Datenschutzerklärung | PTA-Center GmbH

Privacy policy

Thank you for visiting our website. With the following sections, we would like to inform you as transparently as possible about the type, scope and purpose of data collection and use. If you are of the opinion that we have not succeeded in doing this sufficiently, you will find the contact details of our data protection officer at the end of this privacy policy.

The controller within the meaning of Art. 4 (7) GDPR) is:

PTA Center GmbH
Kriegerstrasse 3
70191 Stuttgart

1.1 Explanation of data protection

In principle, data protection applies to all information that relates to an identified or identifiable person and can be directly or indirectly attributed to them (so-called personal data). In particular, this includes information such as name, address, date of birth, etc. or combinations thereof.

However, information that can in principle be assigned to a natural person via an identifier (e.g. number, IP address, etc.) is also subject to data protection requirements.

However, if the information has been changed to such an extent that it cannot be directly or indirectly attributed to a natural person, it is anonymized data. Such data (e.g. summarized (aggregated) data records or shortened IP addresses) are no longer subject to data protection regulations.

With the following explanations, we would like to inform you about the processing of personal data concerning this website. The term processing covers the entire process from the collection, storage, processing and/or forwarding to the deletion of the data.

1.2 Information on data collection

1.2.1 Use of our website

If you use the website for informational purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security (legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR):

- IP address
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/HTTP status code
- Amount of data transferred in each case
- Website from which the request comes
- Browser
- Operating system and its interface
- Language and version of the browser software.

We delete the data as soon as it is no longer required for visiting our site or until you request its deletion, whichever is earlier.

1.2.2 Data processing outside the EU/EEA

Personal data will not be transferred to third parties for purposes other than those listed below. We only pass on your data to third parties if:

you have given your express consent in accordance with Art. 6 (1) (a) GDPR,
the disclosure pursuant to Art. 6 para. 1 letter f GDPR is necessary for the assertion, exercise or defense of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,
if there is a legal obligation for disclosure pursuant to Art. 6 para. 1 lit. c GDPR there is a legal obligation.

Google Maps, Google LLC.

Google Maps is integrated into our website via an API in order to display geographical information visually. To display the map, the processing of the IP address by Google LLC. is mandatory.

Google LLC. is Privacy Shield certified. The cooperation with Google LLC in terms of data protection law takes place on the basis of a concluded agreement on joint responsibility in accordance with Art. 26 GDPR, available at https://privacy.google.com/intl/de/businesses/mapscontrollerterms/

By using Google Maps, you as a user enter into a direct user relationship with Google.

1.2.3 Deletion of data

The data stored by us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations. If the user's data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to user data that must be retained for commercial or tax law reasons.

In accordance with legal requirements, the retention period is 6 years pursuant to Section 257 (1) HGB (trading books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting vouchers, etc.) and 10 years pursuant to Section 147 (1) AO (books, records, management reports, accounting vouchers, commercial and business letters, documents relevant for taxation, etc.).

1.2.4 Safety measures

We take appropriate technical and organizational measures in accordance with Art. 32 GDPR, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, to ensure a level of security appropriate to the risk.

The measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical access to the data, as well as the access, input, disclosure, safeguarding of availability and its separation. Furthermore, we have established procedures that ensure the exercise of data subject rights, the deletion of data and the response to data threats. Furthermore, we take the protection of personal data into account as early as the development and selection of hardware, software and procedures, in accordance with the principle of data protection through technology design and data protection-friendly default settings (Art. 25 GDPR).

1.2.5 SSL encryption

This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as the requests you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

If SSL encryption is activated, the data you transmit to us cannot be read by third parties.

1.2.6 Links to other websites

Our website contains links to other websites. We have no influence on whether their operators comply with data protection regulations. Please refer to the respective data protection declarations.

The development of the Internet and changes in legal regulations make it necessary to adapt our privacy policy from time to time. Here you can obtain up-to-date information at any time on how the responsible body handles personal data.

