Privacy Policy of Braunform GmbH
Notes to data protection
The protection of your personal data when visiting our homepage is important to us. We are responsible for the handling of your personal data. "We" is Braunform GmbH (for contact details see section 16.).
The following information is intended to inform you at any time which personal data we collect during your visit to our website and when you subsequently make use of our services and offers, and how we process this data.
For the data processing described, we sometimes also involve service providers who process your personal data on our behalf. This includes IT service providers, data centers, printshops and call centers, unless expressly mentioned below. In addition, legal service providers, tax consultants, authorities and courts may receive data to the extent permitted and required by law.
1. Personal data
Personal data is any information relating to an identified or identifiable natural person, such as name, address, telephone number, e-mail address, but also an IP address.
2. Data collection, storage and data transfer
When visiting our website, the browser basically sends information about browser type, browser version, operating system used, referrer URL, IP address, retrieved file names, the access status, the amount of data transferred as well as date and time of the server request. The information is processed for the function of our website and deleted after the respective applicable legal deadlines within the framework of the GDPR.
Our inquiry form asks you for personal data such as your name, company, address and email address. This data will only be used in accordance with Art. 6 section 1 of the GDPR to provide you with information in response to your request. They will be stored in accordance with the legal provisions of the GDPR and deleted in accordance with the legal deadlines.
By subscribing to our newsletter, the e-mail address and the surname are required as a mandatory fields and – with your consent – used for Braunform´s own advertising purposes. When sending newsletters to existing customers, we refer to Paragraph 7 Section 3 of the German Act Against Unfair Competition (UWG). All other fields are optional and are only used for a more personal customer contact. Once you have registered for the newsletter, an advertising-neutral e-mail is automatically generated for you, which must be confirmed by you. By confirming this, you consent to us sending you the newsletter. Your consent can be revoked at any time via the link provided in the newsletter. (see also section 6.)
We use rapidmail to send our newsletter. Your data will therefore be transmitted to rapidmail GmbH. It is prohibited for rapidmail GmbH to use your data for purposes other than sending the newsletter. Rapidmail GmbH is not permitted to pass on or sell your data. Rapidmail is a German, certified newsletter software provider which has been carefully selected in accordance with the requirements of the DSGVO and the BDSG. The privacy policy of rapidmail GmbH can be found at: https://www.rapidmail.de/datenschutz.
3. Application
We look forward to receiving your application. Your data will be stored with us for the purpose of processing your application. We base this on Art. 6 section 1 lit. b of the GDPR, which permits the processing of data as a pre-contractual measure if necessary. Your data will be treated confidentially, and all technical and organizational measures will be taken to protect your data during the application process. No data will be passed on to third parties. After completion of the application process, your data transmitted as part of the application will be deleted in accordance with the applicable regulations. If the result of the application process is an employment contract with BRAUNFORM GmbH, the data protection components of the contract will be determined separately.
In case we cannot offer a suitable job to you we would be pleased to safe your data for further job offers in the future. For this purpose we will send you a separate note to obtain your consent. In case you do not wish to give your consent, we will return your application documents to you or destroy your documents after the statutory retention period has expired. You can revoke this consent at any time.
4. Data deletion
The personal data processed by us will be deleted or limited in their processing in accordance with articles 17 and 18 DSGVO. Unless expressly stated in this data protection declaration, the data stored by us will be deleted as soon as you revoke any consent you may have given or if the data is no longer required for its intended purpose and no legitimate interests or statutory storage obligations stand in the way of deletion.
5. Data security
We currently maintain all technical measures to ensure the security of your data, particularly with regard to personal data. Our security measures are continuously improved in line with technological developments.
6. Rights of persons affected
Should you have questions about the processing of your personal data carried out by us, we will of course be happy to provide you with information about the data that concerns you (Art. 15 GDPR). If the legal requirements are met, you also have the right to rectification (Art. 16 GDPR), erasure (Art. 17 GDPR), restriction of processing (Art. 18 GDPR) and objection (Art. 21 GDPR). You also have the right of data portability (Art. 20 GDPR). In all these cases, please get in touch with our contact person for data protection (see point 17) using the communication addresses given there. Right to object: You have the right to object to the processing of your data at any time for reasons arising from your particular situation if the legal requirements are met. If you wish to object to the processing of your data for advertising purposes or withdraw your consent, simply send a short message to our contact person for data protection (for contact details, point 17). Your data will then no longer be processed for advertising purposes. This will not affect the lawfulness of the processing carried out prior to the objection or revocation. Finally, you have the right to lodge a complaint with a competent data protection supervisory authority (Art. 77 GDPR, § 19 BDSG).
