The following Privacy Policy applies to the processing of personal data on our website:
The following Privacy Policy applies to the processing of personal data on our website:
Data protection information for this website.
General information
The following information provides a brief overview of what happens with your personal data when you visit this website. Personal data is any data that makes it possible to personally identify you. More detailed information regarding data protection can be found in our Privacy Policy below.
Data collection on this website
Who is responsible for data collection on this website?
The data processing on this website is carried out by the website operator. The website operator's contact information is provided in the website’s Legal Notice.
How do we collect your data?
We collect the data that you provide to us. This may include data that you enter in a contact form, for example.
Other data is automatically collected by our IT systems when you visit our website, or is collected after obtaining your consent. This is primarily technical data (e.g. browser, operating system or the time a page was visited). This data is collected automatically as soon as you enter this website.
What do we use your data for?
Some of your data is collected in order to ensure that you can use our website without any errors. Other data may be used to analyze your user behavior.
What are your rights regarding your data?
You have the right, at any time, free of charge and upon request, to receive information regarding the origin of the personal data we collect on you, the recipients of this data and the purpose for which it is collected. You also have the right to request that your data be rectified or erased. If you have granted your consent for your data to be processed, you are entitled to revoke that consent with future effect at any time. Depending on the circumstances, you also have the right to request that we restrict the processing of your personal data. You also have the right to lodge a complaint with the competent supervisory authority.
You can contact us at any time using the address provided in the Legal Notice should you wish to exercise these rights or have any questions relating to data protection.
Analytical tools and third-party tools
When you visit this website, we may use statistical analysis to analyze your browsing behavior. This is mainly done using what is known as analytics software.
Detailed information on this software can be found in the privacy policy below.
Data Protection
The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with both the statutory data protection provisions and this Privacy Policy.
If you use this website, we will collect various personal data. Personal data is any data that makes it possible to personally identify you. This Privacy Policy explains what data we collect and what we use it for. It also explains how this is done and for what purpose.
We hereby expressly inform you that the transmission of data via the Internet (e.g. communication via email) is subject to security vulnerabilities. It is therefore not possible to guarantee complete protection of data from access by third parties.
Note on the controller
The controller for data processing on this website is:
Solarlux GmbH
Industriepark 1
49324 Melle, Germany
Phone: +49 5422 9271-0
Fax: +49 5422 9271-8200
Email: info@solarlux.com
The controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data (e.g. names or email addresses).
Retention period
If no special retention period is specified within this Privacy Policy, we will store your personal data until the purpose for which we originally processed it ceases to apply. If you exercise your right to erasure or revoke your consent to the processing of your data, your data will be erased unless we have other legally approved grounds for retaining your personal data (e.g. retention periods under tax or commercial law); where such grounds exist, your data will be erased once they cease to exist.
Statutory data protection officer
The company has designated a data protection officer. The designated data protection officer can be contacted via email at datenschutz@solarlux.de or using the contact details provided in Section 2. When sending messages to the data protection officer by mail, please mark these “Data protection – personal/confidential.”
Note regarding disclosure of data to the US
Some of the tools used on our website come from US-based companies. If these tools are active, your personal data may be sent to each company’s server in the US. We would like to highlight that the US is not considered a secure third country under EU data protection law. US companies are required to hand over personal data to security authorities without you, the data subject, being able to take legal action against this. It is therefore possible that US authorities (e.g. intelligence services) may process, evaluate and permanently store your data located on US servers for surveillance purposes. We have no control over these processing activities.
Revoking your consent to data processing
Many data processing activities are only possible with your explicit consent. You may withdraw any consent you have already given at any time. Revoking your consent has no bearing on the legality of the data processing that took place before you revoked your consent.
To revoke or amend your consent, please click here.
