Data Protection vitero GmbH
Version of: August 2021
The following Data Protection Information applies to the use of our online content [www.vitero.com] (hereinafter referred to as “website”). We at vitero GmbH respect your privacy and take the protection of your personal data very seriously. Your personal data are collected and processed in compliance with the applicable data protection requirements, especially the data protection laws of the Federal Republic of Germany and the General Data Protection Regulation (GDPR).
The internet presence of vitero GmbH contain links to websites of third parties (external links). Liability for these websites resides with their respective operators. If you notice that links on our website refer to Internet sites whose content violates applicable law, please inform us by emailing firstname.lastname@example.org.
The controller for the processing of your personal data in the sense of Article 4(7) GDPR is
Phone: +49 711 / 686 89 88-0
You can reach our data protection officer at the address above or the following email address: email@example.com.
2. For what purposes are your personal data processed, and on what legal basis?
a) When you visit our website
When you view our website, the browser used on your terminal device automatically sends information to our website’s server. This information is stored temporarily in a so-called log file. The following information is collected in the process without your intervention and stored until automatic erasure:
- the IP adress of the querying terminal device,
- the date and time of the access,
- the name and URL of the retrieved file,
- the website from which the access occurred (referrer URL),
- information about the browser used and, if applicable, the operating system of your computer and name of your access provider.
We process the above-named data for the following purposes:
- ensuring that the connection to the website is established smoothly
- ensuring convenient use of our website
- analyzing system security and stability
- ensuring IT security and IT operation
- advertising our own web seminar content and the products of vitero GmbH.
b) When you contact us, e. g. by email or contact form
Personal data are collected if you contact our company. When the contact form provided on our website is used, the nature and scope of the data collected are obvious from the contact form itself; when you contact us by other means (e. g., email), you determine the nature and scope of the data you send us yourself in the message you send. The data are used exclusively for the purposes of communication, the processing of your request, and the associated technical administration. The data processing for the purpose of contacting us takes place in accordance with Article 6(1) sentence 1 points (a) and (b) GDPR on the basis of the consent you voluntarily give or in order to meet our (pre)contractual obligations. The personal data collected by us are deleted automatically once the request you make has been taken care of, insofar as the matter has been conclusively resolved and no statutory retention obligations oppose the deletion (Article 6(1) point (c) GDPR). The email address is stored exclusively for correspondence with you and is not shared with third parties.
c) Participation in webinars and online events
Personal data are collected if you register for webinars and/or other online events of our company. When the contact form provided on our website is used, the nature and scope of the personal data collected are obvious from the form itself. The data are used exclusively for the purposes of communication and the associated necessary technical administration. Data processing for the purposes of participation in our online events takes place in accordance with Article 6(1) sentence 1 points (a) and (b) GDPR on the basis of the consent you voluntarily give or in order to allow the participation you request. The personal data collected by us are deleted automatically after your participation, insofar as you do not want to be contacted further and no statutory retention obligations oppose the deletion (Article 6(1) point (c) GDPR). The email address is stored exclusively for correspondence with you and is not shared with third parties.
d) Job applications
You can apply by email for open positions we advertise or on your own initiative. The exclusive purpose of collecting your data is processing applications, i. e. selecting the applicants for the purpose of potentially establishing an employment relationship. As a general rule, your data are only shared with the company-internal positions responsible for the specific application process and with employees of the corresponding departments of our company. Your application data are not used or shared with third parties beyond this. If we cannot offer you a position that currently needs to be filled, but your profile could be of interest for positions to be filled in the future, we store your application data for twelve months, insofar as you have given us your express consent to store and use your data. You can withdraw your application at any time if you are no longer interested in the position. Your application will then no longer be considered in the further applicant selection process. Once the applicant selection process ends, or if you withdraw your application, your data are deleted in accordance with the applicable legal requirements.
e) Subscribing to and reading newsletters
To receive a newsletter from vitero GmbH, it is necessary to provide your email address and your first and last name. Before the newsletter is sent, you must confirm that we should activate the newsletter service for you through a so-called double opt-in procedure. You then receive a confirmation and automation email from us in which we ask you to click the link in the email to confirm that you want to receive our newsletter. Sendinblue is used as newsletter software. Your data will be transmitted to Sendinblue GmbH. Sendinblue is prohibited from selling your data and using it for purposes other than sending newsletters. Sendinblue is a German, certified provider, which has been selected in accordance with the requirements of the General Data Protection Regulation and the German Federal Data Protection Act. You can find more information here: de.sendinblue.com/informationen-newsletter-empfaenger/. You can withdraw your consent to receive the newsletter at any time, thereby unsubscribing from the newsletter.
We store the registration data as long as they are needed in order to send the newsletter. We store the record of the registration and the sending address as long as an interest exists in proving that consent was given originally, which is normally at most three years in accordance with the limitation periods for claims under civil law.
The legal basis for sending the newsletter is your consent in accordance with Article 6(1) sentence 1 point (a) in connection with Article 7 GDPR. The legal basis for recording the registration is our legitimate interest in proving that the newsletter was sent with your consent. You can cancel the registration at any time without incurring costs other than the transmission costs according to the basic rates. Communication in text form through the contact data in section 1 (e. g., email, fax, or letter) suffices for this purpose. You will also find an “unsubscribe” link in every newsletter, of course.
