Data protection

Responsible person:

System Straub domestic staff
Marketa Straub
Jürgensallee 53
D-22609 Hamburg

You can reach our data protection officer at info@systemstraub.de

Status: 08.04.2024

Cookies are set on this page. You can revise or view your consent here: Show now

Legal basis for our services and basic information on the use and disclosure of data
This privacy policy provides users with information about the type, scope and purpose of the collection and use of their data by the responsible provider.

The information in this privacy policy serves to clarify the purpose, scope and nature of the processing of your personal data within our entire online offering and all associated websites, including their functions and content (hereinafter collectively referred to as "website" or "online offering"). This declaration applies to all platforms and devices (e.g. mobile devices or desktop PCs) on which our online offering is used or executed, regardless of the domains or systems used. This information is provided in accordance with Art. 13 GDPR. The terms used, such as "personal data" or their "processing", are explained in the definitions in Art. 4 of the General Data Protection Regulation (GDPR).

Personal user data processed within this online offering includes, for example, personal data (such as customer names and contact data), as well as data on usage and customer entries within our online offering (e.g. details of a CV or cover letter).

The terms used, such as "user", "customer" or "service provider", are to be understood as gender-neutral. All personal user data is processed in compliance with the relevant data protection regulations. The basis for this is the existence of a legal authorisation and the consent of the user. If the data processing is necessary for the provision of our contractual services (e.g. order processing) or the online service (e.g. to ensure and comply with legal regulations), or also due to our legitimate interest (e.g. for the security of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR, analysis to optimise the security and efficiency of our operations, incl. profiling for advertising and marketing purposes, collection of reach and access data and third-party services), we will use the data within the scope of legal permission. Art. 6 para. 1 lit. a. and Art. 7 GDPR form the legal basis for the consents, Art. 6 para. 1 lit. b. GDPR serves as the legal basis for processing for the performance of contracts and services. The legal basis for the processing of data for the fulfilment of our legal obligations is Art. 6 para. 1 lit. c. GDPR, and the legal basis for the processing of data for the protection of our legitimate interests is Art. 6 para. 1 lit. f. GDPR.

Contact by the user
If you contact us via the online form or by e-mail, we will save the information you provide in order to answer your enquiry and ask any follow-up questions.

To process user enquiries (by email or contact form), the user's details are processed in accordance with Art. 6 para. 1 lit. b) GDPR.

Our enquiry organisation (Customer Relationship Management) may, under certain circumstances, store the user's details.

Reference check and verification of documents
If you provide us with certificates and references as part of your application, you agree that we may verify these documents as part of the reference check. This includes the right to contact previous employers or other references in order to verify the accuracy and relevance of the information provided. This processing is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and serves to ensure the quality and suitability of our applicants. You can revoke your consent at any time by contacting us in writing.

Disclosure of data to third parties and third-party providers
Data is only passed on to third parties within the framework of legal requirements. It only takes place if this is necessary for the purpose/fulfilment of the contract (pursuant to Art. 6 para. 1 lit. b) GDPR), or on the basis of legitimate interests in our economic and effective business operations (pursuant to Art. 6 para. 1 lit. f. GDPR). In order to comply with legal requirements and to protect personal data, we also take appropriate legal, technical and organisational measures when using subcontractors. If third-party services, tools or other means are used and the named registered office of this provider is located in a third country, a data transfer to this country is also likely. The GDPR is an EU regulation and applies to all member states anyway. Data is only transferred to countries outside the EU or the European Economic Area with legal authorisation, user consent or if there is an adequate level of data protection in the respective third country. We identify these third-party providers in the following sections.

Our websites and our e-mail service are hosted by ALL-INKL.COM - Neue Medien Münnich (Hauptstraße 68, 02742 Friedersdorf, Germany) (so-called "hoster"). Personal data that is collected on our websites is stored on the servers of our hoster. This may include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website access and other data generated via a website. The hoster is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f GDPR). Our hoster will only process your data to the extent necessary to fulfil its performance obligations and follow our instructions with regard to this data. In order to ensure data protection-compliant processing, we have concluded an order processing contract with our hosting service provider.

