Legal Disclosure

Privacy Policy

1) Information about the collection of personal data and contact details of the controller

1.1 We are delighted that you are visiting our website and thank you for your interest. Below, we provide information about how we handle your personal data when you use our website. Personal data is any data that can be used to identify you personally.

1.2 The controller in charge of data processing on this website, within the meaning of the General Data Protection Regulation (GDPR), is DriveCon GmbH, Mainfrankenpark 59, 97337 Dettelbach, Deutschland, Tel.: +49 9302 9890101, E-Mail: info@drivecon.de.

The controller of personal data is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

Contact data protection:

datenschutz@drivecon.de

1.3 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or inquiries to the controller). You can recognize an encrypted connection by the character string “https://” and the lock symbol in your browser line.

It is also possible to use alternative communication channels (e.g. by post).

2) Data collection when visiting our website

When using our website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the data that your browser transmits to our server (so-called “server log files”). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:

• Our visited website
• Date and time at the time of access
• Amount of data sent in bytes
• Source/reference from which you reached the page
• Browser used
• Operating system used
• IP address used (if applicable: in anonymized form)

Processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data is not passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are concrete indications of unlawful use. After 7 days at the latest, the IP address is anonymized by shortening it so that no reference to the user can be made.

We collect and process the following data as part of a contact request:

• Title
• First name, surname
• company name
• Contact details (telephone number, e-mail address)
• Information on wishes and interests
• We collect and process the following data when you use the application form:
  • Title
  • First name, surname
  • Contact details (telephone number, e-mail address)
  • Application documents (cover letter, CV, references including the information contained therein)

3) Purposes and legal bases of data processing

When processing your personal data, the provisions of the GDPR and all other applicable data protection regulations are complied with. The legal basis for data processing arises in particular from Art. 6 GDPR.

We use your data to initiate business, to fulfill contractual and legal obligations, to execute the contractual relationship, to offer products and services and to provide a website to present our company.

Your consent to data processing may also constitute a data protection authorization requirement. Before you give your consent, we will inform you about the purpose of the data processing and your right of withdrawal.

If the consent also relates to the processing of special categories of personal data, we will expressly point this out to you in the consent. Processing of special categories of personal data in accordance with Art. 9 GDPR only takes place if this is required by law and there is no reason to assume that your legitimate interest in the exclusion of processing prevails.

4) Contact form/contact by e-mail (Art. 6 para. 1 lit. a, b GDPR)

Our website features a contact form that can be used to contact us electronically. If you send us an email using the contact form, we will process the data you provide in the contact form in order to contact you and respond to your questions and requests.

In doing so, we observe the principle of data minimisation and data avoidance by only requiring you to provide the data that we absolutely need to contact you. This includes your name, your e-mail address and the content of the message field itself. In addition, your IP address is processed for technical reasons and for legal security. All other data is optional and can be provided voluntarily (e.g. to enable us to respond to your enquiries in a more personalised manner).

We implement appropriate security measures to protect the security and confidentiality of your data as best as possible. The website is encrypted with an SSL certificate. If you send us data via the contact or application form, your data and enquiry will also be encrypted during transmission.

If you contact us by e-mail, we will process the personal data provided in the e-mail solely for the purpose of processing your enquiry.

5) Cookies (Art. 6 para. 1 sentence 1 lit. a, f GDPR, § 25 para. 1, 2 TDDDG)

Our website uses cookies. These serve to make our offering more user-friendly, effective and secure. Cookies are small text files that are stored on your device and saved by your browser (locally). Cookies contain only pseudonymous, and in most cases even anonymous, data. Some cookies remain for the duration of a browser session (so-called session cookies), others are stored for a longer period (so-called persistent cookies, e.g. consent settings). The latter are automatically deleted after the specified time (usually 6 months). In addition to our own cookies, we also use cookies that are controlled by third-party providers. These use the information contained in the cookies to display content to you, for example, or to record the pages you have visited.

Based on our legitimate interest (Art. 6(1)(f) GDPR), we use technically necessary cookies that are essential for the operation of the website and to ensure its functionality. Furthermore, we use cookies without your consent if their sole purpose is to store or access information stored on the end device for the transmission of messages or if they are absolutely necessary to provide the service you have expressly requested, Section 25 (2) TDDDG.

Provided you give your consent, we use additional cookies that help us or third parties to continuously develop and improve our website. This allows us to tailor the content to user needs. The legal basis for this is your express consent (Art. 6 (1) (a) GDPR, Section 25 (1) TDDDG).

