Data Privacy Statement

I.  Introduction

We are happy you are visiting our website. We respect your privacy. As we give the highest priority to the protection of your personal data while using our website, we will inform you in this data privacy statement to what extent we process your data and for what purposes we use this data. Furthermore, we would like to inform you about your rights in this regard.


II.  General Information

In the following we inform you in accordance with Art. 13 DSGVO about the collection of personal data when using our website. Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behavior.
Responsible according to article 4 paragraph 7 of the EU data protection basic regulation (DSGVO) is
InTiCa Systems AG Spitalhofstraße 94 · 94032 Passau · Germany
www.intica-systems.com/imprint.
You can reach our data protection officer at: Bugl & Kollegen Gesellschaft für Datenschutz und Informationssicherheit mbH Eifelstraße 55 93057 Regensburg  E-Mail: kontakt@buglundkollegen.de


III.  Access to the Website

In the case of purely informational use of the website, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser sends to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website and to ensure stability and security:

  • IP address
  • Date and time of the request
  • Time zone difference to
  • Greenwich Mean Time (GMT)
  • Content of the request (concrete page)
  • Access status/HTTP status code
  • Amount of data transmitted in each case
  • Website from which the request comes
  • Browser
  • Operating system and its interface
  • Language and version of the browser software.

Due to our legitimate interest, we collect and store this data for a limited period of time in order to initiate a derivation to personal data in the event of unauthorized access or attempted access to local servers (Art. 6 para. 1 lit. f DSGVO).


IV.  Contact

a. Type and purpose of processing

The data you enter in the contact form will be stored for the purpose of individual communication with you. For this purpose, it is necessary to provide a valid e-mail address and your name. This is used for the assignment of the request and the subsequent response to the same. The provision of further data is optional. If you contact us by e-mail, the data you provide (e-mail address, your name and telephone number, if applicable) will also be processed for individual communication.

b. Legal basis of the processing

The processing of the data provided is based on a legitimate interest (Art 6 (1) lit. f DSGVO). By providing the contact form and our e-mail address, we would like to enable you to contact us in an uncomplicated manner. The information you provide will be stored for the purpose of processing the request and for possible follow-up questions. If you contact us to request a quote, the data entered will be processed for the purpose of carrying out pre-contractual measures (Art 6 (1) lit. b DSGVO).

c. Data categories

First and last name, e-mail, etc.

d. Recipients

Recipients of the data are internal employees of InTiCa Systems AG and, if applicable, order processors such as IT service providers.

e. Storage periods

Data will be deleted no later than 6 months after the request has been processed. If there is a contractual relationship, we are subject to the legal retention periods according to the German Commercial Code (HGB) and will delete your data after these periods have expired.

f. Legal / contractual requirement

The provision of your personal data is voluntary. However, we can only process your request if you provide us with your name, e-mail address and the reason for the request.

g. Third country transfer

Processing does not take place outside the European Union (EU) or the European Economic Area (EEA).

h. Automated decision making and profiling

As a responsible company, we do not use automated decision-making or profiling for this data processing.


V.  Hosting

The hosting services we use serve to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, e-mail dispatch, security services and technical maintenance services that we use for the purpose of operating this online service.
For this purpose, we or our hosting provider process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors of this online offer on the basis of our legitimate interests in an efficient and secure provision of this online offer in accordance with Art. 6 para. 1 lit. f DSGVO in conjunction with Art. 28 DSGVO (conclusion of contract processing agreement).


VI.  Use of Cookies

In addition to the previously mentioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive associated with the browser you are using and through which the body that sets the cookie (in this case by us) receives certain information. They are used to make the Internet offer as a whole more user-friendly and effective.

As a rule, a distinction is made between two categories of cookies: (a) essential cookies, without which the functionality of a website would be limited, and (b) optional cookies for the purposes of website analysis and marketing.

Since no optional cookies are used on our website, there is no need for consent and therefore no cookie banner. The use of essential (necessary) cookies is based on legitimate interest according to Art. 6 para. 1 lit. f DSGVO.


