20.07.2021 ACTIA IME GmbH [IR16812A]
For reasons of readability, the masculine form is used when referring to persons, but the feminine /diverse form is always meant.
1. Data protection
We, ACTIA I+ME GmbH, attach particular importance to compliance with data protection laws. We fully comply with the relevant data protection laws, in particular the EU General Data Protection Regulation and the Federal Data Protection Act. Personal data is processed exclusively on the basis of the relevant laws and only for the purposes stated under No. 4. The data will only be processed in accordance with the specifications of this data protection declaration.
2. Responsible body
The body responsible for data processing is:
ACTIA IME GmbH
Managing Directors: Maik Luschtinetz
3. Data acquisition
We collect, store and process the following categories of data in order to comply with contractual and legal regulations:
- Company data (e.g. name and address of the client)
- Personal data (e.g. name, address of the contact person at the client)
- Contact details (e.g. telephone number, email address of the contact person)
- Other data (e.g. position of the contact person)
4. Purpose of the data processing
We process the data mentioned in No. 3 exclusively:
- for the fulfilment of the contract
(Art. 6 para. 1 lit b EU-DSGVO)
- for the fulfilment of statutory, judicial or official requirements/orders
(Art. 6 para. 1 lit c EU-DSGVO)
- for information about our range of services and events
(Art. 6 Para. 1 lit f EU GDPR)
- to carry out anonymous statistical evaluations, such as satisfaction analyses.
5. Data transmission
As part of order processing, we may transmit personal data to service providers who support us in processing the orders (e.g. transport service providers). If necessary, personal data will be transmitted to authorities due to legal requirements.
5.1 Credit report
If we make advance payments (e.g. in the case of purchase on account), we reserve the right to obtain information on identity and creditworthiness for the purpose of assessing the credit risk on the basis of mathematical-statistical procedures from specialised service providers (credit agencies) in order to protect our legitimate interests.
As part of a credit report, we can collect the following personal data: company name, postal address, information on the type of contract, bank details, commercial register no. Submit to the following credit agencies:
- SCHUFA-Gesellschaft (SCHUFA Holding AG, Kormoranweg 5, 65201 Wiesbaden), data protection information: https://www.schufa.de/datenschutz-dsgvo/
- Creditreform Braunschweig Harland KG, Saarbrückener Straße 253a, 38116 Braunschweig
- Verband der Vereine Creditreform e.V., Hellersbergstraße 12, 41460 Neuss, www.creditreform.de
We process the information received from the credit reporting agencies on the statistical probability of a payment default within the framework of an appropriate discretionary decision on the establishment, implementation and termination of the contractual relationship. In the event of a negative credit check result, we reserve the right to refuse payment on account or any other advance payment.
If we obtain your express consent, the legal basis for the credit report and the transmission of the customer's data to the credit agencies is the consent in accordance with Art. 6 Para. 1 lit. a, 7 GDPR. If consent is not obtained, our legitimate interests in the reliability of your payment claim are the legal basis in accordance with Art. 6 Paragraph 1 lit.
6. Data transfer to a third country
In order to process service orders, we may transmit the contact details of contact persons in third countries so that fast and smooth processing can be guaranteed. The legal basis for the transfer is Article 49 Paragraph 1 lit. b GDPR.
7. Deletion periods
The personal data stored by us will be deleted or anonymized once their respective purposes no longer apply or after the expiry of any statutory retention periods (usually 10 years).
8. Rights of the data subject
You will receive information at any time free of charge (Art. 15 EU GDPR) about the personal data we have stored about you as well as the origin, the recipient and the purpose of the data processing. You also have the right to request the correction (Art. 16 EU GDPR), blocking (Art. 18 EU GDPR) or deletion (Art. 17 EU GDPR) of your data. This does not apply to data that is stored due to legal regulations or required for proper business transactions. You have the right to object to the processing of your data (Art. 21 EU GDPR) and the right to data portability (Art. 20 EU GDPR).