You can revoke your consent at any time with future effect via our consent banner and change your cookie settings. Please note that changes must be made separately for each device.

If you have accounts with the third-party providers we use and are logged in there, your data may be linked to the respective account. You can avoid such a combination by not giving or revoking your consent to the relevant cookies or by logging out of the respective third-party providers in advance.

Most browsers accept cookies automatically. You can also deactivate, restrict or delete cookies on your end device manually via your browser settings or with the help of software. If you deactivate the setting of cookies, you will not be able to use our website to its full extent or only to a limited extent.

Please also note our information in the section of the respective service that uses cookies.

Facebook Pixel

This website uses the ‘Facebook Pixel’ from Meta Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 1, Ireland.

If you give your express consent, this allows the behaviour of users to be tracked. This procedure serves to evaluate page usage for statistical and market research purposes and can help to optimise future advertising measures. The data collected is pseudonymous for us, meaning that it does not allow us to draw any conclusions about the identity of users. However, the data is transmitted to Facebook and processed there, so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes in accordance with the Facebook Data Use Policy (https://www.facebook.com/about/privacy/).

You can allow Facebook and its partners to place advertisements on and outside of Facebook. A cookie may also be stored on your computer for these purposes.

Facebook Custom Audiences also collects the following data from the use of our website: email address, gender, city, region, postcode, country, first and last name, telephone number, date of birth, IP address, Facebook and browser ID. This enables Facebook to assign your data to a specific Facebook profile and to display appropriate advertising there.

When collecting data, we rely on your consent in accordance with Art. 6 (1) (a) EU GDPR, § 25 (1) TDDDG for the corresponding data processing, which you can of course revoke at any time by changing your privacy settings. If you withdraw your consent, your data will no longer be used for this purpose and will be deleted, provided that there are no legal retention periods to the contrary. Without withdrawal, the data will be stored for 2 years. The data will then be automatically deleted.

You can also deactivate the use of cookies by third-party providers such as Facebook on the following website of the Digital Advertising Alliance: http://www.aboutads.info/choices/

Specific information about the Facebook pixel and how it works can be found here: https://www.facebook.com/business/help/651294705016616.

You can revoke your consent to data processing here.

6) Use of your data for direct advertising

6.1 Advertising by letter post

On the basis of our legitimate interest in personalized direct advertising, we reserve the right to store your first and last name, your postal address and - insofar as we have received this additional information from you as part of the contractual relationship - your title, academic degree, year of birth and your professional, industry or business name in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR and to use it to send you interesting offers and information about our products by post.

You can object to the storage and use of your data for this purpose at any time by sending a corresponding message to the controller.

The objection can be made free of charge and without giving reasons and should preferably be sent to Tel.: +49 9302 9890101, by e-mail to datenschutz@drivecon.de or by post to DriveCon GmbH, Mainfrankenpark 59, 97337 Dettelbach.

6.2 Advertising purposes for existing customers (Art. 6 para. 1 sentence 1 lit. f GDPR)

We are interested in maintaining the customer relationship with you and providing you with information and offers about our products and services. In addition, we attach great importance to the relationship with our customers, which is why we also use advertising measures aimed at improving our image and cooperation. We therefore process your data in order to send you relevant information and offers by e-mail or post.

If you do not wish this, you can object to the use of your personal data for the purpose of direct advertising at any time; this also applies to profiling insofar as it is associated with direct advertising. If you object, we will no longer process your data for this purpose.

The objection can be made free of charge and without giving reasons and should preferably be sent to Tel.: +49 9302 9890101, by e-mail to datenschutz@drivecon.de or by post to DriveCon GmbH, Mainfrankenpark 59, 97337 Dettelbach.

7) Disclosure to third parties

We will only pass on your data to third parties within the framework of the statutory provisions or with the appropriate consent. Otherwise, your data will not be passed on to third parties unless we are obliged to do so on the basis of mandatory legal provisions (disclosure to external bodies such as supervisory authorities or law enforcement agencies).

8) Recipients of the data/categories of recipients

Within our company, we ensure that only those persons receive your data who need it to fulfill their contractual and legal obligations.

In certain cases, service providers support our specialist departments in the fulfillment of their tasks. The necessary data protection contracts have been concluded with all service providers. The service providers are IT service providers, our online agency and social media providers.

Within our company, we ensure that only those persons receive your data who need it to fulfill their contractual and legal obligations.

In certain cases, service providers support our specialist departments in the fulfillment of their tasks. The necessary data protection contracts have been concluded with all service providers. The service providers are IT service providers, our online agency and social media providers.