We use so-called session cookies in order to optimise the user-friendliness of our website. A session cookie is a small text file which is sent from the respective servers when an Internet site is visited and is temporarily stored on your hard drive. This file as such contains a so-called session ID through which the various queries of your browser can be associated with the same session. They allow your computer to be recognised if you return to our website. These cookies are deleted once you close your browser. They serve to store information temporarily, e. g. for statistical analyses or for the purpose of managing the connection during your visit to our website.
We also use persistent cookies (also small text files that are stored on your terminal device) to a small extent, which remain on your terminal device and allow us to recognise your browser the next time you visit. These cookies are stored on your hard drive and are deleted automatically after a set time period. Their lifespans range from one month to 10 years. They allow us to present our content to you in a more user-friendly, effective, and secure manner and show you information specifically tailored to your interests, for example.
The cookies store the following data and information, for example:
- login information
- language settings
- search terms entered
- information about the number of views of our website and the use of individual functions of our Internet presence.
When the cookie is activated, it is assigned an identification number; your personal data are not associated with this identification number. Your name, IP address, or similar data that would make it possible to associate the cookie with you are not stored in the cookie. On the basis of the cookie, we receive only pseudonymised information, for example about which pages of our website are visited, what products/services are viewed, etc.
You can configure your browser in such a way that you are informed in advance about the setting of cookies and can decide in individual cases whether to exclude the acceptance of cookies for specific cases or in general, or to completely prevent cookies. This may restrict the functionality of the website.
Possibility of objection: If you do not want cookies to be used or want to delete existing cookies, you can disable and remove them through your Internet browser. You can find more information on deleting or blocking cookies in the help files of your browser or on the Internet, e. g. with search queries such as “disable cookies” or “delete cookies” (instructions for deletion in Microsoft Internet Explorer, in Mozilla Firefox, in Safari, in Google Chrome).
5. Google Analytics
This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics enables the website operator to analyse the behaviour of website visitors. In doing so, the website operator receives various usage data, such as page views, length of stay, operating systems used and the origin of the user. This data may be summarised by Google in a profile that is assigned to the respective user or their end device.
Google Analytics uses technologies that enable the recognition of the user for the purpose of analysing user behaviour (e. g. cookies or device fingerprinting). The information collected by Google about the use of this website is usually transferred to a Google server in the USA and stored there.
The use of this analysis tool is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in analysing user behaviour in order to optimise both its website and its advertising. If a corresponding consent has been requested (e. g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO; the consent can be revoked at any time.
6. Google Ads Conversion Tracking
This website also uses Google conversion tracking. In this process, Google Ads sets a cookie on your computer if you have reached our website through a Google ad. These cookies expire after 30 days and do not serve to identify you personally. If the user visits particular pages of the website of the Google Ads customer and the cookie has not yet expired, Google and the customer can see that the user has clicked the ad and was redirected to this page. Each Google Ads customer receives a different cookie. Thus, cookies cannot be tracked across the websites of Google Ads customers. The information obtained through the conversion cookie is used to compile conversion statistics for Google Ads customers who have decided to use conversion tracking. The Google Ads customers learn the total number of users who have clicked their ad and have been redirected to a page with a conversion tracking tag. However, they receive no information that could be used to identify the user personally. If you do not want to participate in the tracking process, you can refuse to allow a cookie, which is necessary for this purpose, to be set, for example through a browser setting that disables automatic setting of cookies in general. You can also disable cookies for conversion tracking by configuring your browser to block cookies from the domain “www.googleadservices.com”. You can find Google’s statement on data protection for conversion tracking here.
7. Your rights as the data subject
You have the right to obtain information at any time at no cost about the processing of your stored personal data, the right to withdraw your consent under data protection law, the right to have the personal data concerning you transferred in a machine-readable format, and the right to rectification (if the stored data are incorrect or no longer current) or erasure of these data (“right to be forgotten”). If erasure is exceptionally not possible due to other legal requirements, the data will be locked so they are only available for the legal purpose. Furthermore, you can have the processing of your data restricted and object to the data processing in accordance with Article 6(1) point (e) or (f) GDPR. You also have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work, or the place of the alleged infringement if you are of the opinion that the processing of personal data concerning you is unlawful.
8. Duration of storage
Unless something to the contrary is communicated or indicated, we only store personal data as long as is necessary in order to fulfill the purposes pursued, or as long as we have a legitimate interest in further storage.
In all other cases, we delete your data, with the exception of such data as we must continue to store in order to comply with statutory retention periods (e.g., under tax law or commercial law). They are then deleted after the statutory retention period expires.
9. Right to withdraw/right to object
Insofar as your personal data are processed on the basis of legitimate interests as per Article 6(1) sentence 1 point (f) GDPR, you have the right to object in accordance with Article 21 GDPR to processing of your personal data if grounds exist based on your particular situation, or if the objection is against direct advertising. In the latter case, you have a general right to object, which we honor without the need to indicate a particular situation. If you would like to exercise your right to withdraw or object, it suffices to send an email to firstname.lastname@example.org.
10. Further information
Your trust is important to us. Therefore, we will be happy to provide you information about the processing of your personal data. Please direct your questions to email@example.com.