Protection des données

Privacy Policy

This privacy policy applies to both the website you are currently visiting and all other websites of our company, as well as our social media presences and other platforms.

I. Responsible Entity

The entity responsible for collecting, processing, and using your personal data through this internet platform is

Dimeda Instrumente GmbH
Bastian Milkau
Gänsäcker 54+58
78532 Tuttlingen

Phone: +49 (0) 7462 | 94 61 0
Email: datenschutz@dimeda.de

The controller of personal data processing is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

The responsible entity is also the service provider within the meaning of the Telemedia Act (TMG).

You can reach the Data Protection Officer at:

Erich Zimmermann
c/o ZiDa-Datensicherheit GmbH, Baden-Baden
Office MA: Schwarzwaldstraße 17, 68163 Mannheim
Email: e.zimmermann@zida-gmbh.de
www.zida-datensicherheit.de

We take the protection of the privacy of visitors to this website and other company websites very seriously. We collect, process, and use personal data only in accordance with legal provisions and in accordance with this privacy policy.

Please read this privacy policy carefully. You will be informed here about the scope, nature, and purpose of the collection, use, and processing of personal data of persons using this website.

Personal data in this context refers to all data that can be used to personally identify you. This includes individual information such as your name or contact details, such as phone number, address, and email address.

With the exception of the IP address, we only collect personal data if you voluntarily provide this data, for example, as part of registration on our website or when using our contact form. This personal data is used to identify you as a user via your email address and to contact you.

II. What data do we collect on our website?

1. Access data and log files

When using our website for informational purposes only, i.e., if you do not register or otherwise provide us with information, we only collect the data that your browser transmits to our server (so-called « server log files »). When you visit our website, we collect the following data that is technically necessary for us to display the website to you:

IP address (if possible, this is stored anonymously)
Domain name of the website you came from
Names of the retrieved files
Amount of data sent in bytes
Date and time of access
Name of your Internet Service Provider
and, if applicable, operating system and browser version of your device

The processing is carried out in accordance with Art. 6 Para. 1 lit. f GDPR based on our legitimate interest in improving the stability and functionality of our website. We process this data, but we do not store it permanently. The data is not passed on or otherwise used. However, we reserve the right to check the server log files retrospectively if there are concrete indications of illegal use.

The data is evaluated exclusively for statistical purposes. We do not create personal user profiles.

2. Cookies

Cookies are used on our website to enable you to use certain functions and to make your visit to our website as practical and secure as possible.

A cookie is a text file that is created when visiting a website and is temporarily stored on the system of the website user. If the server of our website is accessed again by the website user, the user’s browser sends the previously received cookie back to the server. The server can evaluate the information obtained through this process. Cookies can be used, for example, to control advertising insertions or to facilitate navigation on a website. Cookies are particularly necessary to enable the functionality of our website operation (the legal basis is Art. 6 Para. 1 lit. f GDPR, the protection of the legitimate interests of the operator of this website – we use cookies only in accordance with Art. 5 Para. 1 lit. a GDPR, i.e., according to the principles of lawfulness, processing in good faith, transparency).

Unless they are technically necessary cookies (which are kept purely locally and not further analyzed), you will be asked for consent if you agree to the setting of cookies.

The use of cookies serves our overriding legitimate interest in an optimized presentation of our offer in accordance with Art. 6 Para. 1 lit. f GDPR. We use cookies only in accordance with Art. 5 Para. 1 lit. a GDPR, i.e., according to the principles of « lawfulness, processing in good faith, transparency ».

If you want to prevent the use of cookies, you can do this through local settings in your internet browser (e.g., Internet Explorer, Mozilla Firefox, Opera or Safari). There you can deactivate the setting of cookies in general and delete already stored cookies. However, individual functions of our website may then no longer be fully usable.

3. Website hosting

As part of processing on our behalf, a third-party provider based in a country of the European Union provides us with the services for hosting and displaying the website. This involves infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services. In doing so, we or our hosting provider process all data that arises in the context of using our website. This includes inventory data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors to our online offer.

