Have any questions?
+44 1234 567 890
Privacy Policy
(Information on the processing of personal data according to Art. 13,14 GDPR)
We take the protection of your personal data very seriously and treat your personal data confidentially and in accordance with the statutory data protection regulations. This privacy policy informs you about details.
1. Responsible processors
VetterTec GmbH
Leipziger Strasse 104-108
D-34123 Kassel
2. Data protection officers of the responsible processors
gds – Gesellschaft für Datenschutz Mittelhessen mbH
Henning Welz
Auf der Appeling 8
D-35043 Marburg
+49 6421 80413-10
datenschutz@gdsm.de
3. Processing Processes:
3.1. Data protection when using the website
3.1.1. Type of technically necessary data
When you visit our website, the following technical data is processed:
- IP adress
- Date and time of the request
- Time zone difference from Greenwich Mean Time (GMT)
- Content of the request (concrete page)
- Access status/HTTP status code
- Data volume transferred in each case
- website from which the request comes
- Browser
- Operating system and its interface
- Language and version of the browser software
3.1.2. Purposes and legal basis of processing
We process your data due to technical necessities in connection with the operation of the Internetsite.
- The processing is therefore based on legitimate interest (Art. 6 para. 1 lit. f GDPR)
3.1.3. Type of additional data collected
When you visit our website, the following additional data is processed:
- Cookies
- Data for the analysis of website usage
3.1.4. Purposes and legal basis of processing
We process your data to better adapt the website to the needs of visitors.
- The processing therefore takes place on the basis of legitimate interest (Art. 6 para. 1 lit. f GDPR)
- Processing by eTracker takes place anonymously and is therefore not subject to data protection considerations.
- Should the data from eTracker have a personal reference, we will ask you for your consent beforehand, in which case the processing will be based on this consent (Art. 6 para. 1 lit.a GDPR)
3.1.5. Sources
We only process personal data that we receive directly from you in the course of your visit to the website.
3.1.6. Recipients of personal data
Your data will be forwarded to the service provider (hoster) that provides the website as part of the processing. This service provider is involved in the process as a processor and therefore does not act as a third party, but as part of the responsible processor.
If data is transferred to third countries, the transfer is either permitted by a condition of Art. 49 para. 1 u. para. 2 EU-GDPR due to your informed consent or due to a contract / a pre-contractual measure at the request of the data subject or we have guarantees for the data protection compliant processing of your data in the third countries (Art. 46 para. 2 & 3 GDPR).
3.1.7. Storage
The storage takes place at least for the duration of your visit to the website. Log data is stored for a maximum of 90 days in order to eliminate errors in the event of malfunctions. After this maximum storage period has expired, your data will be deleted unless there is another important reason to the contrary.
3.2. Data protection in the context of the implementation of pre-contractual measures or for the fulfillment of a contract
3.2.1. Type of data
Relevant personal data we process are:
- Personal master data (name, address and other contact data)
- Communication data (for example, telephone, e-mail)
- Contract master data (contractual relationship, product or contractual interest)
- Customer history
- VContract billing and payment data
- Planning and control data
3.2.2. Purposes and legal basis of processing
We process your data for the purpose of handling an inquiry from you or a contractual relationship with you (providing deliveries and services)
The processing of your personal data takes place:
- for the fulfillment of a contract with you or for the implementation of pre-contractual measures, which take place at the request of the data subject (Art. 6 para. 1 lit. b GDPR)
- If the scope of the processing goes beyond this, we will ask you for consent (Art. 6 (1) (a) GDPR).
3.2.3. Sources
We only process personal data that we receive from you directly or from another person (for example, a colleague) as part of your inquiry or a contractual relationship with you.
In addition, if necessary, we process personal data that we permissibly receive from third parties (for example, from courts, authorities, agencies or insurance companies).
3.2.4. Recipients of personal data
In the course of processing, your data will be transferred to specialist departments within our company as well as within our group or within affiliated companies, in individual cases to group subsidiaries, distributors or affiliated companies in third countries.
Furthermore, data may be transferred outside our company to customers, suppliers, distributors, government agencies, banks, service providers such as service data centers and remote maintenance.
