General Information
Data protection is paramount to all remberg activities. A transparent process is very important to us when it comes to the way we process personal data. Compliance with German and European data protection regulations is a matter of course for us. With the following information, we would like to inform you about how we handle your personal data in detail:
1. Name and contact details of the data controller
The data controller responsible in accordance with the purposes of the General Data Protection Regulation (GDPR) and other data protection regulations is:
remberg GmbH
Siegfriedstr. 8
80803 München
089 21536192
info@remberg.at.www197.your-server.de
https://remberg.at/
2. Contact details of the data protection officer
The designated data protection officer is:
DataCo GmbH
Dachauer Str. 65
80335 München
Tel.: +49 (0) 89 7400 458 40
Website: www.dataguard.de
3. Legal basis for data processing
Customers and interested parties:
Processing of your personal data on the basis of consent: Art. 6 (1) (1) (a) GDPR in connection with Art. 5, 7 GDPR.
Processing for the purpose of performing the contract with you: Art. 6 (1) (1) (b) GDPR serves as the legal basis. This also applies to processing operations required to carry out pre-contractual activities.
Processing on the basis of legitimate interest: If the processing of data is necessary to safeguard the legitimate interests of our company or that of a third parties, and the fundamental rights and freedoms of the data subject do not outweigh the interest of the former, Art. 6 (1) (f) GDPR will serve as the legal basis for the processing of data. The legitimate interests pursued by us in this context – in addition to the purposes listed under b. – include:- To be able to inform you optimally about our products, offers and services by way of direct marketing;
- To be able to inform you optimally about our products, offers and services by way of direct marketing;
- In communicating with you, in particular to be able to answer your inquiries by e-mail, telephone and/or fax;
- In order to be able to carry out due diligence with our potential business partner.
The legal basis for processing activities in connection with the assertion, exercise or defense of legal claims is also our legitimate interest pursuant to Art. 6 (1) (1) (f) GDPR.
Applicants
Processing for the purpose of deciding on the establishment of an employment relationship with us Art. 88 GDPR. § 26 (1) in connection with. (8) S. 2 (Federal Data Protection Act)
Processing of your personal data on the basis of consent Art. 6 (1) (1) (a) GDPR in connection with Art. 5, 7 GDPR
Processing for the purpose of performing the contract with you Art. 6 (1) (1) (b) GDPR
This also applies to processing operations required to carry out pre-contractual activities
The legal basis for processing activities in connection with the assertion, exercise or defense of legal claims is also our legitimate interest pursuant to Art. 6 (1) (1) (f) GDPR.
4. Transfer of personal data to a third country
In principle, the personal data collected and generated during the provision of relevant products and services is stored on our servers in the European Union. Since the providers of our software solutions, among others, offer their products and/or services on a global basis based on available resources and servers, your personal data may be transferred to or accessed from other jurisdictions outside the European Union and the European Economic Area. In particular, personal data will be transferred to the third country USA within the meaning of Art. 15 (2) GDPR. In order to ensure the continuation of the necessary level of protection in the event of data transfer to a third country, contractual measures are agreed for this purpose. The software provider has its registered office in the United States of America, which has not been recognized as providing an adequate level of data protection. In order to ensure appropriate guarantees for the protection of the transfer and processing of personal data outside the EU, the transfer of data to and processing of data by our service providers is carried out on the basis of appropriate guarantees pursuant to Art. 46 ff GDPR, in particular by concluding so-called standard data protection clauses pursuant to Art. 46 (2) (c) GDPR.
5. Obligation to provide the data
Within the framework of the business relationship, you only have to provide those personal data that are necessary for the establishment, implementation and termination of the contractual relationship and the fulfillment of the associated contractual obligations or which we are legally obliged to collect (see in particular the standards listed under “3. c. ” listed standards).
Without this data, we will usually have to refuse to conclude the contract or carry out the order, or will no longer be able to carry out an existing contract and may have to terminate it.
Rights of the Data Subject
According to the General Data Protection Regulation, you have the following rights:
- If your personal data are processed, you have the right to receive information from the controller about your personal data which is stored (Art. 15 GDPR).
- If inaccurate personal data are processed, you have the right to rectification (Art. 16 GDPR).
- If the legal requirements allow, you can request the erasure or restriction of processing, and object to the processing (Art. 17, 18, and 21 GDPR).
- If you have consented to the data processing or if there is a data processing contract in place, and the data processing is performed with the aid of automated processes, you may have a right to data portability (Art. 20 GDPR).
- If you have consented, by means of a corresponding declaration, to the processing by the controller, you can withdraw this consent at any time with future effect. The lawfulness of the data processing carried out on the basis of the consent until the withdrawal will not be affected.