Measures for protection and safety
In order to protect the data processed by us against accidental or intentional manipulation, destruction, loss or access by unauthorised persons, and to comply with the provisions of data protection laws, we take technical, organisational and contractual security precautions in accordance with the state of the art. Check whether we use https The encrypted transmission of data between our server and your browser is one of the security measures used.

Collection of access data and records (log files)
For each access to our server, we collect corresponding data (so-called server log files), including date and time, data volume, name of the website accessed, success message about the access, the operating system including browser type and version, the previously visited website, the IP address and the provider in our legitimate interest within the meaning of (Art. 6 para. 1 lit. f. GDPR).

Without this data, it would not be technically possible in some cases to deliver and display the content of the website. In this respect, the collection of data is absolutely necessary. We also use the anonymous information for statistical purposes. It helps us to optimise our offering and technology. We also reserve the right to check the log files retrospectively if we suspect illegal use of our website. For security reasons, log file information is stored for a maximum of seven days for the purpose of investigating fraud or misuse and then deleted. If certain data is required for evidentiary purposes, deletion will be postponed until the incident has been finally clarified.

Fulfilment of contractual services
In order to fulfil our contractual and service obligations, we process inventory data (e.g. name and address as well as user contact data) and data on concluded contracts (e.g. services used, information on payment and shipping) in accordance with Art. 6 para. 1 lit b. GDPR. The mandatory information required to create a profile is communicated to users during the registration process. It is not possible for search engines to index user accounts as they are not public. Data from cancelled user accounts will be deleted unless retention is necessary for commercial or tax law reasons (in accordance with Art. 6 para. 1 lit. c GDPR). In the event of cancellation, users are responsible for backing up their data before the end of the contract. We are authorised to irretrievably delete all user data stored during the term of the contract. To protect against misuse or unauthorised use and to safeguard our legitimate interests, we store the IP address and time when a profile is registered, an application is submitted via our application or contact form and when the user uses our online services. In principle, this data is not passed on to third parties, with the exception of the pursuit of our claims or a legal obligation pursuant to Art. 6 para. 1 lit. c GDPR. For advertising purposes, we create a user profile based on usage data (e.g. visits to our websites or specific product interests) and content data (entries in forms or information in the form) in order to be able to display product information and offers of interest to the user.

Online presence in social media
With consent within the meaning of Art. 6 para. 1 lit. a. GDPR, we maintain online presences on social networks and platforms. We use these to communicate with customers, interested parties and users and to provide information about our services. When accessing the respective networks and platforms, the terms and conditions and data processing guidelines of the respective operators apply. Insofar as this privacy policy does not specify any further data processing, the data of users who communicate with us or interact with our content will be processed.

Measurement of reach and use of cookies
Cookies are small files that are stored on the user's data carrier. We mainly use cookies (session cookies), which are deleted from the respective storage medium at the end of the browser session. Session cookies are required, for example, to enable shopping basket functions or the storage of your entries across several pages. However, we also use cookies that remain on the user's hard drive. This enables automatic recognition of the user on a return visit and the preferred entries and settings. These cookies are stored on the hard drive for a period of one month to 10 years and delete themselves after the specified time. These cookies are primarily used to make the online offering more user-friendly, secure and effective. We also inform users within this privacy policy about the use of cookies in the context of pseudonymised reach measurement. If users wish to avoid the storage of cookies, this option can be deactivated in the browser settings. Cookies that have already been saved can also be deleted there, but the exclusion of cookies can lead to functional restrictions of our online offer. An objection to the use of cookies that are used to measure reach and for advertising purposes can be made via the deactivation page of the network advertising initiative https://optout.networkadvertising.orgthe European website https://www.youronlinechoices.com/uk/your-ad-choices and additionally the US-American website https://www.aboutads.info/choices take place.

Application and use of Google Analytics
Restricted use of Google Analytics
Google Analytics is a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. For the optimisation, analysis and economic operation of our online offer, we use Google Analytics in our own interest within the meaning of Art. 6 para. 1 lit. f. GDPR. GDPR, we use Google Analytics, but only in a very limited form. Data is only collected in anonymised form for statistical purposes. Google itself does not set any cookies and no data is used for advertising purposes. As a rule, Google truncates the IP address of the user within the EU or the EEA (activated IP anonymisation).