1.2.7 Making contact

When contacting us (e.g. by contact form, e-mail, telephone or via social media), the user's details are processed to process the contact request and its handling in accordance with Art. 6 para. 1 lit. b) GDPR. The user's details may be stored in a customer relationship management system ("CRM system") or comparable inquiry organization.

We delete the requests if they are no longer required. We review the necessity every two years; the statutory archiving obligations also apply.

1.2.8 Collection of personal data in online forms

If we ask you to provide personal data as part of this offer (e.g. name, address or e-mail address), we will tell you in the respective online form for what purpose we collect this data and how we process it. You are free to decide whether to provide this data.

1.2.9 Storage of cookies

We use cookies to make our website more ergonomic and user-friendly. From a technical point of view, these are small text files that are transferred to your browser when you visit our site and stored locally by it. We use cookies in which information about your visit (so-called "session cookies") or certain technical options of your browser are stored. The cookies may be absolutely necessary for the use of individual functions.
The setting of the aforementioned cookies is technically necessary for the provision of our website in an appropriate quality and is therefore a necessary component when using our website (Art. 6 para. 1b GDPR).

1.2.10 Data protection for applications and in the application process

The controller collects and processes the personal data of applicants for the purpose of handling the application process. Processing may also be carried out electronically. This is particularly the case if an applicant submits relevant application documents to the controller by electronic means, for example by email or via a web form on the website. If the controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If the controller does not conclude an employment contract with the applicant, the application documents will be automatically deleted two months after notification of the rejection decision, unless deletion conflicts with any other legitimate interests of the controller. Other legitimate interest in this sense is, for example, a burden of proof in proceedings under the General Equal Treatment Act (AGG).

1.2.11 Integration of Google Maps

(1) We use the Google Maps service on this website. In doing so, we are pursuing our interest in increasing the attractiveness of our website by displaying interactive maps directly on our website and enabling you to use the map function conveniently. The legal basis for the use of the plug-in is Art. 6 para. 1 sentence 1 lit. f GDPR.
(2) By visiting the website, Google receives the information that you have accessed the corresponding subpage of our website. In addition, the data mentioned under § 5 of this declaration will be transmitted. This takes place regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be assigned directly to your account. If you do not wish your data to be associated with your Google profile, you must log out before activating the button. Google stores your data as usage profiles and uses them for the purposes of advertising, market research and/or the needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right.
(3) This is a service provided by Google Ireland Limited ("Google"), a company incorporated and operated under the laws of Ireland (registration number: 368047) with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland ("Google")." Further information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the provider's privacy policy. There you will also find further information on your rights in this regard and setting options to protect your privacy: https://www.google.com/policies/privacy Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. Opt-Out: https://adssettings.google.com/authenticated

1.3 Integration of social media button

Facebook

(1) We currently use the Facebook social media plug-ins. We use the so-called two-click solution. This means that when you visit our site, no personal data is initially passed on to the providers of the plug-ins. You can recognize the provider of the plug-in by the marking on the box above its initial letter or the logo. We give you the option of communicating directly with the provider of the plug-in via the button. Only if you click on the marked field and thereby activate it will the plug-in provider receive the information that you have accessed the corresponding website of our online offering. In addition, the IP address, the date and time of the request; the time zone difference to Greenwich Mean Time; the content of the request (specific page); the access status/HTTP status code; the amount of data transferred in each case; the website from which the request comes, the browser; the operating system and its interface and the language and version of the browser software are transmitted. In the case of Facebook, according to the provider in Germany, the IP address is anonymized immediately after collection. By activating the plug-in, your personal data is therefore transmitted to the respective plug-in provider and stored there (for US providers in the USA). As the plug-in provider collects data in particular via cookies, we recommend that you delete all cookies via your browser's security settings before clicking on the grayed-out box.

(2) We have no influence on the data collected and data processing procedures, nor are we aware of the full scope of data collection, the purposes of processing or the storage periods. We also have no information on the deletion of the data collected by the plug-in provider.

