Privacy policy

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration. As a rule, it is possible to use our website without providing personal data. Insofar as personal data (e.g. name, address or e-mail addresses) is collected on our pages, this is always done, as far as possible, on a voluntary basis. This data will not be passed on to third parties without your express consent. We would like to point out that data transmission on the Internet (e.g. communication by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.

Definitions

The data protection declaration of PF IT is based on the terms used by the European Directive and Ordinance when issuing the Basic Data Protection Regulation (DS-GVO). Our data protection declaration should be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we would like to explain the terms used in advance.

We use the following terms, among others, in this Privacy Policy:

(a) personal data
Personal data means any information relating to an identified or identifiable natural person (hereinafter “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

b) Data subject
Data subject means any identified or identifiable natural person whose personal data are processed by the controller.

(c) processing
Processing means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

d) Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of limiting their future processing.

e) Pseudonymisation
Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures which ensure that the personal data are not attributed to an identified or identifiable natural person.

f) Controller or data controller
The controller or person responsible for processing is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided for under Union or Member State law.

g) Processor
Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the Controller.

(h) Recipient
Recipient means a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not a third party. However, public authorities that may receive personal data in the context of a specific investigative task under Union or Member State law shall not be considered as recipients.

(i) Third party
Third party means any natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons who, under the direct authority of the controller or the processor, are authorised to process the personal data.

j) Consent
Consent shall mean any freely given specific and informed indication of the data subject’s wishes in the form of a statement or other unambiguous affirmative act by which the data subject signifies his or her agreement to the processing of personal data relating to him or her.

Name and address of the person responsible

The responsible person within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:

PF IT Consult GmbH
Carl-Reichstein-Str. 1 14770
Brandenburg an der Havel

Managing director with power of representation: Michael Herse

Data Protection Officer

If you have any questions or complaints regarding our compliance with this Privacy Policy or have any recommendations or comments for improving our privacy practices, please let us know in writing by mail:

PF IT Consult Ltd.
Data Protection Officer
Carl-Reichstein-Str.
1 14770 Brandenburg an der Havel

by e-mail:

datenschutz@pfitconsult.de

You can also reach the data protection officer responsible for PF IT Consult GmbH using these contact options.

Cookies

Some of the Internet pages use so-called cookies. Cookies do not damage your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser. Most of the cookies we use are so-called “session cookies”. They are automatically deleted at the end of your visit. Other cookies remain stored on your end device until you delete them. These cookies enable us to recognise your browser on your next visit. You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited.

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • browser type and browser version
  • Operating system used
  • referrer URL
  • Host name of the accessing computer
  • Time of the server request

This data cannot be assigned to specific persons. This data is not merged with other data sources. This information is technically necessary in order to correctly deliver the contents of web pages requested by you and is compulsory when using the Internet. We reserve the right to check this data retrospectively if we become aware of concrete indications of illegal use.

SSL encryption

For security reasons and to protect the transmission of confidential content, this site uses SSL encryption. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

Contact options via the website

Based on statutory provisions, our website contains data that enable a quick electronic contact to our enterprise, as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If a data subject contacts the controller by e-mail or by using a contact form, the personal data transmitted by the data subject will be stored automatically. Such personal data transmitted on a voluntary basis by a data subject to the controller will be stored for the purposes of processing or contacting the data subject. This personal data will not be disclosed to third parties.

Use and application of Google Analytics (with anonymisation function)

The controller has integrated the Google Analytics component (with anonymisation function) on this website. Google Analytics is a web analysis service. Web analysis is the collection, compilation and evaluation of data about the behaviour of visitors to websites. Among other things, a web analysis service collects data on the website from which a data subject has accessed a website (so-called referrers), which sub-pages of the website have been accessed or how often and for how long a sub-page has been viewed. A web analysis is mainly used to optimise a website and to analyse the costs and benefits of internet advertising.

The operating company of the Google Analytics component is Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

The controller uses the addition “_gat._anonymizeIp” for web analysis via Google Analytics. By means of this addition, the IP address of the Internet connection of the data subject is shortened and anonymised by Google if access to our Internet pages is made from a Member State of the European Union or from another State party to the Agreement on the European Economic Area.

The purpose of the Google Analytics component is to analyse the flow of visitors to our website. Google uses the data and information obtained, among other things, to evaluate the use of our website, to compile online reports for us showing the activities on our website and to provide other services related to the use of our website.

Google Analytics sets a cookie on the information technology system of the data subject. What cookies are has already been explained above. By setting the cookie, Google is enabled to analyse the use of our website. Each time one of the individual pages of this website operated by the data controller is called up and on which a Google Analytics component has been integrated, the internet browser on the data subject’s information technology system is automatically caused by the respective Google Analytics component to transmit data to Google for the purpose of online analysis. As part of this technical process, Google obtains knowledge of personal data, such as the IP address of the data subject, which Google uses, among other things, to track the origin of visitors and clicks and subsequently to enable commission settlements.

