Privacy Policy


The responsible body in terms of the data protection law, in particular the EU General Data Protection Regulation (DSGVO), is:

DEPRAG SCHULZ GMBH u. CO. KG
Carl-Schulz-Platz 1 | 92224 Amberg
Tel: +49 9621 371-0
Fax +49 9621 371-120

Email: info@deprag.de 

Managing Directors:
Dr. Erik Hallmann / Dr.-Ing. Rolf Pfeiffer


Your Affected Rights

You can exercise the following rights at any time by contacting our Data Protection Officer via the specified contact details:
• information about your data which we have stored and its processing,
• amendment of incorrect personal data,
• deletion of your data stored by us,
• restriction of data processing, if we are not yet allowed to delete your data due to legal obligations,
• objection to the processing of your data by us and
• data transference, if you have consented to data processing or have signed a contract with us.

If you have given us your consent, you can revoke it at any time with future effect.

You can contact your relevant regulatory authority at any time with a complaint. The relevant regulatory authority will depend on the federal state in which you are resident, work or where the alleged violation occurred. A list of the German regulatory authorities (for the non-public sector) and their addresses, can be found under the following link: https://www.bfdi.bund.de/DE/Service/Anschriften/anschriften_node.html

Purposes of data processing by the responsible body or third parties

We only process your personal data for the purposes stated in this privacy statement. We do not transfer your personal data to third parties for purposes other than those stated. We only transfer your personal data to third parties if:
•you have given your express consent,
•processing is required in order to complete a contract with you,
•processing is required to fulfil a legal obligation,
processing is required to protect legitimate interests and there is no reason to believe that you have an overriding legitimate interest in the non-disclosure of your information.

Deletion or blocking of data

We adhere to the basic principles of data avoidance and data economy. Therefore, we only store your personal data for as long as it is necessary to fulfil the purposes stated here, or as stipulated by the various storage periods provided for by the legislator. After the discontinuation of the respective purpose or expiry of these periods, the corresponding data will be routinely blocked or deleted according to the legal regulations.

 

1. Collection of general information when visiting our website

When you access our website, a cookie automatically collects information of a general nature. This information (server log files) contains, for example, the type of web browser and operating system used, the domain name of your internet service provider, or similar. This is all information which does not allow any conclusions to be drawn about your person.

This information is technically necessary so that the content which you have requested from our website can be provided correctly, and is mandatory when using the internet. It is specifically processed for the following purposes:
• to ensure trouble-free connection to our website,
• to ensure smooth use of our website,
• to evaluate system security and stability, as well as for
• additional administrative purposes.

The processing of your personal data is based on our legitimate interest for the purposes mentioned above for data collection. We do not use your information to draw conclusions about your person. The only recipient of the data is the responsible body and possibly the contract processor.

Anonymous information of this kind may be statistically evaluated by us in order to optimise our web presence and the underlying technology.

 

2. Cookies

Like many other websites, we also use so-called “cookies”. Cookies are small text files which are transferred from a website server to your hard-drive. In this way, we automatically receive certain data such as IP address, browser and operating system used, and your internet connection.

Cookies cannot be used to start programs or transfer viruses to a computer. Using the information gained from the cookies we are able to simplify navigation and allow for the correct display of our website.

Under no circumstances is the data collected by us transferred to third parties or used to create a link with your personal data without your consent.

Of course, in principle, you can also view our website without cookies. Internet browsers are usually set to accept cookies. You can, however, deactivate use of cookies at any time via your browser settings. Please use the help function of your internet browser to learn how to change the settings. Please be aware that deactivation of cookies may mean that certain website features do not function.

 

3. SSL encryption

To protect the security of your data during transference, we use state-of-the-art encryption techniques (e.g. SSL) via HTTPS.

 

4. Newsletter

On the basis of your express consent, we regularly send you our newsletter or similar information material via email to your email address provided.

