PRIVACY POLICY

We are pleased about your interest in CarByte Technology Group GmbH and our website https://carbyte.de ("Website"). The protection of your privacy and the lawful collection, processing, and use of your data is a particular concern for us.

Below we inform you about which of your data we collect on the website and for what purposes we process and use this data.

1. RESPONSIBLE PARTY / SERVICE PROVIDER

1.1. The responsible party in accordance with Art. 4 Para. 7 of the General Data Protection Regulation (hereinafter "GDPR") and service provider within the meaning of the Digital Services Act (DDG) and the Telecommunications Digital Services Data Protection Act (TDDDG) is CarByte Technology Group GmbH, represented by the managing director Dr. Jürgen Weber, Carl-Benz-Straße 1, D-76761 Rülzheim, Email: info@carbyte.de (hereinafter "us" or "we").

1.2. You can reach our external data protection officer (DSB) as follows:  Dr. Thomas A. Degen, Specialist Lawyer for IT Law, Certified Data Protection Officer TÜV Süd (DSB-TÜV), c/o Jordan & Wagner Rechtsanwaltsgesellschaft mbH, Alexanderstraße 8A, D-70174 Stuttgart, Email: thomas.degen@jordan-ra.com.

2. DATA COLLECTION, PROCESSING, AND USE DURING YOUR VISIT TO OUR WEBSITE

2.1. When you use the website purely for informational purposes, that is, when you do not register or otherwise transmit information to us, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security:

-       the name of your internet service provider,

-       your assigned IP address,

-       the address of the website from which you visit our website,

-       the browser used and, if applicable, the operating system of your computer,

-       the amount of data transferred at any time

-       the subpages of our website that you visit, and

-       the date and time of your visit to our website.

2.2. We and our IT service providers, including our host provider, have access to the data, with their servers located in the European Union. We have concluded a contract for order processing with our host provider in accordance with Art. 28 GDPR.

2.3. The aforementioned data is processed by us for the following purposes:

-       ensuring a smooth connection to the website,

-       ensuring a comfortable use of our website,

-       evaluation of system security and stability, and

-       for other administrative purposes.

2.4. For security reasons, log file information (e.g., for the clarification of misuse or fraud) is stored for a maximum of 10 days and then deleted or anonymized. Data whose further retention is necessary for evidential purposes is excluded from deletion until the final clarification of the respective incident.

2.5. The legal basis for data processing is Art. 6 Para. 1 Sentence 1 lit. f GDPR. Our legitimate interest follows from the purposes listed above for data collection. The right of withdrawal according to section 14 of the data protection declaration is hereby referenced.

2.6. In addition, we use cookies when you visit our website. You will find detailed explanations on this in section 6 of this privacy policy.

3. COLLECTION, PROCESSING, AND USE OF THE DATA YOU PROVIDE DURING THE USE OF THE WEBSITE

3.1. Your data is collected when you provide it to us during a contact request, e.g., via email, fax, or a contact form. The processing and use of the data you provide during contact is done exclusively for the purpose of answering your inquiry and for any follow-up questions.

3.2. Data processing for the purpose of contacting is carried out in accordance with Art. 6 Para. 1 Sentence 1 lit. b GDPR.

4. HOSTING

Our web server is operated by an internet service provider. The personal data you transmit in connection with your visit to our online presence is therefore processed on our behalf by our provider.

5. USE OF OUR SERVICES

5.1. If you would like to use our services, it is necessary for the consultation or contract conclusion that you provide your personal data, which we need for the processing of your order in accordance with Art. 6 Para. 1 Sentence 1 lit. b GDPR. We process the data you provide to process your order.

5.2. With your consent, we also include you in our interested party database. Then we store your data for any further orders. You can revoke your consent to the storage of customer data at any time. In this case, we will delete the corresponding data immediately after we are no longer authorized or obligated to retain it.

5.3. We are obliged to store your address, payment, and order data for a period of ten years due to commercial and tax regulations. However, after two years, we will restrict processing, meaning your data will only be used to fulfill legal obligations.

6. COOKIES 

6.1. When you first visit our website from one of your used end devices, you will be informed that so-called cookies may be loaded onto the end device when using the website. If you continue to use our website after this information, you thereby declare your consent to the use of persistent cookies by us.

6.2. Cookies are alphanumeric identification characters that are transmitted to the hard drive of the end device when you access our website. They enable your browser to be recognized during a later visit to the website and serve primarily to make the visit to the website more pleasant and individual, for example, by recognizing the language used, as well as to protect the website from hacker attacks.