Right to object to the collection of data in special cases; right to object to direct marketing (Article 21, GDPR)
IF DATA IS PROCESSED ON THE BASIS OF ARTICLE 6, PARAGRAPH 1(E) OR 1(F) OF THE GDPR, YOU ARE ENTITLED TO LODGE AN OBJECTION TO THE PROCESSING OF PERSONAL DATA RELATING TO YOU AT ANY TIME FOR REASONS RELATING TO YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING CONDUCTED ON THE BASIS OF THESE PROVISIONS. YOU CAN FIND THE LEGAL BASIS FOR PROCESSING IN THIS PRIVACY POLICY. SHOULD YOU LODGE AN OBJECTION, WE WILL NO LONGER PROCESS THE PERSONAL DATA IN QUESTION UNLESS WE CAN DEMONSTRATE COMPELLING AND LEGITIMATE REASONS FOR SUCH PROCESSING THAT OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS, OR WHERE PROCESSING SERVES THE ASSERTION, EXERCISE OR DEFENSE OF LEGAL CLAIMS (REVOCATION UNDER ARTICLE 21, PARAGRAPH 1, GDPR).
IF YOUR PERSONAL DATA IS PROCESSED FOR THE PURPOSE OF ENGAGING IN DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF PERSONAL DATA RELATING TO YOU FOR THE PURPOSE OF THIS KIND OF ADVERTISING AT ANY TIME. THIS ALSO APPLIES TO ANY PROFILING ASSOCIATED WITH THIS KIND OF DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL THEN NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (RIGHT TO OBJECT UNDER ARTICLE 21, PARAGRAPH 2, GDPR).
Right to lodge a complaint with the competent supervisory authority
In the event of breaches of the GDPR, data subjects are entitled to lodge a complaint with a supervisory authority, in particular in the Member State where they are habitually resident, where they work, or where the alleged breach took place. The right to lodge a complaint is without prejudice to any other administrative or judicial remedy.
Right to data portability
You have the right to have the data that we automatically process based on your consent or in fulfillment of a contract handed over to you or a third party in a commonly used, machine-readable format. If you request that your data be sent directly to another data controller, this will only be done where this is technically feasible.
SSL and/or TLS encryption
This page uses SSL and/or TLS encryption on individual or all sub-pages for security purposes and to protect the transmission of confidential content, such as orders or queries you send to us in our role as the website operator. You can recognize an encrypted connection because your browser’s address bar will switch from “http://” to “https://” and a lock symbol will appear.
If SSL and/or TLS encryption is activated, you are able to send us data in a way that prevents third parties from reading it.
Information, erasure and rectification
Under the applicable legal provisions, you have the right to receive information about your stored personal data, its origin and any recipients, as well as information about the purpose for which your data is processed. You have the right to obtain this information at any time, free of charge, and, where necessary, the right to rectification or erasure of that data. You can contact us at any time using the address provided in the Legal Notice should you wish to exercise these rights or have any questions relating to personal data.
Right to restriction of processing
You have the right to request that we restrict the processing of your personal data. You may contact us at any time using the address provided in the Legal Notice should you have any questions. You have the right to restrict processing if one of the following applies:
If you contest the accuracy of the personal data we have stored about you, we will generally need time to review this. You have the right to request that we restrict the processing of your personal data until a review is completed.
If your personal data was processed/is being processed unlawfully, you may request that processing of your data be restricted rather than for your data to be erased.
If we no longer require your personal data, but you need it to exercise, defend or enforce a legal claim, you have the right to request that the processing of your data be restricted rather than your data being erased.
If you have lodged an objection under Article 21, Paragraph 1 of the GDPR, we must weigh our interests against yours. While those interests are being weighed and the issue remains unclarified, you are entitled to request that we restrict the processing of your personal data until a review is completed.
If you have restricted the processing of your personal data, with the exception of its storage, this data may only be processed with your consent, or to assert, exercise or defend against legal claims or protect the rights of another natural or legal person, or for reasons of major public interest to the European Union or one of its Member States.
Objection to marketing emails
The use of contact information published as part of the disclaimer requirement by third parties in order to send unauthorized advertising and informational material is hereby explicitly prohibited. The website operators expressly reserve the right to take legal action if any unsolicited promotional information, such as spam email, is sent.
Contact requests, callback requests, brochure orders
When you send us inquiries, callback requests and/or brochure orders using the contact form, the Solarlux Group will save the details you provide in these forms – including the contact details you provide there – in order to allow us to process your inquiries/orders and contact you if we have any further questions.