9. Right to object
According to Art. 21 Para. 1 GDPR, you have the right to object to the processing of your personal data at any time, insofar as this does not serve to fulfill a contract, a legal obligation or the protection of vital interests. You have the right to revoke your consent to the processing of personal data with effect for the future at any time. Processing that took place before the revocation is not affected. To protect your rights (also from no. 7) you can contact the address given under no. 2 in writing or in text form. If you do not see your rights fully protected when handling your personal data, you have the right to lodge a complaint with the supervisory authority responsible for you.
10. Data protection officer
We have appointed a data protection officer. If you have any questions about the protection of personal data, he can be reached using the following contact details:
Kämmer Consulting GmbH
Obligation to provide personal data
If you want to enter into a contractual relationship with us, you must provide the personal data that is necessary for the fulfillment of the associated contractual obligations or that there is a legal obligation to collect.
If the data is not made available, no contract can be concluded.
11. Automated decision-making
We do not use automated decision-making for the establishment or implementation of customer or supplier relationships.
14.01.2020 SLB ACTIA IME GmbH [IR15874A]
In the following, we, ACTIA I+ME GmbH (hereinafter referred to as "we"), are informing you in accordance with Art. 13 of the EU General Data Protection Regulation ("GDPR"), how we process your personal data as part of your application.
1. Who is responsible for processing your data?
The responsible office for data processing is:
ACTIA IME GmbH
2. Data Protection Representative:
You can contact our Data Protection Representative regarding all of the questions related to your personal data and exercising your rights. He can be reached via the following contact details:
Kämmer Consulting GmbH
Data Protection Representative
3. For which purposes and on which legal basis do we process your personal data?
We process personal data about you for the purpose of your application for an employment relationship, insofar as this is necessary for the decision about the establishment of an employment relationship with us. The legal basis for this is Section 26 Subsection 1 in conjunction with Subsection 8 S. 2 BDSG [German Data Protection Act].
Furthermore, we may process personal data about you, if it is necessary for defending from asserted legal claims against us from the application procedure. The legal basis of this is Art. 6 Subsection 1 Letter f GDPR, for example, the legitimate interest is a burden of proof in proceedings according to the General Equal Treatment Act (AGG).
If an employment relationship is established between you and us, we may continue processing personal data already received from you in accordance with Section 26 Subsection 1 BDSG for the purpose of the employment relationship, if this is necessary for the implementation or termination of the employment relationship or to exercise or fulfil the rights and duties of the interested parties arising from a law or a wage agreement, a service agreement (collective agreement).
4. Which categories of personal data do we process?
We process data, which are related to your application. This may be general data about you personally (such as your name, address and contact details), details about your professional qualification and school education or details about professional advanced training or other details, which you send to us in relation to your application. Furthermore, we can also process career-related information, which you have made publicly accessible, such as a profile on professional social media networks.
5. Which categories of recipients of your personal data exist?
As part of the application process, we also forward your data to persons in the company, who are entrusted with the selection process. During the course of providing the website, we have mandated an external IT service provider.
6. Is transmission to a third country intended?
Transmission to a third country is not intended.
7. For how long will your data be stored?
We will store your personal data for as long as necessary, to decide on your application. If an employment relationship is not concluded between you and us, we may also store data beyond this time, if it is necessary for defence against possible legal claims. The application documents are deleted six months after notification of the rejection decision, if longer storage is not required on the basis of legal disputes.
