At WSW Software GmbH, privacy and data security are among our most important principles. WSW Software GmbH attaches great importance to the protection of your privacy and complies with all applicable data protection legislation. In the following, we explain how we process your personal data.
The data controller with responsibility for the collection, processing and use of your personal data within the meaning of the GDPR is:
WSW Software Gesellschaft mit beschränkter Haftung
Phone: +49 (0) 89 89 50 89-0
Fax: +49 (0) 89 89 50 89-190
CEO: Klaus Müer
Phone: +49 (0) 89 89 50 89-160
Insofar as we obtain the data subject's consent to process their personal data, Article 6 (1) (a) of the General Data Protection Regulation (GDPR) provides the legal basis.
We process your personal data for the purposes of the contract, whereby Article 6 (1) (b) GDPR provides the legal basis. This also applies to processing operations which serve the implementation of pre-contractual measures.
To the extent that it is necessary to process personal data in order to fulfill a legal obligation on the part of our company, Article 6 (1) (c) GDPR provides the legal basis.
In the event that vital interests of the data subject or any other natural person require the processing of personal data, Article 6 (1) (d) GDPR provides the legal basis.
Where the processing is necessary to safeguard the legitimate interests of our company, and provided that the interests, fundamental rights and freedoms of the data subject do not outweigh the former interests, then Article 6 (1) (f) GDPR provides the legal basis for the processing. Our interests in the processing include, in particular, ensuring the operation and security of the website, analyzing the usage of the website by visitors and simplifying the use of the website.
Types of processed data:
The data subjects are the visitors to – and users of – our online services. In the following, we also refer to the data subjects as "users".
Purpose of the processing
"Personal data" means any information relating to an identified or identifiable natural person (hereinafter "data subject"). A natural person is considered to be identifiable if they can be identified directly or indirectly, in particular by association with an identifier such as a name, identification number, location data, an online identifier (e.g., a cookie) or by means of one or more unique features which express the physical, physiological, genetic, psychological, economic, cultural or social identity of said natural person.
"Processing" means any process performed with or without the aid of automated procedures or any such process associated with personal data. This term covers a wide range of activities and covers virtually every type of interaction with data.
The "data controller" refers to the natural or legal person, public authority, institution or body which, either alone or in concert with others, decides on the purposes and means of the processing of personal data.
We have leased data centers for the purpose of providing and operating this website. These data centers possess various certifications, including ISO 27001.
The hosting services we use serve to provide the following services: infrastructure and platform services, computing capacity, disk space and database services, collateral and technical maintenance services, which we use to operate this online service.
In doing so, we (or our hosting provider) process the inventory data, contact data, content data, contract data, usage data, meta and communication data submitted by customers, interested parties and visitors to this website on the basis of our legitimate interest in making this online offer available in an efficient and secure manner in accordance with Article 6 (1) (f) GDPR in conjunction with Article 28 GDPR (conclusion of an order processing contract).
The data centers are located in the European Union. To the extent that personal data of EU citizens is stored in data centers outside the European Union, the respective data centers have established an equivalent level of protection via Privacy Shield or standard contractual clauses.
Unless specifically stated, we store personal data only for as long as necessary to fulfill the stated purpose.
If you wish to prevent additional cookies from being accepted by your browser, or to be notified when you receive new cookies, or if you wish to disable all cookies, please access the help function via your web browser's menu bar. You can disable or delete Flash cookies or similar features that are used by certain browser add-ons either by changing the settings of the respective browser add-on or by following the instructions on disabling them provided on the manufacturer's website.
2.2 Use of web fonts
In order to ensure that fonts are displayed consistently, this site uses so-called "web fonts" provided by MyFonts Inc., 600 Unicorn Park Drive, Woburn, MA 01801, United States. Whenever you access a web page, your browser loads the required web fonts into your browser cache in order to correctly display text and fonts.