We will use your zip code to allocate your data to a Solarlux subsidiary (Linara GmbH, Innovapark 21, 87600 Kaufbeuren, Germany; Linara Ahaus GmbH, Von-Braun-Straße 27, 48683 Ahaus, Germany; Linara Augsburg GmbH,
Albert-Einstein-Str. 21, 86399 Bobingen, Germany, hereinafter referred to as “Solarlux Subsidiaries”) and then send your data to the Solarlux Subsidiary in question.
Provided your order relates to the performance of a contract or is required to conduct pre-contractual measures, the legal basis for the processing of this data is Article 6, Paragraph 1(b) of the GDPR. In all other cases, processing is based on our legitimate interest in effectively processing inquiries sent to us (Article 6, Paragraph 1(f), GDPR), or on your consent (Article 6, Paragraph 1(a), GDPR), if this has been requested.
The Solarlux Group will store the data you have provided in the forms until you request that we or our Solarlux Subsidiary erase it, you revoke your consent for its storage, or there ceases to be any reason for storing that data (e.g. after we have finished processing your order). This does not affect any mandatory statutory provisions, particularly retention periods.
Data processing agreement
We have concluded a data processing agreement with our Solarlux Subsidiaries. This contract is required under data protection law, and guarantees that the personal data belonging to visitors to our website will only be processed according to our instructions and in accordance with the GDPR.
For more information on what our subsidiaries do to comply with data protection requirements, please visit: https://www.linara.gmbh/datenschutzerklaerung/?page=datenschutz, https://www.linara-augsburg.de/datenschutz/?cb0
Cookies
Our website uses cookies. Cookies are small text files and do not harm your device. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically erased after your visit. Permanent cookies remain stored on your device until you erase them yourself or until your browser automatically erases them.
Some third-party cookies may also be stored on your device when you visit our website. They allow us and you to use certain third-party services (e.g. cookies to conduct payment services).
Cookies serve different functions. A number of cookies are technically necessary to enable certain website features to function (e.g. the shopping cart feature or displaying videos). Other cookies analyze user behavior or help display relevant ads.
Cookies that are necessary for electronic communication processes (required cookies) or the provision of certain functions you have requested (functional cookies, e.g. for the shopping cart feature) or for website optimization (e.g. cookies for web audience metrics) are stored based on Article 6, Paragraph 1(f) of the GDPR, provided no other legal basis has been specified. The website operator has a legitimate interest in storing cookies to ensure it is able to accurately provide its services in a technically optimized manner. Where consent to store cookies has been requested, said cookies are stored exclusively on the basis of this consent (Article 6, Paragraph 1(a), GDPR). Consent may be revoked at any time.
You can set your browser to notify you when cookies are going to be saved to you device, to require your permission every time a website wishes to save cookies on your device, to accept cookies in certain cases, to refuse them generally, or to erase them automatically when you close your browser. Disabling cookies may limit the functionality of this website, however.
If cookies are used for analytical purposes or if third-party cookies are used, we will inform you of this separately in this Privacy Policy. Where applicable, we will ask for your consent.
Server log files
The website provider automatically collects and stores information in server log files, which are sent to us automatically by your browser. These include:
This data is not combined with other data sources.
The legal basis for the collection of this data is Article 6, Paragraph 1(f) of the GDPR. The website operator has a legitimate interest in the accurate presentation and optimization of its website, which requires server log files to be collected.
Contact form
When you send us inquiries using the contact form, we will save the details you provide in the contact form – including the contact details you provide there – in order to allow us to process your inquiry and contact you if we have any further questions. We will not disclose your data without your consent.
Provided your inquiry relates to the performance of a contract or is required to conduct pre-contractual measures, the legal basis for the processing of this data is Article 6, Paragraph 1(b) of the GDPR. In all other cases, processing is based on our legitimate interest in effectively processing inquiries sent to us (Article 6, Paragraph 1(f), GDPR), or on your consent (Article 6, Paragraph 1(a), GDPR), if this has been requested.
We will store the data you have provided in the contact form until you request its erasure, you revoke your consent for its storage, or there is no longer any reason for storing that data (e.g. after we have finished processing your query). This does not affect any mandatory statutory provisions, particularly retention periods.
Target group selection
Data entered in the target group selection banner or provided via email is exclusively processed on the basis of your consent (Article 6, Paragraph 1(a), GDPR).