If data is transferred to third countries, the transfer is either permitted by a condition of Art. 49 para. 1 u. para. 2 EU-GDPR due to your informed consent or due to a contract / a pre-contractual measure at the request of the data subject or we have guarantees for the data protection compliant processing of your data in the third countries (Art. 46 para. 2 & 3 GDPR).
3.2.5. Storage
The storage takes place at least for the duration of the business relationship (for example, your request / for the duration of the contractual relationship). In most cases, we are bound by the legally prescribed retention periods. After expiry of this maximum storage period, your data will be deleted if there is no other important reason to the contrary.
3.3. Data protection in the context of marketing
3.3.1. Type of data
Relevant personal data we process are:
- Personal master data (name, address and other contact data)
- Communication data (for example, telephone, e-mail)
- Information (from third parties, for example credit agencies, or from public directories)
- Log data, to ensure the security or IT systems.
3.3.2. Purposes and legal basis of processing
We process your data in the context of existing customer relationships, when we want to inform you about similar goods or services or when we have received your consent to do so.
- The processing is therefore carried out either on the basis of legitimate interest (Art. 6 para. 1 lit. f GDPR),• for the performance of a contract with you or for the implementation of pre-contractual measures, which are carried out at the request of the data subject (Art. 6 para. 1 lit. b GDPR) or
- auf Basis Ihrer Einwilligung (Art. 6 Abs. 1 lit. a DSGVO).
on the basis of your consent (Art. 6 para. 1 lit. a GDPR). In any case, the processing of your personal data will be carried out in compliance with the provisions of Section 7 (3) UWG.
3.3.3. Sources
We only process personal data that we receive directly from you as part of your inquiry or a contractual relationship with you.
3.3.4. Recipients of personal data
In the course of processing, your data will be transferred to specialist departments within our company as well as within our group or to affiliated companies, in individual cases to group subsidiaries, distributors or affiliated companies in third countries.
Furthermore, data may be transferred outside our company to service providers such as service data centers and marketing agencies.
If data is transferred to third countries, the transfer is either permitted by a condition of Art. 49 para. 1 u. para. 2 EU-GDPR due to your informed consent or due to a contract / a pre-contractual measure at the request of the data subject or we have guarantees for the data protection compliant processing of your data in the third countries (Art. 46 para. 2 & 3 GDPR).
3.3.5. Storage
The storage takes place at least for the duration of the business relationship (for example, your request / for the duration of the contractual relationship). In most cases, we are bound by the legally prescribed retention periods. After expiry of this maximum storage period, your data will be deleted if there is no other important reason to the contrary.
3.4. Data protection in the context of online events
3.4.1. Type of data
Relevant personal data we process are:
- Personal master data (name, address and other contact data)
- Communication data (for example, telephone, e-mail)
- Log data, to ensure the security or IT systems
- Participation data
- Registration data
3.4.2. Purposes and legal basis of processing
We process your data in the context of existing and prospective customer relationships when we give you the opportunity to register for an online event.
The processing is therefore carried out either on the basis of legitimate interest (Art. 6 para. 1 lit. f GDPR) or
- for the performance of a contract with you or for the implementation of pre-contractual measures, which are carried out at the request of the data subject (Art. 6 para. 1 lit. b GDPR) or
- on the basis of your consent (Art. 6 para. 1 lit. a GDPR).
3.4.3. Sources
We only process personal data that we receive directly from you as part of your registration or a contractual relationship with you.
3.4.4. Recipients of personal data
Your data will be transferred to specialist departments within our company as part of the processing.
Furthermore, data may be transferred outside our company to service providers such as service data centers.
If data is transferred to third countries, the transfer is either permitted by a condition of Art. 49 para. 1 u. para. 2 EU-GDPR due to your informed consent or due to a contract / a pre-contractual measure at the request of the data subject or we have guarantees for the data protection compliant processing of your data in the third countries (Art. 46 para. 2 & 3 GDPR).
3.4.5. Storage
The data is stored at least until the purpose is fulfilled (participation in the online event) or, in the case of consent, until the purpose of the consent expires. After expiry of this maximum storage period, your data will be deleted if there is no other important reason to the contrary.
3.5. Data protection in the context of communication
We would like to point out that data transmission in electronic communication (by e-mail, fax, online video or messaging) can have security gaps and the transmission is usually only transport-encrypted. If you do not wish this, more powerful encryption methods must be used.