In order to do this, the browser you are using must connect to the MyFonts servers. During this process, MyFonts is able to determine that our website was accessed from your IP address. Our use of MyFonts corresponds to our interest in ensuring of a consistent and attractive presentation of our online services. This constitutes a legitimate interest within the meaning of Art. 6 (1) (f) GDPR. If your browser does not support web fonts, a default font will be used by your computer.
Further information about MyFonts is available at:
2.3 Access data
WSW collects information about you when you use this website. We automatically collect information about your usage behavior and interactions with us, and record information about your computer or mobile device. We collect, store and use data each time you access our online service (so-called "server log files"). This access data includes the name and URL of the retrieved file, the date and time of the retrieval, the quantity of data transferred, a notification of successful retrieval, the browser type and version, the operating system, the referrer URL (i.e. the previously visited page), the IP address, and the requesting provider.
We do not use this log data to identify you or for other profiling purposes, and instead use it for statistical analysis for the purpose of operation, security and optimization of our online services, and also to anonymously determine the number of visitors to our website (traffic) as well as the extent and nature of your use of our website and services. This information enables us to analyze traffic, find and fix bugs, and improve our services. We reserve the right to check the log data retrospectively in cases where we have legitimate grounds to suspect unlawful use of our services on the basis of concrete evidence. We store IP addresses in the log files for a limited period and to the extent necessary for security purposes or for the provision of services or the billing of a service. We also store IP addresses if we have compelling reasons to suspect criminal activity in connection with the use of our website. We also save the date of your last visit (e.g., when registering, logging in, clicking links, etc.) as part of your account data.
The legal basis for this data processing is provided by Article 6 (1) (1) (f) GDPR. Our legitimate interest follows from the data collection purposes listed above.
2.4 Contact by E-Mail or Contat Form
Purpose, Legal Basis, and Justified Interest
The data you enter will be saved for the purpose of establishing personalized communication with you. Through the provision of a contact form, we make it easy for you to contact us. The information you provide will be saved for the purpose of processing your inquiry and for possible follow-up inquiries.
The data entered into the contact form are processed on the basis of a justified interest according to Article 6 (1) f of the GDPR.
If you get in touch with us to inquire about an offer, the data entered into the contact form will be processed for the implementation of pre-contractual measures as defined in Article 6 (1) b of the GDPR.
Recipient of the Data
Our website is maintained by a service provider who acts on our behalf as a commissioned processor.
If you send us an inquiry about an offer, the service providers we use may received data for this purpose, provided they require these data to fulfill their respective service.
All service providers are contractually obligated to treat your data in confidence.
Data will be deleted no later than 6 months after the inquiry has been processed. If a contractual relationship arises, we are legally bound to keep the data on file for up to ten years.
Necessity of Provision
The provision of personal data is not required by law or contractual agreement. However without it, the inquiry cannot be processed.
Information regarding your right of revocation can be found in Point 3.6 of this data privacy statement.
2.5 Registration for WSW Events
By registering, you are confirming that you agree to our data privacy conditions in relation to events.
The personal data you share on the event registration form and at event registrations will be used for the purposes of event registration and organization. We will only share your personal data with third parties if this is required for the organization of the event you are attending. The information requested is essential for your participation. Consent is given voluntarily and without prejudice to the right of revocation, with effect for the future, unless there are legal grounds to the contrary. Failure to provide consent, however, may mean that participation in the event in question will not be possible.
By registering, you declare that you consent to any image or sound recordings that may be made during the event being used as part of public relations activities. Photographs taken at an event may subsequently be published in printed products, on the WSW website and within its employee network. They will not be passed directly by WSW to third parties for other purposes. That said, however, we must point out that the photographs are freely available to view worldwide once published on the Internet. The reuse of these photographs by third parties therefore cannot be completely excluded. The declaration of consent applies from the date of registration up to the point at which you leave the event. This declaration of consent can be revoked at any time with effect for the future. Revocation means that any published photographs will be removed from the WSW website and no further photographs will be uploaded. The deletion of images from the website may take a few working days to complete following receipt of your revocation. If a group photograph is published, any later revocation by one individual will not generally lead to the imaging having to be removed.
