Data Privacy Policy

With this Data Privacy Policy we want to inform you about how we process personal data in connection with this website. The protection of your privacy is of utmost importance to us. Therefore, compliance with the legal requirements, including data protection, is a matter of course for us.

Contact

Smart Digital GmbH
Weilimdorfer Str. 74/1
70839 Gerlingen, Germany
info(at)smart-digital.de
CEO: Thomas Vogt

Data Protection Officer

For all questions and concerns regarding the security of your data you can contact us at datenschutz(at)smart-digital.de.

If you have a particularly sensitive concern, please contact our Data Protection Officer by post as communication by e-mail can always have security gaps. Please indicate in your inquiry that your request involves the company Smart Digital GmbH.

External Data Protection Officer EU and UK

ePrivacy GmbH
represented by Prof. Dr. Christoph Bauer
Grosse Bleichen 21
20354 Hamburg

UK Representative Article 27 UK GDPR
If the data processing is subject to the UK GDPR and a UK Representative is required, this is:

DAS Europe Ltd
90-100 Southwark St
London, SE1 0SW

Personal data

Personal data is all information about personal and factual circumstances of an identified or identifiable person.

This includes the following categories of personal data that we process:

  • Contact and address information, if you provide us with your contact information (name, your address or other mailing address, telephone number, or your e-mail address)
  • Your correspondence with us
  • Information that you have submitted to us in the course of an application
  • Information about your request
  • Online identifiers (e.g. your IP address, browser type and version, the operating system used, the referrer URL, the file name, the access status, the amount of data transferred, the date and time of the server request)
  • Log files with information about your visit to our website
  • Social media identifiers

Legal basis

The processing of your data takes place on the following legal basis:

  • Regarding data that you enter in forms, etc. or regarding plugins that you activate with your consent, Art. 6 para. 1 letter a) GDPR
  • Regarding services that you use, to initiate or implement a contract with you, Art. 6 para. 1 lit. b) GDPR –
  • In all other respects to implement our legitimate corporate interests, in particular with regard to statistical data and online identifiers, on the basis of legitimate interests, Art. 6 para. 1 lit. f) GDPR (see below)

Legitimate interests

When processing your data, we pursue the following legitimate interests:

  •  Improvement of our offer
  • Protection against misuse
  • Statistics
  • Marketing
  • Storing our correspondence with you

Intended purposes

We process your data for the following purposes:

  • If you want us to contact you
  • When concluding contracts with you
  • For advertising purposes
  • For quality assurance
  • For our statistics

Personal data is only collected by us if and to the extent and for the purpose for which you provide us with the data of your own accord, e.g. when contacting us via an online form.

We use and store your personal data in the context of our services for the following purposes only if you have expressly given us your consent to do so:

  • Applicant management via our applicant management system Recruitee

We process your data only for the purpose of processing your application. The legal basis for the processing is Art. 6 para. 1 lit. b) GDPR. In the event of a successful application, the data provided by you may be further processed by us for the purposes of the employment relationship.
If we are unable to offer you a position or if you withdraw your application, we will store your data for a maximum of 6 months after the end of the application process in order to comply with the obligation to be able to provide evidence as required by the General Act on Equal Treatment (AGG).

Data transfer to recipients outside the European Economic Area

Data is transferred to countries outside the European Economic Area (EEA). We only transfer personal data to third countries where the EU Commission has confirmed an adequate level of protection or where we can ensure the careful handling of personal data through contractual agreements or other appropriate guarantees, such as certification or proven compliance with international security standards.

  • USA (EU standard contractual clauses and additional security measures)

Log files

In order to ensure the technical functionality and presentation of our site, to clarify security incidents and to monitor technical faults or attacks, we collect the standard data required for this. You can use all areas of our website that do not require access authorization without having to disclose personal data.
When you access our site, so-called log files (activity protocols) are automatically transferred to our servers. As a rule, this will not be personal data and this information will not be mixed with other data processed by us.
Log files

  • Date and time of the website visit
  • Version of the HTTP protocol
  • Type and version of the browser used
  • Type of operating system
  • Requested files
  • Information about retrieved files and transferred data volume
  • Anonymized IP address
  • Error messages
  • Activities on our website and accessed pages
  • Amount of transferred data
  • Source reference from which website you came to us
  • Status code of a request
  • Starting point of a request
  • Access log file
  • FTP log file

Duration of storage

We store your data,

  • if you have consented to the processing, but only until you revoke your consent,
  • if we need the data for the execution of a contract, but only as long as the contractual relationship with you exists or legal retention periods need to be observed,
  • if we use the data on the basis of a legitimate interest, but only for as long as your interest in deletion or anonymization does not prevail,
  • to comply with legal retention periods, e.g. commercial or tax retention obligations (e.g. German Commercial Code, German Tax Code) until the end of these retention periods.

Data protection

We have taken extensive technical and organizational measures to protect your data against possible risks, such as unauthorized access or admission, unauthorized disclosure, modification or distribution, as well as against loss, destruction or misuse.
In order to protect your personal data from unauthorized access by third parties during transmission, we secure data transmissions using SSL encryption where necessary. This is a standardized encryption method for online services, especially for the web.