Your email address is all we need for you to receive the newsletter. When registering for our newsletter the data provided by you is only used for this purpose. Subscribers may be informed by email about circumstances which are relevant for this service or the registration (for example, changes to newsletter delivery or technical concerns).

We require a valid email address for effective registration. To check that the registration is being carried out by the owner of the email address, we use the “double opt-in” procedure. We log the newsletter order, the sending of a confirmation email and the receipt of the requested answer. Addition data is not collected. The data is used exclusively for the delivery of the newsletter and is not passed on to third parties.

You can revoke your consent to the storage of your personal data and its use for delivery of the newsletter at any time. Each newsletter contains a corresponding link. Furthermore, you are also able to unsubscribe directly on this website or communicate your request to us via the contact details provided at the bottom of this data protection notice.

 

5. Contact form

If you have questions of any kind and contact us via email or contact form, you will have provided us with your voluntary consent for these purposes. In this case a valid email address, your name, prename and ZIP is required. This serves to allocate the inquiry and the subsequent answer. The specification of further details is optional. The details provided by you will be used for the processing of the inquiry and for any possible follow-up queries. As soon as your inquiry has been completed, your personal data is automatically deleted.

 

6. Use of Matomo

This website uses Matomo, an open source software for statistical analysis of user access. Matomo uses so-called cookies, i.e. text files which are stored on your computer and enable analysis of your use of the website.

The information generated by the cookie about your use of this website is stored on a server in Germany.

The IP address is anonymised immediately after processing and before storage. You have the option of preventing installation of cookies by changing your browser software settings. Please be aware that changing these settings, may mean that some features of this website no longer function.

You can decide here whether explicit web analysis cookies may be stored in your browser to allow the collection and analysis of statistical data by the website provider. If you decide against this, please click the following link to store the Matomo deactivation cookie in your browser.

7. Social media online presence

We maintain an online presence within social networks and platforms in order to communicate with customers, users and interested parties active therein and to inform them of our services.

We draw your attention to the fact that in this way, user data may be processed outside the European Union. This may pose a risk to users in such that e.g. the enforcement of user rights may be hampered. We would like to make it known that US providers certified under the Privacy Shield are obligated to meet the data protection standards of the EU.

Furthermore, as a rule, user data is processed for market research and advertising purposes. User profiles are generated on the basis of user behaviour and the inferred interests of users. The user profiles can be used to influence targeted advertisements which may correspond with the user’s interests, both within and outside the platforms. It is generally for these purposes that cookies are stored on computers, in which the user behaviour and interests of the user may be stored. Moreover, in the user profiles, data may be stored separately from the user devices (particularly if the user is a member of the specific platform and is logged in to the platform).

Processing of the user’s personal data is carried out on the basis of our justified interests for providing effective information and communication with users in accordance with Art. 6 Para. 1 lit. f. DSGVO. If a provider requests that the user gives permission for data processing (i.e. their consent by checking a box or confirming by clicking a button) the legal basis of processing is Art. 6 Para. 1 lit. a., Art. 7 DSGVO.

For a detailed statement of each type of processing and the options for objection (Opt-Out), we refer you to the following links with details of the providers.

We also wish to draw your attention to the fact that in the case of requests for information and the enforcement of user rights, these can most effectively be enforced directly with the providers. It is only the providers who have access to the user data and can take any appropriate measures and provide information. However, we will be happy to help if you require any assistance in this.

- Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) – Data privacy statement: https://www.facebook.com/about/privacy/, Opt-Out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.

- Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA) – Data privacy statement: https://twitter.com/de/privacy, Opt-Out: https://twitter.com/personalization, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active.

8. Google Web Fonts

This page uses so called Web Fonts made available by Google for the standardised portrayal of font styles. The Google Fonts are installed locally. No connection is made to Google servers.
 

9. Using Google Maps

This website uses Google Maps API to visually display geographic information. When using Google Maps, Google also collects, processes and uses data about the use of map features by visitors. For more information about Google's data processing, see the Google Privacy Notice. Here you can also change your personal privacy settings in the privacy center.