Our regulatory authority for data protection is as follows:
Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg
Postfach 10 29 32
70025 Stuttgart
Germany
7. Cookies
In order to make the visit to our homepage attractive and user-friendly cookies are used on several pages. „Cookies“ are small text files which are stored on your device. After closing the browser the session cookies will be deleted. Other cookies remain on your device for further use in order to recognize the homepage the next time you visit (persistent cookies). You can configure the storage of cookies in the browser settings. For relevant information, please refer to the instructions of your browser used.
By confirming the message on our homepage you agree to the use of cookies. A consent is not obligatory, however, when refusing it can lead to restrictions in function.
8. Privacy Policy for online meetings, telephone conferences and webinars via "Zoom“
We would like to inform you below about the processing of personal data in connection with the use of "Zoom".
Purpose of processing
We use the "Zoom" tool to conduct conference calls, online meetings, video conferences and/or webinars (hereinafter: "online meetings"). "Zoom" is a service provided by Zoom Video Communications, Inc. which is based in the USA.
Person responsible
The responsible party for data processing directly related to the implementation of "online meetings" is BRAUNFORM GmbH.
Note: Insofar as you call up the website of "Zoom", the provider of "Zoom" is responsible for data processing. However, calling up the Internet site is only necessary to use "Zoom" in order to download the software for using "Zoom". The privacy policy of the provider "Zoom" can be found here: https://explore.zoom.us/de/privacy/.
You can also use "Zoom" if you enter the respective meeting ID and, if applicable, further access data for the meeting directly in the "Zoom" app.
If you do not want to or cannot use the "Zoom" app, the basic functions can also be used via a browser version, which you can also find on the "Zoom" website.
What data is processed?
Various types of data are processed when you use "Zoom". In this context, the scope of the data also depends on the data you provide before or when participating in an "online meeting".
The following personal data are subject to processing:
User details: first name, last name, telephone (optional), e-mail address, password (if "single sign-on" is not used), profile picture (optional), department (optional).
Meeting metadata: Topic, description (optional), attendee IP addresses, device/hardware information.
If recording (optional): MP4 file of all video, audio and presentation recordings, M4A file of all audio recordings, text file of online meeting chat.
For dial-in with the telephone: information on the incoming and outgoing call number, country name, start and end time. If necessary, further connection data such as the IP address of the device can be stored.
Text, audio and video data: You may have the opportunity to use the chat, question or survey functions in an "online meeting". To this extent, the text entries you make are processed in order to display them in the "online meeting" and, if necessary, to log them. To enable the display of video and the playback of audio, the data from the microphone of your terminal device and from any video camera of the terminal device will be processed accordingly for the duration of the meeting. You can turn off or mute the camera or microphone yourself at any time via the "Zoom" applications.
To participate in an "online meeting" or to enter the "meeting room", you must at least provide information about your name.
Scope of processing
We use "Zoom" to conduct "online meetings". If we want to record "online meetings", we will transparently inform you in advance and - if necessary - ask for consent. The fact of the recording will also be displayed to you in the "Zoom" app.
If it is necessary for the purposes of logging the results of an "online meetings", we will log the chat content. However, this will generally not be the case.
In the case of webinars, we may also process questions asked by webinar participants for purposes of recording and following up on webinars.
If you are registered as a user with "Zoom", then reports of "online meetings" (meeting metadata, telephone dial-in data, questions and answers in webinars, survey function in webinars) may be stored by "Zoom" for up to one month.
Automated decision-making within the meaning of Art. 22 DSGVO is not used.
Legal basis of data processing
Insofar as personal data of employees of BRAUNFORM GmbH are processed, § 26 BDSG is the legal basis for data processing. If, in connection with the use of "Zoom", personal data is not required for the establishment, implementation or termination of the employment relationship, but is nevertheless an elementary component in the use of "Zoom", Article 6 (1) f) DSGVO is the legal basis for data processing. In these cases, our interest is in the effective implementation of "online meetings".
For the rest, the legal basis for data processing when conducting "online meetings" is Art. 6 (1) lit. b) DSGVO, insofar as the meetings are conducted in the context of contractual relationships.
Should no contractual relationship exist, the legal basis is Art. 6 para. 1 lit. f) DSGVO. Here, too, our interest is in the effective implementation of "online meetings".
