1. Data Privacy Statement

    Obligatory information on the processing of your data in accordance with article 13 of the European General Data Protection Regulation (EU GDPR)

    References to statutory requirements relate to the General Data Protection Regulation (GDPR) as well as the version of Germany’s Federal Data Protection Act (BDSG) applicable as of 25.05.2018.

    Scope:

    This data privacy statement applies to the internet presence of QSIT GmbH (www.q-sit.de) and to the personal data acquired via this website. With respect to the websites of other providers, such as those accessed via links, please refer to the applicable data privacy notices and statements on those individual websites.

    Responsible entity

    QSIT GmbH
    Duerrenseestrasse 26
    85049 Ingolstadt
    Phone: +49-841-22052560
    E-mail: info@q-sit.de

    Data protection

    In your use of the website, we handle your personal data confidentially and in compliance with the General Data Protection Regulation (GDPR).

    The protection of personal data is relevant and important to us.

    It is possible to use our website without providing personal data.

    QSIT processes your personal data in accordance with legal requirements and – where necessary – with your agreement. The primary legal basis for this since 25.08.2018 is the EU General Data Protection Regulation (EU GDPR).

    This data will not be provided to third parties without your explicit consent. In the following statement, we would like to provide you with information on how your personal data is processed when you visit our website www.q-sit.de.

    1. Establishing a connection to the website www.q-sit.de

    When you visit our website, your browser contacts our web server to call up the websites you want to access. Basically, you do not have to register or identify yourself to use this function. However, the enquiries and feedbacks of our server are assigned based on your IP address, which is used to establish a connection to your identity, as appropriate. In detail, personal data, such as your IP address, is transferred to our web server within the framework of a HTTP/S retrieval. This connection data is processed by our web server to enable access to the website.

    In addition, the respective HTTP/S calls are logged in a log file. We use this for finding technical errors and to be able to ward off and clarify attacks on our systems. In addition, we use the already stored log files to create evaluations that we use to optimize our website. The evaluation as such takes place in an anonymous form, i.e. by combining call data, so that the results no longer have any personal reference.

    Moreover, as a rule, the data is processed on account of our legitimate interests acc. to Art. 6(1) Point (f) GDPR. Our legitimate interest is to operate a website for general information and communication purposes and to present our company.

    As a rule, the log files are processed on the legal basis of our legitimate interests acc. to Art. 6 (1) Point (f) GDPR. Our legitimate interest is to protect our facilities and systems from attacks and, if necessary, to take legal action against attackers and to further develop our websites for commercial purposes.

    Basically, the data is processed fully automatically by our web host 1&1 IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany.

    The log file data is stored for 14 days. All of the other data will be erased immediately after the HTTP/S view has been implemented.

    1. Communication by e-mail or telephone

    Our website provides you with the opportunity to contact us by e-mail or telephone. In this case, the information provided by you is retained for the purpose of dealing with the contact request and for possible enquiries. If you contact us with a specific concern or if we contact you, we naturally also process your personal data, e.g. name, address, e-mail address, phone number, and the communication contents to implement the exchange of information with you.

    Within the framework of the e-mail or telephone communication, your data is processed based on Art. 6(1) Point (b) GDPR, provided that such exchange is related to the initiation or fulfilment of a contract with you. For the rest, the legal basis depends on the specific purpose of the exchange. In most cases, Art. 6(1) Point (f) GDPR (our legitimate interest to conduct business correspondence or, e.g., to respond to queries on data protection) will be relevant.

    You are not obliged to provide your data. However, it is not possible to communicate by e-mail or telephone without your personal data being processed.

    Internally, we disseminate your data only to the respective body responsible for your concern.

    Your personal data will be erased once it is no longer required for any exchange with you. If appropriate, the data is kept longer based on Art. 6(1) Point (c) GDPR i.c.w. the respective relevant legal retention periods (especially according to commercial as well as tax and fiscal legislation). Business correspondence is commonly retained for ten years following the end of the year in which it was received.

    1. Cookies

    Internet pages use so-called cookies and similar technologies. A cookie is a small text file that is comprised of letters and numbers and is stored on your device if you visit a website. We use a session cookie on our website. This cookie contains information stored on your computer or mobile terminal for the duration of your visit when you visit this website. When browsing on the website, our system or even any other website recognising said cookie can retrieve it. This makes it possible to distinguish your device from the devices of other users when you browse on the website. The session cookie used by us is required to ensure the functionality of the website; without using such cookie, it is not possible to operate the website.

    1. Google Analytics

    Due to our legitimate interests, this website uses for the optimization and analysis of our online offer within the meaning of Art. 6 para. 1 lit. f. DSGVO the “Google Analytics” service offered by Google Ireland Ltd. (4 Barrow St, Dublin, D04 E5W5, Ireland). The service (Google Analytics) uses “cookies” – text files that are stored on your device. The information collected by the cookies is usually sent to a Google server in the US and stored there. Google LLC complies with European data protection law and is certified under the Privacy Shield Agreement: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active. This website accesses IP anonymization. The IP address of the users is shortened within the member states of the EU and the European Economic Area and in the other contracting states of the agreement. OOnly in individual cases is the IP address initially transferred to a Google server and shortened there. This reduction eliminates the personal reference of your IP address. The user’s IP address provided by the browser will not be combined with other data stored by Google.

    Under the terms of the Order Data Agreement, which we have established as a website operator with Google Ireland Ltd., the Company uses the information collected to compile an evaluation of website use and website activity, and provides Internet-related services. The data collected by Google on our behalf will be used to evaluate the use of our online offering by individual users, such as: For example, to generate activity reports on the website to improve our online offering.