For detailed instructions on managing your own data related to Google products, click here.


10. Embedded YouTube videos

We embed YouTube videos on some of our websites. The corresponding plug-ins are operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit a page with a YouTube plug-in, a connection to the YouTube servers will be established. YouTube will be informed which pages you visit. If you are logged in to your YouTube account, YouTube can attribute the surfing habits to you personally. You can prevent this by logging out of your YouTube account beforehand.

If a YouTube video is started, the provider uses cookies which collect information about user behaviour.

Anyone who has deactivated the storage of cookies for the Google Ad program can expect that there are no such cookies even when watching YouTube videos. YouTube also stores non-personal usage information in other cookies. If you want to prevent this, you must block the storage of cookies in the browser.

For more information on data protection from “YouTube”, please see the provider’s privacy policy at: https://www.google.de/intl/de/policies/privacy/  

11. Privacy notice for online meetings and other forms of digital collaboration via Microsoft Teams as well as other "Microsoft Office 365" applications

The entity responsible for processing uses Microsoft Teams and other cloud based services from the "Microsoft Office 365" program library, to conduct telephone conferences, online meetings, video conferences and/or webinars as well as online training sessions and consultations facilitating digital collaboration (hereinafter: online meetings or digital collaboration).

Microsoft Teams and Microsoft Office 365
Microsoft Teams and Microsoft Office 365 are services of Microsoft Corp, One Microsoft Way in Redmond, WA 98052-6399.

You can view Microsoft’s privacy policy information below.

Privacy statement:
https://privacy.microsoft.com/de-de/privacystatement

Privacy notice for the use of MS Teams:
https://news.microsoft.com/de-de/datenschutz-und-sicherheit-in-microsoft-teams-nutzer/

Privacy topic with FAQs and contact details:
https://privacy.microsoft.com/de-DE/faq

The use of Microsoft Teams and Microsoft Office 365 is based on art. 6 para. 1 sentence 1 lit. f GDPR (lawfulness of processing).

DEPRAG SCHULZ GMBH u. CO. KG is the responsible entity for data processing directly related to the provision of “online meetings or digital collaboration”.

Use of Microsoft is dependent on the use of the relevant "Microsoft Office 365" service. For Microsoft Teams you only need to download the app. For other "Microsoft Office 365" services (with the exception of Microsoft Forms) you require an additional login and use of online apps in the browser.

Using Microsoft Teams you can participate in the conferences in the app via a link, the integrated Teams calendar or via the respective chat or Teams channel. If you do not wish to or cannot use the "Microsoft Teams" app, then the basic functions can also be used via a browser version which you can also find on the Microsoft Office 365 website. When using Microsoft Teams or Microsoft Office 365, various data types are processed. The scope of data also depends on the details you provide beforehand or when participating in an online meeting.

The following personal data is subject to processing: User details: First name, last name, telephone (optional), email address, password (if single sign in is not used), profile picture (optional), department (optional); online meta data: subject, description (optional), participant IP addresses, device/hardware information; For recordings (optional): MP4 file of all video, audio and presentation recordings, M4A file of all audio recordings, text file of online meeting chats; When dialling in via telephone: details of the incoming and outgoing telephone number, country name, start and end time. If necessary, further connection details such as the device IP address are stored; text, audio and video data: You have the option of using the chat, question or survey functions as well as other functions for uploading or downloading files such as images, sound, video or Office data in an online meeting if required. The data provided by you will only be used to such an extent that it is displayed in the online meeting and then made accessible to other participants during the meeting and if necessary, logged.

In order to allow the display of video footage and the playback of audio during the meeting, the data from your device’s microphone, as well any video camera of your end device will be processed. You can switch off or mute your camera or microphone yourself via the "Microsoft Teams" apps. In order to participate in an “online meeting” or enter the meeting room, you must provide your name as a minimum requirement.