The processing is carried out on the basis of our legitimate interest in an efficient and secure provision of this online offer (Art. 6 Para. 1 lit. f GDPR in conjunction with Art. 28 GDPR).

4. What data do we collect and use when you contact us?

We process inventory data (e.g., names, addresses and contact details) that you have provided to us as part of your contact with us (e.g., via contact form, by email or by telephone) to fulfill contractual obligations or to respond to your inquiries in accordance with Art. 6 Para. 1 lit. b GDPR. Which data is collected can be seen from the respective input forms. Information that is mandatory for processing your request is marked as mandatory fields. When making inquiries via our website, we store the IP address and the time of the respective user action. This is done on the basis of our legitimate interests, as well as the interests of users in protection against misuse and unauthorized use of their data. You can object to this at any time (right of withdrawal). We do not pass this data on to third parties, unless this is necessary for the pursuit of our claims or there is a legal obligation to do so in accordance with Art. 6 Para. 1 lit. c GDPR.

We delete the data accruing in this context after storage is no longer necessary, or limit processing if there are statutory retention obligations. We check the necessity of data storage every two years.

III. How long do we store your data?

The data processed by us will be deleted or its processing restricted in accordance with Articles 17 and 18 GDPR. We generally store your personal data, which is generated when using our website, only as long as it is necessary for the purposes mentioned above. If the deletion is opposed by legal retention obligations, the processing of the data will only be restricted, i.e., blocked for further use and cannot be processed for other purposes.

The following proof and retention obligations are particularly relevant: 6 years according to § 257 Para. 1 HGB (for commercial books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting documents, etc.), 10 years according to § 147 Para. 1 AO (books, records, management reports, accounting documents, commercial and business letters, documents relevant for taxation, etc.). In addition, it may happen that personal data is stored for the time during which claims can be asserted against us (statutory limitation period of three or up to thirty years).

IV. For what purpose do we process your data (purpose of processing) and on what legal basis?

We process the data that arises from visiting our website or using the contact options offered in accordance with the provisions of the European General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG). Depending on the concern for which you contact us via the website, there are different legal bases for this. The specific legal basis for data processing depends on the context and purpose for which we receive your data. As a rule, the legal basis for data processing results from the following possibilities:

Art. 6 I lit. a GDPR serves as the legal basis for processing operations where we obtain consent for a specific processing purpose. Consent given can be revoked at any time.

If the processing of personal data is necessary for the performance of a contract to which the data subject is party, as is the case, for example, with processing operations that are necessary for the delivery of goods or the provision of any other service or consideration, the processing is based on Art. 6 I lit. b GDPR. The same applies to such processing operations that are necessary for the implementation of pre-contractual measures, for example in cases of inquiries about our products or services.

If we are subject to a legal obligation which requires the processing of personal data, such as for the fulfillment of tax obligations, the processing is based on Art. 6 I lit. c GDPR.

Finally, processing operations could be based on Art. 6 I lit. f GDPR. Processing operations that are not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary to protect a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject do not override.

V. Disclosure of your personal data to third parties?

IP addresses are automatically transmitted to the server where the website is operated when visiting a website. A transfer of these IP addresses to third parties inevitably occurs whenever a third-party component (a script, an image, a font, any other digital resource) is integrated into the website. Which components are integrated into this website is listed in this privacy policy. The recipients of your IP address or categories of recipients can also be derived from this. Otherwise, we only use your personal data for contract fulfillment. In doing so, we observe the principles of purpose limitation and data minimization.

A transfer of your personal data to third parties for purposes other than those listed below does not take place. We only pass on your personal data to third parties if:

You have given your express consent to this in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR,
The disclosure pursuant to Art. 6 Para. 1 S. 1 lit. f GDPR is necessary for the assertion, exercise or defense of legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data,
In the event that there is a legal obligation for the transfer pursuant to Art. 6 Para. 1 S. 1 lit. c GDPR, and
This is legally permissible and necessary for the processing of contractual relationships with you in accordance with Art. 6 Para. 1 S. 1 lit. b GDPR.

