In accordance with the requirements of Articles 13, 14 and 21 of the General Data Protection Regulation (GDPR), we would like to inform you about the processing of your personal data and your rights under the GDPR.

 

Who is responsible for the data processing?

The controller in accordance with data protection is:

Spetec Gesellschaft für Labor- und Reinraumtechnik mbH

Am Kletthamer Feld 15

85435 Erding

You can find further information concerning our company, the persons with power of representation, and our contact options on our website: https://www.spetec.de

 

What data relating to you is processed by us? And for what purposes?

We process your personal data insofar as this is necessary for establishing and fulfilling a contract with you. This includes general data about you or persons in your company (name, address, contact details, etc.) as well as, if applicable, further data that you provide to us in the context of the contract. In addition, communication data is processed in case you contact us via telephone or e-mail. The data we process depends on your requested or the agreed upon services.

Which data is processed in detail and how it is used depends largely on the requested or agreed services.

 

Where is the data processed?

The data is generally processed on IT systems on our premises.

The processing of your data takes place in Germany or within the European Union or the states of the European Economic Area. Processing in other countries is only permitted insofar as an adequacy decision of the EU Commission pursuant to Art. 45 (3) GDPR is available or an adequate level of data protection is ensured by other suitable guarantees within the meaning of Art. 46 (2) GDPR.

 

What is the legal basis for this?

The legal basis for the processing of personal data is generally Art. 6 GDPR, unless more specific legal regulations are applicable. In such a case, the following options are present:

When personal data is required for establishing or fulfilling contractual obligation, the processing is based on Art. 6 (1) lit. b GDPR.

In addition to that, data processing can also take place based on Art. 6 (1) lit. f GDPR. In these cases, processing is necessary for the purposes of the legitimate interests pursued by us or by a third party.

Processing may also be necessary for compliance with a legal obligation to which we are subject. The legal basis in this case is Art. 6 (1) lit. c GDPR.

If you give us consent to process personal data for specific purposes, the data processing is based on Art. 6 (1) lit. a GDPR.

 

How long will your data be processed and stored?

We process your personal data as long as this is necessary for our business relationship or for the fulfilment of contractual obligations.

In addition, we are subject to various legal obligations, for example the German Commercial Code and the German Fiscal Code.

Finally, the storage period also depends on the limitation periods according to Division 5 of the German Civil Code.

Due to internal and organizational considerations data in backups may still be available for a longer period of time.

 

To which recipients is the data passed on?

We only pass on your personal data within our company to those areas and persons who need this data to fulfil contractual and legal obligations or for purposes of our legitimate interest.

Your personal data is also processed on our behalf by service providers based on Art. 28 GDPR. In these cases, we ensure that the processing of personal data is carried out in accordance with the provisions of the General Data Protection Regulation.

Under these conditions, recipients of personal data may include:

  • Internet providers, hosting and telephone services
  • Providers of accounting/billing software
  • IT service providers and service providers tasked with facility management
  • Service providers and software in the field of web design, marketing and events
  • Providers of office applications, server/operating systems and cloud storage
  • Service providers for the destruction of files

Otherwise, data will only be passed on to third parties if this is required by law, if the transfer is necessary for processing and thus for the fulfilment of the contract or, at your request, for the implementation of pre-contractual measures, or if you have given us your consent to do so.

 

Where does the data originate from?

We process personal data that we have received from you in the context of contacting you or establishing a contractual relationship or in the context of pre-contractual measures.

 

Our information letter

We use your personal data to send you information about our products or interesting new products in our range by e-mail at irregular intervals as part of our customer relationship. We use your name and e-mail address for this purpose.

The mailing is based on our legitimate interest (Art. 6 (1) lit. f GDPR) in informing our customers and promoting our products. Based on your previous order as an existing customer, we assume that you are generally interested in comparable products, innovations or improvements.

We use the “Sendinblue” tool from Sendinblue GmbH to send information by email. “Sendinblue” necessarily obtains knowledge of the above-mentioned data insofar as this is provided for in our order processing contract with “Sendinblue”.

If you no longer wish to receive information from us, you can object to the processing of your personal data for this purpose at any time in accordance with Art. 21 GDPR.

 

Microsoft Teams

We use the “Microsoft Teams” tool to conduct telephone conferences, online meetings, video conferences and/or webinars (hereinafter: “online meetings”). “Microsoft Teams” is a service of the Microsoft Corporation.

When you communicate with us via video or audio conference over the internet, personal data is collected and processed by us and the provider of the respective conference tool. The conference tool collects all data that you provide during the use of the tools as well as the duration of the conference, start and end (time) of participation in the conference, number of participants and other contextual information related to the communication process (metadata).

In addition, the provider of the tool processes all technical data required to handle the online communication. This includes in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speaker, and the type of connection.

If content is exchanged, uploaded or otherwise made available within the tool, this is also stored on the servers of the tool provider. Such content includes, in particular, chat/ instant messages, voicemails, uploaded photos and videos, and files shared while using the service.