By means of the cookie, personal information, for example the access time, the location from which an access originated and the frequency of visits to our website by the data subject, is stored. Each time the data subject visits our website, this personal data, including the IP address of the internet connection used by the data subject, is transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may share this personal data collected via the technical process with third parties.

The data subject can prevent the setting of cookies by our website at any time by means of an appropriate setting of the Internet browser used, as already described above, and thus permanently object to the setting of cookies. Such a setting of the Internet browser used would also prevent Google from setting a cookie on the information technology system of the data subject. In addition, a cookie already set by Google Analytics can be deleted at any time via the internet browser or other software programmes.

Furthermore, the data subject has the possibility to object to the collection of data generated by Google Analytics and related to the use of this website as well as to the processing of this data by Google ([ga-optout text=”disable Google Analytics”]) and to prevent such processing. For this purpose, the data subject must download and install a browser add-on under the link https://tools.google.com/dlpage/gaoptout. This browser add-on informs Google Analytics via JavaScript that no data and information on visits to websites may be transmitted to Google Analytics. The installation of the browser add-on is considered by Google as an objection. If the data subject’s information technology system is deleted, formatted or reinstalled at a later date, the data subject must reinstall the browser add-on in order to deactivate Google Analytics. If the browser add-on is uninstalled or deactivated by the data subject or another person within his or her control, it is possible to reinstall or reactivate the browser add-on.

Furthermore, the “Google Signals” function is activated, which enables cross-device tracking for users who have activated personalised ads in their Google Account.

Further information and the applicable Google privacy policy can be found at https://www.google.de/intl/de/policies/privacy/ and at http://www.google.com/analytics/terms/de.html. Google Analytics is explained in more detail under this link https://www.google.com/intl/de_de/analytics/.

Data protection for applications and in the application procedure

The data controller collects and processes the personal data of applicants for the purpose of handling the application procedure. The processing may also take place electronically. This is in particular the case when an applicant submits relevant application documents to the controller by electronic means, for example by e-mail or via a web form located on the website. If the controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If the controller does not conclude an employment contract with the applicant, the application documents are automatically deleted two months after the notification of the rejection decision, provided that no other legitimate interests of the controller conflict with such deletion. Other legitimate interest in this sense is, for example, a duty to provide evidence in proceedings under the General Equal Treatment Act (AGG).

Registration

On our website, we offer users the opportunity to register by providing personal data. The data is entered into an input mask and transmitted to us and stored. The data is not passed on to third parties. The following data is collected during the registration process:

  • Name, first name
  • Telephone (optional)
  • E-mail
  • Message

As part of the registration process, the user’s consent to the processing of this data is obtained. Registration is voluntary, but is a prerequisite for using certain services.

Legal basis for data processing

The legal basis for the processing of the data is Art. 6 para. 1 lit. a DSGVO if the user has given his consent.

Purpose of data processing

User registration is necessary for the provision of certain content and services on our website.

Duration of storage

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected.

Possibility of objection and cancellation

As a user, you have the option of cancelling your registration at any time. You can change the data stored about you at any time.

Survey

Your participation in our online survey is voluntary. You have the right to withdraw your consent at any time in accordance with § 13 para. 2 no. 4 TMG. By cancelling the survey, the process ends automatically. Canceled surveys will not be evaluated.

Your answers to the survey will be used by us on the basis of legitimate interest according to Art. 6 para. 1f DS-GVO for the purpose of further development.

Your IP address is used to ensure that you do not complete a survey twice, provided the creator has made the appropriate settings. Likewise, the IP address is used to monitor abuse.

Your data will not be used for purposes other than this survey. We assure you that your data will not be passed on to third parties. Your data will only be included in an overall evaluation and will be deleted after the end of the survey.

Please contact us at any time if you would like to find out which personal data we store about you (Art. 15 DS-GVO) or if you would like to have it corrected (Art. 16 DS-GVO) or deleted (Art. 17 DS-GVO). Furthermore, you have the right to restriction of processing (Art. 18 DSGVO), a right to object to processing (Art. 21 DSGVO) and the right to data portability (Art. 20 DSGVO).

Newsletter

On our website, users are given the opportunity to subscribe to our enterprise’s newsletter. The personal data transmitted to the controller when the newsletter is subscribed to is specified in the input mask used for this purpose.

The PF IT Consult GmbH informs its customers and business partners at regular intervals by means of a newsletter about offers and information. In principle, the data subject may only receive our newsletter if

  • the data subject has a valid e-mail address, and
  • the data subject registers to receive the newsletter.

When registering for the newsletter, we also store the IP address of the computer system used by the data subject at the time of registration as well as the date and time of registration, which is assigned by the Internet service provider (ISP). The collection of this data is necessary in order to be able to trace the (possible) misuse of the e-mail address of a data subject at a later point in time and therefore serves the legal safeguarding of the controller.

The personal data collected in the context of a registration for the newsletter is used exclusively for sending our newsletter. Furthermore, subscribers to the newsletter could be informed by e-mail if this is necessary for the operation of the newsletter service or a related registration, as could be the case in the event of changes to the newsletter offer or changes in the technical circumstances.

No personal data collected as part of the newsletter service will be passed on to third parties. The subscription to our newsletter can be cancelled by the data subject at any time. The consent to the storage of personal data, which the data subject has given us for the newsletter dispatch, can be revoked at any time. For the purpose of revoking consent, a corresponding link can be found in each newsletter. Furthermore, it is also possible to unsubscribe directly to us at any time by email or telephone.

Right to information, deletion, blocking

You have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of data processing as well as the right to correction, blocking or deletion of this data. For this purpose as well as for further questions on the subject of personal data, you can contact us at any time at the address given in the imprint.

Data protection for applications and in the application procedure

The data controller collects and processes the personal data of applicants for the purpose of handling the application procedure. The processing may also take place electronically. This is in particular the case when an applicant submits relevant application documents to the controller by electronic means, for example by e-mail or via a web form located on the website. If the controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If the controller does not conclude an employment contract with the applicant, the application documents are automatically deleted two months after the notification of the rejection decision, provided that no other legitimate interests of the controller conflict with such deletion. Other legitimate interest in this sense is, for example, a duty to provide evidence in proceedings under the General Equal Treatment Act (AGG).

HITS Inventarmanager

Push messages

Our system is set so that you get push messages from us. You can deactivate the corresponding setting in the device settings at any time. However, we will then not be able to provide the full service we offer. If push messages are activated, a unique identification number of the mobile device (device ID/device token/registration ID) is communicated to the service that provides the push functionality at your operating system provider. This service returns a so-called identifier (“Push Notification Identifier”), which no longer allows any conclusions to be drawn about the device ID and thus about you as a user. The data is used exclusively to enable the functionalities of the Inventory Manager.

It will not be passed on to third parties. The legal basis for the aforementioned processing is Art. 6 (1) b) DSGVO, as the processing is carried out for the performance of the contract.

Google Analytics for Firebase

Our inventory manager uses the technology Google Firebase of the company Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA(“Firebase”). Firebase is part of the Google Cloud Platform and offers other services in addition to a real-time database.

We use the following Firebase services:

Firebase Analytics enables the analysis of the use of our offer. This collects information about the use of our inventory manager, transmits it to Google and stores it there. Google uses the advertising ID of the end device for this purpose. Google will use the aforementioned information to anonymously evaluate the use of our manager and to provide us with further services related to the use of apps.

You can restrict the use of the advertising ID in the device settings (iOS: Privacy/ Advertising/ No ad tracking; Android: Account/ Google/ Ads).

Firebase Crash Reporting is used for stability and improvement of the Inventory Manager. Information about the end device used and the usage of the manager is collected. This includes, for example, the times when the manager is started and when a crash occurs. This information allows us to diagnose and resolve problems.

Firebase Cloud Messaging is used to be able to send push messages or so-called in-app messages, i.e. messages that are only displayed within the app. A pseudonymized push reference is assigned to the mobile device, which serves as the target for the push messages or in-app messages. The push messages can be deactivated and also reactivated at any time in the settings of the mobile end device.

Google Firebase uses servers located in the EEA for the aforementioned services whenever possible. However, it cannot be ruled out that data may also be transferred to the USA. Google has submitted to the EU-US Privacy Shield for this purpose.

If we obtain consent from you, the data processing is based on Art. 6 (1) a) DSGVO. Consent can be revoked at any time with effect for the future. In all other cases, processing is based on Art. 6 (1) f) DSGVO, as PF IT Consult has a legitimate interest in processing the data. We use Firebase to be able to analyze and regularly improve the use of our inventory manager.

More information about Google Firebase and data protection can be found here: https://firebase.google.com/terms/data-processing-terms; https://firebase.google.com/terms/; https://firebase.google.com/support/priv.

Objection to advertising mails

We hereby object to the use of contact data published within the framework of the imprint obligation to send advertising and information material that has not been expressly requested. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.

Change of our privacy policy

We reserve the right to occasionally adapt this data protection declaration to ensure that it always complies with current legal requirements or to implement changes to our services in the data protection declaration.

References

eRecht24,