Privacy Policy

Privacy policy

We are pleased that you are visiting our website. The protection and security of your personal information when using our website is very important to us. We would therefore like to inform you at this point which of your personal data we collect when you visit our website and for what purposes it is used. Personal data is individual information about personal or factual circumstances of a specific or identifiable natural person (data subject), e.g. name, address, e-mail addresses, user behaviour. This is data with which we can identify you. In addition, you will also find information on data processing processes outside of this website (e.g. video conferences or newsletters).

Person responsible for data processing

Responsible

for the processing of personal data within the meaning of the EU General Data Protection Regulation (GDPR)

Markus Temming GmbH
An der Manufaktur 1
33334 Gütersloh
DE
+49 (0) 5241 74343 0
info@markus-t.com


 

Data Protection Officer

exkulpa gmbh
Waldfeuchter Str. 266
52525 Heinsberg
Phone: 02452 / 99 33 11
E-mail: datenschutz@markus-t.com

General

This privacy statement complies with the legal requirements for transparency in the processing of personal data. This is any information relating to an identified or identifiable natural person. This includes, for example, information such as your name, age, address, telephone number, date of birth, email address, IP address or user behaviour when visiting a website. Information for which we cannot (or can only with disproportionate effort) establish a link to your person, e.g. through anonymisation, is not personal data. The processing of personal data (e.g. collection, retrieval, use, storage or transmission) always requires a legal basis and a defined purpose.

Stored personal data are deleted as soon as the purpose of the processing has been achieved and there are no legitimate grounds for further retention of the data. We will inform you in the individual processing operations about the specific storage periods or criteria for storage. Irrespective of this, we store your personal data in individual cases for the assertion, exercise or defence of legal claims and if there are statutory retention obligations.

Information according to Art. 13 GDPR

This information is intended for customers, interested parties, suppliers and employees. Your personal data will be processed by us for the following purposes:
 

Categories of recipients of personal data

 Within our company, only those employees have access to the data who absolutely need it to perform their tasks (need-to-know principle). Individual processes and services are carried out by carefully selected service providers who are based within the EEA and who comply with data protection regulations. If service providers commissioned by us receive access to personal data when performing your services, order processing agreements have been concluded with them in accordance with Art. 28 (3) GDPR.

Duration of data storage

 The data processed by us is stored for the duration of the existence and processing of the contractual relationship and in compliance with statutory retention periods. These are, in particular, retention obligations under commercial and tax law in accordance with the German Commercial Code (HGB) and the German Fiscal Code (AO). The regular retention and documentation periods are up to ten years. If there is no contractual relationship, we only process the data for as long as the specific purpose requires.

Your data subject rights

 As a data subject, you have the following rights with regard to the personal data
concerning you:
 

Of course, you can also object to the processing of your personal data for advertising purposes at any time. To do so, send your objection to our address given in the imprint or write us an e-mail to the address given in the imprint.

If you have any questions regarding data protection, please contact us by e-mail at the address given in the imprint.

Cookies

Cookies are small text files that are sent by us to the browser of your end device when you visit our website and are stored there. As an alternative to the use of cookies, information can also be stored in the local storage of your browser. Some functions of our website cannot be offered without the use of cookies or local storage (technically necessary cookies). Other cookies, however, enable us to carry out various analyses, so that we are able, for example, to recognise the browser you are using when you visit our website again and to transmit various information to us (non-essential cookies). With the help of cookies, we can, among other things, make our website more user-friendly and effective for you, for example by tracking your use of our website and determining your preferred settings (e.g. country and language settings). If third parties process information via cookies, they collect the information directly via your browser. Cookies do not cause any damage to your end device. They cannot execute programs or contain viruses.

We provide information about the respective services for which we use cookies in the individual processing operations. Detailed information on the cookies used can be found in the cookie settings or in the Consent Manager of this website.

Consent with OneTrust

Our website uses OneTrust's consent technology to obtain your consent to the storage of certain cookies on your terminal device or to the use of certain technologies and to document this in accordance with data protection law. The provider of this technology is iubenda s.r.l., Via San Raffaele, 1 - 20121 Milan, Italy (hereinafter "OneTrust"). You can find more information about OneTrust at https://www.onetrust.com/privacy/.

OneTrust is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 lit. c GDPR.

