We are delighted about your interest in our website – and therefore in our company. The protection of your private rights and freedoms is important to us; we only use your data for the intended purposes. Since it is important to us that you know at all times how we collect, use and, if necessary, transfer your data to third parties, we hereby provide you with extensive information on the processing of your personal data (collected via our website).
You can generally use our pages without providing any data; if there are exceptions to this for selected services, we will explain these in the following chapters. Without legal basis, we will not process data without your informed consent.
When processing personal data, we strictly comply with the provisions of the EU General Data Protection Regulation (GDPR) and, if applicable, other data protection-relevant provisions.
Definition of terms (according to GDPR)
Personal data means any information relating to an identified or identifiable natural person (also "data subject“); an identifiable natural person is any natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more specific characteristics reflecting the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Processing means any operation or set of operations carried out on personal data, whether or not by automated means, such as collation, collection, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Restriction of processing means the marking of stored personal data with the aim of limiting their future processing.
Profiling is any type of automated processing of personal data that comprises the use of this personal data to assess certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to the work performance, economic situation, health, personal preferences, interests, reliability, behaviour, place of residence or relocation of that natural person.
Pseudonymisation refers to the processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without the use of additional information, provided that this additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not assigned to an identified or identifiable natural person.
The controller shall be the natural or legal person, authority, body or other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of such processing are defined by Union or Member State law, the controller or the specific criteria for its designation may be provided for in Union or Member State law.
Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Recipient is a natural or legal person, public authority, agency or other body to whom personal data is disclosed, whether or not it is a third party. However, authorities which may receive personal data under a specific investigation mandate under Union or Member State law shall not be considered recipients and the processing of such data by those authorities shall be carried out in accordance with the applicable data protection rules in accordance with the purposes of the processing.
A third party is a natural or legal person, authority, agency or other body other than the data subject, the data controller, the data processor and the persons authorised under the direct responsibility of the data controller or the data processor to process the personal data.
Consent of the data subject is given voluntarily in the specific case, in an informed and unambiguous manner, in the form of a declaration or other unambiguous confirmatory action, with which the data subject understands that he/she agrees to the processing of personal data concerning him/her.
Name and address of the controller
Sopronem Greven GmbH
Reckenfelder Straße 60
Name and address of the data protection officer
Jörg ter Beek
Cortina Consult GmbH
If you have any questions about the processing of your personal data, if you wish to exercise your data subject rights (such as the right to information, correction, blocking or deletion of data) or if you wish to withdraw consent, please contact our Data Protection Officer directly.
This cookie may contain a cookie ID - a unique identifier consisting of a string that enables the assignment of websites and servers to be saved to the browser.
It is possible to use our sites (although not in full functionality under certain circumstances) without cookies. Most browsers are set to automatically accept cookies. However, you can deactivate the storage of cookies or set your browser to notify you as soon as cookies are sent.
Collection of general data and information
As soon as you visit our website, our web server collects some general data and technical information – as can be seen from the following table:
This data is collected and stored anonymously; we do not intend or make any conclusions about the data subject.
We only store your personal data for the period required to fulfil the specified purpose. After the end of the purpose and after expiry of any retention periods, your data will be deleted immediately. If deletion is not possible, the data will be blocked instead.
Rights of data subjects
Chapter III of the EU General Data Protection Regulation (GDPR) provides extensive rights for data subjects, which we explain to you accordingly in relation to the data processing of our website below:
Insofar as we have collected or collected and process personal data from you, you have the right to obtain information about your person stored by us at any time free of charge. This requirement applies in particular to information on the following details of data processing:
If you wish to exercise your right of access, please contact our data protection officer using the contact details provided.
If we have collected or collected and process personal data from you, you have the right to request the immediate correction or, if necessary, the completion of incorrect or incomplete data concerning you. If you wish to exercise your right to correction, please contact our data protection officer using the contact details provided.
Insofar as we have collected or collected and process personal data from you, you have the right to request deletion of your data, provided that the processing is no longer necessary and one of the following conditions is fulfilled:
As part of the deletion request, we may pass on your request to those third parties to whom your data had previously been transferred.
If you wish to exercise your right to deletion, please contact our data protection officer using the contact details provided.
