Calenberg Ingenieure GmbH data privacy statement

We take the protection of your personal data very seriously. It therefore goes without saying that we always handle your personal data as per statutory data protection regulations. We have appointed a reliable, expert external data protection officer. The external data protection officer is provided by UIMC Dr. Vossbein GmbH & Co KG.
 
We’d like to inform you about how your personal data are processed below:
  • The website data privacy statement
  • Data privacy while processing our business partners’ personal data (B2B)
  • Data privacy within the application process
  • Data subjects’ rights
  • Contact with the Data Protection Officer

We reserve the right to adapt this data privacy statement from time to time to ensure that it meets current legal requirements or to implement changes to our services in the data privacy statement – when new services are introduced, for example. The new data privacy statement applies to your next visit in such cases.

The website data privacy statement

If we should request personal data such as name, address or email address on contact forms, for example, such data are provided on a voluntary basis. We use this information for business purposes, such as sending information or materials that you requested.

We offer you the option of contacting us using a form provided on our website if you have questions of any kind. The data marked as mandatory information is required to allow us to assign and answer the inquiry. Further information can be provided on a voluntary basis. Your data are processed for the purpose of contacting us based on your voluntary consent as specified in Art. 6 (1) Sentence 1 lit. a GDPR.

Personal data that we collect in relation to the contact form is erased when your request has been dealt with and once the tax and commercial law retention periods have elapsed.
 
 

Logging

Every time the website is accessed, logs are created and processed for statistical purposes:
  • Referrer (web page from which a link was followed to this website)
  • Search terms (as referrer in search engines)
  • The IP is analysed to determine the country of origin and the provider
  • Browser, operating system, installed plugins and screen resolution
  • Time spent on the pages

 
The aforementioned data are processed for the following purposes based on our legitimate interest as indicated in Art. 6 (1) Sentence1 lit. b GDPR:
  • To guarantee that a connection is easily established to the website
  • To guarantee convenient use of our website
  • To evaluate system security and stability and fulfil other administrative purposes

 
We reserve the right to check such data at a later point in time if we become aware of specific indications of unlawful use. Data are erased immediately if they are no longer required for their purpose, after six months at the latest.
 
 

Passing on data

Data are not passed on to third parties for commercial or non-commercial purposes without your express consent. We only pass on your personal data to third parties if this is legally permissible – on the basis of Article 6 GDPR, for example. To some extent, we use service providers for the legally required commissioned data processing; for example, the website is hosted and maintained by cybox, Hameln. We ultimately remain fully responsible for data processing.
 
 

Liability for own contents

The contents on these pages have been produced with extreme care. However, we are unable to guarantee that they are accurate, complete and up to date. As a service provider, we are responsible for our own contents on these pages as stipulated in general legislation.
 
 

Liability for links (contents provided by external providers)

A distinction should be made between our own contents and links to contents which other providers offer. We have no influence over their contents; the respective provider or operator is always responsible for contents of linked pages.


Xing

This website links to the XING website. The website is operated by XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. It only links to the XING website instead of using plug-ins. This means that your personal data is not automatically transferred to XING when you visit our website. In the case of mere linking, XING only processes your personal data when you actively click on the XING button. However, if you are logged into your XING account when you access our website, XING will process personal data from you. We have no influence on the type and scope of your personal data processed by XING. You can find further information on how we handle your data in the XING Privacy Policy at https://www.xing.com/privacy.


LinkedIn

Our website links to the website of LinkedIn. The LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA, is the operator of these pages. Instead of using plug-ins, we only link to LinkedIn. Therefore, your personal information is not automatically transferred to LinkedIn when you visit our website. LinkedIn does not process your personal information until you actively click on the LinkedIn button. We have no control over the nature and extent of your personal data processed by LinkedIn.
For more information about how LinkedIn handles your personal information, please see LinkedIn's privacy policy at https://www.linkedin.com/legal/privacy-policy.
 
 

Data privacy while processing our business partners’ personal data (clients/suppliers: B2B)

As a contractual partner of your company, we process personal data relating to you based on our legitimate interest to prepare a quote and fulfil contracts as specified in Art. 6 (1) lit. f GDPR. Processing for accounting and cost calculation purposes and compliance with statutory obligations, such as those under commercial and tax law, are based on Art. 6 (1) Sentence 1 lit. c GDPR. The business relationship is between your company and us. If you act in the capacity of a natural person, such as a sole trader or self-employed person, your data will be processed for the purpose of implementing pre-contractual measures and fulfilling contracts on the legal basis of Art. 6 (1) lit. b GDPR.

Due to external requirements, such as those under tax or customs law, personal
data concerning your person may possibly be compared with lists that public authorities publish.

Moreover, data may also be processed for legitimate purposes as specified in Art. 6 (1) Sentence 1 lit. f GDPR, such as marketing, internal market research and marketing purposes, and in-house statistics.  In particular, legitimate interests concern the optimisation of processes and the allocation of costs; your interests, basic rights and freedoms are taken into due consideration during this process.

We will only use your data to send you information about products, services, events and other interesting information about our company if you have given your consent to do so or we notified you to a reasonable extent during data collection in line with Section 7 of the German Act against Unfair Competition (UWG). You may withdraw your consent to such material being sent at any time with future effect.

