Personal data (hereinafter usually referred to as "data") is processed by us only to the extent necessary and for the purpose of providing a functional and user-friendly internet presence, including its content and the services offered there.
According to Art. 4 No. 1 of Regulation (EU) 2016/679, namely the General Data Protection Regulation (hereinafter referred to as "GDPR"), "processing" means any operation or set of operations that is performed on personal data, whether or not by automated means, such as the collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, deletion, or destruction.
With the following privacy policy, we inform you in particular about the nature, scope, purpose, duration, and legal basis of the processing of personal data, as far as we decide alone or together with others on the purposes and means of processing. Furthermore, we inform you below about the external components we use for optimization purposes and to increase user quality, to the extent that third parties process data in their own responsibility as a result.
Our privacy policy is structured as follows:
I. Information about us as the responsible party
II. Rights of users and affected parties
III. Information on data processing
I. Information about us as the responsible party
The responsible party for data processing within the meaning of the GDPR, the BDSG, and other data protection regulations in the context of this internet presence is: CarByte GmbH Hohnerstraße 23 D-70469 Stuttgart Germany --- Phone +49 (0) 727 2929560 Email: info@carbyte.de --- The data protection officer of the provider is: Ingo Berger Email: CarByte@ingo-berger.consulting
II. Rights of users and affected parties
With regard to the data processing described in more detail below, users and affected parties have the right to confirmation as to whether data concerning them is being processed, to information about the processed data, to further information about the data processing, and to copies of the data (see also Art. 15 GDPR); to correction or completion of inaccurate or incomplete data (see also Art. 16 GDPR);
to immediate deletion of their data (see also Art. 17 GDPR), or, alternatively, to the restriction of processing in accordance with Art. 18 GDPR, as far as further processing according to Art. 17 para. 3 GDPR is necessary; to receipt of data concerning them and provided by them and to transfer this data to other providers/responsible parties (see also Art. 20 GDPR); to lodge a complaint with a supervisory authority if they believe that the data concerning them has been processed by the provider in violation of data protection regulation (see also Art. 77 GDPR). Furthermore, the provider is obliged to inform all recipients to whom data has been disclosed by the provider of any correction or deletion of data or any restriction of processing that has occurred based on Articles 16, 17 para. 1, 18 GDPR. However, this obligation does not exist if the notification is impossible or involves a disproportionate effort. Regardless, the user has a right to information about these recipients. Users and affected parties also have the right under Art. 21 GDPR to object to the future processing of their data if the data is processed by the provider according to Art. 6 para. 1 lit. f) GDPR. In particular, an objection against data processing for direct advertising purposes is permissible. If the affected person wishes to assert one or more of the aforementioned rights, they can contact our data protection officer or another employee responsible for processing at any time. They also have the option to contact a data protection supervisory authority with hints or complaints. The responsible data protection supervisory authority for us is: The State Commissioner for Data Protection and Freedom of Information Baden-Württemberg, Lautenschlagerstraße 20, 70173 Stuttgart.
III. Information on data processing
Your data processed while using our internet presence will be deleted or blocked as soon as the purpose of storage no longer applies, and there are no statutory retention obligations opposing the deletion, and no conflicting information about individual processing procedures is made thereafter.
1. Cookies
A) SESSION COOKIES
We use so-called cookies with our internet presence. Cookies are small text files or other storage technologies that are stored on your device by the internet browser you are using. Through these cookies, specific information about you, such as your browser data or location data or your IP address, is processed to an individual extent. Through this processing, our internet presence becomes more user-friendly, effective, and secure, as the processing, for example, enables the presentation of our internet presence in different languages or offers a shopping cart function. The legal basis for this processing is Art. 6 para. 1 lit. b) GDPR, provided these cookies process data for the initiation or execution of contracts. If the processing does not serve the initiation or execution of contracts, our legitimate interest lies in improving the functionality of our internet presence. The legal basis is then Art. 6 para. 1 lit. f) GDPR. These session cookies are deleted when you close your internet browser.
B) THIRD-PARTY COOKIES
Occasionally, cookies from partner companies or service providers (“third-party cookies”), with which we cooperate for the purposes of advertising, analysis, or the functionalities of our internet presence, may also be used. The details, especially regarding the purposes and legal bases for processing such third-party cookies, can be found in the following section III. C).
C) POSSIBILITY OF REMOVAL
You can prevent or limit the installation of cookies by adjusting the settings of your internet browser. Additionally, you can delete cookies that have already been stored at any time. The necessary steps and measures, however, depend on the specific internet browser you are using. If you have questions, please use the help function or documentation of your internet browser or contact the manufacturer or support of it. For so-called flash cookies, however, the processing cannot be prevented through the browser settings. Instead, you must change the settings of your flash player in this regard. The required steps and measures also depend on your specific flash player being used. If you have questions, please use the help function or documentation of your flash player, or contact the manufacturer or user support. If you prevent or limit the installation of cookies, this may, however, mean that not all functions of our internet presence are fully usable.