    You have the option to prevent the storage of cookies on your device by making the appropriate settings in your browser. There is no guarantee that you will be able to access all features of this website without restriction if your browser does not allow cookies.

    Furthermore, you can use a browser plug-in to prevent the information collected by cookies (including your IP address) from being sent to Google Ireland Ltd. and used by Google Ireland Ltd. The following link leads you to the corresponding plugin: https://tools.google.com/dlpage/gaoptout?hl=de.

    Here’s more information on data usage by Google Ireland Ltd.:

    • https://policies.google.com/privacy/partners?hl=en (data collected by Google partners)
    • https://adssettings.google.de/authenticated (settings about ads you see)
    • https://policies.google.com/technologies/ads?hl=en (use of cookies in ads)

    The legal basis for the processing is § 15 Abs. 3 TMG or Art. 6 Abs. 1 lit. f) GDPR. In the latter case, the processing serves the legitimate interest of our users to get the best possible user experience. It also serves our legitimate business interests in optimizing our website, improving its reach, usability, and content, ultimately helping to grow our business.

    1. Use of Google Maps

    We use the “Google Maps” mapping service on our website. We have marked the location of QSIT on Google Maps and embedded this map in our website under “Contact”. The data protection controller is the company Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). We do not have any access to the data collected by Google within the framework of the mapping service. Any data processing is determined by Google alone. Nevertheless, to ensure the best possible level of transparency, we want to provide you with some information on data processing in connection with the Google Maps mapping service. Further information can be found in the Google Privacy Policy (available at policies.google.com/privacy).

    From QSIT’s perspective, processing of your personal data in connection with the Google Maps mapping service serves legitimate interests acc. to Art. 6(1) Point (f) GDPR. Our legitimate interest is to enhance our website to promote our business purposes and to enable visitors to quickly find the locations of QSIT GmbH. Further information on the legal basis for the processing of your personal data can be found in the Privacy Policy of Google as controller (available at policies.google.com/privacy).

    You are not obliged to provide your personal data. However, it will not be possible to use our website www.q-sit.de and the Google Maps mapping service embedded in the website without your personal data being processed.

    We do not have any access to your personal data in connection with the Google Maps mapping service and do not share any information with third parties. Further information on the dissemination of your personal data by Google as controller can be found in the Google Privacy Policy (available at policies.google.com/privacy).

    We do not transfer your personal data to a third country or an international organisation in connection with the Google Maps mapping service. Where the Google Maps mapping service connects to servers of Google as controller and your personal data is processed to this end, you can find further information about this in the Google Privacy Policy (available at policies.google.com/privacy).

    We do not retain any personal data in connection with the Google Maps mapping service. Further information on the retention of your personal data by Google as controller can be found in the Google Privacy Policy (available at policies.google.com/privacy).

    1. Applications

    Our website provides you with the opportunity to file applications for vacancies on our website by e-mail to karriere@q-sit.de. Your personal data communicated by you to us within the framework of your application is treated confidentially and exclusively retained electronically and used to handle the application and, if required, to implement the subsequent employment relationship. We need the data processed within the framework of the application procedure for the possible establishment of an employment relationship and/or the decision about your recruitment. We process such personal data to examine your qualification for the relevant position, to handle the application as well as to contact and identify you.

    ithin the framework of the application procedure, your personal data is processed based on Art. 6(1) Point (b) GDPR (initiation and/or performance of a contract) and Section 26(1) S. 1 BDSG (German Federal Data Protection Act).

    Please note that you are not obliged to provide your data within the framework of the application procedure. However, it is not possible to handle the application and to establish an employment relationship without your data being processed; as a result, your application might unfortunately not be taken into account without such data being provided.

    We disseminate your data within QSIT to the body responsible for your application within the company.

    Your personal data will be erased once it is no longer required for the application procedure (e.g. in case of any rejection of or negative decision on your application). By making a separate statement, you may agree that we can add any unsuccessful application to our applicant pool once the respective application procedure has been completed. In this case, there is a possibility that we will contact you again for suitable job advertisements fitting your profile. Your application will be left in the applicant pool for a maximum period of 24 months; subsequently, we will erase your data automatically. If your application is followed by the conclusion of a contract, your data continues to be retained and used for the customary organisation and administration process and to implement the employment relationship while adhering to the relevant legal regulations.

    1. Your Rights

    Where our company has processed data about your identity, you have the following rights within the respective limits of statutory regulations:

    • Right of access, especially to the data retained at the controller’s and its processing purposes (Art. 15 GDPR);
    • Right to rectification of inaccurate and/or completion of incomplete data (Art. 16 GDPR);
    • Right to erasure, e.g. data unlawfully processed or no longer necessary (Art. 17 GDPR);
    • Right to restriction of processing (Art. 18 GDPR);
    • Right to object to processing, especially if data is processed to safeguard legitimate interests of the controller (Art. 21 GDPR); and
    • Right to data portability, where processing is based on consent or carried out to implement a contract or by automated means (Art. 20 GDPR).

    Where any processing is based on a consent given by you (Art. 6(1) Point (a) GDPR or Art. 9(2) Point (a) GDPR)), you have the right to withdraw your consent at any time. This does not affect the lawfulness of any processing carried out based on the consent up to your withdrawal. Furthermore, you can address any concerns to our data protection officer, dsb@q-sit.de, or to the supervisory authorities in charge. For QSIT, this is the Bavarian State Office for Data Protection Supervision (Postal address: Postfach 1349, 91504 Ansbach, Germany, e-mail: poststelle@lda.bayern.de)

    Updated: September 2020