Data Protection Statement Website and Social Media
We appreciate your interest in BERICAP. Protecting your privacy is important to us. In the following, we would like to explain which data we collect via our website www.bericap.com and what happens with this data. However, our website may contain links to websites that are not covered by this data protection notice.
The processing of personal data is subject to the EU General Data Protection Regulation (“GDPR”) and the Telecommunications Telemedia Data Protection Act (“TTDSG”). This data protection notice informs you about how your personal data and information is processed in your terminal equipment (e.g., laptop or smartphone) when using this website and which data is involved.
The terms used are not gender specific.
I. Who is responsible for data processing and whom can you contact?
The controller responsible for the processing of your personal data is:
BERICAP Holding GmbH, Kirchstrasse 5, 55257 Budenheim, Germany
You can contact our data protection officer via mail (firstname.lastname@example.org) or by sending a letter to the postal address of the controller for the attention of the Data Protection Department.
II. What do we process your data for (purpose of processing) and on what legal basis?
We process your personal data for the following purposes and on the basis of the following legal grounds:
1. Recording of technical characteristics when visiting the website
We collect information about your visit to our website. When you visit our website, the web server temporarily records
- the domain name or IP address of your computer,
- the file request of the client (file name and URL),
- the http response code,
- the website from which you are visiting us,
- which Internet browser and which operating system you are using,
- the typeof your device,
- the date of your visit
Your IP address is only recorded anonymously. The logging of data is necessary for navigation through the pages and use of essential functions (§ 25 para. 2 No. 2 TTDSG, Art. 6 para. 1 lit. b GDPR). In addition, the data is used for the purpose of detecting and tracking abuse on the basis of the legitimate interests of data security and the functionality of the service (Art. 6 para. 1 lit. f GDPR, § 25 para. 2 No. 2 TTDSG). In particular, no overriding interest of the data subject is opposed to a use for the defense against attempted attacks on our web server to ensure proper use. The data will neither be used for the creation of individual profiles nor passed on to third parties and will be deleted after 14 days.
2. Applications for job offers
If you apply for a job, the personal data you provide in your application, such as name and address, as well as contact and communication data such as telephone number and e-mail address and the documents you provide (hereinafter jointly referred to as “application documents”) will be processed for the purpose of processing your application and carrying out the respective application and recruitment process.
Your application documents will be forwarded directly to the relevant specialist department and affiliated companies, provided that the position to be filled is located there or the decision on a possible recruitment is made there.
For these purposes, it may also be necessary under certain circumstances for your application documents to be sent to countries outside the EU which have not been recognized by the EU Commission as having an adequate level of protection (see Section V below).
The application documents are processed on the basis of statutory provisions which permit data processing because it is necessary for the decision on the establishment of an employment relationship (Art. 6 para. 1 lit. b GDPR and Art. 26 para. 1 Federal Data Protection Act (“BDSG”)).
Insofar as specific personal data pursuant to Art. 9 para. 1 GDPR are included in your application documents, e.g., your religious affiliation or any degree of disability, these data will be processed on the basis of statutory provisions which permit data processing because they are necessary to fulfil obligations under employment law, social security and social protection law (Art. 9 para. 2 lit. b GDPR).
Transfers to bodies that are located outside the EU and not recognized by the EU Commission as having an adequate level of protection are made on the basis of statutory provisions which permit data processing because it is necessary for the implementation of pre-contractual measures at the request of the person concerned – in this case the implementation of the application and staffing procedure (Art. 49 para. 1 lit. b GDPR).
Your application documents will be stored for 6 months after completion of the respective application or recruitment process.
If you proactively decide to subscribe to the newsletter offered on the website, we will process your e-mail address. This is required for your authentication to ensure that you are the owner of the specified e-mail address and at the same time agree to receive the newsletter (so-called double opt-in procedure). In order to guarantee that we are able to personally address you within the newsletter, you can also provide personal data such as first and last name. This storage data will be used exclusively for the above-mentioned purpose as well as for sending the requested information and for documenting your consent. A revocation of the given consent to the storage and use of the data can be carried out at any time with future effect, for example, via the “unsubscribe” link in the newsletter.
The processing of your data in connection with the newsletter dispatch is based on your consent (Art. 6 para. 1 lit. a GDPR).
4. Contacting us
We will collect and process data that you actively provide to us for example, when filling in online forms or by contacting us via means of communication such as e-mail, telephone or post. In case of online forms, the purpose for which you provide us with your personal data can be found on the form itself, generally the purpose will be to communicate with you.
If you contact us via e-mail, phone, fax or an online contact form provided on our website, we process personal data as far as provided by you: your name, company, profession, address data, e-mail address, phone number, fax number, content, type of your request and possible further information provided by you for the purpose of responding to your inquiry. We do this based on your prior given consent (Art. 6 para. 1 lit. a GDPR) or, in order to execute a contract, you are party to (Art. 6 para. 1 lit. b GDPR) or based on our legitimate interest in communicating with you and answer your inquiry, which is not overridden by your interests, rights or freedoms since you contacted us yourself (Art. 6 para. 1 lit. f GDPR). We will not use the information as a basis for contacting you further for marketing purposes unless you have given us your explicit consent to do so. Your contact data will be stored for up to six months after completion of the request or survey unless there is a legal obligation to store the data longer.
