remedy, if you are of the opinion that the processing of data relating to you infringes data protection provisions. The right of complaint may in particular be asserted before a supervisory authority in the Member State of your residence, your place of work or the place of the alleged infringement.

9. Right to objection

Insofar as your personal data is processed for the purposes of legitimate interests in accordance with Art. 6 (1) S. 1 lit. f General Data Protection Regulation (DSGVO) you have the right to object to the processing of your personal data in accordance with Art. 21 General Data Protection Regulation (DSGVO) on grounds relating to your particular situation or where your data is processed for direct marketing purposes. Concerning the latter your right to object is a general right which will be implemented by us without you specifiying particular grounds. In order for the assertion of your objection to be successful there have to be reasons arising from your special situation.

If you wish to exercise your right to object an email to datenschutzbeauftragter@datawin.de will suffice.

10. Data security

During your visit to our website we encrypt file transfers using the popular Secure Socket Layer process in conjunction with the highest encryption supported by your browser. Generally, this is a 256 Bit encryption. Where your browser does not support a 256 Bit encryption, we use the 128 Bit v3 technology. You can see whether the transmission of individual pages of our website are encrypted via the closed representation of the bowl or padlock icon in the bottom status bar of your browser.

Apart from the above we use appropriate technical and organisational security measures (TOMs) in order to protect your data from random or wilful manipulation, partial or total loss, destruction or unauthorised third party access. Our security measures are continually improved in line with technical developments.

11. Current version and changes to this data protection statement

This current version of this data protection statement is as at May 2018.

The further development of our website and the services it provides or legal or regulatory requirements may necessitate changes to this data protection statement.

The respective current version of data protection statement can be accessed and printed off from our website at https://www.bapis.de/privacy/.

Scroll to Top