Queries by email, telephone and fax
If you contact us by email, telephone or fax, we will store and process your query, including any personal data included (name, your specific query), for the purpose of dealing with your concerns. We will not disclose your data without your consent.
Provided your inquiry relates to the performance of a contract or is required to conduct pre-contractual measures, the legal basis for the processing of this data is Article 6, Paragraph 1(b) of the GDPR. In all other cases, processing is based on our legitimate interest in effectively processing inquiries sent to us (Article 6, Paragraph 1(f), GDPR), or on your consent (Article 6, Paragraph 1(a), GDPR), if this has been requested.
We will store the data you have sent in contact requests until you request its erasure, you revoke your consent for its storage, or there is no longer any reason for storing that data (e.g. after we have finished processing your matter of concern). This does not affect any mandatory statutory provisions, particularly statutory retention periods.
Google Tag Manager
This website uses Google Tag Manager. Google Tag Manager is a solution operated by Google Inc. that allows businesses to manage website tags through its user interface. Google Tag Manager is a cookieless domain that does not collect any personal data. Google Tag Manager triggers other tags, which, in turn, may collect data. This is something we would like to particularly highlight. Google Tag Manager does not access this data. If the tool is disabled by the user on the domain or cookie level, it will remain disabled for all tracking tags implemented with Google Tag Manager.
Google Analytics
This website uses the Google Analytics web analysis service’s features. The operator is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics allows the website operator to analyze the behavior of visitors to the website. The website operator receives a variety of usage data, e.g. page visits, length of visit, operating systems used and the user’s origin. Where applicable, Google collects this data to form a profile assigned to the user or their device in each case.
Google Analytics uses technology that makes it possible to recognize users for the purpose of analyzing user behavior (e.g. cookies or device fingerprinting). The information collected by Google about use of this website is usually sent to a Google server in the US and stored there.
The legal basis for the use of this analytical tool is Article 6, Paragraph 1(f) of the GDPR. The website operator has a legitimate interest in analyzing user behavior to optimize both its website and its marketing. Where consent for this has been requested (e.g. consent to store cookies), processing is based exclusively on Article 6, Paragraph 1(a) of the GDPR. Consent may be revoked at any time.
IP anonymization
We have activated an IP anonymization function on this website. As such, prior to transmission to the US, your IP address will be truncated by Google within the Member States of the European Union or in other signatory states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the US and truncated there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, for compiling reports on website activity, and for providing other services relating to website activity and Internet usage to the website operator. Google will not associate the IP address transferred by your browser as part of Google Analytics with any other data held by Google.
Browser plugin
You can prevent your data from being collected and processed by Google by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout.
For more information on how Google Analytics handles data, please consult the Google Privacy Policy: https://support.google.com/analytics/answer/6004245?hl=de.
Commissioned data processing
We have concluded a data processing agreement with Google, and apply the full scope of the German data protection authorities’ stringent regulations in our use of Google Analytics.
Retention period
Data stored by Google at the user and event level that is linked to cookies, user identifiers (e.g. user IDs) or advertising IDs (e.g. DoubleClick cookies, Android advertising IDs) is anonymized or erased after 14 months. Details are available here: https://support.google.com/analytics/answer/7667196?hl=en
Hotjar
This website uses Hotjar. The operator is Hotjar Ltd., Level 2, St Julians Business Centre, 3 Elia Zammit Street, St Julians STJ 1000, Malta, Europe (website: https://www.hotjar.com).
Hotjar is a tool for analyzing your user behavior on this website. Hotjar allows us to map things like your mouse and scrolling movements and clicks. In doing so, Hotjar can also determine the length of time your cursor remains on a specific spot. Hotjar uses this information to compile heat maps, which can be used to see which areas of the website visitors prefer.
In addition, we can determine how long you remained on a specific page and when you left it. We can also determine the point at which you cease entering information on a contact form (“conversion funnels”).
Hotjar can also be used to obtain direct feedback from visitors to our website. This feature helps improve the website operator’s services.
Hotjar uses technology that makes it possible to recognize users for the purpose of analyzing user behavior (e.g. cookies or the use of device fingerprinting).