Insofar as we have collected or collected and process personal data from you, you have the right to request a restriction of data processing if one of the following conditions is met:
If you wish to exercise your right to restriction, please contact our data protection officer using the contact details provided.
If we have collected or collected and process personal data from you, you have the right to receive the personal data concerning you from us in a structured, commonly used and machine-readable format. Insofar as this is technically possible and does not affect the rights and freedoms of other persons, we will – upon your request – transfer your data to another recipient (controller).
If you wish to exercise your right to data portability, please contact our data protection officer using the contact details provided.
If we have collected, collected and processed personal data from you (on the basis of Art. 6 Para. 1 e or f GDPR), you have the right to object to data processing at any time (incl. profiling). In exceptional cases, the objection may be ineffective, e.g. if we can prove compelling legitimate interests for processing that override your interests or serve to assert, exercise or defend legal claims. If we process your personal data for direct marketing purposes, you have the right to object to this processing at any time. This also applies to profiling insofar as it is related to such direct marketing. You also have the right to object to the processing of your data concerning you, which is carried out by us for scientific or historical research purposes or for statistical purposes in accordance with Article 89 (1) GDPR, unless such processing is necessary for the fulfilment of a task in the public interest.
If you wish to exercise your right to object, please contact our data protection officer using the contact details provided.
Insofar as we have collected or collected and process personal data from you, you have the right not to be subject to any decision based solely on automated processing – including profiling – which has legal effect vis-à-vis you or significantly impairs you in a similar way. Exceptions to this requirement apply if the decision is necessary for the conclusion or fulfilment of a contract between you and us or if you have expressly consented to the processing. In any case, we shall take appropriate measures to safeguard your rights and freedoms and legitimate interests, including at least the right to obtain the intervention of a person on our part, to explain our own position and to challenge the decision.
If you wish to exercise rights with regard to automated decisions, please contact our data protection officer using the contact details provided.
If we have collected or collected and process personal data from you, you have the right to withdraw your consent to the processing of personal data at any time. If you wish to exercise your right of withdrawal, please contact our data protection officer using the contact details provided.
Data protection for applications and in the application process
On our website, we provide a convenient opportunity to apply to us for vacancies advertised via the form provided for this purpose. We use the personal data collected about you exclusively for the purpose of the application process. Alternatively, you can apply to us via the e-mail address published in the job advertisement. If we enter into an employment relationship after the application process has been completed, the purpose for processing the data in question changes: in this case, these will be used in the future to implement and maintain the employment relationship. The personal data of applicants whom we do not hire will be retained for possible legal claims (e.g. according to the General Act on Equal Treatment (AGG)) for the period required for this purpose (maximum 6 months) and then immediately destroyed or deleted.
Information on data security
We use technical and organisational measures to protect our website and other systems against the loss, destruction, sharing, modification or distribution of your data by unauthorised persons. We have also implemented SSL encryption (SHA256) on our website to protect your data. Despite regular checks, however, complete protection against all hazards is not possible.
Legal basis for processing
We process personal data in accordance with the provisions of the GDPR, depending on the type and purpose of the processing as follows:
Specification of GDPR
The duration of the storage of personal data depends on the respective statutory retention period after the discontinuation of the purpose. After expiry of this period, we delete the corresponding data, insofar as it is no longer required for contract fulfilment or contract initiation.
Obligation to provide personal data
Under certain conditions (e.g. due to legal or contractual regulations), you are obliged to provide us with your personal data. Examples of such processing are as follows:
We do not make automatic decisions or use any techniques to carry out profiling measures.
" Google Fonts"
In order to ensure that our fonts are displayed uniformly to you, we use the web fonts provided by Google; these are fonts stored by Google, which are downloaded from Google when you access our website and stored in your browser cache. As part of this process, an appropriate connection is established between your browser and the Google servers, which also gives Google insight into the fact that our website was accessed with your IP address. If your browser does not support Google web fonts, the standard fonts of your PC are used instead to display our page.
The controller for Google fonts within the meaning of the GDPR is Google Ireland Ltd, Gordon House,
Barrow Street, Dublin 4, Ireland.
We have integrated the Google Maps map service on our website; the interactive map displayed above provides you with a graphical overview of our location and, if necessary, the planning of your journey to us.
The controller for Google Maps within the meaning of the GDPR is Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland.