Avenga Germany GmbH
50667 Cologne, Germany
+49 (0) 221 84 630 0
Fax: +49 (0) 221 84 630 165
Represented by the management:
(hereinafter referred to as »Avenga Germany«)
Data protection officer:
Roderich Pilars de Pilar
IMPORTANT NOTE: The German version of this document governs our relationship – this translated English version is for convenience only and will not be interpreted to change the German version. For the German version, please visit this page.
1.2 Terms “personal data” or its “processing” refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).
1.3 The personal data of the users processed in the context of this online offer includes usage data (the visited websites of our online offer, access times), communication data (device IDs, IP addresses, location data, browser type and version, operating system used, website, from You visit us), content data (entries in the contact form) as well as applicant data (name, contact details, subject areas, application documents).
1.4 The term “user” covers all categories of persons affected by data processing. These include our business partners, customers, prospects, applicants and other visitors to our online offer. The terms used, such as “users” are to be understood gender-neutral.
1.5 We process personal data of users only in compliance with the relevant data protection regulations. This means that users’ data will only be processed if they have a legal permit. That is, especially if the data processing for the provision of our contractual services (eg processing of orders) as well as online services required or required by law, the consent of the user exists, as well as our legitimate interests (ie interest in the analysis, optimisation and economic Operation and security of our online offer within the meaning of Art. 6 (1) lit. GDPR, in particular in the range measurement, creation of profiles for advertising and marketing purposes as well as collection of access data and use of the services of third-party providers).
1.6 Please note that the legal basis of the consents Art. 6 para. 1 lit. a. and Art. 7 GDPR, the legal basis for the processing for the performance of our services and the performance of contractual measures Art. 6 para. 1 lit. b. GDPR, the legal basis for processing in order to fulfil our legal obligations Art. 6 para. 1 lit. c. GDPR, and the legal basis for processing in order to safeguard our legitimate interests Art. 6 para. 1 lit. f. GDPR is.
2.1 We take organisational, contractual and technical security measures in accordance with the state of the art to ensure that the provisions of the data protection laws are adhered to and in order to protect the data processed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorised persons.
2.2 The security measures include in particular the encrypted transmission of data between your browser and our server.
3.1 A transfer of data to third parties is only within the scope of legal requirements. We only pass on the data of the users to third parties if, for example, on the basis of Art. 6 para. 1 lit. b) GDPR is required for contract purposes or based on legitimate interests in accordance with Art. Art. 6 para. 1 lit. f. GDPR for efficient and effective operation of our business operations.
3.2 If we use subcontractors to provide our services, we will take appropriate legal precautions and appropriate technical and organisational measures to protect personal data in accordance with applicable law.
4.1 Based on our legitimate interests within the meaning of Art. 6 para. 1 lit. f. GDPR Data on every access to the server on which our website is located (so-called server log files). The access data includes the name of the retrieved web page, file, date and time of retrieval, amount of data transferred, message about successful retrieval, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address (anonymised) and the requesting provider.
4.2 Log File information is stored for security reasons (eg to investigate abusive or fraudulent activities) for a maximum of 30 days and then deleted. Data whose further retention is required for evidential purposes are excluded from the erasure until the final clarification of the incident.
4.3 For the hosting of our website we use a service provided by Avenga Germany GmbH, Bahnhofsvorplatz 1, 50667 Cologne. As part of the hosting, the IP address of the user (anonymous) in the form of log files to the Avenga Germany GmbH transferred, where it will be deleted after 2 months at the latest. It processes the data on our behalf in accordance with Art. 28 (3) sentence 1 GDPR.
5.1 Cookies are information transmitted by our web server or third-party web servers to users’ web browsers and stored there for later retrieval. Cookies can be small files or other types of information storage.
5.3 If users do not want cookies stored on their computer, they will be asked to disable the option in their browser’s system settings. Saved cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online offer.
6.2 Google is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European privacy legislation ( https://www.privacyshield.gov/ participant? Id = a2zt000000001L5AAI & status = Active ).
6.3 Google will use this information on our behalf to evaluate the use of our online offer by users, to compile reports on the activities within this online offering and to provide us with further services related to the use of this online offer and the internet usage. In this case, pseudonymous user profiles of the processed data can be created.
6.4 We only use Google Analytics with activated IP anonymization. This means that the IP address of the users is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address will be sent to a Google server in the US and shortened there.