Recipients / passing on of data
Personal data processed in connection with participation in "online meetings" is generally not passed on to third parties unless it is specifically intended to be passed on. Please note that the content of "online meetings", as well as personal meetings, is often used to communicate information with customers, interested parties or third parties and is therefore intended to be passed on.
Other recipients: The provider of "Zoom" necessarily receives knowledge of the above-mentioned data, insofar as this is provided for in the context of our order processing agreement with "Zoom".
Data processing outside the European Union
"Zoom" is a service provided by a provider from the USA. Processing of personal data thus also takes place in a third country. We have concluded an order processing agreement with the provider of "Zoom" that complies with the requirements of Art. 28 DSGVO.
An adequate level of data protection is guaranteed on the one hand by the conclusion of the so-called EU_US-Data Privacy Frameworks. As additional protective measures, we have also configured our Zoom so that only data centers in the EU, the EEA or secure third countries such as Canada or Japan are used to conduct "online meetings".
9. Privacy Policy for online meetings, telephone conferences and webinars via "Microsoft Teams“
This privacy policy provides information about the processing of your personal data in the context of our online meetings using the Microsoft Teams video conferencing solution.
Person responsible
The responsible party pursuant to Art. 4 (7) of the EU General Data Protection Regulation (GDPR) is BRAUNFORM GmbH.
Which personal data we process
We process the following personal data as part of our online meetings using Microsoft Teams:
- Communication data (e.g. your email address, if you provide it personally)
- Log files, protocol data
- Metadata (e.g. IP address, time of participation, etc.)
- Profile data (e.g. your user name, if you provide this yourself)
Microsoft Office 365, Microsoft Teams Video conference
Using the video conferencing function of Microsoft Teams, we can offer you participation in our online events via video/audio. We use Microsoft Teams to conduct online events. We use the Team Meetings mode in Microsoft Teams. In Team Meetings, audio input and video recordings are prevented by our Microsoft Teams settings. The event is never recorded.
In exceptional cases, recording may take place under the following conditions:
- Prior explicit announcement of the planned recording to the participants
- Participants will be provided with the link to this general data protection information at www.braunform.com
- Participants will be provided with the following supplementary data protection information:
- Specific purpose of the recording
- Person responsible for the recording (function, role)
- Persons authorized to access the recording or recipients to whom the recording is to be made available
- Storage location and duration of the recording
We carry out data processing on the basis of a legitimate interest in accordance with Art. 6 para. 1 f) GDPR. Our legitimate interest for data processing is: Conducting online information events to inform participants about specialist topics as well as the company and its business activities.
Microsoft Teams is part of Microsoft Office 365 and is a productivity, collaboration and exchange platform for individual users, teams, communities and networks that is used across companies. Among other things, it includes a video conferencing function.
Microsoft Office 365 is software from the company
Microsoft Ireland Operations Limited
One Microsoft Place
South County Business Park
Leopardstown
Dublin 18
D18 P521
Ireland
Microsoft Teams is part of the Office 365 cloud application, for which a user account must be created.
Data processing with Office 365 takes place on servers in data centers in the European Union in Ireland and the Netherlands. For this purpose, we have concluded an order processing agreement with Microsoft in accordance with Art. 28 GDPR. Accordingly, we have agreed extensive technical and organizational measures with Microsoft for Office 365 that correspond to the current state of the art in IT security, e.g. with regard to access authorization and end-to-end encryption concepts for data lines, databases and servers.
Microsoft may request access for the purpose of remote maintenance. This access will then be checked by us on a case-by-case basis and granted if approved. In this case, such access may also be granted by Microsoft affiliates from outside the European Union. We have concluded EU standard contracts (standard data protection clauses) with Microsoft exclusively for this case of access from outside the European Union in individual cases approved by us. In order to guarantee an appropriate level of data protection when transferring personal data to a third country such as the USA in this specific case, we have implemented additional measures in the form of state-of-the-art technical and organizational measures such as access authorization and encryption concepts for data lines, databases and servers, as described above.
Microsoft reserves the right to process customer data for its own legitimate business purposes. We have no control over this data processing by Microsoft. To the extent that Microsoft Teams processes personal data in connection with its legitimate business purposes, Microsoft is an independent controller for these data processing activities and as such is responsible for compliance with all applicable data protection laws. If you require information about the processing by Microsoft, please refer to the relevant Microsoft statement.
Disclosure to third parties
As described above, we use Microsoft for Office 365 as a processor within the meaning of Art. 28 GDPR.
