Smart Digital GmbH
Weilimdorfer Str. 74/1
70839 Gerlingen, Germany
CEO: Thomas Vogt
Data Protection Officer
For all questions and concerns regarding the security of your data you can contact us at datenschutz(at)smart-digital.de.
If you have a particularly sensitive concern, please contact our Data Protection Officer by post as communication by e-mail can always have security gaps. Please indicate in your inquiry that your request involves the company Smart Digital GmbH.
External Data Protection Officer EU and UK
represented by Prof. Dr. Christoph Bauer
Grosse Bleichen 21
UK Representative Article 27 UK GDPR
If the data processing is subject to the UK GDPR and a UK Representative is required, this is:
DAS Europe Ltd
90-100 Southwark St
London, SE1 0SW
Personal data is all information about personal and factual circumstances of an identified or identifiable person.
This includes the following categories of personal data that we process:
- Contact and address information, if you provide us with your contact information (name, your address or other mailing address, telephone number, or your e-mail address)
- Your correspondence with us
- Information that you have submitted to us in the course of an application
- Information about your request
- Online identifiers (e.g. your IP address, browser type and version, the operating system used, the referrer URL, the file name, the access status, the amount of data transferred, the date and time of the server request)
- Log files with information about your visit to our website
- Social media identifiers
The processing of your data takes place on the following legal basis:
- Regarding data that you enter in forms, etc. or regarding plugins that you activate with your consent, Art. 6 para. 1 letter a) GDPR
- Regarding services that you use, to initiate or implement a contract with you, Art. 6 para. 1 lit. b) GDPR –
- In all other respects to implement our legitimate corporate interests, in particular with regard to statistical data and online identifiers, on the basis of legitimate interests, Art. 6 para. 1 lit. f) GDPR (see below)
When processing your data, we pursue the following legitimate interests:
- Improvement of our offer
- Protection against misuse
- Storing our correspondence with you
We process your data for the following purposes:
- If you want us to contact you
- When concluding contracts with you
- For advertising purposes
- For quality assurance
- For our statistics
Personal data is only collected by us if and to the extent and for the purpose for which you provide us with the data of your own accord, e.g. when contacting us via an online form.
We use and store your personal data in the context of our services for the following purposes only if you have expressly given us your consent to do so:
- Applicant management via our applicant management system Recruitee
We process your data only for the purpose of processing your application. The legal basis for the processing is Art. 6 para. 1 lit. b) GDPR. In the event of a successful application, the data provided by you may be further processed by us for the purposes of the employment relationship.
If we are unable to offer you a position or if you withdraw your application, we will store your data for a maximum of 6 months after the end of the application process in order to comply with the obligation to be able to provide evidence as required by the General Act on Equal Treatment (AGG).
Data transfer to recipients outside the European Economic Area
Data is transferred to countries outside the European Economic Area (EEA). We only transfer personal data to third countries where the EU Commission has confirmed an adequate level of protection or where we can ensure the careful handling of personal data through contractual agreements or other appropriate guarantees, such as certification or proven compliance with international security standards.
- USA (EU standard contractual clauses and additional security measures)
In order to ensure the technical functionality and presentation of our site, to clarify security incidents and to monitor technical faults or attacks, we collect the standard data required for this. You can use all areas of our website that do not require access authorization without having to disclose personal data.
When you access our site, so-called log files (activity protocols) are automatically transferred to our servers. As a rule, this will not be personal data and this information will not be mixed with other data processed by us.
- Date and time of the website visit
- Version of the HTTP protocol
- Type and version of the browser used
- Type of operating system
- Requested files
- Information about retrieved files and transferred data volume
- Anonymized IP address
- Error messages
- Activities on our website and accessed pages
- Amount of transferred data
- Source reference from which website you came to us
- Status code of a request
- Starting point of a request
- Access log file
- FTP log file
Duration of storage
We store your data,
- if you have consented to the processing, but only until you revoke your consent,
- if we need the data for the execution of a contract, but only as long as the contractual relationship with you exists or legal retention periods need to be observed,
- if we use the data on the basis of a legitimate interest, but only for as long as your interest in deletion or anonymization does not prevail,
- to comply with legal retention periods, e.g. commercial or tax retention obligations (e.g. German Commercial Code, German Tax Code) until the end of these retention periods.