9) Transfer to third countries/intention to transfer to third countries

Data will only be transferred to third countries (outside the European Union or the European Economic Area) if this is necessary for the performance of the contractual relationship, is required by law or if you have given us your consent to do so.

We do not currently transfer your personal data to any service provider or group company outside the European Economic Area.

10) Obligation to provide the data

Various personal data are necessary for the establishment, execution and termination of the contractual relationship and the fulfillment of the associated contractual and legal obligations. The same applies to the use of our website and the various functions it provides.

We have summarized the details for you in the point above. In certain cases, data must also be collected or made available due to legal provisions. Please note that it is not possible to process your request or perform the underlying contractual relationship without providing this data.

11) Automated decisions in individual cases

We do not use any purely automated processing procedures to reach a decision.

12) Links to other providers

Our website also contains – clearly recognizable – links to the websites of other companies. Where there are links to websites of other providers, we have no influence on their content. Therefore, no guarantee or liability can be assumed for this content. The respective provider or operator of the pages is always responsible for the content of these pages.

The linked pages were checked for possible legal violations and recognizable infringements at the time of linking. Illegal content was not recognizable at the time of linking. However, permanent monitoring of the content of the linked pages is not reasonable without concrete evidence of an infringement. If we become aware of any legal infringements, such links will be removed immediately.

Links to social media

Our website contains links to the social media services Facebook, Xing, YouTube, LinkedIn, TikTok and Instagram. Links to the websites of social media services can be identified by the respective company logo. If you follow these links, you will be taken to the DriveCon GmbH company profile on the respective social media service. When you click on a link to a social media service, a connection to the servers of the social media service is established. This transmits to the servers of the social media service that you have visited our website. In addition, further data is transmitted to the provider of the social media service. This includes, for example:

• Address of the website on which the activated link is located
• Date and time of the website visit or activation of the link
• Information about the browser and operating system used
• IP address

If you are already logged in to the relevant social media service when you activate the link, the provider of the social media service may be able to determine your user name and, in some cases, even your real name from the data transmitted and assign this information to your personal user account with the social media service. You can prevent this association with your personal user account by logging out of your user account beforehand.

The servers of the social media services are located in countries outside the European Union. The data may therefore also be processed by the social media service provider in countries outside the European Union. Please note that companies in these countries are subject to data protection laws that generally do not protect personal data to the same extent as in the Member States of the European Union.

Please note that we have no influence on the scope, type and purpose of data processing by the social media service provider. For more information on how your data is used by the social media services integrated into our website, please refer to the privacy policy of the respective social media service.

13) Handling of data from customers, suppliers, contractual partners, interested parties

13.1 Category/origin of the data

We process the following personal data as part of the contractual relationship and for the initiation of the contract:

• Contact data (e.g. first/surname of current and, if applicable, previous contact persons as well as name affixes, company name and address of the customer (employer), telephone number with extension, business e-mail address)
• Job-related data (e.g. function in the company, department)
• If applicable, bank details (in the context of a SEPA direct debit mandate also first/last name of the account holder)

We generally receive your personal data from you as part of the contract initiation process or during the ongoing contractual relationship.

13.2 Purposes and legal bases of data processing

When processing your personal data, the provisions of the GDPR, the BDSG and other relevant legal provisions are always complied with.

Your personal data will be processed exclusively for the implementation of pre-contractual measures (e.g. communication; for the preparation of offers for products or services) and for the fulfillment of contractual obligations (e.g. for the implementation of our service, the supplier contract or for order/order/payment processing), (Art. 6 para. 1 lit. b GDPR) or if there is a legal obligation to process (e.g. due to tax law requirements) (Art. 6 para. 1 lit. c GDPR). The personal data was originally collected for these purposes.

Your consent to data processing can, of course, also constitute a data protection authorization provision (Art. 6 para. 1 lit. a GDPR). Before granting consent, we will inform you about the purpose of the data processing and about your right of revocation in accordance with Art. 7 para. 3 GDPR.

DriveCon GmbH is also interested in maintaining the customer relationship with you and providing you with information and offers about our products and services. In addition, we attach great importance to the relationship with our business partners, which is why we also use advertising measures aimed at improving our image and cooperation. We therefore process your data in order to send you relevant information and offers by email or post (Art. 6 para. 1 lit. f GDPR).