10. Privacy Policy for the use of the Web-Analysetools (Mouseflow / Matomo)
Our website uses web analysis tools to collect single, random visits (only with anonymous IP address). These are called Mouseflow ApS, Flaesketorvet 68, 1711 Copenhagen, Denmark, and Matomo (former Piwik) of InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand. These create a log of mouse movements and mouse clicks with the intention of randomly reproducing individual visits to the website as so-called "session replays", as well as evaluating them in form of so-called "heat maps" and deriving potential improvements for the website. The data collected are not personal and will not be disclosed to third parties. The storage and processing of the recorded data takes place within the EU. If you do not wish to be registered by Mouseflow, you can contradict to this on all websites using Mouseflow at the following link: https://mouseflow.com/opt-out/. Further information regarding privacy you can also find here https://matomo.org/privacy-policy/.
11. Privacy Policy for the use of the Facebook-Plugins (Like-Button)
On our pages plugins of the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA are integrated. When visiting the website via your browser no connection to the Meta servers will be established. If you click on the Facebook "Like" button while logged in to your Facebook account, you can link the contents of our pages to your Facebook profile, allowing Facebook to associate your visit to our website with your user account. We point out that we as the provider of the pages receive no knowledge of the content of the transmitted data and their use by Facebook. For more information, see the Facebook Privacy Policy at https://de-de.facebook.com/privacy/policy/. If you do not want Facebook to associate your visit to our pages with your Facebook account, please log out of your Facebook user account.
12. Privacy Policy for the use of the XING-Plugins
Our website uses the „Share-Button“ of XING. When the website is accessed via your browser no connection is established to the servers of XING AG, Gänsemarkt 43, 50354 Hamburg in Germany. This will take you directly to the Braunform XING page. In this case a storage of personal data does not take place. In particular, XING does not store IP-addresses. Further information can be found in the XING privacy policy at https://privacy.xing.com/de/datenschutzerklaerung.
13. Privacy Policy for the use of the LinkedIn-Plugins
On our website we use the „Linkedin-Button“ of the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, USA. Please note that when visiting our homepage no connection to the LinkedIN Server will be established in order to link your profile with our profile by clicking the LinkedIn button. In doing so we do not obtain any knowledge about the content of the linked data as well as their use by LinkedIn. Further information can be found in the LinkedIn privacy policy at https://de.linkedin.com/legal/privacy-policy.
14. Privacy Policy for the use of the YouTube-Plugins
The Braunform website uses the PlugIn of Youtube belonging to Google Inc., San Bruno, USA. When visiting the Braunform website no connection to the YouTube servers will be established. In case you are logged in with your YouTube account your browsing behavior will be transferred to your YouTube profile when calling the plugin. To avoid this you must log out from your user account. Further privacy policies you can view at https://policies.google.com/privacy?hl=en.
15. Privacy Policy for the use of the Kununu-Plugins
On our pages the "Kununu" button of the social network Kununu is used which is operated by Kununu GmbH, Fischhof 3 Top 7, 1010 Vienna, Austria. When you visit our website your browser does not automatically connect to the Kununu servers.
We point out that we as the provider of the website can not obtain any knowledge of the content of the data transmitted and their use by Kununu. We can not influence the amount of data that Kununu collects with the button. The purpose and scope of the data collection, the further processing and use of the data by Kununu, as well as your related rights and settings options for the protection of your privacy can be found in Kununu's privacy policy: https://privacy.xing.com/en/privacy-policy. If you do not wish Kununu to associate your visit to our pages with your user account, please log out of your Kununu user account before.
16. Privacy Policy for the use of the Instagram-Plugins
The Braunform website uses the PlugIn of Instagram belonging to Meta, 1601 South California Avenue, Palo Alto, CA 94304, USA. When visiting the Braunform website no connection to the Instagram servers will be established. In case you are logged in with your Instagram account your browsing behavior will be transferred to your Instragram profile when calling the plugin. To avoid this you must log out from your user account. Further privacy policies you can view at https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect.
17. Contact Data
Braunform GmbH
Unter Gereuth 7 + 14
79353 Bahlingen
Germany
Phone: +49 (0) 7663/9320-0
Fax: +49 (0) 7663/9320-139
E-Mail: info@braunform.com
18. Contact person for questions in regard to data protection
Braunform GmbH
Data Protection Officer
Unter Gereuth 7 +14
79353 Bahlingen
Germany
E-Mail: datenschutz@braunform.com