We highly appreciate your interest in our company. Privacy takes on an important role for the company management of admeritia GmbH. The usage of our website is principally possible without any declaration of personal data. If a data subject wants to make use of special services of our company via our website, processing of personal data might be required. If processing personal data is required and if there is no other existing legal basis concerning such processing, we generally ask for acceptance of the data subject.
admeritia GmbH, being responsible for the processing, implemented numerous technical and organizational measures to guarantee gapless protection of the personal data processed via this website.
a) Personal data
Personal data comprises all information which relates to a certain or determinable natural person (in the following referred to as “data subject”). Determinable related to a natural person, who can be identified directly or indirectly, especially through assignment to an identification like name, identification number, location data, online-identification or one or more special characteristics, which are an expression of the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person.
Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Profiling comprises every kind of automated processing of personal data which consists of using the personal data to evaluate specific personal aspects, which relate to a person, especially to analyze and predict aspects concerning performance, economic situation, health, personal preferences, interests, reliability, behavior or location of this person.
2. Name and address of the person responsible for processing
The person responsible within the General Data Protection Regulation, other valid data privacy acts of the member states of the European Union and other regulations with a character in terms of data-protection law is:
Tel. +49 (2173) 20363-0
Fax +49 (2173) 20363-29
3. Name and address of the commissioner for data protection
Our commissioner for data protection is:
Tel.: +49 1523 6914677
You can contact our commissioner for data protection at any time with regard to any questions and suggestions concerning data protection.
4. Data processing
a) Acquisition of general data and information
Our website acquires a number of general data and information with every invocation. This general data will be saved within the server logfiles and comprises the following information:
- Complete IP-address
- Time and method of the invocation
- Invoked URL
- Version of the used HTTP-protocol
- Result value of the invocation
- Size of the invocation in Kbyte
- Website from which this website has been invoked (only with regard to referrer-link)
- Information regarding used browser and system software
This data is without direct reference to persons. Personal data like your name, address, telephone number or e-mail are not acquired.
Using this general data and information we do not draw conclusions about the data subject. The information is needed to:
- deliver our website content correctly
- guarantee the permanent functionality of our information technology systems and the technology of our website
- provide the prosecuting authorities with information necessary for prosecution in case of a cyber attack
One the one hand we evaluate this anonymously acquired data and information statistically and on the other hand with the objective of increasing privacy and data security within our company.
The anonymous server-logfiles-data is saved separately from all personal data given by a data subject.
b) Data protection with regard to applications and within the application process
We collect and process personal data of applicants for the purpose of the handling of the application process. The procession can also take place electronically. This is especially the case, if an applicant sends us respective application documents electronically, for example via E-Mail. If we close an employment contract with an applicant, the transferred data will be saved for the purpose of the handling of the employment relationship considering the legal regulations. If we do not close an employment contract with the applicant, we automatically delete the application documents two months after announcement of the decision of rejection, insofar as for our part no other eligible interest opposes the deletion – for example a burden of proof in a process according to the General Equal Treatment Act.
c) Contact with customers and prospects
We collect and process the personal data of customers, interested parties and their employees for the purpose of initiating or processing contracts and for carrying out our business activities. As part of this, we maintain and manage contact details of customers, prospects and their employees in our customer relationship management system.
The legal basis for this processing is Art. 6 Para. 1 lit. b GDPR, provided that the customers and interested parties are natural persons and Art. 6 para. 1 lit. f GDPR, if it concerns employees of customers and interested parties.
d) Security briefing dispatch
We offer you the opportunity to stay up to date on information on IT and OT security by registering for our security briefing using a double opt-in procedure.
1. Your data
As part of this, we use the CleverReach tool from CleverReach GmbH & Co. KG and collect the following personal data from you:
- Your email address
- Your surname and first name (optional)
- A reading confirmation of the email sent
- The internet browser that you use to access the web view of the security briefing
- The device with which you last opened the security briefing
- The links contained in the security briefing that you have opened
- The location where you opened the security briefing
- Your IP address
Security briefing registrations that are not confirmed as part of the double opt-in procedure will not result in emails being sent to the email address provided. This email address will be deleted two weeks after registration, provided that no confirmation has been made within the scope of the double opt-in procedure.