Legal basis: The legal basis for processing of the data is your consent as defined under Section 6 (1) a of the General Data Protection Regulation (GDPR).
For further information on data subject rights, please refer to the following section under “3. Rights of data subjects”.
2.6 Access and reach measurement
WSW uses tracking pixel technology provided by wiredminds GmbH (www.wiredminds.de) for the purpose of analyzing visitor behavior. This involves the collection, processing and storing of data, which is used to create usage profiles under a pseudonym. Where possible and useful, these usage profiles are anonymized completely – cookies may be used for this purpose. Cookies are small text files that are stored in the visitor’s internet browser and used to recognize their internet browser. The collected data, which may also contain personal data, is sent to wiredminds or is collected directly by wiredminds. wiredminds may use information obtained during visits to the websites to create anonymized usage profiles. The data collected in this process will not be used to personally identify the website visitor without the data subject's explicit consent, nor will it be merged with personal data relating to the pseudonymized user. To the extent that IP addresses are recorded, they are immediately anonymized via deletion of the last number block.
You can prevent the collection of your data by wiredminds by clicking on the following link. An opt-out cookie will be stored on your device to prevent collection of your data when you visit this website:
The following data is processed via Matomo for the purpose of reach analysis:
Each user's IP address is anonymized before it is saved.
By clicking on the link below you can object to the collection of anonymized data by Matomo at any time with effect for the future. This will result in your browser saving a so-called "opt-out cookie", which will prevent Matomo from collecting session data. Please note, however, that deleting cookies also deletes the opt-out cookies, which will then have to be reactivated.
2.7 Google Analytics
On our behalf, Google will use this information in order to evaluate the use of our online services, to generate reports regarding the activities within these online services and to provide us with further services associated with the use of our online services and use of the Internet. Pseudonymized usage profiles may be created for users in this context from the processed data.
For us, Google Analytics is only used with active IP anonymization. This means that the user's IP address will be truncated by Google within member states of the European Union or other signatory states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA and truncated there.
The IP address transmitted by the user's browser is not merged with other data by Google. Users are able to prevent the storage of cookies using an appropriate setting in their browser software. They can also prevent the capture of the data generated by the cookie and data relating to their use of the online services by Google and Google's processing of these data by downloading and installing a browser plugin from the link below: http://tools.google.com/dlpage/gaoptout?hl=en.
If we request consent from a user, e.g. in the context of cookie consent, the legal basis for its processing is Article 6 (1) a of the GDPR. Otherwise, users’ personal data will be processed on the basis of our legitimate interests (i.e. out interest in the analysis, optimization and economic operation of our online services) pursuant to Article 6 (1) f of the GDPR.
Where data are processed in the USA, we point out that Google is certified under the Privacy Shield Agreement, thereby ensuring at the European Data Protection Act is upheld (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
Further information on Google's use of data, settings and revocation options can be found in Google's data privacy statement (https://policies.google.com/privacy) and in the setting for displaying on-screen adverts by Google (https://adssettings.google.com/authenticated).
Users’ personal data are deleted or anonymized after 14 months
Google Adwords Conversion Tracking
We use the service from Google Adwords to draw attention to our offers using advertising (known as Google Adwords) on external websites. Google Conversion Tracking is an analysis service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). In relation to the data from the advertising campaigns, we are able to see how successful the individual advertising activities are. We are therefore pursuing, based on Article 6 (1) f of the GDPR, the justified interest in efficient, economical and recipient-friendly services.
The advertising media mentioned above are supplied by Google via “Ad Servers”. To do this, we use Ad Server cookies that allow certain parameters for success measurement, such as the display of adverts or clicks by the user, to be quantified. If you access our website via a Google ad, Google Adwords will store a cookie on your PC. These cookies generally lose their validity after 30 days and should not, according to Google, be used to identify you personally. For this cookie, generally speaking, the analyzed values stored include the unique cookie ID, the number of ad impressions per placement (frequency), the last impression (relevant for post-view conversions), and opt-out information (marking that the user no longer wishes to be contacted).