The data that you provide are required to fulfil the Contract. Without this data, we will be unable to fulfil the Contract that we concluded with your company.

You can log into the protected area of our website using your personal identification. During
this process, data are logged for the aforementioned purposes as specified in the Website Data Privacy Statement.

We reserve the right to check such data at a later point in time if we become aware of specific indications of unlawful use. Data are erased immediately if they are no longer required for their purpose, after six months at the latest.
 
 

Disclosure

Your personal data may be passed on to external service providers, such as tax consultants or legal advisers. External IT service providers may access your data as part of processing described in Article 28 GDPR. In doing so, service providers act bound by instruction, which is ensured thanks to appropriate agreements. Some of these service providers are located outside the EU/EEA; these service providers ensure an adequate level of data protection through appropriate guarantees within the meaning of Art. 46 DSGVO, e.g. the conclusion of EU standard contractual clauses. You can obtain a copy of these provisions here at any time.
 
 

Group companies

Information about contractual relationships, including personal data, is transmitted within the globally active LISEGA Group, including companies in the US and other countries outside the EU/EEA, to offer you optimum information and services for the aforementioned purposes. The companies within the network that are located outside the EU also ensure an adequate level of data protection by undersigning standard EU contractual clauses. You can obtain a copy of these provisions here at any time.
 
 

Retention and erasure of data

Your data will be stored for as long as required for the aforementioned purposes. These data will be erased at the latest after the contractual relationship has terminated and once the statutory retention periods under civil, commercial and tax law have concluded.

Data privacy within the application process

We process your personal data with regard to your person to complete your application procedure and to evaluate your potential for employment. In doing so, we process the information that you provided for the purposes of making an informed recruitment decision based on Art. 6 (1) Sentence 1 lit. b GDPR. Evaluations based on objective, non-discriminatory criteria are also stored; in individual cases, publicly accessible personal data concerning your person are also stored where permitted.

The data that you provide are required to complete the application procedure. We are unable to consider your application without such data.
 
 

Retention and erasure of data

Your data will be stored for as long as required for the aforementioned purposes related to the employee selection procedure. If you object to data processing during the employee selection procedure, the data will be erased unless any statutory retention periods determine otherwise.

The data will be erased at the end of the application procedure and once any periods for filing legal action expire, unless you have given your consent for us to save your application for other job offers. Unsolicited applications will be stored until you revoke your consent or for up to two years and then erased.

Data subjects’ rights

We hereby inform you that, under Art. 15 et seq. GDPR, you have the right to request access about personal data that we hold about you. You may also ask to have such data rectified or erased. You may limit or object to its processing and also have the right to data portability. Under Art. 77 GDPR, you also have the right to submit a complaint to a supervisory authority if you consider the processing of your personal data to be in violation of these regulations. If your consent is required for processing (see Article 6 (1)(a) or Article 9 (2)(a) GDPR), you also have the right to revoke consent at any time. This withdrawal of consent has no impact on the legality of data processing activity up to the point in time when consent was withdrawn.

 

Right to request access, Art. 15 GDPR

You have the right to require information on whether your personal data are processed and to what extent, particularly with regard to the purpose of processing, the persons receiving data and the time period it will be stored.

 

Right to rectification, Art. 16 GDPR

You have the right to require rectification of your saved data if these are incorrect or incomplete. This includes the right to completion by means of supplementary explanations or notifications.

 

Right to erasure, Art. 17 GDPR

You have the right to require that your personal data be erased. This may be possible if the data are no longer necessary in relation to the purposes for which they were collected or the data must be erased to comply with legal obligations. However, this right may be denied in individual cases.
 
 

Right to restriction of processing, Art. 18 GDPR

You have the right to require that the processing of your personal data be restricted. This may be possible if your data are collected incorrectly or data are processed in an unlawful way. If data are subject to restriction of processing, data may only be processed in narrowly defined cases.
 
 

Right to data portability, Art. 20 GDPR

If you have provided the personal data concerning you, you have the right to receive such data in a commonly used, machine-readable format or you have the right to have such data transmitted to another controller that you specify.
 
 

Right to object, Art. 21 GDPR

You have the right to object to processing of personal data concerning you due to reasons relating to your specific circumstances with future effect at any time if data are processed to serve legitimate interests (see Art. 6 (1) lit. e), f ) GDPR). If you object to processing, we will check whether the legal requirements for processing your data are met and, if they are not, we will refrain from any further processing of your data.
 
 

Right to lodge a complaint with a supervisory authority, Art. 77 GDPR

You have the right to lodge a complaint with a supervisory authority of the Union or Member States at any time if there have been any infringements of data protection regulations.
 
Contact details for the relevant supervisory authority:
By post: Postfach 221, 30002 Hannover, Germany
By phone: +49 (0)511 120 45 00 (Monday, Wednesday, Friday: 9 a.m.–12 midday; rest of the time: answering service)
By email: poststelle@lfd.niedersachsen.de

Contact with the Data Protection Officer

If you have any questions on the processing of your personal data, you can contact our Data Protection Officer directly, who will also work with their team to help you with any requests for information, applications or complaints.
 
The external Data Protection Officer can be contacted
by post: Otto-Hausmann-Ring 113, 42115 Wuppertal, Germany
By phone: +49 202 946 7726 200
By email: datenschutz.calenberg@uimc.de