VI. Is there an obligation for me to provide data?

Within the scope of our business relationship, you only need to provide the personal data that is necessary for the establishment, execution and termination of a business relationship or that we are legally obliged to collect.
Without this data, we will usually have to refuse to conclude the contract or execute the order or will no longer be able to execute an existing contract and may have to terminate it.

VII. What data protection rights do I have?

You have the right:

In accordance with Art. 15 GDPR, to request information about your personal data processed by us. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if not collected by us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information about its details;
In accordance with Art. 16 GDPR, to immediately request the correction of incorrect or completion of your personal data stored by us;
In accordance with Art. 17 GDPR, to request the erasure of your personal data stored by us, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims;
In accordance with Art. 18 GDPR, to request the restriction of processing of your personal data, insofar as the accuracy of the data is contested by you, the processing is unlawful, but you oppose its erasure and we no longer need the data, but you require it for the establishment, exercise or defense of legal claims or you have objected to processing pursuant to Art. 21 GDPR;
In accordance with Art. 20 GDPR, to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format or to request the transmission to another controller;
In accordance with Art. 7 Para. 3 GDPR, to withdraw your once given consent to us at any time. This has the consequence that we may no longer continue the data processing based on this consent for the future and
In accordance with Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority, without prejudice to any other administrative or judicial remedy. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or the place of the alleged infringement if the data subject considers that the processing of personal data relating to him or her infringes the General Data Protection Regulation of the EU (GDPR).

Right to object

If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 Para. 1 S. 1 lit. f GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, insofar as there are grounds relating to your particular situation or the objection is directed against direct marketing. In the latter case, you have a general right to object, which will be implemented by us without specifying a particular situation. If you wish to exercise your right of revocation or objection, an email to the email address stated in the imprint of our website is sufficient.

Revocation

Consent given can be revoked at any time. This also applies to the revocation of declarations of consent given to us before the validity of the General Data Protection Regulation, i.e., before May 25, 2018.

Please note that the revocation only takes effect for the future. Processing that took place before the revocation is not affected.

VIII. What should be considered with links to other websites?

Our website/app may from time to time contain links to third-party websites or to other websites of our own. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these privacy policies before you submit any personal data to these websites.

IX. What do we do for data security?

We use the TLS (Transport Layer Security) procedure in conjunction with the highest encryption level supported by your browser. Whether an individual page of our website is transmitted in encrypted form can be recognized by the closed key or lock symbol in the status bar of your browser.

We secure our website and other IT systems through appropriate technical and organizational measures against loss, destruction, unauthorized access, unauthorized modification or unauthorized distribution of your data. However, despite all care, complete protection against all dangers is practically not possible in every case.

X. Changes to this privacy policy

We reserve the right to change this privacy policy if the legal situation or this online offer or the type of data collection changes. However, this only applies to declarations on data processing. If user consent is necessary or components of the privacy policy contain a regulation of the contractual relationship with users, the changes to the privacy policy will only be made with the user’s consent.

Please therefore inform yourself about this privacy policy if necessary, especially if you provide personal data.

Explanation of tools and aids used

It is often not sufficient to explain the use of a tool. Please note the instructions at the very beginning of the document. Please also design the texts according to the tools you use. Copying the entire following text is not purposeful.

Analysis tools and advertising

Google Analytics

We use the analysis service Google Analytics. This web analysis service is operated by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland (« Google »).

We use Google Analytics to evaluate your use of our website and to compile reports on user activities.

This analysis tool works in particular on the basis of cookies. A cookie is a text file that is sent when visiting a website and stored on the user’s hard drive to enable an analysis of your use of the website. The information stored by the cookie is usually transmitted to a Google server in the USA and stored there.