6.3. This website uses the following types of cookies, the scope and functionality of which are explained below:

-       Transient cookies (see 6.4)

-       Persistent cookies (see 6.5).

6.4. Transient cookies are automatically deleted when you close the browser. This includes, in particular, session cookies. These store a so-called session ID, with which various inquiries from your browser can be allocated to the shared session. This allows your computer to be recognized when you return to our website. Session cookies are deleted when you log out or close the browser.

6.5. The persistent cookies we use are automatically deleted after a specified duration, which may vary depending on the cookie.

6.6. You can delete cookies in the security settings of your browser at any time. The help function in the menu bar of most web browsers explains how to set your browser so that new cookies are never accepted, cookies are only accepted after a warning and by you, or always automatically set.

6.7. The data processed by cookies is necessary for the mentioned purposes to safeguard our legitimate interests and those of third parties according to Art. 6 Para. 1 Sentence 1 lit. a or f GDPR.

6.8 You can configure your browser settings according to your wishes and, for example, refuse the acceptance of third-party cookies or all cookies. We would like to inform you that, depending on such configuration settings, you may not be able to use all the functions of this website. You can access our cookie consent tool here and through the navigation section of our website.

7. OWN WEB FONTS

This website currently uses web fonts on our own servers to ensure consistent font display. Access to servers of Google LLC does not take place.

8. DATA PROCESSING IN APPLICATIONS

8.1 We offer you the opportunity to apply to us through our website. In these digital applications, your applicant and application data are electronically collected and processed by us for the purpose of processing the application process. 

The legal basis for this processing is § 26 Para. 1 Sentence 1 BDSG in conjunction with Art. 88 Para. 1 GDPR. 

8.2 If an employment contract is concluded after the application process, we store the data you provided during the application in your personnel file for the purpose of the usual organizational and administrative process – this is of course done with consideration of the further legal obligations. 

The legal basis for this processing is also § 26 Para. 1 Sentence 1 BDSG in conjunction with Art. 88 Para. 1 GDPR. 

8.3 In the event of a rejection of an application, we automatically delete the data transmitted to us two months after the notification of the rejection. However, deletion does not occur if the data require a longer retention period of up to four months or until the conclusion of legal proceedings due to legal provisions, e.g., due to the evidentiary obligations under the AGG. 

The legal basis in this case is Art. 6 Para. 1 lit. f GDPR and § 24 Para. 1 No. 2 BDSG. Our legitimate interest lies in legal defense or enforcement. 

8.4 If you explicitly consent to a longer storage of your data, e.g., for your inclusion in an applicant or interested party database, the data will be further processed based on your consent. The legal basis is then Art. 6 Para. 1 lit. a GDPR. However, you may revoke your consent at any time in accordance with Art. 7 Para. 3 GDPR by declaration to us with effect for the future. 

9. EMAIL NEWSLETTER 

9.1. When you sign up for our email newsletter (hereinafter "Newsletter"), we collect your email address as well as any additional data you may provide. We use this data exclusively for sending the respective newsletter for the purposes stated at the time of newsletter registration. Registration takes place in a double opt-in process and can therefore only be completed once you click the link provided in the confirmation email, thereby confirming your consent to receive the newsletter. You can revoke your consent to the sending of a newsletter at any time. You can also unsubscribe via the link at the end of each newsletter. The legal basis for sending the newsletter is Art. 6 Para. 1 Sentence 1 lit. a GDPR, § 7 Para. 2 UWG.

9.2. Our newsletters contain so-called tracking pixels. A tracking pixel is a miniature graphic that is embedded in emails sent in HTML format to enable log file recording and log file analysis. This allows for a statistical evaluation of the success or failure of online marketing campaigns. Based on the embedded tracking pixel, we can see whether and when an email was opened by a person concerned and which links contained in the email were accessed by the person concerned.

9.3. Such personal data collected through tracking pixels contained in newsletters is stored and evaluated by us to optimize the newsletter dispatch and to better align the content of future newsletters with the interests of the persons concerned. This personal data will not be passed on to third parties. Affected persons are entitled to revoke their separate consent given via the double opt-in procedure at any time. After a revocation, this personal data will be deleted by us. Unsubscribing from the newsletter constitutes a revocation of consent.

10. LINKS TO OTHER WEBSITES AND PLUGINS

10.1 In connection with our website, we may link – also via icons – to the websites of our partners. By clicking such a link on the website, we unfortunately have no more influence on the collection, processing, and use of your data by third parties. Therefore, we sadly cannot take any responsibility for this.