14) Datenschutzerklärung/Hinweise zum Datenschutz in den Sozialen Medien

Die DriveCon GmbH unterhält Auftritte in den „Sozialen Medien“. Soweit wir die Kontrolle über die Verarbeitung Ihrer Daten haben, stellen wir sicher, dass die geltenden Datenschutzbestimmungen eingehalten werden. Nachfolgend finden Sie in Bezug auf unsere Auftritte die wichtigsten Informationen zum Datenschutzrecht.

14.1 Name und Anschrift der für den Betrieb Verantwortlichen

Verantwortlich für die Unternehmensauftritte im Sinne der EU Datenschutz-Grundverordnung (EU-DSGVO) sowie sonstiger datenschutzrechtlicher Bestimmungen sind neben der DriveCon GmbH

• Facebook (Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland)
• Instagram (Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland)
• Xing (New Work SE, Am Strandkai 1, 20457 Hamburg)
• LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Irland)
• YouTube (Google Ireland Limited, Gordon House, Barrow Street Dublin 4, Irland) - Details siehe 15.4 YouTube Videos
• TikTok (musical.ly Inc., 10351 Santa Monica Blvd #310, Los Angeles, CA 90025 USA)

Diese Plattformen und ihre Funktionen nutzen Sie jedoch in eigener Verantwortung. Dies gilt insbesondere für die Nutzung der interaktiven Funktionen (z. B. Kommentieren, Teilen, Bewerten). Wir weisen Sie weiterhin darauf hin, dass dabei Ihre Daten außerhalb des Raumes der Europäischen Union verarbeitet werden können.

14.2 Purpose and legal basis

We maintain the fan and company pages ourselves in order to communicate with visitors to these pages and to inform them about our offers in this way. We also collect data for statistical purposes in order to further develop and optimize the content and to make our offer more attractive. The data required for this (e.g. total number of page views, page activity, data provided by visitors, interactions, etc.) is processed and made available by the social networks. We have no influence on the generation and presentation of this data.

In addition, your personal data will be processed by the social media providers, but also by DriveCon GmbH, for market research and advertising purposes. For example, it is possible that user profiles are created based on your usage behavior and the resulting interests. This allows, among other things, advertisements to be placed inside and outside the platforms that presumably correspond to your interests. Cookies are usually stored on your computer for this purpose. Irrespective of this, data that is not collected directly from your end devices may also be stored in your usage profiles. Data is also stored and analyzed across devices; this applies in particular, but not exclusively, if you are registered as a member and logged in to the respective platforms.

The processing of your personal data by DriveCon GmbH is based on our legitimate interests in effective information and communication in accordance with Art. 6 para. 1 sentence 1 lit. f. GDPR. GDPR.

14.3 Your rights/option to object

If you are a member of a social network and do not want the network to collect data about you via our website and link it to your stored membership data on the respective network, you must

• log out of the respective network before visiting our fan or company page,
• delete the cookies on your device and
• close and restart your browser

After logging in again, however, you will once again be recognizable to the network as a specific user.

For a detailed description of the respective processing and the opt-out options, please refer to the information linked below:

• Facebook
  Privacy policy: https://www.facebook.com/about/privacy/
  Opt-Out: https://www.facebook.com/settings?tab=ads und http://www.youronlinechoices.com
• Instagram
  Privacy policy: https://help.instagram.com/519522125107875
  Opt-Out: optout.networkadvertising.org/ und http://www.youronlinechoices.com
• Xing
  Privacy policy: https://privacy.xing.com/de/datenschutzerklaerung
  Opt-Out: http://www.youronlinechoices.com
• LinkedIn
  Privacy policy: https://www.linkedin.com/legal/privacy-policy
  Opt-Out: https://www.linkedin.com/legal/cookie-policy und http://www.youronlinechoices.com
• Youtube

  Privacy policy: https://policies.google.com/privacy

  Opt-out: https://tools.google.com/dlpage/gaoptout?hl=de und http://www.youronlinechoices.com

• TikTok

  Privacy policy: https://www.tiktok.com/de/privacy-policy

  Opt-out: http://www.youronlinechoices.com

Overall, you have the following rights regarding the processing of your personal data: Right of access; right to rectification; right to erasure; right to restriction of processing; right to object; right to data portability; right to lodge a complaint about unlawful processing of your personal data with the competent data protection authority.

However, since DriveCon GmbH does not have complete access to your personal data, you should contact the social media providers directly when asserting your rights, as they have access to the personal data of their users and can take appropriate measures and provide information. If you still need help, we will of course try to support you. Please contact datenschutz@drivecon.de.

14.4 YouTube videos

On our website you will find links to videos on the platform of the social media service YouTube, which is operated by Google Ireland Limited, Gordon House, Barrow Street Dublin 4, Ireland (“Google”).