As part of IP anonymization, your IP address is shortened by Google within a member state of the EU or another contracting state of the Agreement on the European Economic Area before transmission. On our behalf, Google will use the transmitted information to create a report on the use of the website. We have concluded a contract with Google for order processing. If you want to prevent the use of cookies, you can do this by making local changes to your settings in the internet browser used on your computer (e.g. Safari, Internet Explorer, Opera, Firefox etc.), i.e. the program for opening and displaying internet pages. Furthermore, you can prevent the collection and processing of your data by the cookie from Google by downloading and installing a browser plugin offered by Google at the following link: https://tools.google.com/dlpage/gaoptout?hl=en

You can prevent collection by Google Analytics by using the consent solution used on this website.

For more information on the terms of use and data protection of Google and Google Analytics, please visit https://www.google.com/analytics/terms/us.html and https://policies.google.com/

We would like to point out that Google Analytics has been extended by the code « anonymizeIp ». This ensures anonymized collection of IP addresses.

Please note that US intelligence agencies may be able to access personal data due to the Cloud Act, which is inevitably exchanged with Google, whose headquarters are in the USA, when incorporating this tool due to the Internet Protocol.

Social Media

YouTube videos

We have embedded YouTube videos on our website that are stored on YouTube’s servers and can be played directly from our website via an embedding. The embedding of the videos is done with the activated option for extended data protection settings. When you play these videos, YouTube cookies and DoubleClick cookies are stored on your computer and data may be transferred to Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (« Google »), as the operator of YouTube.

When playing videos stored on YouTube, at least the following data is transferred to Google as the operator of YouTube and the operator of the DoubleClick network according to the current status: IP address and cookie, the specific address of the page called up on our site, system date and time of the call, identification of your browser.

This data transfer takes place regardless of whether you have a Google user account that you are logged into or whether you do not have a user account. If you are logged in, this data may be directly associated with your account by Google. If you do not wish your data to be associated with your profile, you must log out before activating the play button for the video.

YouTube or Google stores this data as usage profiles and uses it, if necessary, for purposes of advertising, market research and/or needs-based design of its websites. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Google as the operator of YouTube to exercise this right.

Further information on the purpose & scope of data collection and its processing by Google can be found on this information page.

Hosting

WordPress

We use WordPress as a content management system for our website. WordPress uses functional (necessary) cookies to ensure the login process for editors and administrators.
In particular, when attempting to log in to the WordPress administration interface, a cookie named wordpress_test_cookie is set. This cookie is used exclusively for the active session and is deleted as soon as you close the browser.
The cookie is not used to evaluate users.

Other tools

Google reCAPTCHA

Type and scope of processing

We have integrated components of Google reCAPTCHA on our website. Google reCAPTCHA is a service of Google Ireland Limited and allows us to distinguish whether a contact request comes from a natural person or is made automatically by a program. When you access this content, you establish a connection to servers of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, whereby your IP address and possibly browser data such as your user agent are transmitted. Furthermore, Google reCAPTCHA records the user’s dwell time and mouse movements to distinguish automated requests from human ones. This data is processed exclusively for the above-mentioned purposes and to maintain the security and functionality of Google reCAPTCHA.

Purpose and legal basis

The use of Google reCAPTCHA is based on your consent pursuant to Art. 6 Para. 1 lit. a. GDPR and § 25 Para. 1 TTDSG

We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the USA takes place according to Art. 45 Para. 1 GDPR on the basis of the adequacy decision of the European Commission. The participating US companies and/or their US subcontractors are certified according to the EU-U.S. Data Privacy Framework (EU-U.S. DPF).

In cases where there is no adequacy decision by the European Commission (including US companies that are not certified according to EU-U.S. DPF), we have agreed on other appropriate safeguards within the meaning of Art. 44 ff. GDPR with the recipients of the data. These are – unless otherwise stated – standard contractual clauses of the EU Commission according to Implementing Decision (EU) 2021/914 of June 4, 2021. A copy of these standard contractual clauses can be viewed at https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32021D0914&from=EN.

In addition, before such a third country transfer, we obtain your consent according to Art. 49 Para. 1 Sentence 1 lit. a. GDPR, which you give via consent in the Consent Manager (or other forms, registrations, etc.). We inform you that in the case of third country transfers, there may be unknown risks in detail (e.g., data processing by security authorities of the third country, the exact scope of which and its consequences for you we do not know, over which we have no influence and of which you may not gain knowledge under certain circumstances).

