Privacy policy


Contact details data protection officer: Dr. Sebastian Kraska, E-Mail: email@iitr.de

General Data Processing Information

Affected data:
Personal data is only collected if you provide it to us of your own accord. This is done by requesting additional information - in these cases you will be asked to provide your name and email address via a form. No other personal data is collected. Any processing of your personal data beyond the scope of the statutory permissions will only take place on the basis of your express consent.

Processing purpose: initiation of business, invitation to events

Categories of recipients:

  • Public authorities in the case of overriding legal provisions.

  • External service providers or other contractors.

  • Other external bodies if the data subject has given his consent or a transmission is permissible for reasons of overriding interest.

Transfers to third countries: Contractors outside the European Union may also be used for the execution of contracts.

Duration of data storage: The duration of the data storage depends on the legal storage obligations and usually amounts to 10 years.

Specific information about the website

Use of own "cookies"
This website uses its own "cookies" to increase user-friendliness. "Cookies" are data records that are sent from the web server to the user's browser and stored there for later retrieval. No personal data is stored in our own "cookies". You can generally prevent the use of "cookies" if you prohibit the storage of "cookies" in your browser.

Use of own "Google Analytics"​
This website uses Google Analytics, a web analysis service of Google Inc. "("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. However, if IP anonymisation is activated on this website, Google will reduce your IP address within Member States of the European Union or in other countries party to the Agreement on the European Economic Area beforehand. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website and Internet use. The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in http://tools.google.com/dlpage/gaoptout?hl=en, which is available under the link. In view of the discussion about the use of analysis tools with complete IP addresses, we would like to point out that this website uses Google Analytics with the extension "_anonymizeIp()" and therefore IP addresses are only processed further in abbreviated form in order to exclude direct personal reference. Especially for browsers on mobile devices, please click this link to prevent the anonymous collection by Google Analytics on this website for your browser by means of a so-called "Opt-Out-Cookie" in the future. 

Facebook
This website links to the social media profile of Controllit AG on Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA (hereinafter "Facebook"). You can recognize this by a green "f" on a white, round background in the upper part of the website. When you access this page, data about your visitor behavior is automatically transmitted to Facebook's servers. The website operator has no influence on the type and scope of data collected and transmitted to Facebook. If you are logged in to Facebook, Facebook can assign your visit to your Facebook account. For more information about privacy on Facebook, please visit http://www.facebook.com/policy.php.

LinkedIn
This website links to the social media profile of Controllit AG on LinkedIn. LinkedIn, 2029 Stierlin Courtm, Mountain View, CA 94043 USA, can be recognized by the "in" sign on a white background. If you activate our "in" button, a connection is established with the LinkedIn server and the LinkedIn plug-in is loaded on the respective website. The content of the "in" button is transmitted by LinkedIn directly to your browser and integrated into the website. It is possible that your IP address will be transmitted to LinkedIn in the USA in this way. The purpose and scope of the data collection and the further processing and use of the data by LinkedIn as well as your rights and setting options for the protection of your privacy, please refer to LinkedIn's data protection information (http://www.linkedin.com/legal/privacy-policy) for the "in" button. If you are a LinkedIn member and do not want LinkedIn to collect data about you when the "in" button on our website is activated and link to your membership data stored on LinkedIn, you must log out of LinkedIn before visiting our website.

XING
This website links to the social media profile of Controllit AG on XING. XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany, can be recognized by the stylized green sign "x" on a white background. When you activate our "XING" button, a connection is established with the XING server and the XING share button functions (in particular the calculation/display of the counter value) are loaded on the respective Internet page. XING does not store any personal data about you when you access this Internet page. In particular, XING does not store any IP addresses. There is also no evaluation of your usage behaviour via the use of cookies in connection with the "XING Share Button". The latest data protection information on the "XING Share Button" and additional information can be downloaded from this website: https://www.xing.com/app/share?op=data_protection.