8. Which rights do you have?
As an applicant with us, depending on the situation, you have the following data privacy rights on a case-by-case basis; in order to exercise these, you may contact us at the details referred to under Clause 1 and 2 at any time:
You have the rights to request disclosure about your personal data processed with us, as well as gaining access to your personal data and/or copies of these data. This includes disclosures about the purpose of the use, the category of the data used, their recipients and parties with access authorisation and, if possible, the planned duration of the data storage or, if this is not possible, the criteria for the specification of this duration;
b. Correction, deletion or restriction of processing
You have the right to request the correction of the inaccurate personal data relating to you from us at once. In consideration of the purposes of processing, you have the right to request the supplementation of incomplete personal data - also using a supplementary declaration.
c. Right to object
If the processing of personal data relating to you occurs on the basis of Art. 6 Subsection 1 Letter f GDPR, you have the right to file an objection to the processing of these data, for reasons, which arise from your specific situation. We will then no longer process your personal data, unless we can provide evidence of mandatory protectable reasons for the processing, which outweigh your interests, rights and freedoms, or are for the purpose of processing the assertion, exercising or defence of legal claims.
d. Cancellation right
If the processing is based on a consent, you have the right to revoke the consent at any time, without the lawfulness of the processing, which has occurred on the basis of the consent until its revocation, being affected. For this, you can contact us or our Data Protection Representative at any time, under the aforementioned details.
e. Right to deletion
You have the right to request from us that personal data relating to you are deleted at once, and we undertake to delete personal data at once, if one of the following reasons applies:
- The personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
- You file an objection against the processing, in accordance with 8.c above, and no overriding legitimate interests exist for the processing.
- The personal data have been processed unlawfully.
- The deletion of the data is required to fulfil a legal obligation under Union law or the law of the Member States, by which we are governed.
This does not apply, if the processing is required:
- to fulfil a legal obligation, which requires the processing according to the law of the Union or the Member States, by which we are governed.
- for the assertion, exercising or defence of legal claims.
f. Right to restriction of processing
You have the right to request that we restrict the processing, if one of the following preconditions exists:
- the accuracy of the personal data is disputed by you, for a duration, which enables us to check the accuracy of the personal data,
- the processing is unlawful and you reject the deletion of the personal data and instead, request the restriction of use of the personal data;
- we no longer require the personal data for the processing purposes, however, you require them to assert, exercise or defend legal claims, or
- you have filed an objection to the processing according to Number 8.c above, as long as it is not yet established, whether our legitimate interests outweigh yours.
If the processing has been restricted in accordance with this Letter f, these personal data - apart from their storage - may only be processed with your consent or for the assertion, exercising or defence of legal claims. or to protect the rights of other natural persons or legal entities or for reasons of an important public interest of the Union or a Member State. If you have obtained a restriction of processing, we will notify you before the restriction is rescinded.
g. Right to complain
Without prejudice to other administrative law or judicial legal remedies, you are entitled to a right to complain to a supervisory authority, particularly in a Member State of your place of residence, your place of work or the location of the suspected infringement, if you are of the opinion that the processing of your personal data infringes the GDPR.
9. Necessity to provide personal data
The provision of personal data is neither legally nor contractually prescribed, nor are you obligated to provide the personal data. However, it is necessary for you to provide personal data for the conclusion of a contract for an employment relationship with us. This means that as long as you fail to provide us with personal data with your application, we will not enter into an employment relationship with you.
10. No automated decision-making
No automated decision-making occurs in an individual case within the meaning of Art. 22 GDPR, which means that the decision about your application is not based exclusively on automated processing.
07.07.2021 ACTIA IME GmbH [IR15086C]
With regard to the terms used, such as "personal data" or their "processing", we refer to the definitions in Art. 4 of the General Data Protection Regulations (GDPR).
Name / Company: ACTIA IME GmbH
Address: Dresdenstr. 17-18
Postcode / city: D-38124, Braunschweig
Commercial Register No.: HRB 4640
Managing Directors: Maik Luschtinetz
Phone number: + 49 (0) 531 38 701 0
Data Protection Officer:
Name / Company: Kämmer Consulting GmbH
Phone number: +49 (0)531 702249-0
Types of data processed:
☒ Inventory data (e.g., names, addresses).
☒ Contact information (e.g., e-mail, phone numbers).
☒ Usage data (e.g., websites visited, interest in content, access times).