These cookies allow Google to recognize your Internet browser. If a user visits certain pages on the website of an Adwords customer and the cookie stored on their computer has not expired, Google and we are able to recognize that the user has clicked on the ad and has been forwarded to this page. A different cookie is assigned to each Adwords customer. Cookies therefore cannot be tracked via the websites of Adwords customers. We do not collect or process any personal data in the advertising activities specified. Google provides us only with statistical analyses. Based on these analyses, we are able to determine which of the advertising activities used are particularly effective. We do not receive more detailed information regarding the use of advertising, and in particular users cannot be identified based on this information.
Due to the marketing tools used, your browser will automatically establish a direct connection with Google’s server. We have no influence on the scope or further use of the data collected through Google’s use of this tool, and therefore inform you in accordance with our understanding: Through the involvement of AdWords Conversion, Google receives information that you have viewed the relevant part of our Internet presence or have clicked on one of our ads. If you are registered for a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, it is possible that the provider will learn and store your IP address.
You can prevent participation in this tracking behavior in various ways:
• A corresponding setting in your browser software in particular will suppress the storage of third-party cookies, which means you will not receive any adverts from third parties
• By deactivating cookies for conversion tracking, by setting your browser so that cookies from the domain “www.googleadservices.com” are blocked, https://www.google.de/settings/ads. This setting is deleted if you delete your cookies.
• By disabling the interest-based adverts from provides that are part of the “About Ads” self-regulation campaign, visit http://www.aboutads.info/choice, with this setting being deleted if you delete your cookies.
• By permanently disabling them in your Firefox, Internet Explorer or Google Chrome browser by visiting http://www.google.com/settings/ads/plugin. We would like to make you aware that, in this case, you may not be able to use all of the functions of our website to their full extent.
The legal basis for processing your data is Article 6 (1) f of the GDPR. Further information provided by Google regarding data protection can be found here: http://www.google.com/intl/de/policies/privacy and https://services.google.com/sitestats/en.html. Alternatively, you can visit the website of the Network Advertising Initiative (NAI) at http://www.networkadvertising.org. Google declares that it has signed up to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
2.8 Online presence in social media
We maintain an online presence within social networks and platforms in order to communicate with customers, interested parties and users there, and to inform them about our services. When you access the respective networks and platforms, the terms and conditions and the data processing policies of the respective operators apply.
Integration of third-party services and content
On the basis of our legitimate interest (i.e. our interest in the analysis, optimization and economic operation of our online services within the meaning of Article 6 (1) (f) GDPR), we include content and services offered by third parties within our online services, e.g., for the purpose of integrating videos and/or fonts (collectively referred to as "content").
This always requires the user's IP address to be shared with the respective third-party providers, since they require the user's IP address in order to send the content to their browser. The user's IP address is therefore required for the presentation of this content. We endeavor only to use content whose respective providers will use the IP address exclusively for the purpose of delivering the respective content. Third parties may also use so-called "pixel tags" (invisible graphics, also referred to as "web beacons") for statistical or marketing purposes. These "pixel tags" can be used to evaluate specific information, such as visitor traffic on the pages of this website. This pseudonymous information may also be stored in cookies on the user's device and may include, but is not limited to, technical information about the respective browser and operating system, the referring web pages, the time of the visit, as well as other information regarding the use of our online services.
Within our online presence, functions and content may be integrated from the Facebook service, provided by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. This may include, for example, content such as images, videos, or text and buttons that allow users to share content from our online services within Facebook. If the users are members of the Facebook platform, Facebook is able to link their use of the aforementioned content and functions to their user profiles.
Facebook: Social network; service provider: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; Website: https://www.facebook.com.