VII.  Your Rights

You have the following rights in relation to the personal data concerning you:

  • Right of access (Art. 15 DSGVO)
  • Right to rectification or erasure of personal data (Art. 16, 17 DSGVO)
  • Right to restriction of processing (Art. 18 DSGVO)
  • Right to communication in connection with the rectification or erasure of your personal data or the restriction of processing (Art. 19 DSGVO)
  • Right to data portability (Art. 21 DSGVO)
  • Right to object to processing (Art. 21 DSGVO)
  • Right to revoke declarations of consent given. The lawfulness of the data processing carried out until the revocation remains unaffected due to the consent valid to date (Art. 7 para. 3 DSGVO)
  • Right to lodge a complaint with a supervisory authority (Art. 77 DSGVO)

You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.
The responsible supervisory authority for data protection issues can be found under the following link.
www.bfdi.bund.de/EN/Service/Anschriften/Laender/Laender-node.html;jsessionid=C8B13E2CD50BFD279D967DA7BA4313C8.intranet212


VIII.  Use of information in the application process

a.    Type and purpose of processing

We process applicant data only for the purpose and within the scope of the application procedure in accordance with legal requirements. Applicant data is processed to fulfill our (pre)contractual obligations in the context of the application procedure, insofar as data processing becomes necessary for us, e. g. in the context of legal proceedings.
The application procedure requires applicants to provide us with applicant data. The necessary applicant data are marked, if we offer an online form, otherwise result from the job descriptions and basically include the personal details, postal and contact addresses and the documents belonging to the application, such as cover letter, resume and the certificates. In addition, applicants may voluntarily provide us with additional information. By submitting their application to us, applicants consent to the processing of their data for the purposes of the application process in the manner and to the extent set out in this privacy policy. If provided, applicants may submit their applications to us using an online form on our website. The data is transmitted to us in encrypted form in accordance with the state of the art. Furthermore, applicants can send us their applications via e-mail karriere@intica-systems.com. Please note, however, that e-mails are generally not sent in encrypted form and applicants must ensure that they are encrypted themselves. We can therefore not assume any responsibility for the transmission path of the application between the sender and the reception on our server and therefore recommend rather to use an online form or the postal dispatch. The data provided by applicants, may be further processed by us for the purposes of employment in the event of a successful application.

b.    Legal basis for processing

The processing of your data primarily serves the purpose of establishing the employment relationship in accordance with Article 88 (1) DSGVO in conjunction with Section 26 (1) BDSG.

c.    Data categories

Your master data (such as first name, last name, name affixes, date of birth) - if applicable, work permit / residence title - contact data (such as private address, (mobile) phone number, e-mail address) - skill data (e.g., special knowledge and skills) - if relevant for the advertised position: health suitability - other data from the application documents, e.g., references.

Insofar as special categories of personal data within the meaning of Art. 9 (1) DSGVO are voluntarily disclosed within the scope of the application process, their processing shall additionally be carried out in accordance with Art. 9 (2) lit. b DSGVO (e. g. health data, such as severely disabled status or ethnic origin).

d.    Recipients

Recipients of the data are internal employees of InTiCa Systems AG.

e.    Storage periods

Subject to a justified withdrawal by the applicant, the data will be deleted after a period of 6 month(s) so that we can answer any follow-up questions regarding the application and meet our obligations to provide evidence under the Equal Treatment Act. Invoices for any reimbursement of travel expenses will be archived in accordance with tax law requirements.

f.    Legal / contractual requirement

The provision of your personal data beyond the storage period, e. g. in order to be included in our applicant pool, is voluntary, based solely on your consent. You can withdraw this consent to store your personal data at any time with effect for the future.

g.    Third country transfer

Processing does not take place outside the European Union (EU) or the European Economic Area (EEA).

h.    Withdrawal of consent

If the application for a job offer is not successful, the applicants' data will be deleted. Applicants' data will also be deleted if an application is withdrawn, which applicants are entitled to do at any time. You can withdraw your consent to the storage of your personal data, beyond the storage period, at any time with effect for the future. You can notify us of your revocation at any time using the contact option provided at the beginning of this privacy notice.

i.    Automated decision-making and profiling

As a responsible company, we do not use automated decision-making or profiling for this data processing.


IX.  Social media presences

We maintain online presences within social networks in order to inform users active there about our services and to communicate directly via the platforms if they are interested. We are currently represented in the following networks:

facebook.com/pg/InTiCa-Systems-AG-114605074584226/

www.instagram.com/inticasystemsag/

All of our social media channels can only be accessed by visitors to the website via an external link. We do not use plugins or other interfaces on our website that the respective networks offer for embedding the offers on websites.