☒ Meta/communication data (e.g., device information, IP addresses).
Processing of special categories of data (Art. 9 para. 1 GDPR):
☒ No special categories of data are processed.
Categories of data subjects:
☒ Customers / interested parties / suppliers.
☒ Visitors and users of the online offer.
Purpose of the Processing:
☒ Provision of the online offer, its contents and functions.
☒ Response to contact requests and communication with users.
☒ Marketing, advertising and market research.
☒ Response to applicant enquiries.
1. Applicable legal bases
3. Security measures
3.1 We shall take appropriate technical and organisational measures to ensure a level of protection appropriate to the risk, in accordance with Article 32 GDPR, taking into account the state of the art, implementation costs and the nature, scope, circumstances and purposes of processing and the different likelihood and severity of the risk to the rights and freedoms of natural persons; the measures shall include in particular safeguarding the confidentiality, integrity and availability of data by controlling physical access to the data, as well as the access, input, transmission, security of availability and its separation. Furthermore, we have established procedures that guarantee the exercise of data subject rights, deletion of data and reaction to data risks. Furthermore, we already consider the protection of personal data during the development or selection of hardware, software and procedures, in accordance with the principle of data protection through technology design and data protection-friendly presettings (Art. 25 GDPR).
3.2 The security measures include in particular the encrypted transmission of data between your browser and our server.
4. Cooperation with contract processors and third parties
4.1 If we disclose data to other persons and companies (contract processors or third parties) as part of our processing, transmit them to them or otherwise grant them access to the data, this is only done on the basis of legal permission (e.g. if the data is transmitted to third parties, such as to payment service providers, according to Art. 6 Para. 1 lit. b GDPR is required to fulfill the contract), you have consented, a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.).
4.2 If we commission third parties with the processing of data on the basis of a so-called "order processing contract", this is done on the basis of Art. 28 GDPR.
5. Transfers to third countries
A data transfer to third countries does not take place and is also not planned.
6. Rights of the data subjects
6.1 You have the right to request confirmation as to whether the data concerned are being processed and to request information about these data as well as further information and a copy of the data in accordance with Art. 15 GDPR.
6.2 According to Art. 16 GDPR, you have the right to request the completion of data concerning you or the correction of inaccurate data concerning you.
6.3 In accordance with Art. 17 GDPR, you have the right to demand that relevant data be deleted immediately or, alternatively, to demand a restriction on the processing of the data in accordance with Art. 18 GDPR.
6.4 You have the right to request that the data concerning you that you have provided to us be received in accordance with Art. 20 GDPR and to request their transmission to other persons responsible.
6.5 According to Art. 77 GDPR you have the further right to lodge a complaint with the competent supervisory authority.
7. Cancellation right
You have the right to revoke your consent according to Art. 7 para. 3 GDPR with effect for the future.
8. Objection right
You can object to the future processing of the data concerning you in accordance with Art. 21 GDPR at any time. The objection may be lodged in particular against processing for direct marketing purposes.
9. Cookies and right of objection for direct advertising
10. Deletion of data
10.2 In accordance with legal requirements, the storage is carried out in particular for 6 years in accordance with § 257 Para. 1 HGB [German Commercial Code] (trading books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting documents, etc.) as well as for 10 years according to § 147 para. 1 AO [Tax Code] (books, records, management reports, accounting documents, commercial and business letters, documents relevant for taxation, etc.).
11. Answering inquiries and customer portal
11.1 We process inventory data (e.g., names and addresses as well as contact data of users), for the purpose of answering inquiries of customers, prospective customers and applicants, as well as provision of product documents in the customer portal in accordance with. Art. 6 Para. 1 lit. b, GDPR). Entries marked as mandatory in online forms are required to respond to requests or access the Customer Portal.