5. Interaction with social networks
Our website uses so-called share buttons, which are plugins of social networks (currently in particular Facebook, LinkedIn and Twitter). In principle, no information about your visit to our website is passed on to the respective operator of the social network via these share buttons. Only when you click on the respective share button will you be directed to the page of the network operator. The associated data collection and data use are the responsibility of the operator of the respective social network.
We have also integrated our social media feeds on the website (in particular Facebook, Twitter, YouTube, LinkedIn). If you click on the corresponding icons and are logged into a social network of one of the listed providers at the same time, it is possible that the respective social media provider simultaneously links your activity to your user account. The data transmitted in this context may include in particular: the date and time of your visit to our website, the URL of the website you visit at the same time, the URL of the website you visited previously, the browser you use, the operating system you use, and your IP address.
III. Which cookies do we use?
You can delete cookies at any time, even if they have already been used. Via the query that appears when you visit our website and the cookie settings, you have the option of fully agreeing to or rejecting cookies, as well as setting specific preferences. Detailed information and explanations on the different types of cookies can also be found in the cookie settings. Cookies that are necessary to provide the web service cannot be rejected.
1. Required Cookies
These cookies are necessary for you to navigate the pages and use essential functions. They enable basic functions, such as access to secure areas or setting your privacy preferences. The legal basis for these cookies is § 25 para. 2 No. 2 TTDSG, Art. 6 para. 1 lit. b GDPR. If you block these cookies via your browser settings, some or all of these functions may not work properly.
Name: Borlabs Cookie
Type: First Party
Duration: 1 Year
2. Analytical Cookies
These cookies help us to improve the performance of our website and enhance the user experience. The collection of anonymous and pseudonymous information allows us to compile statistics on the operation of the website (e.g., the number of visits and traffic sources) and user behavior on it (e.g., movement paths and interaction with the website). The legal basis for these cookies is Art 6 para. 1 lit. a GDPR. If you block these cookies via your browser settings, we cannot know, e.g., when you visited our website or how you interacted with it in order to correct structural errors.
Name: Google Analytics
Type: Third Party
Duration: 2 Years
Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf.
You can disable Google Analytics using a browser add-on if you do not want the website analysis. You can download it here: https://tools.google.com/dlpage/gaoptout?hl=en
3. Services from other companies (autonomous third-party providers)
Type: Third Party
Duration: 6 Months
IV. With which recipients do we share your data?
In order to fulfill the aforementioned purposes, we may share your personal data with others in addition to the cases expressly mentioned in this data protection notice. In addition to other Group companies, these are in particular service providers, i.e., companies that offer us the products and services provided, such as providers of IT systems and IT support. We have in each case concluded an agreement with the relevant service providers for the processing of data on behalf of them in accordance with Art. 28 GDPR.
If necessary, we may also need to share your information with government agencies in response to requests from those agencies.
In addition, we only pass on your data to those recipients for whom you have given us your consent to transfer the data.
V. Will data be transferred to a third country?
In order to fulfill the aforementioned purposes, we may transfer your personal data to recipients outside Germany. Transfers within the European Economic Area (“EEA”) always take place in accordance with the uniform EEA data protection level.
Transfers to third countries are always carried out in compliance with the supplementary requirements of Art. 44 et seq. GDPR.
Your personal data may be transferred to certain third countries for which an adequacy decision of the EU Commission determines that an adequate level of protection exists in accordance with the uniform EEA data protection level. The full list of these countries is available here
As a rule, EU standard contractual clauses (“SCC”) are concluded with the recipient for transfers to other third countries. These have been issued by the EU Commission to safeguard such international data transfers and can be requested if necessary.
Ultimately, personal data may be transferred on the basis of an exceptional case under Art. 49 of the GDPR.
VI. Which data protection rights do you have?
According to the GDPR you are entitled to various rights. You have the right to access your personal data (Art. 15 GDPR, §§ 34 et seq BDSG), to correct incorrect personal data (Art. 16 GDPR), to delete your personal data under certain circumstances (Art. 17 GDPR, §§ 34 et seq BDSG) and to restrict the processing of your personal data under certain circumstances (Art. 18 GDPR).
In case the processing is based on Art. 6 para. 1 lit. e or f GDPR including profiling based on those provisions, you have the right to object to the processing of your personal data on grounds relating to your particular situation (Art. 21 para. 1 GDPR).
You also have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or the place of an alleged infringement of the GDPR (Art. 77 GDPR in conjunction with § 19 BDSG). The responsible data protection authority for BERICAP is “Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Rheinland-Pfalz”, Postfach 3040, 55020 Mainz. The right of appeal is without prejudice to any other administrative or judicial remedy.
VII. To what extent does automated decision-making take place in individual cases?
Fully automated decision-making pursuant to Art. 22 GDPR does not take place. Should we use these procedures in individual cases, we will inform you about this separately if this is required by law.
In the event of any difficulties of interpretation, the German text of this information shall be the authoritative one.