Data Privacy Statement

§ 1 Information about the collection of personal data

In the following, we inform you about the collection of personal data when using our website. Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behavior.


The responsible party pursuant to Art. 4 No. 7 of the German Data Protection Regulation (DSGVO) is

NOVOSEC AG
represented by the executive board
Berliner Straße 44
60311 Frankfurt/Main
Telephone: (069)1301468-0
E-Mail: contact@novosec.com

(see also our imprint)


You can reach our data protection officer Karsten Böhm, PRIVACY ONE GmbH, Lyoner Straße 14, 60528 Frankfurt am Main, at boehm@privacy.one or our postal address with the addition of "c/o the data protection officer".


§ 2 Processing of personal data when visiting our website, legal basis, purpose

1. When you use the website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure or improve stability and security:

  • IP address

  • date and time of the request

  • timezone difference to Greenwich Mean Time (GMT)

  • content of the request (specific page)

  • access status/HTTP status code

  • amount of data transferred in each case

  • website from which the request comes

  • browser

  • operating system and its user interface

  • language and version of the browser software

The legal basis is Art. 6 para. 1 p. 1 lit. f) DSGVO.


2. Cookies

We do not use cookies on our website.


3. When you contact us by e-mail, in particular at contact@novosec.com, the data you provide (for example: subject, title, first name, last name, company, address, country, your e-mail address, your telephone number, inquiry data) will be stored by us in order to answer your questions about existing offers, about existing contracts or to prepare an offer. The legal basis is Art. 6 para. 1 p. 1 lit. b) DSGVO, which permits the processing of data to fulfill a contract or pre-contractual measures.

If you send us a general inquiry, we process your data on the legal basis of Art. 6 para. 1 p. 1 lit. f) DSGVO. Our legitimate interest is to answer your inquiry.


4. You can apply to us via e-mail contact@novosec.com. We process data that you provide to us in connection with your application in order to assess your suitability for the position (or other open positions in our company, if applicable) and to carry out the application process. The following categories of personal data are included: Contact Data (first and last name, address), Communication Data (telephone number, mobile number, fax number, email address, language of communication), Personal Data (date of birth, place of birth, nationality, marital status, gender), Job-related and Personal Data (desired place of work and working hours availability, desired salary, willingness to relocate and travel, work permit), qualification data (school-leaving certificate, training/studies, language skills and professional skills), data on assessment and evaluation in the application process, data on career to date, curriculum vitae, training and work certificates, proof of qualifications), application photo and application history (consent to data storage).

The primary legal basis is Section 26 BDSG as well as other DSGVO standards named below. According to § 26 BDSG, the processing of data required in connection with the decision on the establishment of an employment relationship is permissible.

Personal data is processed in applicant management for the purpose of initiating employment contracts, in particular for the following purposes: comparison of job requirements and skills as well as ideas of the applicant, defense against legal action, communication with the applicant.

We store your data for the above-mentioned purposes. We delete your personal data after 6 months following the conclusion of the application process. In the event that you have agreed to further storage of your personal data, we will delete the data after the agreed period has expired.

Further information: Data protection information on applicant management in accordance with the General Data Protection Regulation (DSGVO).

Please send us documents with personal data ideally in a sealed letter. If you would like to send us documents containing personal data by e-mail, please note that this data could be viewed by third parties in transit.


5. We are subject to various legal obligations, e.g. according to tax laws and the German Commercial Code, which make it necessary to process your data in order to comply with the law. These are data processing due to legal requirements according to Art. 6 para. 1 p. 1 lit. c) DSGVO.


6. If we process data in order to assert legal claims and for defense in legal disputes, the processing is based on Art. 6 para. 1 p. 1 lit. f) DSGVO.


§ 3 Duration of storage

Your data will be processed for the first time from the time of collection, insofar as they are recorded by the system or you provide them to us. We delete your personal data as soon as the purpose of processing ceases to apply, all mutual claims have been fulfilled and there are no other statutory retention obligations or legal justification grounds for storage. Data records with personal data are sometimes stored for different purposes as named above. Depending on the purpose, different retention periods may apply. Insofar as a purpose ceases to apply, the data may no longer be processed for this purpose. Insofar as this data must be available for a further purpose, the data relating to the purpose that has ceased to apply is no longer used and is blocked. They are then only available for the permitted purpose.

Personal data that is subject to the regulations of the German Commercial Code (§ 257 HGB), such as business letters, will be destroyed or deleted after 6 years.

Personal data subject to the provisions of the German Fiscal Code (§ 147 AO), such as statements of account and accounting records, will be destroyed or deleted after 10 years.

We delete data of interested parties who have requested an offer without a contract being concluded after six months.


§ 4 Social media

We maintain company pages on social networks in order to communicate effectively with you.

We do not use so-called social plugins ("plugins") of the social networks on our websites. Therefore, no active code of social media - providers is executed on our pages.

Please note that the social media providers, on their websites/apps, process your personal data, in addition to personal details and usage data. It may happen that your data is transferred to a non-European third country. In third countries, the level of data protection may not meet European data protection standards.

Twitter

Further information about the processing of personal data when visiting our Twitter profile is provided by Twitter Inc, 1355 Market St, Suite 900, San Francisco, California 94103, USA, at the following link: https://twitter.com/en/privacy.

LinkedIn

LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; https://www.linkedin.com/legal/privacy-policy.

LinkedIn enters into a data processing agreement (DPA) with the customer for the duration of the data processing, incorporating EU standard contractual clauses: https://www.linkedin.com/legal/l/dpa.

Xing

Further information about the processing of personal data when visiting our Xing profile is provided by New Work SE, Am Strandkai 1, 20457 Hamburg, Germany, at the following link: https://privacy.xing.com/en/privacy-policy.


§ 5 Your Rights

If you have any questions or complaints regarding data protection, you can contact our company. You can find the contact details under point 1 of this data protection information.

Provided that the legal requirements are met, you also have the following rights:

  • you can request confirmation from us as to whether we are processing personal data about you. If this is the case, you have the right to information about this personal data and the information listed in Art. 15 DSGVO, such as information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it was not collected by us;

  • in accordance with Art. 16 DSGVO, to demand without delay the correction of incorrect or completion of your personal data stored by us;

  • pursuant to Art. 17 DSGVO, to request the erasure of your personal data stored by us, unless the processing is necessary for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defense of legal claims;

  • in accordance with Art. 18 DSGVO, to request the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing in accordance with Art. 21 DSGVO;

  • pursuant to Art. 20 DSGVO, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another controller;

  • complain to a supervisory authority in accordance with Art. 77 DSGVO. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters for this purpose.


The competent data protection supervisory authority is the corresponding state data protection authority of our federal state of Hesse.

You can find all state data protection authorities under the following link:

https://www.bfdi.bund.de/EN/Service/Anschriften/Laender/Laender-node.html


In principle, you have the right to object to the processing of your personal data at any time, provided that we process your personal data for the pursuit of legitimate interests and there are reasons arising from your particular situation. We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing is for the purpose of asserting, exercising or defending legal claims, Art. 21 DSGVO. (see also § 2 of this privacy policy).

This right is regularly exercised in the context of advertising appeals. For this reason, we expressly point out that we do not send advertising.

Our contact details can be found under § 1 of this data protection declaration.

If you have any further questions regarding data processing or data protection, please do not hesitate to contact us (for contact details, see § 1 of this data protection declaration).


§ 6 Changes

We reserve the right to make changes and will adapt this data protection declaration if necessary.


As of April, 2022