The responsible entity uses Microsoft Teams, to conduct online meetings as well as Microsoft Office 365 to make additional Microsoft Cloud services available for means of digital collaboration. If online meetings should be recorded, this will be transparently communicated to you in advance and – where necessary – consent requested. When recording takes place, this is also displayed in Microsoft Teams. Chat content may also be logged by the processers if it is necessary to record the results of the meeting for minute taking purposes. This is however, not usually the case. In the case of webinars, questions posed by webinar participants may be processed for purposes of recording and debriefing.

If you are registered with Microsoft as a user or attend a conference as a guest, then reports about online meetings (meeting meta data, dial-in telephone data, webinar questions and answers and survey functions) may be saved in the corresponding Microsoft services until the end of the meeting or training activity or for up to one month thereafter.

Personal data provided in connection with participation in online meetings or digital collaborations on Microsoft Teams as well in “Microsoft Office 365” services provided by DEPRAG SCHULZ GMBH u. CO. KG is not passed on to third parties unless has always been intended for passing on. Please note that the content from online meetings or digital collaborations as well as personal meetings is often used to communicate information to customers, interested parties or third parties and is therefore intended to be passed on. The provider of Microsoft Office 365 (MS Teams) is necessarily informed of the above data in as far as it is included in the framework of our Data Protection Addendum with Microsoft.

Microsoft Teams and Microsoft Office 365 are services provided by US providers. The responsible entity has concluded a Data Protection Addendum with the provider which meets the requirements of art. 28 GDPR. Personal data is exclusively processed on servers within the European Union according to the information provided by the Microsoft Corporation. An adequate level of data protection is guaranteed as a result of the conclusion of the so-called EU standard contractual clauses with the Microsoft Corporation.


12. Data protection provisions relating to the application and use of MS Forms

The responsible entity regularly uses Microsoft Forms as part of Microsoft Office 365 for online surveys for the purpose of quality assurance of events. The surveys may be addressed in various ways (via hyperlink, QR code, embedded in the website or through email traffic). Participation in the surveys is voluntary and possible without user registration with Microsoft. Based on the survey results, anonymous evaluations are made by the processor which have no relation to the respondent. If personal data is specifically collected and processed via surveys, we will inform you separately in advance and request your consent where necessary.

13. Data protection declaration for the application and use of data by Zammad

For the processing of customer queries we use the email ticket system from Zammad GmbH, Marienstraße 11, 10117 Berlin (“Zammad”). If users send a contact query via mail through our website, this data is saved in the ticket system to facilitate processing in chronological order and to improve the service experience. Users can view the current processing status of their inquiry at any time using their allocated ticket number.

Personal data provided in the query, including name and email address, are saved and recorded in the Zammad software exclusively for the organisation of inquiries and their processing. We ensure that internally only those persons who need access can obtain access to this information. We treat personal data confidentiality and do not allow wider public access to the information. This data is also not used for marketing or profiling purposes as described in the GDPR.

The legal basis for the processing of this data is our legitimate interest in the efficient design of our customer service, the fastest possible response to your inquiry and the optimisation of our service in accordance with Article 6, Paragraph 1 lit f GDPR.

Your data is deleted after the processing of your inquiry. This is in such cases when it appears that the relevant subject matter has been dealt with and if there are no legal obligations to retain the information.

Further details about Zammad data protection can be found under the following link https://zammad.com/en/company/privacy
 


Change to our privacy policy

We reserve the right to modify this privacy policy so that it is always in compliance with the current legal requirements or to implement changes to our services in the privacy policy, e.g. when introducing new services. Your next visit will then be subject to the new data privacy policy.

Questions for our Data Protection Officer

If you have any questions about privacy, please send us an email or directly contact the person responsible for data protection in our company:

Bastian Blank
Carl-Schulz-Platz 1 | 92224 Amberg
Tel: +49 9621 371-208

Email: datenschutz@deprag.de

This privacy policy has been created using the activeMind AG privacy policy generator.