3.5.1. Type of data
Relevant personal data we process are:
- Personal master data (name, address and other contact data)
- Communication data (for example, telephone, e-mail)
- If applicable, image data (for video conferences)
Furthermore, all data that are the content of the communication, which may include the following:
- Contract master data (contractual relationship, product or contractual interest)
- Customer history
- Contract billing and payment data
- Planning and control data
3.5.2. Purposes and legal basis of processing
We process your data within the framework of the legal basis in the correspondence. This can be, for example, an inquiry, an order, project reference or similar.
The processing therefore takes place either
- on the basis of legitimate interest (Art. 6 para. 1 lit. f GDPR),
- for the performance of a contract with you or for the implementation of pre-contractual measures, which are carried out at the request of the data subject (Art. 6 para. 1 lit. b GDPR) or
- on the basis of your (possibly implied) consent (Art. 6 para. 1 lit. a GDPR).
3.5.3. Sources
We only process personal data that we receive directly from you in the course of communication.
3.5.4. Recipients of personal data
In the course of processing, your data will be transferred to specialist departments within our company as well as within our group or to affiliated companies, in individual cases to group subsidiaries, distributors or affiliated companies in third countries.
Furthermore, data may be transferred outside our company to service providers such as service data centers and marketing agencies.
If data is transferred to third countries, the transfer is either permitted by a condition of Art. 49 para. 1 u. para. 2 EU-GDPR due to your informed consent or due to a contract / a pre-contractual measure at the request of the data subject or we have guarantees for the data protection compliant processing of your data in the third countries (Art. 46 para. 2 & 3 GDPR).
3.5.5. Storage
The storage takes place at least for the duration of the business relationship (for example, your request / for the duration of the contractual relationship). In most cases, we are bound by the legally prescribed retention periods. After expiry of this maximum storage period, your data will be deleted if there is no other important reason to the contrary.
3.6. Data protection in the context of job applications
We process all data that you provide to us as part of an application.
3.6.1. Type of data
Relevant personal data we process are:
- Personal master data (name, address and other contact data)
- Communication data (for example, telephone, e-mail)
- Qualification data
- Curriculum vitae data
- If applicable, special categories of personal data (religion, trade union membership)
- other data that your application contains
- Dates
3.6.2. Purposes and legal basis of processing
We process your data as part of the application process in preparation for your contractual relationship with us.
The processing therefore takes place either
- for the implementation of pre-contractual measures, which take place at the request of the data subject (Art. 6 para. 1 lit. b GDPR in conjunction with Art. 88 GDPR in conjunction with § 26 BDSG)
3.6.3. Sources
We only process personal data that we receive as part of your application.
3.6.4. Recipients of personal data
In the course of processing, your data will be transferred to specialist departments within our company and, under certain circumstances, within our group or to affiliated companies.
3.6.5. Storage
After completion of the application process, your data will be stored either for the duration of your employment contract or, if your application is unsuccessful, for 6 months after rejection. If we would like to store your data for longer, we will ask you for your consent. After this maximum storage period has expired, your data will be deleted. The metadata of the application will be stored for another 3 years.
4. Rights of the data subjects
The following rights arise for you from the processing of your personal data by the responsible processor:
- The right to information (if we process personal data from you, you will receive information on the exact circumstances upon request)
- The right to erasure of data (under certain circumstances, which may need to be clarified).
- The right to be forgotten (if data have been transmitted, we must request the recipient to delete them).
- The right to data portability (if you wish, we must transfer the data to a third party in machine-readable form)
- The right to rectify the category of data (if it is not correct)
- The right to object to the processing activity (in certain circumstances, which may need to be clarified).
- The right to rectification if the data is incorrect.
- The right to complain to the supervisory authority. (Complaints are accepted by the supervisory authority responsible for you under the so-called "one-stop-shop" principle. This is either the supervisory authority of your country or, in the Federal Republic of Germany, of your federal state. You can find a list by federal state here: https://www.datenschutz-wiki.de/Aufsichtsbehörden_und_Landesdatenschutzbeauftragte
5. Reasons for the provision
Within the scope of our business relationship, you only have to provide us with the personal data that is required for the processing of the legal transaction. In case of non-provision, a business relationship is not possible.
6. Other
There is no automated decision-making. Likewise, we do not process your data with the aim of evaluating certain personal aspects (profiling).