We have taken extensive technical and organizational measures to protect your data against possible risks, such as unauthorized access or admission, unauthorized disclosure, modification or distribution, as well as against loss, destruction or misuse.
In order to protect your personal data from unauthorized access by third parties during transmission, we secure data transmissions using SSL encryption where necessary. This is a standardized encryption method for online services, especially for the web.
General information about cookies
A cookie is a text file with an identification number which, when the website is used, is transmitted to the user’s computer together with the other data actually requested and is stored there. The file is stored there for later access and is used to authenticate the user. Since cookies are only simple files and not executable programs, they pose no danger to the computer.
Already active cookies can be deleted at any time via an Internet browser or other software programs. We may work together with advertising partners who help us to make our Internet offer more interesting for you. For this purpose, cookies from partner companies may also be stored on your hard drive when you visit our website (third-party cookies).
Required cookies help to make a website usable by enabling basic functions such as page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
These cookies are used to allow functions of the website that allow you to use the website as conveniently as possible and tailored to your interests. Furthermore, the analysis of user behaviour also helps us to continuously improve the quality of our website.
We need the cookies for the following purposes:
|_ga||Third-party cookie||14 Months||Function: Analytics & Personalization. Google Analytics cookie to distinguish users.|
|_gat||Third-party cookie||1 Minute||Function: Analytics & Personalization. Google Analytics cookie to limit database queries.|
|_gid||Third-party cookie||1 Day||Function: Analytics & Personalization. Google Analytics cookie to distinguish users.|
|cli_user_preference||smart digital||1 Jahr||Function: Analytics & Personalization. Tracks cookie permissions for the current domain.|
|cookielawinfo-checkbox-analytics-personalisierung||smart digital||1 Year||Function: Analytics & Personalization. This cookie is set by the GDPR Cookie Consent plugin to store the user's consent to cookies in the category "Analytics & Personalization".|
|cookielawinfo-checkbox-necessary||smart digital||1 Year||Function: Analytics & Personalization. This cookie is set by the GDPR Cookie Consent plugin to store the user's consent to cookies in the category "Required cookies".|
|CookieLawInfoConsent||smart digital||1 Jahr||Function: Analytics & Personalization. The cookie is used to store the summary of consent given for cookie use. It does not store any personal data.|
|NID||Third-party cookie||6 Months||Function: Analytics & Personalization. This cookie is used by Google in connection with the use of Google ReCaptcha to protect the website from spam attacks.|
|qtrans_front_language||smart digital||1 Year||Function: Analytics & Personalization. This cookie is set by the qTranslate WordPress plugin. The cookie is used to manage the visitor's preferred language.|
As a matter of principle, we will only transfer your personal data to third parties if this is necessary to fulfill our contractual or legal obligations and to provide our services. When processing your data, we work with the following service providers who have access to your data:
- Providers of web analytics tools
- Providers of web hosting and web development services
- Service providers for IT development services
- Email and newsletter providers
- CRM system service providers
- Cloud services
- Providers of application management software
We have carefully selected these service providers and committed them to confidentiality and compliance with legal requirements.
We are legally obligated to transmit data to governmental authorities, e.g. tax authorities, supervisory authorities and law enforcement agencies.
In order to display fonts on our website, we use the Google Fonts service of Google Ireland Limited, Gordon House, 4 Barrow Street, Dublin, D04 E5W5, Ireland. When you visit our website, a connection is established with Google’s servers. Google also receives the information that you have visited our website with your IP address.
Google data protection regulations:
We use – like almost every website operator – analysis tools in the form of tracking software to determine the frequency of use and the number of users of our website.
We use HubSpot services for our
- E-mail marketing activities (newsletters and automated mailings, e.g. to inform about updates)
- Social media reporting (e.g. LinkedIn)
- Reporting (e.g. traffic sources, accesses, etc.)