The legal basis for the use of this analytical tool is Article 6, Paragraph 1(f) of the GDPR. The website operator has a legitimate interest in analyzing user behavior to optimize both its website and its marketing. Where consent for this has been requested (e.g. consent to store cookies), processing is based exclusively on Article 6, Paragraph 1(a) of the GDPR. Consent may be revoked at any time.
Disabling Hotjar
If you would like to disable data collection by Hotjar, please click the following link and follow the instructions provided: https://www.hotjar.com/opt-out
. Please note that you will have to disable Hotjar separately on each browser or device you use.
For more information about Hotjar and the data collected, please see Hotjar’s privacy policy: https://www.hotjar.com/privacy.
Data processing agreement
We have concluded a data processing agreement with Hotjar to ensure the European Union’s stringent data protection regulations are adhered to.
Google Ads
The website operator uses Google Ads. Google Ads is an online advertising program operated by Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads allows us to display ads within the Google search engine environment or on third-party websites when users enter certain search terms in Google (keyword targeting). In addition, targeted ads can be displayed based on the user data available at Google (e.g. location data and interests) (target group targeting). As the website operator, we can quantitatively evaluate this data by analyzing, for example, which search terms led to our ads being displayed and how many ads then resulted in clicks.
The legal basis for the use of Google Ads is Article 6, Paragraph 1(f) of the GDPR. The website operator has a legitimate interest in marketing its products and services as effectively as possible. Where consent for this has been requested (e.g. consent to store cookies), processing is based exclusively on Article 6, Paragraph 1(a) of the GDPR. Consent may be revoked at any time.
Google Remarketing
This website uses the Google Analytics Remarketing service’s features. The operator is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Remarketing analyzes your user behavior on our website (e.g. clicking on certain products) in order to classify you within certain target groups for advertising purposes and then display relevant advertising when you visit other websites (remarketing or retargeting).
In addition, the target audiences for promotional marketing created with Google Remarketing may be linked to the cross-device capabilities of Google. This allows advertising based on your personal interests that has been identified based on your previous usage and surfing behavior on one device (e.g. your mobile phone) to also be displayed on other devices (such as a tablet or computer).
If you have a Google account, you can object to personalized ads here: https://www.google.com/settings/ads/onweb..
The legal basis for the use of Google Remarketing is Article 6, Paragraph 1(f) of the GDPR. The website operator has a legitimate interest in marketing its products as effectively as possible. If consent for this has been requested, processing is based exclusively on Article 6, Paragraph 1(a) of the GDPR. Consent may be revoked at any time.
For more information and the data protection provisions, please refer to Google’s Privacy Policy: https://policies.google.com/technologies/ads.
Compiling target groups with Customer Match
We use Google Remarketing’s Customer Match tool to compile target groups. In doing so, we provide certain client data (e.g. email addresses) from our client lists to Google. If the clients in question are Google users and are logged in to their Google account, they are shown relevant ads within the Google network (e.g. on YouTube, in Gmail or in the search engine).
Google Conversion Tracking
This website uses Google Conversion Tracking. The operator is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Conversion Tracking allows us and Google to determine whether a user has executed a specific action. For example, we can analyze which buttons on our website were clicked how often and which products were viewed or purchased particularly frequently. This information helps generate conversion statistics. We can then determine the total number of users who have clicked on our ads and what actions they then took. We do not receive any information that can be used to personally identify users. Google itself uses cookies or similar recognition technologies for identification purposes.
The legal basis for the use of Google Conversion Tracking is Article 6, Paragraph 1(f) of the GDPR. The website operator has a legitimate interest in analyzing user behavior to optimize both its website and its marketing. Where consent for this has been requested (e.g. consent to store cookies), processing is based exclusively on Article 6, Paragraph 1(a) of the GDPR. Consent may be revoked at any time.
For more information on Google Conversion Tracking, please refer to Google’s Privacy Policy: https://policies.google.com/privacy?hl=en.
Newsletter data
If you would like to subscribe to our newsletter, we require a valid email address as well as information that allows us to verify that you are the owner of the specified email address and that you agree to receive this newsletter. No other data is collected, except potentially on a voluntary basis. We only use this data to send the information requested and do not disclose it to third parties.