Data privacy statement: https://www.facebook.com/about/privacy;
Privacy Shield (guarantee of a level of protection for data where data are processed in the USA): https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active;
Revocation option (opt-out): Settings for advertisements: https://www.facebook.com/settings?tab=ads;
Additional information on data protection: Agreement regarding the shared processing of personal data on Facebook pages: https://www.facebook.com/legal/terms/page_controller_addendum
Data privacy information for Facebook pages: https://www.facebook.com/legal/terms/information_about_page_insights_data.
If you do not wish Facebook to be able to associate your visit to our website with your user account, please log out of your Facebook user account first.
Measurement of User Interaction with our Fanpage
At https://www.facebook.com/wswsoftware/we use a Facebook Fanpage. Facebook provides us with insights regarding these fanpages. Page insights contain collated data that tell us how users are interacting with our fanpage. The page insights can be based on personal data which has been captured in relation to a visit or an interaction between people on or with our fanpage and its content. Together with Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (“Facebook Ireland”), we are jointly responsible under the terms of Art. 26 GDPR, for the processing of insights data and have signed an agreement with Facebook Ireland in this regard. You can find this at https://www.facebook.com/legal/terms/page_controller_addendum. The legal basis for our use of the Facebook Fanpage and page insights is a justified interest as defined in Article 6 (1) f of the GDPR, namely in relation to the fanpage the use of Facebook as a channel for information regarding our company and in relation to the Insights pages the better understanding of the interests of visitors to our fanpage in order to be able to address these interests in a targeted manner.
The "XING share button" is used on this website. When this button is activated, a short-term connection is established via your browser to the servers of XING SE ("XING"), which provide the "XING share button" functions (in particular, the calculation/display of the counter value). XING does not store any personal data about you when this website is accessed. In particular, XING does not store any IP addresses. In addition, no evaluation of your usage behavior takes place via the cookies used in connection with the "XING share button". The current data protection information regarding the "XING share button", as well as supplementary information, can be found on this website:
On our web pages, we use the plugin provided by the XING social network in the form of the "XING share button" and the "kununu" service. kununu is an application provided via the XING service. When you visit our web pages, a short-term connection is established by your browser to the servers of XING SE ("XING"), which provide the "XING share button" functions (in particular the calculation/display of the counter value).
If you do not want kununu to be able to associate your visit to our website with your user account, please log out of your kununu user account before accessing the respective content.
Our online services may include integrated functions and content provided by the LinkedIn service (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland). This may include, for example, content such as images, videos, or text and buttons that allow users to share content from our online services within LinkedIn. If the users are members of the LinkedIn platform, LinkedIn is able to link their use of the aforementioned content and functions to their user profiles.
LinkedIn is certified under the Privacy Shield agreement, which guarantees compliance with European data protection legislation:
We integrate videos hosted on the "YouTube" platform provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
The distribution service provider may retrieve the recipients' data in pseudonymous form, i.e. without assigning it to a user, in order to optimize or improve its own services, e.g., for technical improvements related to the distribution, the presentation of newsletters and/or for statistical purposes. However, the distribution service provider does not use the data submitted by our newsletter recipients in order to contact them directly, nor does it share this data with third parties.
If you wish to receive the newsletter offered on our website, we require your e-mail address. To ensure that you have consented to receive our newsletter, we use a "double-opt-in" procedure, during which the potential recipient can choose to be included in a distribution list. Afterwards, the user receives a confirmation e-mail via which they can confirm their newsletter subscription in accordance with the data protection legislation. The user's e-mail address will not be included in the distribution list until we receive this confirmation.
The newsletter will be sent on the basis of your consent in accordance with Article 6 (1) (a) GDPR.
The newsletters contain a so-called "web beacon", i.e. a pixel-sized file that is either retrieved from our server – or if we use a distribution service provider, from the latter's server – when you open the newsletter. As part of this retrieval process, technical information is collected, including information about your browser and system, as well as your IP address and the time of retrieval.
This information is used to improve the technical performance of the respective services based on their specifications and/or on the target audience and its reading habits on the basis of its location (which can be determined via the IP address) and/or the time of access. These statistical surveys also include a determination of whether/when the newsletters are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, neither we nor the distribution service provider (if used) endeavor to observe the behavior of individual users. The evaluations merely allow us to identify the reading habits of our users and to adapt our content to suit them, or to send them different content in line with their interests.