We have no influence on the data collection and its further use by the social networks. Thus, there is no knowledge about the extent to which, where and for how long the data is stored, to what extent the networks comply with existing deletion obligations, what evaluations and links are made with the data and to whom the data is passed on. We therefore expressly draw attention to the fact that user data (e. g. personal information, IP address) is stored by the operators of the networks in accordance with their data usage guidelines and used for business purposes.

We process the data of users in the social media presences insofar as they contact and communicate with us via, for example, comments or direct messages.
The legal basis for the processing of the user's data is Art. 6 (1) lit. b and f DSGVO.

Facebook
Instagram

You can access the social media network Facebook and also Instagram via external links on our website. All functions in the social media network are offered by Meta Platforms Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland. The channels are only accessible via an external link. If you are logged in with your own profile on Facebook or Instagram and call up our social media channel, Facebook can assign your visit to your logged-in profile. If you do not want your user account to be associated with your IP address, please log out of your Facebook or Instagram account before using our website.
For more information on the processing of your data, please refer to Facebook's privacy policy: facebook.com/privacy/explanation and to our privacy policy under point XII.

a. Type and purpose of processing

We appreciate your interest in our presence on TWITTER. We would like to give you an overview of what data is collected, used and stored by us there.

Social networks can generally analyze your user behavior comprehensively when you visit their website or a website with integrated social media content (e. g. like buttons or advertising banners). By visiting our social media presence on Twitter, numerous processing operations relevant to data protection are triggered. In detail:

If you are logged into your Twitter account and visit our social media presence, Twitter can assign this visit to your user account. However, your personal data may also be collected under certain circumstances if you are not logged in or do not have an account on Twitter. In this case, this data collection takes place, for example, via cookies that are stored on your terminal device or by recording your IP address. With the help of the data collected in this way, Twitter can create user profiles in which your preferences and interests are stored. In this way, you can be shown interest-based advertising inside and outside of Twitter. If you have an account on Twitter, the interest-based advertising can be displayed on all devices on which you are logged in or have been logged in. Please also note that we cannot track all processing operations on Twitter. Therefore, additional processing operations may be carried out by Twitter. For details, please refer to Twitter's terms of use and privacy policy.

b. Legal basis of the processing

The processing is carried out pursuant to Art. 6 para. 1 lit. f. DSGVO on the basis of our legitimate interest of contacting our customers. The analysis processes initiated by Twitter may be based on deviating legal bases to be specified by Twitter (e.g. consent within the meaning of Art. 6 (1) lit. a DSGVO).

c. Data categories

Please refer to Twitter's data protection information to find out which specific data is collected and how it is used.

Twitter: twitter.com/privacy

d. Recipients

    Employees of the IT department of your own company
    Twitter

e. Storage periods

After the end of the purpose and the end of the use of Twitter by us, the data collected in this context will be deleted.

f. Legal / contractual requirement

The provision of your personal data is voluntary. Without the provision of your personal data, we cannot grant you access to our offered content and services.

g. Third country transfer

Processing may also take place outside the European Union (EU) or the European Economic Area (EEA). To ensure the level of data protection in this third country, we have concluded the EU standard contractual clauses with the provider.

h. Withdrawal of consent

You can withdraw your consent to the storage of your personal data at any time with effect for the future. You can notify us of your withdrawal at any time using the contact option provided at the beginning of this privacy notice.

i. Automated decision-making and profiling

As a responsible company, we do not use automated decision-making or profiling for this data processing.


LINKEDIN

a. Type and purpose of processing

We appreciate your interest in our presence on LINKEDIN. We would like to give you an overview of what data is collected, used and stored by us there.

Social networks can usually comprehensively analyze your user behavior when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). By visiting our social media presence on LinkedIn, numerous data protection-relevant processing operations are triggered. In detail:

If you are logged into your LinkedIn account and visit our social media presence, LinkedIn can assign this visit to your user account. However, your personal data may also be collected under certain circumstances if you are not logged in or do not have an account on LinkedIn. In this case, this data collection takes place, for example, via cookies that are stored on your end device or by recording your IP address. With the help of the data collected in this way, LinkedIn can create user profiles in which your preferences and interests are stored. In this way, you can be shown interest-based advertising inside and outside LinkedIn. If you have an account on LinkedIn, the interest-based advertising may be displayed on all devices on which you are logged in or have been logged in. Please also note that we cannot track all processing operations on LinkedIn. Therefore, additional processing operations may be carried out by LinkedIn. For details, please refer to LinkedIn's terms of use and privacy policy.

