Calenberg Ingenieure GmbH data privacy statement

We take the protection of your personal data very seriously. It therefore goes without saying that we always handle your personal data as per statutory data protection regulations. We have appointed a reliable, expert external data protection officer. The external data protection officer is provided by UIMC Dr. Vossbein GmbH & Co KG.
 
We’d like to inform you about how your personal data are processed below:
  • Data privacy statement regarding the website
  • Data privacy while processing our business partners’ personal data (B2B)
  • Data privacy within the application process
  • Data subjects’ rights
  • Contact with the Data Protection Officer

We reserve the right to adapt this data privacy statement from time to time to ensure that it meets current legal requirements or to implement changes to our services in the data privacy statement – when new services are introduced, for example. The new data privacy statement applies to your next visit in such cases.

Data privacy statement regarding the website

Should we request personal data such as name, address or email address in contact forms such data are provided on a voluntary basis. We use this information for business purposes, such as sending information or materials that you requested.

We offer you the option of contacting us using a form provided on our website if you have questions of any kind. The data marked as mandatory information is required to allow us to assign and answer the inquiry. Further information can be provided on a voluntary basis. Your data are processed for the purpose of contacting us based on your voluntary consent as specified in Art. 6 (1) lit. a GDPR.

Personal data that we collect in relation to the contact form is erased when your request has been dealt with and once the tax and commercial law retention periods have elapsed.
 
 

Logging

Every time the website is accessed, logs are created and processed for statistical purposes:
  • Referrer (web page from which a link was followed to this website)
  • Search terms (as referrer in search engines)
  • The IP is analysed to determine the country of origin and the provider
  • Browser, operating system, installed plugins and screen resolution
  • Time spent on the pages

 
The aforementioned data are processed for the following purposes based on our legitimate interest as indicated in Art. 6 (1) lit. b GDPR:
  • To guarantee that a connection is easily established to the website
  • To guarantee convenient use of our website
  • To evaluate system security and stability and fulfil other administrative purposes

 
We reserve the right to check such data at a later point in time if we become aware of specific indications of unlawful use. Data are erased immediately if they are no longer required for their purpose, after six months at the latest.
 
 

Transfer of personal data

Your personal data are, in priniciple, not transferred to third parties for commercial or non-commercial purposes without your express consent. We transfer your personal data to third parties only if this is legally permissible – on the basis of Article 6 GDPR. To some extent, we use service providers based on commissioned data processing according to Art. 28 GDPR; for example, the website is hosted and maintained by cybox, Hameln. We ultimately remain fully responsible for data processing.
 
 

Liability for own content

The content on these pages has been produced with extreme care. However, we are unable to guarantee that the content is accurate, complete and up to date. As the service provider, we are responsible for our own content on these pages as stipulated in general legislation.
 
 

Liability for links (content provided by external providers)

A distinction should be made between our own content and links to content which other providers offer. We have no influence over their content; the respective provider or operator is always responsible for content of linked pages.
 
 

Data privacy while processing our business partners’ personal data (clients/suppliers: B2B)

As a contractual partner of your company, we process personal data relating to you based on our legitimate interest to prepare a quote and fulfil contracts as specified in Art. 6 (1) lit. f GDPR. Processing for accounting and cost calculation purposes and compliance with statutory obligations, such as those under commercial and tax law, are based on Art. 6 (1) lit. c GDPR. The business relationship is between your company and us. If you act in the capacity of a natural person, such as a sole trader or self-employed person, your data will be processed for the purpose of implementing pre-contractual measures and fulfilling contracts on the legal basis of Art. 6 (1) lit. b GDPR.

Due to external requirements, such as those under tax or customs law, personal data concerning your person may possibly be compared with lists that public authorities publish.

Moreover, data may also be processed for legitimate purposes as specified in Art. 6 (1) lit. f GDPR, such as marketing, internal market research and marketing purposes, and in-house statistics.  In particular, legitimate interests concern the optimisation of processes and the allocation of costs; your interests, basic rights and freedoms are taken into due consideration during this process.

We will only use your data to send you information about products, services, events and other interesting information about our company if you have given your consent to do so or we notified you to a reasonable extent during data collection in line with Section 7 of the German Act against Unfair Competition (UWG). You may withdraw your consent to such material being sent at any time with future effect.

The data that you provide are required to fulfil the contract. Without this data, we will be unable to fulfil the contract that we concluded with your company.

You can log into the protected area of our website using your personal identification. During
this process, data are logged for the aforementioned purposes as specified in the Website Data Privacy Statement.

We reserve the right to check such data at a later point in time if we become aware of specific indications of unlawful use. Data are erased immediately if they are no longer required for their purpose, after six months at the latest.
 
 

Disclosure

Your personal data may be transferred to external service providers, such as tax consultants or legal advisers. External IT service providers may access your data as part of processing described in Article 28 GDPR. In doing so, service providers act bound by instructions, which is ensured by appropriate agreements. Some of these service providers are located outside the EU/EEA; these service providers ensure an adequate level of data protection through appropriate guarantees within the meaning of Art. 46 DSGVO, e.g. the conclusion of EU standard contractual clauses. You can obtain a copy of these provisions from us at any time.
 