2.10 Webinars on the GoToWebinar platform
We use the GoToWebinar platform from LogMeIn Ireland Ltd, The Reflector, 10 Hanover Quay, Dublin 2, Ireland as a third-party webinar provider. The third party vendor has certified itself for the EU-US and Swiss-US privacy shield with respect to customer data. For more information about how the third party provider will handle your information, please visit https://www.logmeininc.com/de/legal/privacy and https://www.logmeininc.com/de/legal/privacy-shield.
When selecting third-party providers and their services, we always observe the legal requirements.
As part of our offer, data of communication participants are processed and stored on the servers of the third party provider, as far as they are part of communication processes with us. This data may include, in particular, registration and contact data, visual and vocal contributions, as well as entries in chats and shared screen content.
If users are referred to third-party providers, or their software or platforms, in the course of communication, business or other relations with us, the third-party providers may process usage data and metadata for security, service optimization or marketing purposes. We therefore ask you to observe the data protection notices of the respective third-party providers (see above).
Under the applicable laws, you have various rights regarding your personal data. If you wish to assert these rights, please send us your request by post or e-mail, clearly identifying yourself and using the contact details listed under points 1 and 1.1. As a data subject you have the following rights.
3.1 Right to information
You have the right to request information about your personal data that is processed by us. In particular, you may request information about the purposes of the processing, the category of personal data, the categories of recipients to whom your data has been disclosed, the planned retention period, your right of rectification, deletion, restriction of or objection to the processing, your right of appeal, the source of your data if it was not collected from us, and the existence of automated decision-making, including profiling, and if applicable, detailed information about this.
3.2 Right to rectification
You have the right to demand the immediate rectification of any incorrect personal data concerning you. In light of the stated purposes, you have the right to request the completion of any incomplete personal data concerning you, including by means of a supplementary statement.
3.3 Right to deletion ("right to be forgotten")
You have the right to ask us to delete your personal data without delay. Furthermore, we are obliged to delete your personal data immediately if one of the following reasons applies:
Where we have made personal information public and are required to delete it, we will implement appropriate measures – taking into account the available technology and implementation costs, including technical measures – to inform the respective data controllers processing your personal data that you have requested the deletion of any links to – or copies or replications of – said personal data.
3.4 Right to restrict processing
You have the right to ask us to restrict the processing of your personal data if one of the following conditions applies:
3.5 Right of data portability
You have the right to receive the personal data you have submitted to us in a structured, common and machine-readable format, and you have the right to transfer that information to another person without hindrance, provided that
In exercising your right to data portability pursuant to paragraph 1, you have the right to arrange for the personal data to be transmitted by us directly to another data controller, insofar as this is technically feasible.
3.6 Right of objection
You have the right, for reasons related to your personal situation, to object at any time to the processing of your personal data pursuant to the first sentence of Article 6 (1) (e) or (f) GDPR; this also applies to profiling based on these provisions. If you object, we will not process your personal data unless we can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or if the processing serves the purpose of enforcing, pursuing or defending against legal claims.
If your personal data is processed by us for the purpose of direct advertising, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling, to the extent that it is associated with such direct advertising.
3.7 Right to revoke your consent with regard to data protection
You have the right to revoke your consent to the processing of your personal data at any time.
3.8 Right of appeal to a supervisory authority
Should you believe the processing of your personal data to be unlawful, you have the right to appeal to a supervisory authority, in particular in the Member State of your place of residence, your place of work or the place of the alleged breach, in accordance with Article 77 GDPR.
A list of the supervisory authorities (for the non-public area) with addresses can be found at: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
4.1 Softgarden applicant portal
On our website, we offer you the opportunity to conveniently apply for a listed vacancy via a specially provided or linked portal. We use the application platform provided by softgarden e-recruiting GmbH, Tauentzienstrasse 14, 10789 Berlin.