Full use of Google Analytics
Furthermore, with the user's consent (Art. 6 para. 1 lit. a.), we also use the full range of functions of Google Analytics. In some cases, this uses cookies to analyse information about the use of the online offering by users. Google creates reports on our behalf about the use of our online offering. For this purpose and for other services on our behalf, information about the activities of users within our website is collected. This information can also be used to create pseudonymised user profiles.

We use Google Analytics to display adverts placed by Google's advertising services (and its partners) only to those users who have certain characteristics (interest in certain topics or products) (so-called remarketing). By using "remarketing audiences", we ensure that the corresponding adverts are not annoying and correspond to the potential interest of the user.

Users can prevent the collection and processing of user data by downloading and installing the browser plugin available at this link: https://tools.google.com/dlpage/gaoptout?hl=de
The storage of cookies can also be prevented by settings in the respective browsers or by withdrawing consent in our Consent Manager. At the beginning of this privacy policy, you can adjust your consent by opening the Consent Manager and making the appropriate settings. Further information on setting and objection options and on data collection by Google can be found directly from Google: https://www.google.com/intl/de/policies/privacy/partners, https://www.google.com/policies/technologies/adsand here you can also, https://adssettings.google.com/authenticatedto view and edit your ad settings.

Google Signals
With the user's separate consent within the meaning of (Art. 6 para. 1 lit. a.), we use Google Signal services that enable Google Analytics to measure cross-device interactions with our content.

Application and use of Google Re/marketing services
With the consent of the user within the meaning of (Art. 6 para. 1 lit. a. GDPR), we use the marketing and remarketing services ("Google Marketing Services" for short) of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

We use Google Marketing Services to display adverts for and on our website in a more targeted manner, with the aim of presenting users primarily with adverts for which there is potential interest. If, for example, adverts are displayed for products that the user was interested in on previous pages, this is referred to as "remarketing". On all websites (ours and others) on which Google marketing services are activated, a code from Google is executed immediately when the page is called up and so-called (re)marketing tags (invisible graphics or code, also known as "web beacons") are integrated into the website. As a result, an individual cookie (or comparable technology) is stored on the user's device. These can be set by various domains, including doubleclick.net, googlesyndication.com, admeld.com, google.com, invitemedia.com or googleadservices.com. The stored file contains data on the websites visited by the user and which offers they have shown interest in. In addition, technical information about the operating system, the browser used, the duration of the visit, referring websites and use of the online offer is stored. As a rule, Google truncates the IP address of the user within the EU or the EEA (activated IP anonymisation). The IP address is not merged with other user data. Google may also combine user information with information from other sources. Accordingly, adverts that match the user's interest profile may also appear on our website.

As part of the Google marketing service, all user data is processed pseudonymously. The storage therefore does not include the user's name or email address. All relevant data is only stored in relation to cookies as a user profile. Adverts are therefore not person-dependent, but exclusively cookie-dependent. If the user has given Google permission, the data can also be processed without pseudonymisation.

The integration of third-party adverts takes place, for example, on the basis of Google's "DoubleClick" or "AdSense". Both programmes use cookies that enable Google and its partner websites to place advertisements based on users' website visits.

You can deactivate interest-based advertising by Google marketing services by using the settings and opt-out options provided by Google: https://www.google.com/ads/preferences. At the top of this privacy policy, you can adjust your consent by opening the Consent Manager and making the appropriate settings. The overview page: https://www.google.com/policies/technologies/ads from Google provides you with further information on the use of data for marketing purposes. You can find the Google privacy policy at https://www.google.com/policies/privacy.

Google Tag Manager
In our legitimate interest within the meaning of (Art. 6 para. 1 lit. f. GDPR), we use the Google Tag Manager service to control and operate the website content. This is a tag management service provided on a cookie-less domain that supports us in the area of consent management as well as the integration of various third-party providers. This service is essential for the operation of the site.