You can recognize the corresponding video links on YouTube by the “Play symbol” and the YouTube company logo at the bottom right of the video bar. When you click on a corresponding video link, a connection to Google's servers is established. This tells Google that you have visited our website. In addition, further data is transmitted to Google. These are, for example:

• Address of the website on which the activated link is located
• Date and time the website was accessed or the link was activated
• Information about the browser and operating system used
• IP address

If you are already logged in to a Google-affiliated service, e.g. YouTube, at the time the link is activated, Google may be able to determine your user name and possibly even your real name from the transmitted data and assign this information to your personal user accounts of the corresponding Google services. You can exclude this possibility of assignment to one of your personal user accounts if you log out of your corresponding user account beforehand.

Please note that we have no influence on the scope, type and purpose of data processing by the provider of the social media service. You can find more information on the use of your data by the videos embedded on our website in Google's privacy policy.

15) Rights of the data subject

15.1 The applicable data protection law grants you comprehensive data subject rights (rights of access and intervention) vis-à-vis the controller with regard to the processing of your personal data, about which we inform you below:

• Right to information pursuant to Art. 15 GDPR: In particular, you have a right to information about your personal data processed by us, the processing purposes, the categories of personal data processed, the recipients or categories of recipients to whom your data has been or will be disclosed, the planned storage period or the criteria for determining the storage period, the existence of a right to rectification, erasure, restriction of processing, objection to processing, complaint to a supervisory authority, the origin of your data if it was not collected by us from you, the existence of automated decision-making including profiling and, if applicable, meaningful information on the logic involved and the scope and intended effects of such processing on you, as well as your right to be informed of the guarantees pursuant to Art. 46 GDPR if your data is transferred to third countries;
• Right to rectification pursuant to Art. 16 GDPR: You have the right to obtain without undue delay the rectification of inaccurate data concerning you and/or the completion of incomplete data stored by us;
• Right to erasure in accordance with Art. 17 GDPR: You have the right to request the erasure of your personal data if the requirements of Art. 17 para. 1 GDPR are met. However, this right does not exist in particular if the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims;
• Right to restriction of processing in accordance with Art. 18 GDPR: You have the right to request the restriction of the processing of your personal data as long as the accuracy of your data, which you dispute, is verified, if you refuse to delete your data due to inadmissible data processing and instead request the restriction of the processing of your data, if you need your data to assert, exercise or defend legal claims after we no longer need this data after the purpose has been achieved or if you have lodged an objection for reasons of your particular situation, as long as it is not yet clear whether our legitimate reasons prevail;
• Right to data portability in accordance with Art. 20 GDPR: You have the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transferred to another controller, insofar as this is technically feasible;
• Right to withdraw consent given in accordance with Art. 7 para. 3 GDPR: You have the right to withdraw your consent to the processing of data at any time with effect for the future. In the event of revocation, we will delete the data concerned immediately, unless further processing can be based on a legal basis for processing without consent. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal;
• Right to lodge a complaint pursuant to Art. 77 GDPR: If you believe that the processing of personal data concerning you infringes the GDPR, you have the right - without prejudice to any other administrative or judicial remedy - to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement.
• Right to object to data processing in accordance with Art. 21 GDPR.

To assert these rights, please contact datenschutz@drivecon.de.

15.2 RIGHT TO OBJECT

IF WE PROCESS YOUR PERSONAL DATA AS PART OF A BALANCING OF INTERESTS ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING AT ANY TIME WITH EFFECT FOR THE FUTURE ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED. HOWEVER, WE RESERVE THE RIGHT TO CONTINUE PROCESSING IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE OR DEFENSE OF LEGAL CLAIMS.
IF YOUR PERSONAL DATA ARE PROCESSED BY US FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH MARKETING. YOU CAN EXERCISE YOUR RIGHT TO OBJECT AS DESCRIBED ABOVE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.

The objection is free of charge and can be made informally, if possible to: datenschutz@drivecon.de.

16) Duration of storage of personal data

We store your data for as long as it is required for the respective processing purpose. Please note that numerous retention periods require that data (must) continue to be stored. This applies in particular to retention obligations under commercial or tax law (e.g. German Commercial Code, German Fiscal Code, etc.). If there are no further retention obligations, the data is routinely deleted once the purpose has been achieved.

In addition, we may retain data if you have given us your permission to do so or if legal disputes arise and we use evidence within the scope of statutory limitation periods, which can be up to thirty years; the regular limitation period is three years.