Further privacy information about the softgarden portal is available via the following link: https://wsw-software.softgarden.io/de/data-security.
4.2 Video conferencing function Microsoft Teams
Applicant interviews via video conference
We use the Microsoft Teams platform from the Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (hereinafter referred to as “third party supplier”) to carry out applicant interviews via video conference. We observe the legal regulations when selecting third party suppliers and their services.
In this context, communication participant data is processed and stored on the third party supplier’s servers, provided it is part of the communication processes with us. This data may in particular include registration and contact data, visual and verbal contributions as well as entries in chats and shared screen content.
If users are referred to a third party provider or its software or platform as part of communication, business or other relations with us, the third party provider may process usage data and metadata for security, service optimization or marketing purposes. We therefore ask you to observe the third party provider’s data protection notice https://privacy.microsoft.com/de-de/privacystatement.
We only process personal data that the applicant provides us or that we receive in a permissible manner as part of the application process. At least the following personal data of the applicant is needed for the use of teams:
As part of the use, teams may process additional personal data. This depends on the settings selected and the content and functions used as part of the utilization. In this respect, the text entries from the applicant are processed in order to display them in the video conference or to log them. To display video and audio, data from the applicant’s end device microphone as well as from any video camera of the end device is processed according to the duration of the conference. Note: You can always switch off or mute the camera or microphone using the teams applications.
We endeavor to implement all technical and organizational security measures that are necessary to protect your personal data against unauthorized access and misuse at all times. We only process your personal data if we are able to do so in accordance with the applicable data protection legislation.
If personal data is stored or processed, the associated activities are carried out exclusively by certified data center operators (see "Hosting"). To ensure the security of your data during transmission, we use encryption technologies (such as SSL) over HTTPS. Our servers are protected by firewalls and antivirus software. Furthermore, back-up and recovery procedures as well as role and authorization concepts are a matter of course for us.
Our employees are obliged to observe the regulations of the GDPR and the German Federal Data Protection Act (BDSG) when handling data.
We do not conduct automated decision-making on the basis of the personal data we collect.
In principle, we use your personal data exclusively within our company.
If and to the extent that we engage third parties for the performance of contracts, they only receive transmitted personal data within the scope necessary to perform the corresponding service.
In the event that we outsource certain parts of the data processing ("order processing"), we contractually obligate our processors to use the personal data exclusively in accordance with the applicable data protection legislation and to ensure the protection of the data subject's rights.
In principle, you can visit our website without submitting any personal information. When you register to access our personalized member's area (customer login), our support staff will ask you to submit personal information, such as your name and e-mail address. All data and information relating to your identity will be stored on the server of WSW and its respective contractors; however only if you explicitly provide us with this information. This process is made visible to you and requires your explicit consent.
If you request a download link on our Qumbu product page (Link einfügen) for a free, 30-day trial versions, we only require your e-mail address for this.
If you request a quote for a license after the trial version expires, we will also request details of your business address as well as a contact name. All data and information relating to your identity will be stored on the WSW server, however only if you explicitly provide us this with this information. This process is made visible to you and requires your explicit consent.
• Scope of Processing of Personal Data
The data you enter in the form fields.
• Legal Basis for Processing Personal Data
According to Article 6 (1) b GDPR (implementation of pre-contractual measures or contractual fulfillment).
• Purpose of Data Processing
The data is processed for the purpose of handling your inquiry and thereby allowing us to fulfill the contract.
• Duration of Storage
The data will be deleted as soon as these are no longer required for the processing of orders and no further statutory storage periods apply. This will generally be after 10 years (cf. Section 147 (2) in conjunction with (1) Nos. 1, 4 and 4a of the tax code, Section 14b (1) of the VAT act).
• Right of Revocation
The right of revocation is based on the general regulations regarding the right of revocation and deletion under data protection law as set out in this data privacy statement under 3. Rights of the Affected Party.
Version date: August, 2019 / Version 2.0