b. Legal basis of the processing

The processing is carried out pursuant to Art. 6 para. 1 lit. f. DSGVO on the basis of our legitimate interest of contact possibilities to our customers. The analysis processes initiated by LinkedIn may be based on deviating legal bases to be specified by LinkedIn (e. g. consent within the meaning of Art. 6 (1) lit. a DSGVO).

c. Data categories

Please refer to LinkedIn's data protection information to find out which specific data is collected and how it is used:

LinkedIn: www.linkedin.com/legal/privacy-policy

d. Recipients

    Employees of the IT department of your own company
    LinkedIn

e. Storage periods

After the end of the purpose and the end of the use of LinkedIn by us, the data collected in this context will be deleted.

f. Legal / contractual requirement

The provision of your personal data is voluntary. Without the provision of your personal data, we cannot grant you access to our offered content and services.

g. Third country transfer

Processing does not take place outside the European Union (EU) or the European Economic Area (EEA).

h. Withdrawal of consent

You can withdraw your consent to the storage of your personal data at any time with effect for the future. You can notify us of your withdrawal at any time using the contact option provided at the beginning of this privacy notice.

i. Automated decision-making and profiling

As a responsible company, we do not use automated decision-making or profiling for this data processing.

Kununu
Xing

a. Type and purpose of the processing

We appreciate your interest in our presence on Kununu / Xing. We would like to give you an overview of what data is collected, used and stored by us there.

Social networks can usually comprehensively analyze your user behavior when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). By visiting our social media presence on Kununu / Xing, numerous data protection-relevant processing operations are triggered. In detail:

If you are logged into your Kununu / Xing account and visit our social media presence, Kununu / Xing can assign this visit to your user account. However, your personal data may also be collected under certain circumstances if you are not logged in or do not have an account on Kununu / Xing. In this case, this data collection takes place, for example, via cookies that are stored on your terminal device or by recording your IP address. With the help of the data collected in this way, Kununu / Xing can create user profiles in which your preferences and interests are stored. In this way, you can be shown interest-based advertising inside and outside Kununu / Xing. If you have an account on Kununu / Xing, the interest-based advertising may be displayed on all devices on which you are logged in or have been logged in. Please also note that we cannot track all processing operations on Kununu / Xing. Therefore, additional processing operations may be carried out by Kununu / Xing. For details, please refer to the terms of use and privacy policy of Kununu / Xing.

b. Legal basis of the processing

The processing is carried out pursuant to Art. 6 para. 1 lit. f. DSGVO on the basis of our legitimate interest of contact possibilities to our customers. The analysis processes initiated by Kununu / Xing may be based on different legal bases to be specified by Kununu / Xing (e.g. consent within the meaning of Art. 6 (1) lit. a DSGVO).

c. Data categories

Please refer to the data protection information of Kununu / Xing to find out which specific data is collected and how it is used:

Kununu: hhttps://privacy.xing.com/de/datenschutzerklaerung

d. Recipient

    Employees of the IT department of your own company
    Kununu / Xing

e. Storage periods

After the end of the purpose and the end of the use of Kununu / Xing by us, the data collected in this context will be deleted.

f. Legal / contractual requirement

The provision of your personal data is voluntary. Without the provision of your personal data, we cannot grant you access to our offered content and services.

g. Third country transfer

Processing does not take place outside the European Union (EU) or the European Economic Area (EEA).

h. Withdrawal of consent

You can withdraw your consent to the storage of your personal data at any time with effect for the future. You can notify us of your withdrawal at any time using the contact option provided at the beginning of this privacy notice.

i. Automated decision-making and profiling

As a responsible company, we do not use automated decision-making or profiling for this data processing.


X.  Facebook Data Privacy Statement

InTiCa Systems AG operates an online presence on Facebook, a so-called Facebook Fanpage. The following additional information on data processing applies to visits to our fan page. Information on data protection on Facebook in general can be found here (https://www.facebook.com/about/privacy/).

1. joint responsibility, contact details, company data protection officer:

We are jointly responsible with Facebook for the operation of our Facebook Fanpage pursuant to Art. 26 DSGVO. For this purpose, we have stipulated in an agreement with Facebook who fulfills which obligations with regard to data protection. This agreement can be accessed here (https://www.facebook.com/legal/terms/page_controller_addendum). Accordingly, Facebook is primarily responsible for providing the data subject with information about the joint processing and enabling him or her to exercise his or her data protection rights. Notwithstanding the above, we hereby inform you about your visit to our Fanpage.