Your rights

Under the conditions of the statutory provisions of the General Data Protection Regulation (GDPR), you have the following rights as a data subject:

Data processing in detail

In the following, we inform you about the individual processing operations, the scope and purpose of the data processing, the legal basis, the obligation to provide your data and the respective storage period. An automated decision in individual cases, including profiling, does not take place.

Provision of the website

When you call up and use our website, we collect the personal data that your browser automatically transmits to our server. The following information is temporarily stored in a so-called log file:

 

Our website is not hosted by ourselves, but by a service provider who processes the aforementioned data on our behalf in accordance with Art. 28 GDPR for the purpose of providing the website.

The hoster is used for the purpose of contract fulfilment vis-à-vis our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f GDPR).

We use the following hoster:

domainfactory GmbH
Oskar-Messter-Str. 33
85737 Ismaning

Contact form

Nature and scope of the processing

When you send us enquiries (e.g. via contact form, e-mail or telephone), we store all data resulting from this (e.g. name, e-mail address, subject of the enquiry, etc.). We need this data to process your enquiry and to be able to answer follow-up questions. We do not pass on this data without your consent.
 

Purpose and legal basis

The processing of this data is based on Art. 6 (1) lit. b GDPR if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. Otherwise, the processing is based on our legitimate interest in the effective processing of the requests addressed to us (Art. 6 (1) (f) GDPR) or on your consent (Art. 6 (1) (a) GDPR) if you have given it beforehand.
 

Storage period

The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. after we have completed processing your enquiry). Mandatory legal provisions - in particular retention periods - remain unaffected.

Contact form for applicants

Nature and scope of the processing

You have the opportunity to apply to us on our website (e.g. by e-mail, post or via the online application form).
 

Purpose and legal basis

We process the personal data of applicants in accordance with the legal requirements for the purpose of processing the application procedure and carrying out pre-contractual measures within the meaning of Art. 6 para. 1 lit. b. GDPR and § 26 BDSG according to German law (initiation of an employment relationship) and - if you have given your consent - Art. 6 para. 1 lit. a GDPR. The consent can be revoked at any time. Your personal data will only be passed on within our company to persons who are involved in processing your application.

If the application is successful, the data submitted by you will be stored in our data processing systems on the basis of Section 26 BDSG and Art. 6 (1) lit. b GDPR for the purpose of implementing the employment relationship.
 

Storage period

Your data will be stored for a period of 6 months beyond the end of the application process. This is usually done to fulfil legal obligations or to defend against any claims arising from legal regulations. We are then obliged to delete or anonymise your data. In this case, the data is only available to us as so-called metadata without direct personal reference for statistical evaluations (for example, proportion of women or men in applications, number of applications per period, etc.).

If it is evident that the data will be required after the 6-month period has expired (e.g. due to an impending or pending legal dispute), the data will only be deleted when the purpose for continued storage no longer applies.

Admission to the applicant pool

As part of the application process, we offer applicants the opportunity to be included in our "talent pool" for a period of 12 months on the basis of consent within the meaning of Art. 6 Para. 1 lit. a. GDPR to be included.

The application documents in the talent pool will be processed solely in the context of future job advertisements and the employee search and will be destroyed at the latest after the deadline. Applicants are informed that their consent to be included in the talent pool is voluntary, has no influence on the current application process and that they can revoke this consent at any time for the future.

If you receive an offer of employment with us as part of the application process and accept it, we store the personal data collected as part of the application process for at least the duration of the employment relationship.

Newsletter

We offer you our newsletter on this website. If you would like to subscribe to it, we need your e-mail address and other data proving that it is your e-mail address and that you agree to receive the newsletter. No other personal data is collected unless you provide it voluntarily (e.g. name, telephone number, place of residence, etc.).

When processing the data you provide when registering for the newsletter, we rely exclusively on your consent pursuant to Art. 6 (1) lit. a GDPR as the legal basis. You can revoke your consent to the processing and storage of your personal data at any time (e.g. via the "unsubscribe" link in the newsletter) for the future.

We store your personal data that you have provided for the purpose of receiving the newsletter until you unsubscribe from the newsletter with us or the dispatch service provider. This does not apply to data that we have stored from you for other purposes.