- Contact management (e.g. user segmentation & CRM)
- Provision of websites/landing pages and contact forms
HubSpot is a software company from the USA with a branch in Ireland: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland. This allows us to effectively manage and control our e-mail marketing and contact management. Therefore, we process your first and last name and your e-mail address.
We use the Google Analytics service of Google Ireland Limited, Gordon House, 4 Barrow Street, Dublin, D04 E5W5, Ireland. Cookies are used to collect and analyze usage data on our website so that we can optimize and improve our offer. We use the anonymization extension “_anonymizeIp()” to anonymize the IP address.
You can object to the collection and storage of data by Google at any time with effect for the future. To do this, follow this link and install the add-on: https://tools.google.com/dlpage/gaoptout?hl=de
Social media plugins of the provider YouTube, which belongs to Google Ireland Limited, Gordon House, 4 Barrow Street, Dublin, D04 E5W5, Ireland (“Google”), are integrated on our website. When you visit our website, a connection is established with the YouTube servers. For this, we use the “Privacy-Enhanced Mode” provided by YouTube. According to YouTube, for example, the information that you have visited our website with your IP address is only transmitted to YouTube when you interact with the plugin (e.g. click on an embedded video). If you are logged in to YouTube, YouTube can associate your visit to our website with your user account. If you interact with an embedded video, for example, YouTube will assign it to your profile and save it. We have no influence on the scope and content of the data collected by YouTube.
To prevent the assignment of the collected data to your profile, you must log out of your account.
We use the reCaptcha service of Google Ireland Limited, Gordon House, 4 Barrow Street, Dublin, D04 E5W5, Ireland. The service determines whether the input into an Internet form is done by a bot or other automated processing or by a human. Your IP address, shortened for anonymization, and data required for reCaptcha are transmitted to Google, without being merged with other Google data.
To view the Google data protection regulations:
We offer you the opportunity to apply to us via our application portal.
For the organization and processing of the application process we use the services of Recruitee B.V., Johan Huizingalaan 763, (1066 VH) Amsterdam, The Netherlands (hereinafter referred to as „Recruitee“). If you click on “JOIN OUR TEAM” or on our job advertisements on our website, you will be redirected automatically to the Recruitee website.
You can also apply to us via Indeed.
In order to enable the “Apply via Indeed” functionalities, your personal usage data must be processed by Indeed Ireland Operations Limited, 124 St Stephen’s Green, Dublin 2, Ireland (here “Indeed”).
Social media plugins with Shariff
To protect your data in the best possible way, we use the Shariff data protection solution developed by the computer magazine c’t for the integrated social media plugins on our website.
The plugins provided by social networks generally collect and transmit your personal data even if you merely visit a website with integrated social media plugins and do not interact with the service. A user account with the networks is not necessary for this. However, if you have one and are logged in, the services can assign your visit to the user account.
The integration of Shariff prevents your data from being collected by social networks via the integrated plugins when you visit our website. Only when you actively interact with a social media plugin, such as by clicking a “Like” or “Share” button, a connection to the social network server will be established. This allows you to continue to use the buttons as usual.
You can find further information under:
Data subject rights
As a data subject, you have the following rights:
- To request information about the processing of your data and to receive a copy of your personal data. For example, you can request information about the purposes of the processing, the categories of personal data that are processed, the recipients of the data (if a transfer takes place), the duration of storage and the criteria for determining the duration;
- To obtain your personal data in a structured, commonly used and machine-readable format or to transfer the data to another person responsible;
- To correct your data. If your personal data is incomplete, you have the right to complete the data, taking into account the purposes of processing;
- To have your data deleted or blocked;
- To have the processing restricted;
- To object to the processing of your data;
- To revoke your consent to the processing of your data for the future, and
- to complain to the competent supervisory authority about unlawful data processing.
Requirement or obligation to provide data
Unless this is explicitly stated at the time of collection, the provision of data is not necessary or obligatory.
18 January 2022