Cookies

General information about cookies
A cookie is a text file with an identification number which, when the website is used, is transmitted to the user’s computer together with the other data actually requested and is stored there. The file is stored there for later access and is used to authenticate the user. Since cookies are only simple files and not executable programs, they pose no danger to the computer.

Depending on the settings selected by the user in his Internet browser, the browser automatically accepts cookies. However, this setting can be changed and the storage of cookies deactivated or set in such a way that the user is notified as soon as a cookie is set. If the use of cookies is deactivated, some functions of the website may not be available or may only be available to a limited extent. You can prevent the setting of cookies by our website at any time by means of a corresponding setting in the Internet browser used and thus permanently object to the setting of cookies.

Already active cookies can be deleted at any time via an Internet browser or other software programs. We may work together with advertising partners who help us to make our Internet offer more interesting for you. For this purpose, cookies from partner companies may also be stored on your hard drive when you visit our website (third-party cookies).

Your settings for cookies for this website

We use cookies to help you get the most out of our website and to improve our communication with you. Make your personal preference here:
Always Enabled

Required cookies help to make a website usable by enabling basic functions such as page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

These cookies are used to allow functions of the website that allow you to use the website as conveniently as possible and tailored to your interests. Furthermore, the analysis of user behaviour also helps us to continuously improve the quality of our website.

We need the cookies for the following purposes:

CookieTypeDurationDescription
_gaThird-party cookie14 MonthsFunction: Analytics & Personalization. Google Analytics cookie to distinguish users.
_gatThird-party cookie1 MinuteFunction: Analytics & Personalization. Google Analytics cookie to limit database queries.
_gidThird-party cookie1 DayFunction: Analytics & Personalization. Google Analytics cookie to distinguish users.
cli_user_preferencesmart digital1 JahrFunction: Analytics & Personalization. Tracks cookie permissions for the current domain.
cookielawinfo-checkbox-analytics-personalisierungsmart digital1 YearFunction: Analytics & Personalization. This cookie is set by the GDPR Cookie Consent plugin to store the user's consent to cookies in the category "Analytics & Personalization".
cookielawinfo-checkbox-necessarysmart digital1 YearFunction: Analytics & Personalization. This cookie is set by the GDPR Cookie Consent plugin to store the user's consent to cookies in the category "Required cookies".
CookieLawInfoConsentsmart digital1 JahrFunction: Analytics & Personalization. The cookie is used to store the summary of consent given for cookie use. It does not store any personal data.
NIDThird-party cookie6 MonthsFunction: Analytics & Personalization. This cookie is used by Google in connection with the use of Google ReCaptcha to protect the website from spam attacks.
qtrans_front_languagesmart digital1 YearFunction: Analytics & Personalization. This cookie is set by the qTranslate WordPress plugin. The cookie is used to manage the visitor's preferred language.
viewed_cookie_policysmart digital1 StundeFunction: Analytics & Personalization. The cookie is set by the GDPR Cookie Consent plugin and is used to store whether the user has consented to the use of cookies or not. No personal data is stored.

Third-party services

As a matter of principle, we will only transfer your personal data to third parties if this is necessary to fulfill our contractual or legal obligations and to provide our services. When processing your data, we work with the following service providers who have access to your data:

  • Providers of web analytics tools
  • Providers of web hosting and web development services
  • Service providers for IT development services
  • Email and newsletter providers
  • CRM system service providers
  • Cloud services
  • Providers of application management software

We have carefully selected these service providers and committed them to confidentiality and compliance with legal requirements.
We are legally obligated to transmit data to governmental authorities, e.g. tax authorities, supervisory authorities and law enforcement agencies.

Google Fonts

In order to display fonts on our website, we use the Google Fonts service of Google Ireland Limited, Gordon House, 4 Barrow Street, Dublin, D04 E5W5, Ireland. When you visit our website, a connection is established with Google’s servers. Google also receives the information that you have visited our website with your IP address.

Google data protection regulations:
https://policies.google.com/privacy?hl=de

Web analysis

We use – like almost every website operator – analysis tools in the form of tracking software to determine the frequency of use and the number of users of our website.

Hubspot

We use HubSpot services for our

  • E-mail marketing activities (newsletters and automated mailings, e.g. to inform about updates)
  • Social media reporting (e.g. LinkedIn)
  • Reporting (e.g. traffic sources, accesses, etc.)
  • Contact management (e.g. user segmentation & CRM)
  • Provision of websites/landing pages and contact forms

HubSpot is a software company from the USA with a branch in Ireland: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland. This allows us to effectively manage and control our e-mail marketing and contact management. Therefore, we process your first and last name and your e-mail address.

More information about HubSpot’s data protection regulations.
More information from HubSpot regarding EU data protection regulations.

Google Analytics

We use the Google Analytics service of Google Ireland Limited, Gordon House, 4 Barrow Street, Dublin, D04 E5W5, Ireland. Cookies are used to collect and analyze usage data on our website so that we can optimize and improve our offer. We use the anonymization extension “_anonymizeIp()” to anonymize the IP address.