Storage duration

The specific storage duration of the processed data is not influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google reCAPTCHA: https://policies.google.com/privacy?hl=en.

Google Fonts

This page uses certain fonts from Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland (« Google ») for display. When you access a page, your browser loads these fonts. In doing so, your IP address along with the page (internet address) you visited is transmitted to a Google server. Further information about Google Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy at https://policies.google.com/privacy

Google Maps

This website uses the map software Google Maps from Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland (« Google »). By using this website, you agree to the collection, processing and use of data that may be automatically collected by Google and its representatives. Terms of Use for Google Maps. Additional information can be found in Google’s Privacy Policy. Google Maps loads Google fonts to display the map correctly. The Google fonts are also loaded from a Google server. Further information about these Google fonts can be found at https://developers.google.com/fonts/faq.

Own services

Handling of applicant data

We offer you the opportunity to apply to us (e.g. by e-mail, postal mail or via online application form). In the following, we inform you about the scope, purpose and use of your personal data collected as part of the application process. We assure you that the collection, processing and use of your data will be carried out in accordance with applicable data protection law and all other statutory provisions and that your data will be treated in strict confidence.

Scope and purpose of data collection

If you send us an application, we process your associated personal data (e.g. contact and communication data, application documents, notes made during job interviews, etc.) insofar as this is necessary to decide on the establishment of an employment relationship. The legal basis for this is § 26 BDSG-neu under German law (initiation of an employment relationship), Art. 6 Para. 1 lit. b GDPR (general contract initiation) and – if you have given consent – Art. 6 Para. 1 lit. a GDPR. The consent can be revoked at any time. Your personal data will only be passed on within our company to persons who are involved in processing your application.

If the application is successful, the data submitted by you will be stored in our data processing systems on the basis of § 26 BDSG-neu and Art. 6 Para. 1 lit. b GDPR for the purpose of implementing the employment relationship.

Data retention period

If we are unable to make you a job offer, you reject a job offer, or withdraw your application, we reserve the right to retain the data you have transmitted on the basis of our legitimate interests (Art. 6 Para. 1 lit. f GDPR) for up to 6 months from the end of the application process (rejection or withdrawal of the application).

Afterwards, the data will be deleted, and the physical application documents will be destroyed. The storage serves in particular as evidence in the event of a legal dispute. If it is apparent that the data will be required after the expiry of the 6-month period (e.g. due to an impending or pending legal dispute), deletion will only take place when the purpose for further storage ceases to apply.

Longer storage may also take place if you have given your agreement (Art. 6 Para. 1 lit. a GDPR) or if statutory storage obligations preclude the deletion.

Admission to the applicant pool

If we do not make you a job offer, you may be able to join our pool of applicants. In case of admission, all documents and details from the application will be transferred to the applicant pool in order to contact you in case of suitable vacancies.

Admission to the applicant pool is based exclusively on your express consent (Art. 6 Para. 1 lit. a GDPR). The submission of consent is voluntary and has no relation to the ongoing application procedure. The data subject can revoke his/her consent at any time. In this case, the data from the applicant pool will be irrevocably deleted, provided that there are no legal reasons for storage.

The data from the applicant pool will be irrevocably deleted no later than two years after consent has been given.

SIMIS Quality Seal

We use the data protection quality seal of SiMiS – Security with System – GmbH
Schwarzwaldstr. 17, 68163 Mannheim, Germany (« SiMiS ») in the form of an embedded image. If the image is loaded from a SiMiS server, there is an agreement with SiMiS that the data inevitably collected when retrieving the image through the Internet protocol will not be used for analyses.

As the operator of the website, we ourselves are responsible for compliance with the data protection information that SiMiS has provided to us in the form of a data protection report.

You can find the privacy policy of SiMiS here:

https://www.simis.org/datenschutz.html

This privacy policy was created with the friendly support of SiMiS (Security with System).