Data controller according to Art 13 (1) lit. a)
1. Information GDPR
Company name pursuant to § 17(1) HGB incl. contact details of the data controller (GF)
INPOSIA Solutions GmbH
Telephone: +49 (0) 721 50955 0
Managing Directors: Muzaffer Havcarci, Jose Javier Sanchez Hidalgo, Bernhard Herbi
Contact details of the data protection officer in accordance with Art 13 (1)(b) GDPR
Helbig Datenschutz GmbH
91207 Lauf an der Pegnitz
+49 9123 70275-10
Purposes and legal bases of the data processing, according to Art 13 (1) lit. c) GDPR
The personal employment data are processed for the purpose of establishing, carrying out and
terminating the employment relationship. This includes the time registration for payroll, the
fulfilment of legal obligations such as the compensation of tax and social security contributions
as well as compliance with statutory processing such as private pensions or the reporting of
accidents at work and other statutory obligations of the responsible person.
The legal basis results from Art. 6 GDPR. Further essential legal bases result from the working time legislation, social legislation, the commercial code, tax law, GMBH law and other relevant legal requirements for INPOSIA Solutions GmbH. This also includes contractual provisions and internal guidelines/regulations. The processing of employee images takes place on the basis of the consent of those affected.
Processing is for the protection of the legitimate interests of the person responsible or a third according to Art 13 (1) lit. d) GDPR
Insofar as necessary, we process your data beyond the performance of the contract, in order to safeguard our legitimate interests and those of third parties. This includes:
- Sales management and sales controlling
- Project control
- Assertion of legal claims and defence of legal disputes
- Safeguarding of IT security and the IT operatios
- Measures for business management and further development of employees
Categories of recipients of personal data (data transmission) according to Art 13 (1) lit. e) GDPR
Within Germany, the European Union and the European Economic Area
Tax authorities, social security institutions, employers' liability insurance associations, employment agency, auditors, bailiffs and other creditors, as well as other governmental entities to fulfil legal obligations and requested certificates. Institutes for occupational pensions and for capital-building benefits. Logistics companies and customers as well as suppliers and other bodies.
Third country incl. adequacy decision according to Art 13 (1)(f) GDPR.
In the context of international business relations the transmission takes place according to Article 6 (1) (b) for the performance of contracts or the implementation of pre-contractual measures. An adequacy decision is not required for this.
Storage duration according to Article 13(2) a) GDPR
The respective purposes result from legal requirements as well as from relevant branch-specific regulations. The personal data will be deleted once the purpose has been attained.
Rights of data subjects according to Article 13(2)(b)
You can exercise your rights at any time by using the above contact information. If your personal data are processed, you are a data subject within the meaning of the GDPR and you have the following rights towards the data controller:
References to the rights of data subjects:
- The data subject has the right to ask the data controller for confirmation of the processing of the personal data concerned; if this is the case, it has a right to information about these personal data and to the information listed in Article 15 of the GDPR.
- The data subject has the right to demand the correction of incorrect personal data concerning him/her without delay from the data controller and, if necessary, the completion of incomplete personal data (Art. 16 GDPR).
- The data subject has the right to demand from the data controller that personal data relating to him/her be deleted without delay, provided that one of the reasons detailed in Art. 17 GDPR is fulfilled, for example, if the data is no longer needed for the purposes pursued (right to deletion).
- The data subject has the right to demand that the data controller limit the processing if one of the conditions listed in Art. 18 GDPR is fulfilled, for example, if the data subject has objected to processing for the duration of the review by the controller.
- The data subject has the right, at any time, to object to personal data concerning them for reasons arising out of their particular situation. The data controller shall no longer process the personal data, unless the Responsible Party can provide compelling reasons worthy of protection for the processing which outweigh the interests, rights and freedoms of the Person concerned or the processing serves the assertion, exercise or defence of legal claims (Art. 21 GDPR).
Rights of data subjects according to Article 13 (2) c) GDPR
Insofar as you have given us consent to the processing of personal data for specific purposes (e.g. processing of images of those affected), the legality of this processing is based on your consent.
Consent may be withdrawn at any time. This also applies to the revocation of declarations of consent, which were issued to us before the validity of the GDPR, i.e. before 25 May 2018.
Please note that the withdrawal is only effective for the future. Processing that took place prior to the withdrawal of consent is not affected by this.