(3) The plug-in provider stores the data collected about you as usage profiles and uses these for the purposes of advertising, market research and/or the needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to display needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact the respective plug-in provider to exercise this right. We offer you the opportunity to interact with the social networks and other users via the plug-ins so that we can improve our offering and make it more interesting for you as a user. The legal basis for the use of the plug-ins is Art. 6 para. 1 sentence 1 lit. f GDPR.

(4) Data is transferred regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in with the plug-in provider, your data collected by us will be assigned directly to your existing account with the plug-in provider. If you click the activated button and, for example, link the page, the plug-in provider also saves this information in your user account and shares it publicly with your contacts. We recommend that you log out regularly after using a social network, but especially before activating the button, as this way you can avoid being assigned to your profile with the plug-in provider.

(5) Further information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the data protection declarations of these providers provided below. There you will also find further information on your rights in this regard and setting options to protect your privacy.

(6) The address of the plug-in provider and the URL with its data protection information is

Facebook Inc, 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php; further information on data collection: http://www.facebook.com/help/186325668085084, http://www.facebook.com/about/privacy/your-info-on-other#applications and http://www.facebook.com/about/privacy/your-info#everyoneinfo. Facebook has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

Instagram

(1) We currently use the Instagram social media plug-ins. We use the so-called two-click solution. This means that when you visit our site, no personal data is initially passed on to the providers of the plug-ins. You can recognize the provider of the plug-in by the marking on the box above its initial letter or the logo. We give you the option of communicating directly with the provider of the plug-in via the button. Only if you click on the marked field and thereby activate it will the plug-in provider receive the information that you have accessed the corresponding website of our online offering. In addition, the IP address, the date and time of the request; the time zone difference to Greenwich Mean Time; the content of the request (specific page); the access status/HTTP status code; the amount of data transferred in each case; the website from which the request comes, the browser; the operating system and its interface and the language and version of the browser software are transmitted. By activating the plug-in, your personal data is therefore transmitted to the respective plug-in provider and stored there (for US providers in the USA). As the plug-in provider collects data in particular via cookies, we recommend that you delete all cookies via your browser's security settings before clicking on the grayed-out box.

(6) The address of the plug-in provider and the URL with its data protection information is

Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland; https://help.instagram.com/519522125107875?helpref=page_content

1.6 Integration of service providers

We use the services of a service provider specializing in web hosting to operate this website. On request, we will provide you with a detailed overview of the service providers we use. Data is not passed on to other service providers.

2. data protection rights and contact details

In principle, you have the following rights with regard to the functions of our website explained in the section "Information on data processing" and the purposes of data processing described there.

Right to information (Art. 15 GDPR)

We must provide you with information as to whether we process your personal data. In the case of such processing, we must, among other things, explain the purposes of the processing, which categories of personal data are processed, to whom data may be transmitted and for how long the data will be stored.

Rectification (Art. 16 GDPR), objection (Art. 21 GDPR), restriction of processing (Art. 18 GDPR)

If you discover that we are processing personal data that is incorrect or incomplete, you may of course request that it be rectified. You can also object to the processing for specific reasons and, if justified, request the restriction of processing.

Erasure (Art. 17 GDPR) and data portability (Art. 20 GDPR)

In the event that personal data is processed by us without justification or after the purpose has ceased to exist, you can request that it be deleted. You also have the right to receive all information that you have provided to us in a structured, commonly used and machine-readable format.

Für das bessere Verständnis und die leichtere Lesbarkeit der Personenrechte wurden diese von uns an dieser Stelle in Teilen zusammengefasst. Bitte informieren Sie sich bei Bedarf im (Originaltext: Link auf http://eur-lex.europa.eu/legal-content/de/TXT/?uri=CELEX%3A32016R0679) oder wenden Sie sich direkt an unseren Datenschutzbeauftragten.

You can exercise your data protection rights at any time and without incurring any costs. Our data protection officer will examine and respond to each request individually. Please use our (contact form; link to the contact form) or use one of the following contact options for a data protection request.

2.1 Topicality

We continuously optimize our website and make technical changes as required. For this reason, we expressly point out that our data protection declaration is only valid in the version current at the time of your visit.