 

Group companies

Information about contractual relationships, including personal data, is transmitted within the globally active LISEGA Group, including companies in the US and other countries outside the EU/EEA, in order to offer you optimal information and services for the aforementioned purposes. The companies within the network that are located outside the EU also ensure an adequate level of data protection by signing standard EU contractual clauses. You can obtain a copy of these provisions here at any time.
 
 

Retention and erasure of data

Your data will be stored for as long as required for the aforementioned purposes. These data will be erased at the latest after the contractual relationship has been terminated and once the statutory retention periods under civil, commercial and tax law ends.

Data privacy within the application process

We process your personal data with regard to your person to complete your application procedure and to evaluate your potential for employment. In doing so, we process the information that you provided for the purposes of making an informed recruitment decision based on Art. 6 (1) lit. b GDPR. Evaluations based on objective, non-discriminatory criteria are also stored; in individual cases, publicly accessible personal data concerning your person are also stored where permitted.

The data that you provide are required to complete the application procedure. We are unable to consider your application without such data.

Transfer of personal data

If your application is successful, your personal data will be transferred to the LISGEA SE, who to some extent provides services for human resources as a Group internal service provider. In some cases, IT service providers may access your data as part of order data processing in accordance with Article 28 GDPR. In doing so, the service providers act on instructions, which has been ensured by corresponding agreements.
 
 

Retention and erasure of data

Your data will be stored for as long as required for the aforementioned purposes related to the employee selection procedure. If you object to data processing during the employee selection procedure, the data will be erased unless statutory retention periods determine otherwise.

The data will be erased at the end of the application procedure and once any periods for filing legal action expire, unless you have given us your consent to save your application for other job offers. Unsolicited applications will be stored until you revoke your consent or for up to two years and will then be erased.

Data subjects’ rights

We hereby inform you that, under Art. 15 et seqq. GDPR, you have the right to request access about personal data that we hold about you. You may also request to have such data rectified or erased. You may limit or object to its processing and you also have the right to data portability. Under Art. 77 GDPR, you also have the right to submit a complaint to a supervisory authority if you consider the processing of your personal data to be in violation of these regulations. If your consent is required for processing (see Art. 6 (1) lit. (a) or Art. 9 (2) lit. (a) GDPR), you also have the right to withdraw your consent at any time. This withdrawal of your consent has no impact on the legality of the data processing up to the point in time when the consent was withdrawn.

 

Right to request access, Art. 15 GDPR

You have the right to request information on whether your personal data are processed and to what extent, particularly with regard to the purpose of processing, the recipients of the data and the time period for which the personal data will be stored.

 

Right to rectification, Art. 16 GDPR

You have the right to request rectification of your saved data if these are incorrect or incomplete. This includes the right to completion by means of supplementary explanations or notifications.

 

Right to erasure, Art. 17 GDPR

You have the right to request that your personal data will be erased. This may be possible if the data are no longer necessary in relation to the purposes for which they were collected or the data must be erased to comply with legal obligations. However, this right may be denied in individual cases.
 
 

Right to restriction of processing, Art. 18 GDPR

You have the right to request that the processing of your personal data will be restricted. This may be possible if your data are collected incorrectly or data are processed in an unlawful way. If data are subject to restriction of processing, data may only be processed in narrowly defined cases.
 
 

Right to data portability, Art. 20 GDPR

If you have provided the personal data concerning you, you have the right to receive such data in a commonly used, machine-readable format or you have the right to have such data transmitted to another controller that you specify.
 
 

Right to object, Art. 21 GDPR

You have the right to object to the processing of your personal data due to reasons relating to your specific circumstances with future effect at any time if the processing of your data serves legitimate interests (see Art. 6 (1) lit. e), f ) GDPR). If you object to processing, we will check whether the legal requirements for processing your data are met and, if they are not, we will refrain from any further processing of your data.
 
 

Right to lodge a complaint with a supervisory authority, Art. 77 GDPR

You have the right to lodge a complaint with a supervisory authority of the Union or Member States at any time if there have been any infringements of data protection regulations.
 
Contact details for the relevant supervisory authority:
By post: Postfach 221, 30002 Hannover, Germany
By phone: +49 (0)511 120 45 00 (Monday, Wednesday, Friday: 9 a.m.–12 midday; rest of the time: answering service)
By email: poststelle@lfd.niedersachsen.de

Contact details of the Data Protection Officer

If you have any questions on the processing of your personal data, you can contact our Data Protection Officer directly, who will also work with their team to help you with any requests for information, applications or complaints.
 
The external Data Protection Officer can be contacted
by post: Dr. Jörn Voßbein, UIMC Dr. Voßbein GmbH & Co KG, Otto-Hausmann-Ring 113, 42115 Wuppertal, Germany
By phone: +49 202 946 7726 200
By email: datenschutz.calenberg@uimc.de