If you no longer wish to receive emails from us, you can unsubscribe from the security briefing at any time. To do this, you simply have to follow the link in the footer of the last email you received via this route or click directly on the following link: https://seu2.cleverreach.com/f/255258-251557/wwu/. We will then delete all personal data processed about you within a week.
3. Web view
5. Routinely deletion and detent of personal data
We process and save your personal data only within the time-frame which is necessary for the attainment of the saving purpose or insofar as it was designated by the European issuers or directives and regulators or another legislator within laws or regulations, which apply to us.If the saving purpose is omitted or if a prescribed saving-deadline expires, the personal data will be blocked or deleted routinely and in accordance with the regulations.
6. Your Rights
a) Right of access
You have the right to obtain free access concerning your saved personal data and a copy of this data at any time.
Additionally you have the right of access with regard to whether personal data was transferred to a country beyond the EU or to an international organization. If this is the case you have the additional right to obtain access concerning adequate guaranties related to this transmission.
If you want to make use of your access-right, you can contact our commissioner for data protection at any time.
b) Rights of adjustment
You have the right to demand the immediate adjustment of false personal data, which is related to your person. Additionally you have the right to demand, considering the purpose for processing, the completion of incomplete personal data, even by means of an additional declaration.
If you want to make use of the right of adjustment, you can contact our commissioner for data protection at any time.
c) Right of deletion (“Right to be forgotten”)
You have the right to demand the immediate deletion of the personal data related to your person, if specific reasons apply and insofar as processing is not necessary.
If you want to prompt the deletion of personal data, which we save, you can contact our commissioner for data protection at any time. He will review your request and, as appropriate, prompt the fulfillment of the deletion-demand.
If we published the personal data and if our company, as responsible according to article 17 paragraph 1 GDPR, is obliged to delete personal data, we will adopt adequate measures considering available technologies and implementation costs, also technical ones, to inform others responsible for the data processing, which process the published personal data on the fact that the data subject has demanded the deletion of all links to this personal data or to copies or replications of the personal data of those responsible for the data processing, insofar as processing is not necessary. Our commissioner of data protection will prompt anything necessary in a given case.
d) Right of processing restriction
You have the right to demand the restriction of processing, if specific preconditions are given.
If you want to demand the restriction of saved personal data, you can contact our commissioner for data protection at any time. He will review your request and, as appropriate, prompt the restriction of procession.
e) Right of data portability
You have the right to obtain your personal data, which were provided by us, in a structural, common and machine readable format. In addition you have the right to transfer this data to another responsible without disruption by admeritia GmbH, to which the personal data was provided, insofar as the processing is based on the acceptance according to article 6 paragraph 1 point a GDPR or article 9 paragraph 2 point a GDPR or on a contract according to article 6 paragraph 1 point b GDPR and insofar as the processing takes place by means of an automated process, is the processing is not necessary to perform a task, which lies within the public interest or takes place by means of the execution of public forces, which were transferred by us.
Additionally, when performing your right of data portability according to article 20 paragraph 1 GDPR, you have the right to obtain that the personal data is transferred directly by us to another responsible, insofar as this is technically possible and if this does not affect the rights or freedoms of other people.
To make use of the right of data portability you can contact our commissioner for data protection at any time.
f) Right of appeal
You have the right to lodge an objection, which is based on reasons, which arise out of your special situation, at any time against the processing of your personal data, which takes place based on article 6 paragraph 1 point e or f. This also appeals to profiling, which is based on these regulations.
We no longer process personal data in the case of an objection, unless we can prove reasons which are compellingly worthy of protection concerning the processing, which outweigh your interests, rights and freedoms, or the procession serves the enforcement, exercise or defense of titles.