Data entered in the newsletter subscription form or provided via email is therefore exclusively processed with your consent (Article 6, Paragraph 1(a), GDPR). You may revoke consent to the storage of your data and email address as well as their use for sending the newsletter at any time, for example, by clicking the “Unsubscribe” link in the newsletter. Any revocation of your consent will only apply to the future and will not affect the legitimacy of any instances of data processing that took place before unsubscribing.
The data you provide us for the purpose of subscribing to the newsletter will be stored by us and/or the newsletter operator until you unsubscribe from the newsletter mailing list, and will then be erased. This does not affect data stored by us for other purposes.
Once you unsubscribe from the newsletter, your email address may be stored in a blacklist held by us and/or the newsletter operator to ensure you do not receive any messages in future. Blacklist data is only used for this purpose and is not linked to any other data. This serves both your interests and our interest in complying with the legal requirements when sending newsletters (legitimate interests as defined by Article 6, Paragraph 1(f), GDPR). There is no set time limit on data being blacklisted. You may object to storage if your interests outweigh our legitimate interest.
YouTube with enhanced data protection
This website embeds YouTube videos. The operator is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
We use YouTube in enhanced data protection mode. According to YouTube, this mode causes YouTube not to store information about visitors to this website before they view a video. However, enhanced data protection mode does not necessarily prevent data from being disclosed to YouTube’s partners. This allows YouTube to establish a connection to the Google DoubleClick Network, regardless of whether you view a video.
Once you start a YouTube video on this website, a connection is made to YouTube’s servers. This tells the YouTube server which of our pages you have visited. If you are logged in to your YouTube account, this connection will allow YouTube to associate your browsing behavior directly with your personal profile. You can prevent this from happening by logging out of your YouTube account.
In addition, YouTube may store various cookies on your device or use similar recognition technologies (e.g. device fingerprinting) once you start a video. This enables YouTube to obtain information about visitors to this website. Among other things, this information is used to gather video statistics to improve user-friendliness and prevent attempts at fraud.
Where applicable, other data processing activities beyond our control may be triggered once you start a YouTube video.
YouTube is used in order to make our website appealing. This constitutes a legitimate interest as per Article 6, Paragraph 1(f) of the GDPR. If consent for this has been requested, processing is based exclusively on Article 6, Paragraph 1(a) of the GDPR. Consent may be revoked at any time.
More information on data protection at YouTube is available here: https://policies.google.com/privacy.
Adobe Fonts
To ensure the uniform display of certain fonts, this website uses Adobe Web Fonts. The operator is Adobe Systems Incorporated (“Adobe”), 345 Park Avenue, San Jose, CA 95110-2704, US.
When accessing this website, your browser loads the required fonts directly from Adobe in order to correctly display them on your device. Your browser then connects to the Adobe servers in the US. This also informs Adobe that your IP address was used to access this website. According to Adobe, no cookies are stored when providing fonts.
The legal basis for storing and analyzing this data is Article 6, Paragraph 1(f) of the GDPR. The website operator has a legitimate interest in displaying font uniformity on its website. Where consent for this has been requested (e.g. consent to store cookies), processing is based exclusively on Article 6, Paragraph 1(a) of the GDPR. Consent may be revoked at any time.
For more information on Adobe Fonts, please visit: https://www.adobe.com/privacy/policies/adobe-fonts.html.
Adobe’s privacy policy is available here: https://www.adobe.com/privacy/policy.html
Handling applicant data
We offer the option to apply to work for us (e.g. by email, by mail or by using an online application form). Information regarding the scope, purpose and use of the personal data collected on you as part of the application process is provided below. We assure you that we will collect, process and use your data in accordance with the applicable data protection laws and all other legal provisions, and that your data will be treated in strict confidence.
Scope and purpose of data collection
If you send us an application, we will process the personal data contained in your application (e.g. contact and communication details, application documents, notes taken during interviews, etc.), provided this is necessary to make a decision on whether to engage in an employment relationship. The legal basis for this is Section 26 (initiating an employment relationship) of the German Federal Data Protection Act (Bundesdatenschutzgesetz [BDSG]), as amended under German law; Article 6, Paragraph 1(b) of the GDPR (general provisions for concluding a contract); and, where you have granted consent, Article 6, Paragraph 1(a) of the GDPR. Consent may be revoked at any time. Your personal data will only be disclosed to people within our organization who are involved in evaluating your application.