11.2 Users can optionally obtain a user account, in particular by viewing their specific product documentation. During the registration process, the required information will be communicated to the users. The user accounts are not public and cannot be indexed by search engines. If users have terminated their user account, their data with regard to the user account will be deleted, subject to their retention being required for commercial or tax reasons, according to Art. 6 Para. 1 lit. c GDPR. It is up to the users to save their data before the end of the contract if they have given notice of termination. We are entitled to irretrievably delete all user data stored during the term of the contract.
11.3 When registering, re-registering and using our online services, we store the IP address and the time of the respective user action. The data are stored on the basis of our legitimate interests as well as the user's protection against misuse and other unauthorised use. A passing on of this data to third parties does not take place in principle, unless it is necessary for the pursuit of our claims or there is a legal obligation in accordance with. Art. 6 Para. 1 lit. c, GDPR.
11.4 We process usage data (e.g., the visited websites of our online offer, interest in our products) and content data (e.g., entries in the contact form or user profile) for advertising purposes in a user profile in order to show the user e.g. product information based on their previously used services.
11.5 The deletion takes place after the expiration of statutory warranty and comparable obligations, the necessity of the storage of the data is checked every three years; in the case of statutory archiving obligations the deletion takes place after their expiration (end of commercial law (6 years) and tax law (10 years) storage obligation); details in the customer account remain up to its deletion.
12. Contacting us
12.1 When contacting us (via contact form or e-mail), the user's details for the processing of the contact enquiry and its handling according to the terms and conditions of this agreement are stored. Art. 6 Para. 1 lit. b) GDPR.
12.2 User information can be stored in our Customer Relationship Management System ("CRM System") or comparable request organisation.
12.3 We delete the requests if they are no longer necessary. We review the requirement every two years; requests from customers who have a customer account are stored permanently and are linked to the customer account details for deletion. In the case of statutory archiving obligations, the deletion takes place after their expiry (end of commercial law (6 years) and tax law (10 years) storage obligation).
13. Collection of access data and log files
13.1 We collect on the basis of our legitimate interests as defined in Art. 6 para. 1 lit. f. GDPR data on each access to the server on which this service is located (so-called server log files). Access data includes the name of the requested website, file, date and time of access, amount of data transferred, notification of successful retrieval, browser type along with version, the operating system of the user, referrer URL (previously visited), IP address, and the requesting provider.
13.2 Log file information is stored for a maximum of seven days for security reasons (e.g. to investigate misuse or fraud) and then deleted. Data whose further storage is required for evidentiary purposes are excluded from deletion until the respective incident has been finally clarified.
14. Cookies & range measurement
14.1 Cookies are information that is transferred from our web server or third party web servers to the user's web browser and stored there for later retrieval. Cookies can be small files or other types of information storage.
14.2 We use "session cookies", which are only stored on our website for the duration of your current visit (e.g. to store your login status). A randomly generated unique identification number, a so-called session ID, is stored in a session cookie. A cookie also contains information about its origin and the storage period. These cookies cannot store any other data. Session cookies are deleted when you have finished using our online offer and log out or close your browser, for example.
14.4 If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Cookies already saved can be deleted in the system settings of the browser at any time. The exclusion of cookies can lead to functional restrictions of this online offer.
15. Google Analytics
15.2 On our behalf, Google will use this information to evaluate the use of our online offering by the user, to compile reports on the activities within this online offering and to provide us with other services related to the use of this online offering and the internet. Pseudonymous usage profiles of users may be created from the processed data in this respect.
15.3 We use Google Analytics only with activated IP anonymisation. This means that the IP address of the user is shortened by Google within the member states of the European Union or in other countries that are party to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address sent to a Google server in the US and shortened there.
15.5 For further information on data usage by Google, setting and objection options, please see the Google website: https://www.google.com/intl/de/policies/privacy/partners ("Data usage by Google when using websites or apps of our partners"), https://policies.google.com/technologies/ads ("Use of data for advertising purposes"), https://adssettings.google.com/authenticated ("Manage information Google uses to show you advertisements").