Tag Manager Server
In addition, we use Google Tag Manager servers, which enable us to combine external data communications. This service is operated on European Google Cloud servers, primarily located in Germany. This cloud server provider is used for the purpose of fulfilling contracts with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f GDPR). Our hoster will only process your data to the extent necessary to fulfil its performance obligations and follow our instructions with regard to this data. Further information on data processing can be found at https://cloud.google.com/terms/data-processing-terms?hl=de

Mapbox
Our website uses services of Mapbox Inc (Mapbox) (740 15TH St NW Ste 500 Washington, DC, 20005-1047 United States) on some subpages for automatic address completion. By using this service, information about the use of this website, including your IP address, may be transmitted to Mapbox in the USA.
When you call up a page that contains Mapbox maps, your browser establishes a direct connection with the Mapbox servers. The map content is transmitted by Mapbox directly to your browser, which integrates it into the website. We therefore have no influence on the scope of the data collected by Mapbox in this way. If you do not want Mapbox to process data via our website, you can deactivate JavaScript in your browser settings. In this case, however, you will not be able to use the map display.

For more information about the purpose and scope of data processing by Mapbox, your rights in this regard and setting options to protect your privacy, please refer to Mapbox's privacy policy at: https://www.mapbox.com/privacy.

You have the option of preventing cookies from Mapbox by deactivating third-party cookies in your browser settings.

WhatsApp
For communication with customers, applicants and interested parties via the WhatsApp messaging service, System Straub uses the technical platform and services of WhatsApp, Inc (WhatsApp) (1601 Willow Road, Menlo Park, California 94025, United States) with the privacy policy available at https://www.whatsapp.com/legal/#privacy-policy back. WhatsApp is part of the Facebook group of companies.
In this context, System Straub itself is only a user of the services and functions provided by WhatsApp. We have no influence over the terms and conditions under which WhatsApp does this. This also applies in particular with regard to the data protection conditions associated with the use of WhatsApp. If you contact us via WhatsApp, this means that not only we come into contact with all the personal data that you disclose in this context, but also WhatsApp.

Data processing by WhatsApp
We have no influence on the type and scope of the data processed by the provider, the type of processing and use or the transfer of this data to third parties, in particular to countries outside the European Union where an adequate level of data protection cannot be guaranteed.
Information about which data is processed by the provider and for what purposes it is used can be found in the service's privacy policy, which can be viewed here: https://www.whatsapp.com/legal/

These are essentially the following data:
- Registration data, such as profile name and mobile phone number
- Telephone numbers in the mobile phone address book
- Usage and log information (information on the use of the service)
- Transaction data (e.g. payment receipts)
- Connection data, such as details of the mobile phone network,
- Connection and device information, such as operating system, device ID, device location (if location functions are used), mobile phone or internet provider, browser type, IP address, browser type
- Status information ("Last online" status)

Data processing by System Straub and purpose of data processing
By sending a message to the mobile phone number provided, you consent to System Straub processing your personal data as described below:
System Straub processes your following personal data in order to provide you with information about our services, products, offers and other information for the purpose of personnel placement: your telephone number, your profile picture, your messenger ID and all messages sent to System Straub.

The service described is aimed exclusively at persons who have reached the age of sixteen. You have the right to withdraw your consent at any time. All you need to do is send a message with "Delete all data" to the mobile phone number provided. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. The personal data will be deleted if you send a message with "Delete all data" to the mobile phone number provided.
The provision of the aforementioned personal data is neither legally nor contractually required. You are not obliged to provide the personal data. However, failure to provide this data would mean that System Straub would not be able to send you the aforementioned information via WhatsApp.

Your rights to information, rectification, blocking, erasure and objection
You have the right to request information about the personal data stored by us free of charge and/or to request that it be corrected, blocked or deleted. Exceptions: Data storage is required for business transactions or the data is subject to statutory retention obligations.

For these purposes, please contact Marketa Straub (Contact).

In order to be able to take a data lock into account at any time, it is necessary to keep the data in a lock file for control purposes. If there is no legal archiving obligation, you can also request the deletion of the data. Otherwise, we will block the data if you so wish.

Changes and updates to our privacy policy
In order to ensure that our privacy policy always complies with current legal requirements, we reserve the right to make changes at any time. However, this only applies with regard to declarations on data processing. If user consent is required or if parts of the privacy policy contain provisions of the contractual relationship with the users, changes are only possible with the consent of the users. This also applies in the event that the privacy policy has to be adapted due to new or revised services, for example new services. The new privacy policy will then apply the next time you visit our website. We ask users to regularly obtain independent information about the content of the privacy policy.

Source: Data protection configurator from my-data-protection-officer.com