If your application is successful, the data you have submitted will be stored in our data processing systems on the basis of Section 26 of the BDSG, as amended, and Article 6, Paragraph 1(b) of the GDPR for the purpose of conducting the employment relationship.
Data retention period
If we are unable to offer you a position, if you reject a job offer, or if you withdraw your application, we reserve the right to retain the data you have provided on the basis of our legitimate interests (Article 6, Paragraph 1(f), GDPR) for up to six (6) months from the end of the application process (rejection or withdrawal of the application). Your data is then erased and the hard copies of your application documents are destroyed. In particular, storage serves for evidentiary purposes in the event of a legal dispute. If it is apparent that the data will still be required after the six-month (6-month) period has expired (e.g. due to an impending or pending legal dispute), the data will not be erased until the purpose for continued storage no longer applies.
Data may also be retained for a longer period if you have consented to this (Article 6, Paragraph 1(a), GDPR), or if legal retention obligations prevent its erasure.
We maintain publicly accessible profiles on social networks. The specific social networks we use are listed below.
Social networks like Facebook, Twitter, etc. are typically capable of extensively analyzing your user behavior when you visit their website or a website with integrated social media content (e.g. “like” buttons or advertising banners). A number of processing operations relevant to data protection are triggered when you visit our social media profiles. Specifically:
If you are logged in to your social media account and visit our social media profile, the operator of the social media portal may attribute this visit to your user account. However, depending on the circumstances, your personal data may also be collected even if you are not logged in or do not have an account with the social media portal in question. In this case, for example, your data is collected using cookies stored on your device or by recording your IP address.
Operators of social media portals use data collected in this way to create user profiles that store your preferences and interests. This helps to display advertising aligned to your interests both on and off the social media site in question. If you have an account with the social media network in question, this interest-based advertising may be displayed on all of the devices on which you are or were logged in.
Please also note that we are unable to verify all of the processing operations undertaken on social media portals. This means that, depending on the provider, additional processing operations may be carried out by operators of social media portals. For details, please consult each social media portal’s terms of use and privacy policy.
Legal basis
Our social media profiles aim to ensure we have the greatest possible presence on the Internet. This is in our legitimate interest as covered by Article 6, Paragraph 1(f) of the GDPR. Please note that the analytical processes initiated independently by social networks may be based on a different legal basis, which is to be specified by the operators of said social networks (e.g. consent as per Article 6, Paragraph 1(a), GDPR).
Data controller and exercising your rights
When you visit one of our social media profiles (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations initiated during this visit. As a rule, you may assert your rights (to information, rectification, erasure, restriction of processing, data portability and to lodge a complaint) against both us and the operator of the social media portal in question (e.g. Facebook).
Please note that, despite being jointly responsible with social media portal operators, we do not have exhaustive influence on the data processing operations carried out by those social media portals. Our options are largely determined by the respective operator’s corporate policy.
Retention period
We will erase the data we collect through our social media profile from our system once the purpose for which we originally saved the data ceases to exist, if you request that we erase your data, or if you revoke your consent to your data being stored. Cookies stored will remain on your device until you erase them. This does not apply to mandatory statutory provisions, in particular retention periods.
We have no influence on how long operators of social networks store your data for their own purposes. For details on this, please check with the individual social network operators (e.g. in their privacy policies, see below).
Specific social networks we use
Facebook
We have a Facebook profile. This service is operated by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook, collected data may be sent to the US or other third countries.
We have concluded a Joint Processing Agreement (Controller Addendum) with Facebook. This agreement specifies which data processing operations we and Facebook are each responsible for when you visit our Facebook page. You can view this agreement here: https://www.facebook.com/legal/terms/page_controller_addendum. Facebook processes personal data in accordance with its privacy policy (https://www.facebook.com/about/privacy) on the following legal bases: “as necessary to fulfill our Facebook Terms of Service or Instagram Terms of Use; consistent with your consent, which you may revoke at any time through the Facebook settings and Instagram settings; as necessary to comply with our legal obligations; to protect your vital interests, or those of others; as necessary in the public interest; and as necessary for our (or others’) legitimate interests, including our interests in providing an innovative, personalized, safe and profitable service to our users and partners, unless those interests are overridden by your interests or fundamental rights and freedoms that require protection of personal data.” According to https://www.facebook.com/about/privacy , Facebook uses this information to “provide, personalize and improve our Products; provide measurement, analytics and other business services; promote safety, integrity and security; communicate with you; and research and innovate for social good.”