2. Contact Form
If you send us inquiries via the contact form and consent to the processing of your personal data in this context, your information from the contact form including the personal data you entered there (together "contact data") will be stored for the purpose of processing the inquiry and for any follow-up questions. We do not share this contact data without your consent.
The legal basis for processing your personal data in this case is your consent in conjunction with Art. 6 para. 1 a) GDPR.
By consenting to the processing of the contact data you entered in the contact form and transmitted, CarByte GmbH is authorized to collect, record, organize, store, adapt, alter, retrieve, consult, use, align, link, restrict, delete, or destroy these contact data to the extent that such data contains personal data concerning you, for the purpose of processing the inquiry and for any follow-up questions, with or without the aid of automated, specifically electronic, procedures (collectively "processing"). Granting consent is voluntary, and it is particularly important to note that there is no obligation to grant this consent, and refusal of consent will not have any negative consequences. The consent does not extend to special categories of personal data within the meaning of Art. 9 para. 1 of the GDPR. Personal data is also not used for automated decision-making (e.g., profiling).
You can revoke your consent to the processing of your contact data at any time with effect for the future in accordance with Art. 7 para. 3 GDPR. To do this, you simply need to inform us of your revocation.
3. Newsletter
If you subscribe to our free newsletter, the information you request, such as your email address as well as - optionally - your name and your address, will be sent to us. At the same time, we store the IP address of the internet connection from which you access our internet presence and the date and time of your registration. In the course of the further registration process, we will obtain your consent for the dispatch of the newsletter, describe the content in detail, and refer to this privacy policy. The data collected in this manner will be used exclusively for sending the newsletter – thus, they will not be passed on to third parties. The legal basis here is Art. 6 para. 1 lit. a) GDPR. You can revoke your consent to the newsletter dispatch at any time with effect for the future in accordance with Art. 7 para. 3 GDPR. To do this, you simply need to inform us of your revocation or press the unsubscribe link contained in each newsletter.
4. Contact Inquiries / Contact Possibility
If you contact us via contact form or email, the data you provide will be used to process your inquiry. Providing the data is necessary for the processing and answering of your inquiry – without this provision, we cannot answer your inquiry or can only do so in a limited manner. The legal basis for this processing is Art. 6 para. 1 lit. b) GDPR. Your data will be deleted as soon as your inquiry has been conclusively answered, and there are no statutory retention obligations opposing the deletion, such as in the case of a subsequent contract execution.
5. Framer
Our website uses Framer. This is a platform for creating websites of Framer B. V., Rozengracht 207B, 1016 LZ Amsterdam, Netherlands, hereinafter referred to as "Framer".
Framer provides us with the technical means to design and manage our website. Framer can automatically collect and process certain data from visitors to our website (“log data”), including: IP address of the user, browser type and version, operating system used, referrer URL (the previously visited page), date and time of access.
Framer processes this log data on our behalf to enable the provision of the website and to ensure its trouble-free operation and security. This log data is stored in a log file to ensure data security but is not assignable to specific persons. A combination of the log data with other data sources is not performed, and conclusions about the affected persons are not drawn. This data is primarily needed to (1) correctly deliver the contents of our internet site, (2) optimize the contents of our internet site, (3) ensure the long-term functionality of our IT systems and the technology of our website, (4) track unauthorized access attempts and access to the web server, and (5) provide authorities and courts with the necessary information for prosecution and prevention of danger in the event of a cyberattack, and to pursue our legitimate interests and civil law claims. These anonymously collected data and information are evaluated by Framer or by us with the aim of enhancing data protection and data security in our company. A further use of the log data occurs exclusively for statistical purposes in anonymized form.
The legal basis for this data processing, as far as it concerns personal data, is Art. 6 para. 1 f) GDPR.
The collected log data is only stored as long as necessary to fulfill the above-mentioned purposes. Otherwise, the log data will be deleted at regular intervals – at the latest after 2 years. Framer complies with applicable data protection regulations and provides an adequate level of protection for the processing of personal data. For more information on the data processing by Framer, please refer to Framer's privacy policy at:
https://www.framer.com/legal/privacy-statement/?utm_source=google&utm_medium=adwords&utm_campaign=Brand-Search-Framer-M-Aug2024-PUBLISH_Standard&gad_source=1&gclid=EAIaIQobChMIrLrvoJv_iAMVv6loCR2A1QFvEAAYASAAEgJ1l_D_BwE
6. Google Analytics
We use Google Analytics on our internet presence. This is a web analysis service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter referred to as "Google".
Through the certification under the EU-US Privacy Shield
https://www.privacyshield.gov/participant?id=a2zt0...
Google guarantees that the data protection requirements of the EU are also met when processing data in the USA.
