The controller in the sense of the GDPR and other national data protection laws of the member states as well as other data protection regulations is:
Aimend U G
Danziger straße 92
Phone: +49 (0) 30 823 40 15
You may contact Aimend's Data Protection Officer by clicking here or by email at firstname.lastname@example.org.
The use of published contact details for marketing purposes is prohibited; offenders sending unwanted spam messages are expressly disclaimed. We expressly reserve the right to take legal action in the event of unsolicited advertising information, such as spam e-mails.
1. General Notes
Legal basis for the processing of personal data
Processing of Personal Data
We only process personal data of our visitors and users if this is necessary to provide a functional website as well as our contents and services. The processing of personal data of our users takes place only after user’s consent. An exception applies in those cases where prior consent cannot be obtained for factual reasons and the processing of the data is permitted by law.
Information we may collect from you
When you use the Site or contact us by e-mail, social media, SMS, telephone, or other methods, we may collect and process the following data about you:
Information you give us, including:
- Forms filled out by you on the Site;
- Content of correspondence with us by phone, e-mail or otherwise;
- Site registration;
- Subscriptions or orders placed on the Site;
- Participation in discussion boards or other social media functions on the Site;
- Entering a competition, promotion or survey;
- If applicable, resume, work history, CV, resume or other job application information;
- Reporting a problem or requesting support for the Site.
The personal data of the person concerned will be erased or blocked as soon as the purpose of storage ceases to apply. Furthermore, data may be stored if EU regulations, laws or other provisions by the European or national legislator to which the person responsible is subject are applicable. The data will also be erased or blocked if a storage period prescribed by the aforementioned laws expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.
Security of processing
We take appropriate technical and organisational measures to ensure a level of security appropriate to the risk, in accordance with article 32 GDPR, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons. The measures include in particular safeguarding the confidentiality, integrity and availability of data by controlling physical access to the data, as well as the access, input, transmission, security of availability and its separation Furthermore, we consider the protection of personal data during the development or selection of hardware, software and procedures, in accordance with the principle of data protection by technology design and by default (article 25 GDPR).
The security measures include in particular the encrypted transmission of data between your browser and the server. For security reasons and to protect the transmission of confidential content, such as requests you send to us, our website uses SSL encryption. You can recognize an encrypted connection by the fact that the browsers address line changes from "http://" to "https://" and by the lock symbol in your browser line. If SSL encryption is activated, the data you transmit to us cannot be read by third parties.
Transfers to third countries
We only process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or in the context of the use of third-party services or disclosure or transfer of data to third parties on the basis of the fulfilment of our (pre)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or leave the data in a third country only if the special requirements of article 44 et seqq. GDPR are applicable. This means, for example, processing is carried out on the basis of special guarantees, such as the officially recognised determination of a data protection level corresponding to the EU (e.g. for the USA by the "Privacy Shield") or compliance with officially recognised special contractual obligations (so-called "standard contractual clauses").
Cooperation with processors and third parties
If we disclose data to other persons and companies (processors or third parties) within the scope of our processing, transmit them or otherwise grant them access to the data, this shall only take place on the basis of a legal permission, if you have consented, if there is a legal obligation or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.). If we commission third parties with the processing of data on the basis of a so-called "order processing contract" we do this on the basis of article 28 GDPR.
Rights of the Data Subject
You have the right to request confirmation as to whether the personal data (hereinafter also referred to as “data”) are being processed and to access information about these data as well as further information and a copy of the data in accordance with article 15 GDPR. In accordance with article 16 GDPR, you have the right to request the completion of data concerning you or the rectification of inaccurate personal data concerning you. In accordance with article 17 GDPR, you have the right to demand that the relevant data be erased immediately or, alternatively, to obtain a restriction of processing the data in accordance with article 18 GDPR. You have the right to receive the data you have provided to us in accordance with article 20 GDPR and to request its transmission to another controller. In accordance with article 77 GDPR, you also have the right to lodge a complaint with a supervisory authority.
Right of withdrawal
You have the right to revoke consents granted pursuant to article 7 para. 3 GDPR with effect for the future.
Right of objection
You can object to the future processing of the data concerning you in accordance with article 21 GDPR at any time. The objection may be lodged in particular against processing for direct marketing purposes.
Erasure of personal data
In accordance with statutory requirements, the records are kept in particular for 6 years in accordance with § 257 (1) HGB (German Commercial Code) (trading books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting documents, etc.) and for 10 years in accordance with § 147 (1) AO (German Fiscal Code) (books, records, management reports, accounting documents, commercial and business letters, documents relevant for taxation, etc.).
Links to third party sites
Our Site, our newsletters and other communications may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies.
2. Data collection on our website
Server Log Files
Every time you visit our website, our system automatically collects data and information in so-called server log files, which your browser automatically transmits to us. The following data is collected:
a) Information about the browser type and version used
b) The user's operating system
c) The IP address of the user
d) The date and time of access
e) Websites from which the user's system reaches our website
These data are not combined with other data sources.
The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user's computer. For this the IP address of the user must remain stored for the duration of the session.
The data is stored in log files to ensure the functionality of the website. In addition, the data is used to optimize the website and to ensure the security of our information technology systems. Our purpose and our legitimate interest in data processing are based on article 6 para. 1 lit. f GDPR. An evaluation of the data for marketing purposes does not take place in this context.
The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. For data collected for providing the website, this is the case when the respective session has ended. If the data is stored in log files, this is the case after seven days at the latest. Further storage is possible. In this case, the IP addresses of the users are deleted or alienated, so that an assignment to a particular client is no longer possible.
The collection of data for providing the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, there is no right to object with regard to the user.
The websites partly use so-called cookies. Cookies serve to make our website more user-friendly, effective and secure. Some elements of our website require that the browser can be identified even after a page change. Cookies are small text files that are stored on your computer and saved by your browser. These cookies contain a characteristic character string that enables a unique identification of the browser when the website is called up again.
Most of the cookies we use are so-called "session cookies". They are automatically deleted at the end of your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser the next time you visit our website.
You can configure your browser in such a way that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or generally and activate the automatic deletion of cookies when closing the browser. Cookies that have already been saved can be deleted at any time. When cookies are deactivated, the functionality of this website may be limited.
The following data is stored and transmitted in the cookies:
a) Log-in information
b) Layout Cookies
c) Search terms (Blog)
The user data collected by technically necessary cookies are not used to create user profiles.
The legal basis for the processing of personal data using technically necessary cookies is artice 6 para. 1 lit. f GDPR. For these purposes, our legitimate interest also lies in the processing of personal data in accordance with article 6 para. 1 lit. f GDPR.
a) Language settings
b) Search terms entered
c) Frequency of page views
d) Use of website functions
Those user data collected is pseudonymised by technical precautions. Therefore, it is no longer possible to assign the data to a specific user. The data will not be stored together with other personal data of the users.
Analysis cookies are used to improve the quality of our website and its content. Through the analysis cookies we learn how the website is used and can thus continuously optimize our offer.
The legal basis for the processing of personal data using cookies for analytical purposes is article 6 para. 1 lit. a GDPR.
3. Website Analysis Services
On the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our website within the meaning of artice 6 para. 1 lit. f. GDPR) Google Analytics, a web analysis service of Google LLC ("Google"). The provider is Google Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.
We have concluded a commissioned data processing contract with Google and fully implement the strict requirements of the German data protection authorities for the use of Google Analytics.
Google will use this information on our behalf to analyse the use of our website by users, to compile reports on the activities within this website and to provide us with further services connected with the use of this website and the internet. Pseudonymous user profiles can be created from the processed data.
We use Google Analytics only with IP anonymization enabled. This means that Google will shorten the IP address of users within member states of the European Union or in other signatory states to the Agreement on the European Economic Area. Only in exceptional cases the full IP address is transmitted to a Google server in the USA and shortened there.