Google data protection regulations: https://policies.google.com/privacy?hl=de

You can object to the collection and storage of data by Google at any time with effect for the future. To do this, follow this link and install the add-on: https://tools.google.com/dlpage/gaoptout?hl=de

or https://chrome.google.com/webstore/detail/google-analytics-opt-out/fllaojicojecljbmefodhfapmkghcbnh?hl=de

YouTube

Social media plugins of the provider YouTube, which belongs to Google Ireland Limited, Gordon House, 4 Barrow Street, Dublin, D04 E5W5, Ireland (“Google”), are integrated on our website. When you visit our website, a connection is established with the YouTube servers. For this, we use the “Privacy-Enhanced Mode” provided by YouTube. According to YouTube, for example, the information that you have visited our website with your IP address is only transmitted to YouTube when you interact with the plugin (e.g. click on an embedded video). If you are logged in to YouTube, YouTube can associate your visit to our website with your user account. If you interact with an embedded video, for example, YouTube will assign it to your profile and save it. We have no influence on the scope and content of the data collected by YouTube.

Google Data Privacy Policy:  https://policies.google.com/privacy?hl=de

To prevent the assignment of the collected data to your profile, you must log out of your account.

reCAPTCHA

We use the reCaptcha service of Google Ireland Limited, Gordon House, 4 Barrow Street, Dublin, D04 E5W5, Ireland. The service determines whether the input into an Internet form is done by a bot or other automated processing or by a human. Your IP address, shortened for anonymization, and data required for reCaptcha are transmitted to Google, without being merged with other Google data.

To view the Google data protection regulations:
https://policies.google.com/privacy?hl=de

Recruitee

We offer you the opportunity to apply to us via our application portal.
For the organization and processing of the application process we use the services of Recruitee B.V., Johan Huizingalaan 763, (1066 VH) Amsterdam, The Netherlands (hereinafter referred to as „Recruitee“). If you click on “JOIN OUR TEAM” or on our job advertisements on our website, you will be redirected automatically to the Recruitee website.
When you visit the Recruitee website, Recruitee automatically collects personal access data. This includes the requesting device, the web browser used, the operating system, the IP address, the website from which you came and your behavior on the Recruitee website. If you decide to submit an application, the data you enter there will also be transmitted to Recruitee. For more information about how Recruitee protects your personal data, please see the Recruitee privacy policy under

https://recruitee.com/de/privacy

Indeed

You can also apply to us via Indeed.
In order to enable the “Apply via Indeed” functionalities, your personal usage data must be processed by Indeed Ireland Operations Limited, 124 St Stephen’s Green, Dublin 2, Ireland (here “Indeed”).
When you apply for any of our vacancies through the Indeed portal, Indeed collects your CV and other application documents and information that you provide on a voluntary basis. This data is made available to us for verification. This allows you to share with us the information Indeed holds about you and, for example, provide us with your CV stored by Indeed. You can view Indeed’s terms of use here:
https://de.indeed.com/legal and Indeed’s Privacy Policy here: https://hrtechprivacy.com/de/brands/about-indeed#privacypolicy.
To make this feature available to you, we have included the “Apply via Indeed” button on our Recruitee website. Even if you don’t use this feature, Indeed will still process personal information because your IP address is already transmitted to Indeed when the button is displayed. Indeed may also use cookies.

Social media plugins with Shariff

To protect your data in the best possible way, we use the Shariff data protection solution developed by the computer magazine c’t for the integrated social media plugins on our website.
The plugins provided by social networks generally collect and transmit your personal data even if you merely visit a website with integrated social media plugins and do not interact with the service. A user account with the networks is not necessary for this. However, if you have one and are logged in, the services can assign your visit to the user account.
The integration of Shariff prevents your data from being collected by social networks via the integrated plugins when you visit our website. Only when you actively interact with a social media plugin, such as by clicking a “Like” or “Share” button, a connection to the social network server will be established. This allows you to continue to use the buttons as usual.
You can find further information under:
https://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz

and under

https://www.heise.de

Data subject rights

As a data subject, you have the following rights:

  • To request information about the processing of your data and to receive a copy of your personal data. For example, you can request information about the purposes of the processing, the categories of personal data that are processed, the recipients of the data (if a transfer takes place), the duration of storage and the criteria for determining the duration;
  • To obtain your personal data in a structured, commonly used and machine-readable format or to transfer the data to another person responsible;
  • To correct your data. If your personal data is incomplete, you have the right to complete the data, taking into account the purposes of processing;
  • To have your data deleted or blocked;
  • To have the processing restricted;
  • To object to the processing of your data;
  • To revoke your consent to the processing of your data for the future, and
  • to complain to the competent supervisory authority about unlawful data processing.

Requirement or obligation to provide data

Unless this is explicitly stated at the time of collection, the provision of data is not necessary or obligatory.

Last update of this Data Privacy Policy

18 January 2022
We reserve the right to change this Data Privacy Policy at any time with effect for the future.