Furthermore, you have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR). The supervisory authority responsible for us is the data protection authority of Berlin. You can contact them at:
Protection Authority for the German state of Bavaria
Promenade 18, 91522 Ansbach
Postanschrift: Postfach 1349, 91504 Ansbach
Telefon: 0981/ 180093-0
Telefax: 0981/ 180093-800
E-Mail: poststelle@lda.bayern.de
Web: www.lda.bayern.de
If the legal requirements are met, you may object at any time on grounds relating to your particular situation to the processing of personal data relating to you which is carried out on the basis of Art. 6 (1) (e) or f GDPR (Art. 21 GDPR).You have the right to withdraw your consent at any time. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.
Processing of applicants’ data
Your personal data processed by us
In the context of applicants, we process the following personal data about you:
- First name and surname
- Salutation
- Email address
- Phone number
- Availability
- Expected salary
- All personal data contained in the application (curriculum vitae, cover letter, certificates, etc.)
Purposes of data processing
In the context of applicants, your personal data will be processed for the following purposes:
- Implementation of the application process and decision on the justification of an employment contract
- Communication (telephone, email, videotelephony)
- Implementation of pre-contractual measures (initiation of employment)
- Recording of applicants’ data in an applicant pool
- Assertion, exercise, or defense of legal claims resulting from the application process
Duration of the storage of the personal data
We store your personal data for as long as is necessary to make a decision about your application.
Insofar as an employment contract between you and us is not concluded, your personal data will be deleted six months after the termination of the application process.
Recipients or categories of recipients of the personal data
In the course of processing your personal data, we may disclose the personal data concerning you to the following recipients. We only transfer your personal data to external recipients if you have consented or if this is permitted by law. External recipients of your personal data are in particular:
- HubSpot Inc. – Cambridge, USA
- Google LLC – Mountain View, USA
- Breezy HR Inc. – Jacksonville, USA
- Personio GmbH – Munich, Germany
- Loom, Inc. – San Francisco, USA
- DocuSign Inc. – San Francisco, USA
In the case of processors and service providers outside the EU/EEA, your aforementioned personal data will only be processed to the extent that this is the subject of our data processing agreement pursuant to Art. 28 GDPR with these recipients.
Processing of customers’ and interested parties data
Your personal data processed by us
In the context of the existing customer and interested parties, we process the following personal data about you:
- First name and surname
- Salutation
- Position within the company
- Email-address
- Phone number
- All other personal data provided during remberg-client communication
Purposes of data processing
In the context of the existing customer and interested parties, your personal data will be processed for the following purposes:
- To process your inquiry – we use your contact data to be able to answer your request
- To prepare and carry out pre-contractual measures – this includes, for example, the preparation and sending of an individual offer or individual agreement and transmission of contractual conditions with the aim of concluding a contract
- To include your contact details in our customer database
- To fulfill our contractual obligations arising from the service contract with you
- To inform you about our products and services in the best possible way
- To ensure a smooth billing of the services provided. For this purpose, your personal data is processed in order to be able to issue invoices
- To comply with our legal obligations
- Establishing contact and providing assistance (email and telephone)
- For the purpose of sending newsletters, insofar as you have registered for our newsletter
- For the fulfillment of post-contractual measures
Recipients or categories of recipients of the personal data
In the course of processing your personal data, we may disclose the personal data concerning you to the following recipients. We only transfer your personal data to external recipients if you have consented or if this is permitted by law. External recipients of your personal data are in particular:
Customer and interested parties:
- HubSpot Inc. – Cambridge, USA,
- Google LLC – Mountain View, USA
- Microsoft Inc. – Redmond, USA
- Intercom R&D Unlimited Company – Dublin, Ireland
- Loom, Inc. – San Francisco, USA
- DocuSign Inc. – San Francisco, USA
- Celonis Deutschland GmbH – Munich, Germany
- Salesloft Inc. – Atlanta, USA
- Dealfront Group GmbH – Karlsruhe, Germany
In the case of processors and service providers outside the EU/EEA, your aforementioned personal data will only be processed to the extent that this is the subject of our data processing agreement pursuant to Art. 28 GDPR with these recipients.
Duration of the storage of the personal data
Your personal data will be erased or restricted as soon as the purpose of its storage has been accomplished. Additional storage may occur if it was provided for by the European or national legislator within the EU regulations, law, or other relevant regulations to which the data controller is subject. Restriction or erasure of the data also takes place when the storage period stipulated by the aforementioned standards expires, unless there is a need to prolong the storage of the data for the purpose of concluding or fulfilling the respective contract.
We reserve the right to make changes to this privacy policy at any time. The privacy policy is updated regularly, and all changes are automatically published on our website.
This privacy policy was prepared with the assistance of DataGuard.