The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers. The basis for this is Art. 6 (1) lit. b GDPR. Furthermore, the use of the tools serves to communicate with us or our company based on our

legitimate interest in terms of Art. 6 (1) lit. f GDPR or based on your consent according to Art. 6 (1) lit. a GDPR.

 

TeamViewer

For the remote support of our customers we use the software “TeamViewer” from TeamViewer Germany GmbH, Bahnhofsplatz 2, 73033 Göppingen.

TeamViewer is used to provide support when using one of our software products and to set up/install and configure these software products.

TeamViewer allows you to temporarily access your system, view your screen and remotely control your mouse and keyboard. The connection runs via TeamViewer servers in the EU. Only the personal data that needs to be used to provide support in the ongoing process is processed and stored. If it is necessary to transfer data from your computer for support purposes, this will only be used for troubleshooting and support purposes.

TeamViewer is used to fulfill the contract between you and us and in our mutual interest in the efficient, short-term and cost-effective provision of support services by us in accordance with Art. 6 (1) sentence 1 lit. a, b and f GDPR.

You can view TeamViewer's privacy policy on the TeamViewer website.

 

Applicant data

We process the data you have sent us in connection with your application to assess your suitability for a position (or other open positions in our company, if applicable) and to carry out the application process.

The legal basis for processing your data is Art. 6 (1) lit. b GDPR for initiating a contractual relationship. According to this, the data processing is allowed if this is necessary to establish an employment contract.

Insofar as special categories of personal data are processed in accordance with Art. 9 (1) GDPR, this serves the exercise of rights or the fulfillment of legal obligations under labor law as part of the application process. This is done on the basis of Art. 9 (2) lit. b GDPR and § 26 (3) BDSG. In addition, the processing of special categories of personal data may be based on consent pursuant to Art. 9 (2) lit. a GDPR and § 26 (3) sentence 2, (2) BDSG.

Furthermore, data can be processed based on our legitimate interest according to Art. 6 (1) lit. f GDPR to defend our company against legal claims.

If you give us express consent to process personal data for specific purposes, the processing is based on Art. 6 (1) lit. a GDPR.

We process your personal data as long as this is necessary for the establishment of the employment contract or for a legal requirement. Data of applicants will be deleted after six months in the event of rejection. If you have agreed to further storage of your personal data, we will transfer your data to our applicant pool. There, the data will be deleted if it is no longer relevant for open positions in our company. In the event that you have consented to further storage of your personal data, we will transfer your data to our applicant pool. The data will be deleted there if it is no longer relevant for filling further positions.

 

Your rights as a “data subject”

You have the right pursuant to Art. 15 GDPR to obtain information about your personal data processed by us. According to Art. 16 GDPR you have the right to obtain the rectification of inaccurate personal data without undue delay or the completion of your personal data stored with us. You have the right pursuant to Art. 17 GDPR to obtain the erasure of your personal data stored with us and pursuant to Art. 18 GDPR you have the right to obtain the restriction of the processing of your personal data.

Pursuant to Art. 20 GDPR you have the right to receive your personal data that you have provided to us, in a structured, commonly used and machine-readable format or to obtain the transmission to another data controller.

When your data is processed based on Art. 6 (1) lit. f or e GDPR, you have the right to object to processing on grounds relating to your particular situation pursuant to Art. 21 (1) GDPR.

According to Art. 7 (3) GDPR you have the right to withdraw the consent given to us at any time. This means that in future we may no longer continue to process the data as based on this consent.

You also have the right pursuant to Art. 77 GDPR to lodge a complaint with a supervisory authority. The address of the data protection supervisory authority which has jurisdiction over us is:

Data Protection Authority of Bavaria:

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)

Promenade 27

91522 Ansbach

 

Objection to data usage for direct marketing purposes

When your data is used for direct marketing purposes, you have the right to object to processing pursuant to Art. 21 (2) GDPR.

After revoking consent or objecting to the use of data for marketing purposes, your data may remain stored in a backlist or to prove the previous existence of consent.

 

Our data protection officer

We have appointed a data protection officer at our company. You can contact him or her via the following address:

ComFor-IT® GmbH & Co. KG

Datenschutz

Bahnhofstraße 6

84405 Dorfen

Tel: 08081-60499-50

E-Mail: This email address is being protected from spambots. You need JavaScript enabled to view it.

Internet: www.comfor-it.de

 

 

-------------

We appreciate you visiting our website. As personal data is extremely valuable and we wish to ensure secure processing, we would like to inform you of the gathering of personal data on our website.

We take organisational, contractual, and technical security measures in accordance with the state of technology, to ensure that the regulations of the data protection laws are complied with, and to protect the data processed by us against accidental or intentional manipulation, loss, destruction, or access by unauthorised persons.

An additional security feature of our website is the HTTPS connection (SSL encryption) which also increases the level of protection.