If you unsubscribe from the newsletter mailing list, your email address will be stored in a blacklist by us or the mailing service provider for an indefinite period of time. This is done to prevent future mailings to you. The data from the blacklist will only be used for this purpose and will not be merged with other data. This is not only in your interest, but also in our legitimate interest according to Art. 6 para. 1 lit. f GDPR to fulfil our legal obligations when sending newsletters. You can object to the storage if your personal interests outweigh our legitimate interest.

Mailchimp

We use MailChimp services on this website for sending newsletters, which are offered by Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.

We use MailChimp to send our newsletters and analyse newsletter campaigns. We can determine whether recipients open a newsletter email and whether they click on certain links in the email. For this purpose, an email sent with MailChimp contains a file (a so-called web beacon), which establishes a connection with MailChimp's servers in the USA after the email is opened. The data you have provided for the purpose of receiving the newsletter (e.g. your email address) is therefore also stored on MailChimp's servers in the USA. Furthermore, MailChimp collects technical data (e.g. time of retrieval, IP address and operating system), which, however, cannot be assigned to a specific newsletter recipient and is used exclusively for statistical evaluation or campaign analysis. We can use this analysis to optimise future newsletter mails for you. If you do not want your data to be analysed by MailChimp, you can unsubscribe from our newsletter at any time (via the "unsubscribe" link in the newsletter).

The transfer of your personal data to the USA is based on the standard contractual clauses of the EU Commission. You can find more information on this at https://mailchimp.com/eu-us-data-transfer-statement/ and https://mailchimp.com/legal/data-processing-addendum/#Annex_C_-_Standard_Contractual_Clauses.

When processing the data you provide when registering for the newsletter, we rely exclusively on your consent pursuant to Art. 6 (1) lit. a GDPR as the legal basis. You can revoke your consent to the processing and storage of your personal data at any time (e.g. via the "unsubscribe" link in the newsletter) for the future.

We store your personal data that you have provided for the purpose of receiving the newsletter until you unsubscribe from the newsletter with us or the dispatch service provider. This does not apply to data that we have stored from you for other purposes.

If you unsubscribe from the newsletter mailing list, your email address will be stored in a blacklist by us or the mailing service provider for an indefinite period of time. This is done to prevent future mailings to you. The data from the blacklist will only be used for this purpose and will not be merged with other data. This is not only in your interest, but also in our legitimate interest according to Art. 6 para. 1 lit. f GDPR to fulfil our legal obligations when sending newsletters. You can object to the storage if your personal interests outweigh our legitimate interest.

You can find more information in MailChimp's privacy policy at https://mailchimp.com/legal/terms/.

Job processing

To ensure that personal data is processed according to our specifications and in compliance with the GDPR, we have concluded a contract on commissioned processing (GCP) with the provider.

Presence on social media platforms

Data processing by social networks

We operate publicly accessible profiles on social networks. You can find the social networks we use in detail below.

Social networks such as Facebook, Twitter etc. can generally analyse your user behaviour extensively. By visiting our social media presences, the following data protection-relevant processing operations are triggered:

If you are logged into your social media account and visit our profile, the operator of this social medium can track this visit. Independently of this, the operator may also process your data (e.g. IP address) under certain circumstances if you are not logged into your account or you do not have an account at all.

The operator summarises this data in user profiles in which your preferences and interests are stored. These profiles are used to display personalised advertising inside and outside the respective social media presence. If you have an account with the respective social network, the personalised advertising can be displayed on all devices on which you are or were logged in.

Depending on the platform, further processing operations may be carried out by the operators of the social media portals; we have no influence on this. For details, please refer to the terms of use and data protection provisions of the respective social media portals.

Legal basis

Our social media presences are intended to ensure the most comprehensive possible presence on the Internet within the meaning of Art. 6 (1) lit. f GDPR. The analysis processes carried out by the operators of the social networks may be based on different legal bases, which are to be specified by the respective providers.

Responsible person and assertion of rights

If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. In principle, you can assert your rights (information, correction, deletion, restriction of processing, data portability and complaint) both against us and against the operator of the respective social media portal (e.g. Facebook).

Despite the joint responsibility with the social media portal operators, we have no full influence on the data processing procedures of the portals. Our options are largely determined by the corporate policy of the respective provider.