To exercise the right of appeal you can contact any employee or our commissioner for data protection at any time. In connection with the use of services of the information society, despite the guideline 2002/58/EG, you are free to exercise your right of appeal by means of automated processes, which make use of technical specifications.
g) Automated decisions in the individual case including profiling
You have the right not to be subjected to a decision based exclusively on an automated process – including profiling, which has a legal impact on you or which affects you significantly in a similar way, if the decision is not necessary for the closing or the fulfillment of a contract between you and admeritia GmbH, or if the decision is admissible according to legal provisions of the union or member countries of the EU, which apply to us and which include appropriate measures for the protection of rights and freedoms as well as your eligible interests or if the decision takes place with your explicit acceptance.
If the decision necessary for the closure or fulfillment of a contracts between you and admeritia GmbH or if the decision takes place with your explicit acceptance, we adopt appropriate measures to protect your rights and freedoms as well as your eligible interests. This comprises at least the right of obtaining interference of a person for our part, the right of presenting the personal position and the right of appealing the decision.
If you want to make use of the rights with regard to automated decisions, you can contact our commissioner for data protection at any time.
h) Right of revocation of an acceptance regarding data protection laws
You have the right to revoke an acceptance concerning the processing of personal data at any time.
If you want to make use of your right of revocation of an acceptance, you can contact our commissioner for data protection at any time.
7. Legal position of processing
Article 6 paragraph 1 point a GDPR serves our company as a legal basis for processing processes, for which we seek acceptance for a specific processing purpose. If the processing of personal data necessary for the fulfillment of a contract, its contracting party being the data subject, as this is for example the case for processing processes, which are necessary for a delivery of goods or the delivery of another service or return service, the processing is based on article 6 paragraph 1 point b GDPR. The same applies for those processing processes, which are necessary for the implementation of pre-contractual measures, for instance in cases of requests concerning our products or services. If our company is liable to a legal commitment through which processing of personal data becomes necessary, for instance with regard to the fulfillment of tax responsibilities, the processing is based on article 6 paragraph 1 point c GDPR. In rare cases the processing of personal data could become necessary to protect vitally important interests of a data subject or another natural person. This would be the case if a visitor in our company would be injured and subsequently his name, age and health insurance company data or other vitally important information had to be transferred to a doctor, a hospital or other third parties. In this case the processing would be based on article 6 paragraph 1 point d GDPR. Processing processes could at latest be based on article 6 paragraph 1 point f GDPR. On this legal basis processing processes are based, which are not acquired by one of the aforementioned legal basis, if the processing for the protection of an eligible interest of our company or of a third party is necessary, insofar as the interests, basic rights and basic freedoms of the concerned no not predominate. If the processing of personal data is based on article 6 paragraph 1 point f GDPR our eligible interest is the execution of our business activity in favor of the welfare of all our employees and our shareholders.
8. Duration or personal data being saved
The criterion for the duration of personal data being saved is the respective legal retention period. After the expiration of the deadline the respective data will be deleted routinely, if they are no longer necessary for the fulfillment of the contract or the contract initiation.
9. Legal or contractual regulations for the provision of personal data; necessity for the closure of contract; obligation of the data subject to provide personal data; possible consequences of the non-provision
We inform you that the provision of personal data is partly required by law (for example tax regulations) or that the provision can arise as a result of contractual regulations (for example information on the contracting party). Occasionally it can be necessary for a contract closure that a data subject provides us with personal data, which subsequently have to be processed by us. The data subject is for example obliged to provide us with personal data if our company closes a contract with that data subject. A non-provision of personal data would result in the consequence that the contract cannot be closed with the data subject. In advance of the provision of personal data by the data subject, the data subject has to contact one of our employees. Our employee informs the data subject on an individual basis whether the provision of personal data is legally or contractually required or necessary for the contract closure, whether an obligation of providing personal data exists and which consequences would result in the case of a non-provision of personal data.
10. Existence of an automated decision making
As a responsible-minded company we refrain from an automated decision making or profiling.
Your contact persons
Data protection officer