Right to lodge a complaint with a supervisory authority according to Art 13 (2) lit. d) GDPR
Without prejudice to any other administrative or judicial remedy, any data subject shall have the right to lodge a complaint with a supervisory authority if the data subject considers that the processing of personal data concerning them violates the GDPR (Article 77 GDPR). The data subject may assert this right with a supervisory authority in the Member State of their residence, place of work or place of alleged infringement.
In Baden-Württemberg, the competent supervisory authority is:
The State Commissioner for Data Protection and Freedom of Information
Königstrasse 10 a
Postfach 10 29 32
Provision of personal data according to Article 13 (2) lit. e) GDPR
Within the scope of our business relationship, you are only obliged to provide the personal data required to create, implement and terminate a business relationship or where we have a legal obligation to collect such data. Without this data we will usually not be able to carry out the employment relationship.
Amendment to the purpose
2. An overview of data protection
Data collection on our website
Who is responsible for the data collection on this website
The data collected on this website are processed by the website operator. The operator's contact details can be found in the website's required legal notice.
How do we collect your data?
Some data are collected when you provide it to us. This could, for example, be data you enter on a contact form.
Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website.
What do we use your data for?
Part of the data is collected to ensure the proper functioning of the website. Other data can be used to analyze how visitors use the site.
What rights do you have regarding your data?
You always have the right to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge. You also have the right to request that it be corrected, blocked, or deleted. You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent regulatory authorities.
Analytics and third-party tools
You can object to this analysis. We will inform you below about how to exercise your options in this regard.
3. General information and mandatory information
Please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser's address line when it changes from "http://" to "https://" and the lock icon is displayed in your browser's address bar.
If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.
Information, blocking, deletion
As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.
Opposition to promotional emails
We hereby expressly prohibit the use of contact data published in the context of website legal notice requirements with regard to sending promotional and informational materials not expressly requested. The website operator reserves the right to take specific legal action if unsolicited advertising material, such as email spam, is received.
4. Data collection on our website
Most of the cookies we use are so-called "session cookies." They are automatically deleted after your visit. Other cookies remain in your device's memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.
The website provider automatically collects and stores information that your browser automatically transmits to us in "server log files". These are:
- Browser type and browser version
- Operating system used
- Item URL
- Referrer URL
- Host name of the accessing computer
- Time of the server request
This data is not merged with other data sources.
This data is recorded on the basis of Art. 6 Sect. 1 lit. f GDPR. The operator of the website has a legitimate interest in the technically error free depiction and the optimization of the operator’s website. In order to achieve this, server log files must be recorded.
Should you send us questions via the contact form, we will collect the data entered on the form, including the contact details you provide, to answer your question and any follow-up questions. We do not share this information without your permission.
We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1)(a) DSGVO. You may revoke your consent at any time. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.
Processing of data (customer and contract data)
We collect, process, and use personal data only insofar as it is necessary to establish, or modify legal relationships with us (master data). This is done based on Art. 6 (1) (b) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract. We collect, process and use your personal data when accessing our website (usage data) only to the extent required to enable you to access our service or to bill you for the same.
Collected customer data shall be deleted after completion of the order or termination of the business relationship. Legal retention periods remain unaffected.
If you would like to receive our newsletter, we require a valid email address as well as information that allows us to verify that you are the owner of the specified email address and that you agree to receive this newsletter. No additional data is collected or is only collected on a voluntary basis. We only use this data to send the requested information and do not pass it on to third parties.
We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1) (a) DSGVO. You can revoke consent to the storage of your data and email address as well as their use for sending the newsletter at any time, e.g. through the "unsubscribe" link in the newsletter. The data processed before we receive your request may still be legally processed.
The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel your subscription when said data will be deleted. Data we have stored for other purposes (e.g. email addresses for the members area) remain unaffected.
6. Plugins and Tools
Google Web Fonts
This website uses so-called Web Fonts provided by Google to ensure the uniform use of fonts on this site. These Google fonts are locally installed so that a connection to Google’s servers will not be established in conjunction with this application.
If your browser does not support web fonts, a standard font is used by your computer.
Further information about handling user data, can be found at
https://developers.google.com/fonts/faq und in der Datenschutzerklärung von Google: https://www.google.com/policies/privacy/.