Data subjects’ rights with respect to Facebook Ireland are listed in Facebook Ireland’s data policy ( https://www.facebook.com/about/privacy ). You can adjust your user account settings to change your advertising preferences. To do so, click the following link and log in: https://www.facebook.com/settings?tab=ads.
For details, see Facebook’s data policy: https://www.facebook.com/about/privacy/.
Instagram
We have an Instagram profile. The operator is Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, US. For details on how Instagram handles your personal data, see their data policy: https://help.instagram.com/519522125107875.
Pinterest
We have a Pinterest profile. The operator is Pinterest Inc., 808 Brannan Street San Francisco, CA 94103-490, US (“Pinterest”). For details on how Pinterest handles your personal data, see their privacy policy: https://policy.pinterest.com/en/privacy-policy.
YouTube
We have a YouTube profile. The operator is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. For details on how Google handles your personal data, see their privacy policy: https://policies.google.com/privacy?hl=en.
Data processing
One of the ways we communicate with our clients is by using online conferencing tools. The specific tools we use are listed below. When you communicate with us using online video or audio conferencing, your personal data is collected and processed by us and the provider of the respective conferencing tool.
In doing so, conferencing tools collect any data that you provide/enter to use the tools (email address and/or your phone number). In addition, conferencing tools process the duration of the call, the start and end (time) of participation in the conference call, the number of participants and other “contextual information" related to the communication process (metadata). In addition, the tool operator processes all the technical data needed to conduct online communication. In particular, this includes IP addresses, MAC addresses, device IDs, type of device, operating system and version, client version, camera type, microphone, speaker and connection type. If content is exchanged, uploaded or otherwise provided within the tool, this data is also stored on the tool provider’s servers. In particular, this content includes cloud recordings, chats/instant messages, voicemails, photos, videos and files that have been uploaded, whiteboards and other information shared while using the service. Please note that we do not have exhaustive influence on the data processing operations carried out by the tools we use. Our options are largely determined by the respective operator’s corporate policy. More information on data processing by conferencing tools is available in each tool’s privacy policy, which we have listed below.
Purpose and legal basis
Conferencing tools are used to communicate with prospective or existing contractual partners or
to provide certain services to our clients (Article 6, Paragraph 1, Sentence 1(b), GDPR). In addition, the use of the tools serves to generally simplify and accelerate communication with us and/or our business (legitimate interest as defined by Article 6, Paragraph 1(f), GDPR). Where consent has been requested, these tools are used on the basis of this consent. Consent may be revoked at any time with future effect.
Retention period
We will erase the data we collect through video and conferencing tools from our system once
you request that we erase your data or you revoke your consent to your data being stored. Cookies stored will remain on your device until you erase them. This does not affect any mandatory statutory retention periods. We have no influence on how long operators of conferencing tools store your data for their own purposes. For details on this, please check with the individual conferencing tool operators.
Conferencing tools used
We use the following conferencing tools:
Zoom
We use Zoom. This service is provided by Zoom Communications Inc., San Jose, 55 Almaden Boulevard,
6th Floor, San Jose, CA 95113, US. For details on data processing, please see
Zoom’s privacy policy: https://zoom.us/en-us/privacy.html. Data is transmitted to the US on the basis of standard contractual clauses issued by the EU Commission. Details are available here: https://zoom.us/en-us/privacy.html.
Conclusion of a data processing agreement
We have concluded a data processing agreement with the operator of Zoom, and apply the full scope of the German data protection authorities’ stringent regulations in our use of Zoom.
Microsoft Teams
We use Microsoft Teams. The operator is the Microsoft Corporation, One Microsoft Way, Redmond, WA
98052-6399, US. For details on data processing, please see Microsoft Teams’ privacy policy: https://privacy.microsoft.com/en-us/privacystatement. Conclusion of a data processing agreement We have concluded a data processing agreement with the operator of Microsoft Teams, and apply the full scope of the German data protection authorities’ stringent regulations in our use of Microsoft Teams.