Storage period

The data collected directly by us via the social media presence will be deleted from our systems as soon as you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies. Mandatory legal provisions - in particular retention periods - remain unaffected.

We have no influence on the storage period of the data collected by the social networks. For details, please contact the operators of the social networks directly (e.g. in their privacy policy, see below).

Facebook page

We have a profile on Facebook. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The data collected is also transferred to the USA and other third countries.

We have entered into a Joint Processing Agreement (Controller Addendum) with Facebook which sets out which data processing operations we and Facebook are responsible for. You can view this agreement at the following link: https://www.facebook.com/legal/terms/page_controller_addendum.

You can adjust your advertising settings independently in your user account. To do so, click on the following link and log in: https://www.facebook.com/settings?tab=ads.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.

You can find more information on data processing by Facebook at https://www.facebook.com/about/privacy/.

Instagram page

We have a profile on Instagram. The provider is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://help.instagram.com/519522125107875 and https://de-de.facebook.com/help/566994660333381.

For details on how they handle your personal data, please refer to Instagram's privacy policy: https://help.instagram.com/519522125107875.

LinkedIn page

We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.

If you would like to deactivate LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs.

For details on how they handle your personal data, please refer to LinkedIn's privacy policy: https://www.linkedin.com/legal/privacy-policy.

YouTube

We have a profile on YouTube. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Details on how they handle your personal data can be found in YouTube's privacy policy: https://policies.google.com/privacy?hl=de.

Pinterest

We have a profile on Pinterest. The operator is Pinterest Europe Ltd, Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland. For details on how they handle your personal data, please refer to Pinterest's privacy policy: https://policy.pinterest.com/de/privacy-policy.

Video conferencing

Data processing

We use online conferencing tools to communicate with our clients. The tools we use in detail are listed below. When you communicate with us via video or audio conferencing, your personal data will be collected and processed by us and the provider of the relevant tool.

The tools collect the data you provide, including your email address and phone number. They also process the duration of the conference, when you attended the conference, number of participants and other metadata.

In addition, the provider of the tool processes all technical data that are necessary for handling the conference. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speakers, and the type of connection.

When you share content in this service, it is stored on the providers' servers. This includes cloud recordings, chat messages, voice messages and photos and videos you have shared while using this service.

Please note that we do not have full influence on the data processing procedures of the tools used. For further information on data processing by the conference tools, please refer to the data protection declarations of the respective tools used.

Purpose and legal basis

The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6 para. 1 lit. b GDPR). Furthermore, the use of the tools serves the general simplification and acceleration of communication with us or our company (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). If you have previously given your consent to data processing, your data will be processed solely on the basis of Art. 6 para. 1 lit. a GDPR; your consent can be revoked at any time.

Storage period

The data collected directly by us via the video and conference tools is deleted from our systems as soon as you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies. Stored cookies remain on your terminal device until you delete them. Mandatory legal retention periods remain unaffected.

We have no influence on the storage period of your data, which is stored by the operators of the conference tools for their own purposes. For details, please contact the operators of the conference tools directly.

Warranty extension

If you use our warranty extension form, we will store all data resulting from this. We need this data to process your request and to be able to answer follow-up questions.

The processing of this data is based on Art. 6 (1) lit. b GDPR if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. Otherwise, the processing is based on our legitimate interest in the effective processing of the requests addressed to us (Art. 6 (1) (f) GDPR) or on your consent (Art. 6 (1) (a) GDPR) if you have given it beforehand.

The data you enter in the form will remain with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. after processing your enquiry has been completed). Mandatory legal provisions - in particular retention periods - remain unaffected.

We use Sendinblue, offered by Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, to process the requests. You can consent to receiving our newsletter when using the guarantee form. The legal basis for this is Art. 6 para. 1 lit. a GDPR. Sendinblue offers the possibility to view the performance of our newsletter. We can determine whether a newsletter has been opened, which links have been clicked on and which further actions have been carried out after opening/clicking on the newsletter, e.g. a purchase. This allows us to analyse and evaluate our newsletter campaigns with the help of Sendinblue.

In addition, Sendinblue offers the possibility to better adapt the newsletter to our target groups, in which the newsletter recipients can be subdivided according to different categories, such as age, gender or place of residence. If you are against analysis by Sendinblue, you can unsubscribe from the newsletter by clicking on a link. This link is available in every newsletter you receive.