The IP address transmitted by the user's browser will not be merged with other Google data. Users can prevent the storage of cookies by setting their browser software accordingly; users can also prevent Google from collecting the data generated by the cookie and relating to their use of the website and the processing of this data by Google by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
Further information on data use by Google, possible settings and objections can be found on Google's websites: https://www.google.com/intl/de/policies/privacy/partners ("Data use by Google when using our partners' websites or apps"), https://policies.google.com/technologies/ads (Data use for advertising purposes), https://adssettings.google.com/authenticated (Manage information that Google uses to show you advertising).
4. Online presence in social media
Within our website and based on our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer within the meaning of article 6 para. 1 lit. f. GDPR) we use content or services from third parties in order to integrate their content and services, e.g. videos (hereinafter collectively referred to as "content") into our website. This always requires that the third party providers of this content obtain the IP address of the users, as they otherwise would not be able to send the content to the users' browsers. The IP address is therefore required for displaying the content. We do our best to use only those contents whose respective providers use the IP address only for the delivery of the contents. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. "Pixel tags" can be used to evaluate information such as visitor traffic on the pages of the particular website. The pseudonymous information may also be stored in cookies on the user's device and may include technical information about the browser and operating system, referring websites, visiting time and other information about the use of our website, and may also be linked to such information from other sources.
Our website includes plugins from the social network Facebook, provider Facebook Inc, 1 Hacker Way, Menlo Park, California 94025, USA. You can identify the Facebook plugins by the Facebook logo on our page. An overview of the Facebook plugins can be found here: https://developers.facebook.com/docs/plugins/.
Facebook is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
When you visit our website, the plugin establishes a direct connection between your browser and the Facebook server. Facebook receives the information that you have visited our website with your IP address. If you click the Facebook "Like" button while logged into your Facebook account, you can link the contents of our website on your Facebook profile. This allows Facebook to associate the visit to our website with your user account.
If you do not want Facebook to be able to link your visit of our website with your Facebook account, please log out of your Facebook account and delete your cookies. Further settings and objections to the use of data for advertising purposes are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the US page http://www.aboutads.info/choices/ or the EU page http://www.youronlinechoices.com/. The settings are platform-independent, i.e. they are applied to all devices, such as desktop computers or mobile devices.
If you do not want YouTube to be able to link your visit to our website with your YouTube account, please log out of your YouTube account.
6. Contact Form
There is a contact form on our website which can be used for contacting us electronically.
The legal basis for the processing of data is article 6 para. 1 lit. a GDPR if the user hass given his consent. The legal basis for the processing of data transmitted in the course of sending an e-mail is article 6 para. 1 lit. f GDPR. If the e-mail contact is intended to conclude a contract, the additional legal basis for processing is article 6 para. 1 lit. b GDPR.
The processing of the personal data from the input mask is used solely within the scope of contacting us. In the event of contact by e-mail, this also constitutes the necessary legitimate interest in the processing of the data. The other personal data processed within the sending process are used to prevent misuse of the contact form and to ensure the security of our information technology systems.
The data will be deleted as soon as they are no longer necessary for the purpose for which they were collected. For the personal data from the input mask of the contact form and those that were sent by e-mail, this is the case when the respective conversation with the user is finished. The conversation is finished when the circumstances indicate that the matter in question has been finally clarified.
The user can withdraw his consent to the processing of personal data at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued. All personal data stored in the course of contacting us will be deleted in this case, unless deletion is prohibited by law.
7. California Online Privacy Protection Act
According to CalOPPA, we agree to the following:
Users can visit our site anonymously.
• Via Email
Can change your personal information:
• By emailing us
How does our site handle Do Not Track signals?
We don’t honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place. We don’t honor them because:
there is no consistent industry understanding of how to respond to Do Not Track signals, we do not alter our data collection and usage practices when we detect such a signal from your browser.
Does our site allow third-party behavioral tracking?
It’s also important to note that we allow third-party behavioral tracking
8. COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
We do not specifically market to children under the age of 13 years old.