Our contact details are:

InTiCa Systems AG
Spitalhofstraße 94 - 94032 Passau - Germany
info@intica-systems.com

You can contact Facebook at:

Meta Platforms Ireland Ltd.
4 Grand Canal Square,
Grand Canal Harbour,
Dublin 2, Ireland

You can reach Facebook online here (https://www.facebook.com/help/contact/2061665240770586)

You can reach our company data protection officer at:

Bugl & Kollegen Gesellschaft für Datenschutz und Informationssicherheit mbH
Alexander Bugl
Eifelstrasse 55
93057 Regensburg
E-mail: kontakt@buglundkollegen.de

You can reach Facebook's data protection officer at

www.facebook.com/help/contact/540977946302970.

2. collection and storage of personal data and the nature, purpose and use thereof:

a) Data collected by Facebook:

If you are a Facebook user, Facebook collects the data described in the Facebook Data Policy under "What types of information do we collect?". If you are not a Facebook user, cookies provided with identifiers, small text files, may still be stored in your browser, which enable so-called tracking of your user behavior.

As a rule, the user data during a visit to Facebook is also processed by Facebook for market research and advertising purposes. Based on the user behavior (including when visiting our Fanpage), complex user profiles are created, which Facebook can use to play personalized advertisements to the visitor within and outside of Facebook. More information on this can also be found in the Facebook data policy.

If you do not agree with this, you can object here (opt-out).

b) Data used by us ("Page Insights") and legal basis:

Facebook provides us with statistics and usage data that we can use to analyze the use of our Fanpage (so-called "Page Insights"). This enables us to continuously improve our offer on Facebook. We, as the operator, do not make any decisions regarding the processing of Insights data and any other information resulting from Art. 13 of the GDPR, such as storage duration of cookies on user devices. The primary responsibility under the GDPR for the processing of Insights Data lies with Facebook and Facebook fulfills all obligations under the GDPR with respect to the processing of Insights Data.

We as the site administrator have no other way, not even via user tracking, to evaluate user behavior on our fan page. It is also fundamentally not possible for us to identify the visitor to the Fanpage on the basis of the page insights. In particular, we have no right under the agreement to require Facebook to disclose individual visitor data. Identification is only possible for us if we are able to assign individual profile pictures to "Like" Page Views; however, this is only possible to the extent that our Fanpage has been marked with "Like" by the corresponding visitor and the "Like" Page Views is set to "public".

What information Facebook uses to create page insights can be found here.

The operation of the Faceboook fan page and the use of page insights serves our legitimate interest in effective external presentation and efficient communication with our customers and prospects. This interest justifies the operation of the page both to the legitimate interests of Facebook users, as well as to visitors to our fan page who do not have a Facebook account. Accordingly, the legal basis is Art. 6 para. 1 lit. f) DSGVO.

3. Transfer of data to third parties:

Data collected by Facebook is exchanged and processed within the entire Facebook group. The Facebook Group also includes, for example, Instagram, WhatsApp and Oculus. For example, information collected through Facebook is used to display personalized ads to users on Instagram, or information from WhatsApp is used to take action against accounts that send spam through WhatsApp on Facebook. This information can be found in the Facebook Data Policy under "How do Facebook companies work together?".

The processing of data by Facebook may involve the transfer of user data outside the European Economic Area (EEA), in particular the USA.

4. Right to object:

If your personal data is processed on the basis of legitimate interests pursuant to Article 6 (1) (f) DSGVO, you have the right to object to the processing of your personal data pursuant to Article 21 DSGVO, provided that there are grounds for doing so that arise from your particular situation or the objection is directed against direct marketing. In the latter case, you have a general right of objection, which is implemented by us without specifying a particular situation. If you would like to exercise your right of revocation or objection, it is sufficient to send an e-mail to info@intica-systems.com.

5. data subject rights:

You have the right to revoke your consent to us at any time. This has the consequence that we may no longer continue the data processing based on this consent for the future. Furthermore, you have the right to information according to Art. 15 DSGVO, the right to correction according to Art. 16 DSGVO, the right to deletion according to Art. 17 DSGVO, the right to restriction of processing according to Art. 18 DSGVO, as well as the right from data portability from Art. 21 DSGVO. Furthermore, you have the right to lodge a complaint with a competent data protection supervisory authority (Art. 77 DSGVO).

In principle, you can assert your data subject rights against Facebook as well as against us. Since only Facebook has direct access to your user data, you can most effectively assert your data protection rights against Facebook.