Unfortunately, not all data transfers via the Internet (email etc) are secure. Therefore, we wish to point out that we cannot guarantee complete protection of personal data if you use these transfer channels.

Our website contains links to other websites (links). Should you follow such a link, you are leaving our web presence and visiting another site, whose content is outside of our area of control. When you visit the new website, the data protection provisions of the website which you have accessed apply. These may differ from the data protection provisions of our website. Please familiarise yourself with the data protection provisions of the third-party website.

The controller in accordance with data protection is

 

Spetec Gesellschaft für Labor- und Reinraumtechnik mbH

Am Kletthamer Feld 15

85435 Erding

Tel.: +49 (0)8122 95909-0

Fax: +49 (0)8122 95909-55

E-Mail: This email address is being protected from spambots. You need JavaScript enabled to view it.

 

Data gathering and recording

 

The following data is transferred to us when you access our website:

  • Date and time of the request
  • Name of the requested site
  • Site from which the sub-site was requested
  • Access status (site transferred; site not found etc)
  • Web browser and operating system used
  • IP-address of the requesting computer
  • Transferred data quantity

The data is stored for reasons connected to technical security in order to prevent attempted attacks against our server. The processing is based on Art. 6 (1) lit. f GDPR.

The personal data collected on our website is stored on the servers of our external hoster. Our hoster processes your data only insofar as this is necessary for the fulfilment of its service obligations and in accordance with our instructions.

 

Getting in touch

 

When you get in touch with us via email, telephone or our contact form, the information of the user will be processed in order to respond to the enquiry.

The data processing is based on Art. 6 (1) lit. f GDPR if processing is necessary for the purposes of the legitimate interests pursued by our company. If the processing is necessary for the performance of a contract or for pre-contractual measures, the processing is based on Art. 6 (1) lit. b GDPR. Your data will be deleted after final processing of your request, provided that there are no legal obligations.

 

Applicant data

 

We process the data you have sent us in connection with your application to assess your suitability for a position (or other open positions in our company, if applicable) and to carry out the application process.

The legal basis for processing your data is primarily Art. 88 GDPR and § 26 BDSG as well as, if applicable, Art. 6 (1) lit. b GDPR for initiating a contractual relationship. According to this, the data processing is allowed if this is necessary to establish an employment contract. Furthermore, data can be processed based on our legitimate interest according to Art. 6 (1) lit. f GDPR to defend our company against legal claims. If you give us express consent to process personal data for specific purposes, the processing is based on Art. 6 (1) lit. a GDPR.

We process your personal data as long as this is necessary for the establishment of the employment contract or for a legal requirement. Data of applicants will be deleted after six months in the event of rejection. If you have agreed to further storage of your personal data, we will transfer your data to our applicant pool. There, the data will be deleted if it is no longer relevant for open positions in our company.

 

Use of cookies

 

It is possible for us to deposit so-called "cookies" on your computer when you visit our website. Cookies are text files which are received by your Internet browser, and which are stored on your computer. You can prevent the saving of cookies by setting your browser software accordingly. However, we wish to point out that in such a case, you may not be able to fully use all functions of this website.

 

Link to our social media presences

 

The links to social media platforms on our website are not integrated via a so-called plugin. When you call up our website, no direct connection is established with the servers of these social media platforms. The embedded graphics only contain an HTTP link to our presence on the corresponding social media sites.

 

Rights of the Data Subject

 

You have the right pursuant to Art. 15 GDPR to obtain information about your personal data processed by us.

According to Art. 16 GDPR you have the right to obtain the rectification of inaccurate personal data without undue delay or the completion of your personal data stored with us.

You have the right pursuant to Art. 17 GDPR to obtain the erasure of your personal data stored with us and pursuant to Art. 18 GDPR you have the right to obtain the restriction of the processing of your personal data.

Pursuant to Art. 20 GDPR you have the right to receive your personal data that you have provided to us, in a structured, commonly used and machine-readable format or to obtain the transmission to another data controller.

According to Art. 7 (3) GDPR you have the right to withdraw the consent given to us at any time. This means that in future we may no longer continue to process the data as based on this consent.

When your data is processed based on Art. 6 (1) lit. f GDPR, you have the right to objected to processing pursuant to Art. 21 GDPR.

You have the right pursuant to Art. 77 GDPR to lodge a complaint with a supervisory authority. The address of the data protection supervisory authority which has jurisdiction over us is:

 

Data Protection Authority of Bavaria:

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)

Promenade 27

91522 Ansbach

 

Data protection queries and information

 

Should you have any questions concerning the gathering, processing, saving and deletion of your personal data, please do not hesitate to get in touch.


ComFor-IT® GmbH & Co. KG  
Data protection
Bahnhofstraße 6
84405 Dorfen
Tel:                  08081-60499-50
Email:             This email address is being protected from spambots. You need JavaScript enabled to view it.
Internet:          www.comfor-it.de