10.2. Our website currently uses plugins for the use of Google Analytics 4, Ads, and Maps as regulated in the respective clauses.

11. Framer 

11.1 Our website uses Framer. This is a platform for creating websites by the company Framer B.V., Rozengracht 207B, 1016 LZ Amsterdam, Netherlands, hereinafter referred to as "Framer". 

11.2 Framer provides us with the technical means to design and manage our website. Framer may automatically collect and process certain data from visitors to our website ("Log Data"), including: IP address of the user, browser type and version, operating system used, referrer URL (the previously visited page), date and time of access.

11.3 Framer processes this log data on our behalf to enable the provision of the website and to ensure its smooth operation and security. This log data is stored in a log file to ensure data security but is not assigned to specific individuals. A combination of log data with other data sources is not made, and no conclusions about the affected individuals are drawn. These data are rather needed to (1) correctly deliver the content of our internet pages, (2) optimize the content of our internet pages, (3) ensure the lasting functionality of our IT systems and the technology of our internet pages, (4) track unauthorized access attempts and access to the web server, and (5) to provide the information necessary for prosecution and danger prevention to authorities and courts in the event of a cyberattack, as well as to pursue our legitimate interests and civil law claims. These anonymized data and information are evaluated by Framer or by us with the aim of increasing data protection and data security in our company. Any further use of the log data is done exclusively for statistical purposes in an anonymized form. 

11.4 The legal basis for this data processing, insofar as it involves personal data at all, is Art. 6 Para. 1 lit. f GDPR. We have a legitimate interest in having our website represented as reliably as possible. If a corresponding consent has been requested, the processing takes place exclusively on the basis of Art. 6 Para. 1 lit. a GDPR and § 25 Para. 1 TDDDG, provided that the consent covers the storage of cookies or access to information on the end device in the sense of the TDDDG. The consent can be revoked at any time.

11.5 The collected log data is only stored as long as necessary to fulfill the above purposes. Otherwise, the log data will be deleted at regular intervals – at the latest after 2 years. Framer complies with applicable data protection regulations and provides an adequate level of protection for the processing of personal data. Further information on data processing by Framer can be found in Framer's privacy policy at: https://www.framer.com/legal/privacy-statement/?utm_source=google&utm_medium=adwords&utm_campaign=Brand-Search-Framer-M-Aug2024-PUBLISH_Standard&gad_source=1&gclid=EAIaIQobChMIrLrvoJv_iAMVv6loCR2A1QFvEAAYASAAEgJ1l_D_BwE 

12. DISCLOSURE OF DATA

12.1. There is no transmission of your personal data to third parties for purposes other than those listed below.

12.2. We only disclose your personal data to third parties if:

    you have given us your explicit consent in accordance with Art. 6 Para. 1 Sentence 1 lit. a GDPR,

    the disclosure is required for the assertion, exercise, or defense of legal claims pursuant to Art. 6 Para. 1 Sentence 1 lit. f GDPR and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data,

    in the event that there is a legal obligation for disclosure according to Art. 6 Para. 1 Sentence 1 lit. c GDPR, and

    this is legally permissible and required under Art. 6 Para. 1 Sentence 1 lit. b GDPR for the processing of contractual relationships with you.

13. RIGHTS OF AFFECTED PARTIES 

You have the right:

    to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been disclosed or will be disclosed, the planned storage duration, the existence of a right to rectification, deletion, limitation of processing, or objection, the existence of a right to lodge a complaint, the source of your data if it was not collected from us, as well as to exist a fully automated decision-making process including profiling and, if applicable, meaningful information about its details;

    to request the immediate correction of inaccurate or completion of your personal data stored with us in accordance with Art. 16 GDPR;

    to request the deletion of your personal data stored with us in accordance with Art. 17 GDPR, as far as processing is not necessary for the exercise of the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest, or for the assertion, exercise, or defense of legal claims;

    to request the restriction of processing of your personal data in accordance with Art. 18 GDPR, as far as the accuracy of the data is contested by you, the processing is unlawful, but you reject their deletion, and we no longer need the data, but you need them for the assertion, exercise, or defense of legal claims, or you have lodged an objection to the processing in accordance with Art. 21 GDPR;

    to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format or to request the transmission to another responsible party in accordance with Art. 20 GDPR;

    to revoke your once granted consent at any time in accordance with Art. 7 Para. 3 GDPR. This has the consequence that we can no longer continue the data processing based on this consent for the future and

    to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. In principle, you can contact the supervisory authority of your usual place of residence or workplace or our registered office for this purpose.