For more information on Sendinblue, click here:
https://de.sendinblue.com/newsletter-software/.

Job processing

To ensure that personal data is processed according to our specifications and in compliance with the GDPR, we have concluded a contract on commissioned processing (GCP) with the provider.

Google Analytics

Nature and scope of the processing

We use Google Analytics services and functions on this website, which are offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

With the help of Google Analytics, we as website operators can determine how our website is used. As part of the analysis, we find out how often our website is accessed, how long visitors stay on the page and which devices or systems they use to access the website. In addition, we may use Google Analytics to track your mouse movements and clicks. This information may be stored and used by Google to build a profile about you. In doing so, Google Analytics uses machine learning technologies to analyse and supplement your data. Furthermore, Google Analytics uses technologies to recognise website visitors in order to analyse user behaviour. The processing of the collected data usually takes place on Google servers in the USA.
 

Purpose and legal basis

When using Google Analytics, we rely on Art. 6 (1) lit. f GDPR as the legal basis for the storage and analysis of personal data, as we have a legitimate interest in analysing the use of our website. This enables us to optimise our online presence and offers for you. If you have previously given your consent to the processing of data on this website by Google Analytics, the processing of your data takes place solely on the legal basis of Art. 6 (1) lit. a GDPR. You can revoke your consent at any time.

The transfer of your personal data to the USA is based on the standard contractual clauses of the EU Commission. You can find more information on this at https://privacy.google.com/businesses/controllerterms/mccs/.

 

IP anonymisation

When using Google Analytics on this website, we use a function whereby Google shortens your IP address before it is transmitted to Google servers in the USA. This only happens if you are in the European Union or in a country of the European Economic Area. Your full IP address will only be transmitted to the USA in exceptional cases and then shortened there. Google Analytics uses this information to track how you use our website. Your IP address will not be merged with any other data held by Google.

 

Browser plugin

You can prevent Google from collecting and processing data about you. To do this, you must download the browser plugin at https://tools.google.com/dlpage/gaoptout?hl=de and install it in your browser.

You can find more information on the processing of user data in the Google Analytics privacy policy at https://support.google.com/analytics/answer/6004245?hl=de.

 

Job processing

When using Google Analytics, we comply with the strict regulations of the German data protection authorities, as we have concluded an order processing contract with Google.

 

Storage period

Google stores data linked to cookies, user IDs or advertising IDs. This data is stored for two months and then anonymised or deleted. You can find more information about the storage period or the deletion of your data at https://support.google.com/analytics/answer/7667196?hl=de.

Google Tag Manager

Nature and scope of the processing

We use services and functions from Google Tag Manager on this website, which are offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a tool that allows us to use other tools on our website. It does not create user profiles, it does not store cookies and it does not perform independent analysis. However, it does collect your IP address and may transmit it to the US. The Google Tag Manager itself is only used to manage these tools that are integrated through it.

Purpose and legal basis

When using the Google Tag Manager on this website, we rely on Art. 6 (1) lit. f GDPR as the legal basis, as we have a legitimate interest in implementing and directing tracking tools on this website easily and quickly. If you have previously given your consent to data processing on this website by Google Tag Manager, the processing of your data will take place solely on the legal basis of Art. 6 (1) lit. a GDPR. You can revoke your consent at any time.

jQuery CDN

Nature and scope of the processing

We use jQuery CDN to properly deliver the content on our website. jQuery CDN is a service provided by jQuery, which acts as a content delivery network (CDN) on our website.

A CDN helps to provide content of our online offer, in particular files such as graphics or scripts, more quickly with the help of regionally or internationally distributed servers. When you access this content, you establish a connection to servers of jQuery, whereby your IP address and possibly browser data such as your user agent are transmitted. This data is processed exclusively for the above-mentioned purposes and to maintain the security and functionality of jQuery CDN.

 

Purpose and legal basis

The use of the Content Delivery Network is based on our legitimate interests, i.e. interest in a secure and efficient provision and optimisation of our online offer pursuant to Art. 6 para. 1 lit. f. GDPR.

 

Storage period

The concrete storage period of the processed data cannot be influenced by us, but is determined by jQuery. Further information can be found in the privacy policy for jQuery CDN: https://www.stackpath.com/legal/privacy-statement/.