Pipedrive
This website uses Pipedrive webforms and Pipedrive chatbot - a chat tool for direct communication with visitors to our website. When visitors to our website use this function, a connection is established with the Pipedrive server and the conversation with one of our employees is recorded there. The current data protection information on the "Pipedrive service" and supplementary information can be found on this website: https://www.pipedrive.com/en/privacy

Information on other data processing methods

Specific information on the processing of customer data / interested party data
Affected data: Data provided for the initiation of the contract; if necessary, additional data for processing on the basis of your express consent.

Processing purpose: Contract execution (offers, invitations to tender, invoicing, quality assurance, organizational information, invitations to BCM regulars' tables, customer events, if applicable)

Categories of recipients:

  • Public authorities in the event of overriding legal provisions

  • External service providers or other contractors, e.g. for data processing (CRM system of Pipedrive Inc., project time recording tool of provantis IT Solutions GmbH) and website hosting (PAZION IT) and for dispatch (Deutsche Post, DHL, Kurier AG).

  • Other external bodies where the data subject has given his or her consent or where transmission is permissible for reasons of overriding interest, for the electronic transmission of information, for quality assurance purposes.

Transfers to third countries: CRM system: Pipedrive Inc, 460 Park Ave South, New York, NY 10016, USA. The latest data protection information on "Pipedrive" and additional information can be found on this website: https://www.pipedrive.com/en/privacy.

Duration of data storage: The duration of the data storage depends on the legal storage obligations and is usually 10 years.


Specific information on the processing of employee data

Affected data: Data provided for the execution of the contract; if necessary, additional data for processing on the basis of your express consent.

Processing purpose: Implementation of the contract within the framework of the employment relationship.

Categories of recipients:

  • Public authorities in the case of overriding legal regulations, e.g. tax office, social insurance agencies, employers' liability insurance association.

  • External service providers or other contractors, e.g. for data processing and hosting, invoicing, travel expenses, insurance services, vehicle use.

  • Other external bodies if the data subject has given his consent or a transmission is permissible for reasons of overriding interest, e.g. for order acquisition, insurance benefits.

Transfers to third countries: Contractors outside the European Union, including email providers, may also be used to implement the contract.

Duration of data storage: As long as the employment relationship exists. The duration of the data storage depends on the legal storage obligations and usually amounts to 10 years after termination of the employment relationship.


Specific information on the processing of supplier data
Affected data: Data provided for the execution of the contract; if necessary, additional data for processing on the basis of your express consent.

Processing purpose: Execution of contracts, including inquiries, purchasing, quality assurance

Categories of recipients:

  • Public authorities in the case of overriding legal regulations, including the tax office and customs.

  • External service providers or other contractors, e.g. for data processing and hosting, accounting, payment processing.

  • Other external bodies if the data subject has given his consent or a transmission is permissible for reasons of overriding interest.

Transfers to third countries: Contractors outside the European Union may also be used for the implementation of the contract, including email providers.

Duration of data storage: The duration of the data storage depends on the legal storage obligations and is usually 10 years.


Specific information on the application procedure
Affected data: application details

Processing purpose: Carrying out the application procedure

Categories of recipients:

  • Public authorities in the case of overriding legal provisions.

  • ​External service providers or other contractors, e.g. for data processing and hosting.

  • Other external bodies if the data subject has given his consent or a transmission is permissible for reasons of overriding interest, including customers and interested parties within the framework of order acquisition.

Third country transfers: Contractors outside the European Union, including email providers, may also be used for contract implementation.

Duration of data storage: Application data will normally be deleted within four months after notification of the decision, unless consent has been given for a longer period of data storage in the context of inclusion in the applicant pool.

Further information and contacts: Your trust is important to us. Therefore, we are always available to answer your questions regarding the processing of your personal data. If you have questions which this data protection declaration could not answer or if you would like more detailed information on any point, please contact our service team at any time. Furthermore, you can assert your claims for information, correction or deletion or for restriction of the processing or the exercise of your right of objection against the processing as well as the right to data transferability at any time. On this page at the top you will find the possibility to contact us by e-mail or letter. They also have the right to contact the data protection supervisory authority in the event of complaints.

Contact