The Google Analytics service is used to analyze the usage behavior of our internet presence. The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the analysis, optimization, and economic operation of our internet presence.
Usage and user-related information, such as IP address, location, time, or frequency of visits to our internet presence, is transmitted to a Google server in the USA and stored there. However, we use Google Analytics with the so-called anonymization feature. With this feature, Google shortens the IP address already within the EU or the EEA.
The data collected in this way will be used by Google to provide us with an analysis of the visit to our internet presence as well as the usage activities there. These data may also be used to provide additional services related to the use of our internet presence and the internet.
Google states that it does not associate your IP address with any other data. Furthermore, Google provides additional privacy-related information under
https://www.google.com/intl/de/policies/privacy/pa...
for you, such as the possibilities to prevent data usage.
In addition, Google offers at
https://tools.google.com/dlpage/gaoptout?hl=de
a so-called deactivation add-on alongside further information here. This add-on can be installed with common internet browsers and offers you further control over the data that Google collects when you visit our internet presence. The add-on tells the JavaScript (ga.js) from Google Analytics that information about the visit to our internet presence should not be transmitted to Google Analytics. However, this does not prevent information from being transmitted to us or other web analysis services. Whether and what other web analysis services we use will also be explained in this privacy policy.
7. Google Maps
We use Google Maps on our internet presence to display our location and to create directions. This is a service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter referred to as "Google".
Through the certification under the EU-US Privacy Shield
https://www.privacyshield.gov/participant?id=a2zt0...
Google guarantees that data protection requirements of the EU are also met when processing data in the USA.
To enable the display of certain fonts on our internet presence, a connection to the Google server in the USA is established when accessing our internet presence.
When you access the integrated Google Maps component on our internet presence, Google stores a cookie on your device via your internet browser. To display our location and create directions, your user settings and data are processed. Here, we cannot exclude that Google uses servers in the USA.
The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in optimizing the functionality of our internet presence.
By establishing the connection to Google, Google can determine from which website your request has been sent and to which IP address the directions are to be transmitted.
If you do not agree with this processing, you have the option to prevent the installation of cookies by making the appropriate settings in your internet browser. Details can be found above under the point "Cookies".
Furthermore, the use of Google Maps and the information obtained through Google Maps is governed by the Google Terms of Service https://policies.google.com/terms?gl=DE&hl=de and the terms and conditions for Google Maps http://www.google.com/intl/de_de/help/terms_maps.html.
Additionally, Google offers further information at
https://adssettings.google.com/authenticated
https://policies.google.com/privacy
about this.
8. Online Job Applications / Publication of Job Advertisements
We offer you the possibility to apply to us through our internet presence. In these digital applications, your applicant and application data will be electronically collected and processed by us for processing of the application process.
The legal basis for this processing is § 26 para. 1 S. 1 BDSG in conjunction with Art. 88 para. 1 GDPR.
If a contract of employment is concluded after the application process, we will store the data you submitted during the application in your personnel file for the purposes of the usual organizational and administrative process – of course, while taking into account further legal obligations.
The legal basis for this processing is also § 26 para. 1 S. 1 BDSG in conjunction with Art. 88 para. 1 GDPR.
In the event of a rejection of an application, we will automatically delete the data submitted to us two months after the notification of the rejection. However, deletion will not occur if the data requires a longer retention period due to legal provisions, e.g., due to proof obligations under the AGG, up to four months or until the conclusion of a judicial process.
The legal basis in this case is Art. 6 para. 1 lit. f) GDPR and § 24 para. 1 No. 2 BDSG. Our legitimate interest lies in legal defense or enforcement.
If you explicitly consent to a longer retention of your data, e.g., for your inclusion in a database of applicants or interested parties, the data will be further processed based on your consent. The legal basis is then Art. 6 para. 1 lit. a) GDPR. However, of course, you can revoke your consent at any time in accordance with Art. 7 para. 3 GDPR by declaration to us with effect for the future.
9. Disclosure of Data
There is no transmission of your personal data to third parties for purposes other than those listed below. We only pass on personal data to third parties if: You have expressly consented to it according to Art. 6 para. 1 S. 1 a) GDPR, The transfer is required according to Art. 6 para. 1 S. 1 f) GDPR for the assertion, exercise, or defense of legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data, In the event that there is a legal obligation for the transfer according to Art. 6 para. 1 S. 1 c) GDPR, and This is legally permissible and required for the execution of contractual relationships with you according to Art. 6 para. 1 S. 1 b) GDPR.
10. Routine Deletion and Blocking of Personal Data
The controller processes and stores personal data of the affected party only for the period necessary to achieve the storage purpose or as otherwise provided by the GDPR or another data protection regulation to which the controller is subject. If the storage purpose ceases to exist or a storage period prescribed by the GDPR or another applicable provision expires, the personal data will be routinely blocked or deleted in accordance with legal provisions.