6.5 The IP address submitted by the user’s browser will not be merged with other data provided by Google. Users can prevent the storage of cookies by setting their browser software accordingly; Users may also prevent the collection of data generated by the cookie and related to their use of the online offer as well as the processing of this data by Google by downloading and installing a browser plug-in available under the following link: http://tools.google .com / dlpage / gaoptout? hl = en .
6.6 For more information about Google uses data, settings and opposition opportunities can be found on the websites of Google: https://www.google.com/intl/de/policies / privacy / partners ( “How Google uses data when you use websites or apps our partners “), http://www.google.com/policies/ technologies / ads (” Use of data for promotional purposes “), http://www.google.com/settings/ads (” Managing information that Google uses, to show you advertising “).
7.1 When contacting us (via contact form or email), the information provided by the user to process the contact request and its processing acc. Art. 6 para. 1 lit. b) GDPR processed.
7.2 In order to process contact requests, we use “Salesforce”, which is CRM software by the provider salesforce.com Germany GmbH, Erika-Mann-Str. 3, 80636 Munich, Germany. You can view the provider’s Data Policy here: https://www.salesforce.com/de/company/privacy/.
8.1 By submitting your application via our website, the applicant agrees to the processing of his personal data as part of the recruiting process. This includes name, address, date of birth, phone number, e-mail address and any other data from the CV or other attachments. The data is stored during the process in our applicant management system Talention, a software of TFI GmbH, Delphiplatz 1, 42119 Wuppertal.
8.2 If the employment process is followed by the conclusion of a contract of employment, the data transmitted by the applicant may be stored in his personal file for the purpose of the normal organisational and administrative process, in accordance with the relevant legal provisions of the Avenga.
8.3 If the conclusion of the application process does not follow the conclusion of a contract of employment, the applicant’s data will be stored for 2 months and then deleted completely.
9.1 Avenga offers registered users the possibility of requesting exclusive editorial contents on the website by e-mail and to download them. In the scope of this registration, we store the user’s name, e-mail address, the company and the telephone number for our own advertising purposes as well as the sending out of these contents as per their express consent as defined by Section 6 Subsection 1 lit. a. and Section 7 GDPR.
9.2 To process registrations, we use”MailChimp”, a marketing automation platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. You can view the marketing automation platform’s data protection provisions here: https://mailchimp.com/legal/privacy/. The Rocket Science Group LLC d/b/a MailChimp is certified under the EU-US Privacy Shield and, due to this, provides a guarantee of observing the European level of data protection (https://www.privacyshield .gov/participant?id=a2zt0000000TO6hAAG&status=Active).
9.4 Use of HubSpot
Avenga uses Hubspot, a service of Hubspot Inc., on its websites for analysis purposes. Hubspot is headquartered in the USA and is certified under the EU-US Privacy Shield. A current certificate can be viewed here. “Cookies” or similar technologies (such as “web beacons”) are used, which are stored on your computer and enable us to analyze your use of our website. Hubspot evaluates the information collected (e.g. IP address, geographical location, type of browser, duration of visit and pages viewed) on behalf of Avenga in order to generate reports about the visit and the pages visited on the Avenga website. If you have registered on our website, Hubspot allows us to link a user’s visits to Avenga websites to personal data (above all name/email address) on the basis of a consent given, thus recording personal data and informing users individually and purposefully about preferred topics. For the same purpose, we link approved personal data with further information from freely accessible sources. Further information about the functionality of Hubspot can be found in the Hubspot Inc. data protection declaration under: http://legal.hubspot.com/de/privacy-policy.
10.1 For candidates who are not candidates in a specific application process Candidates or their profile does not fit into a current vacancy (hereinafter referred to as “candidates” ), there is the possibility of inclusion in a relationship database of Avenga (hereinafter referred to as “talent pool” ) , This is a database in which we store personal data of the candidate. This includes name, address, date of birth, phone number, e-mail address, and any other data from the CV or other attachments. The data is stored during the process in our applicant management system Talention, a software of TFI GmbH, Delphiplatz 1, 42119 Wuppertal.
10.2 The processing of these data takes place in accordance with the explicit consent of the candidate in accordance with Art. 6 para. 1 lit. a. and Art. 7 GDPR.
11.1 Users have the right, upon request, to obtain free information about the personal data that we have stored about them.
11.2 In addition, users have the right to correct inaccurate data, to restrict the processing and deletion of their personal data, if applicable, to assert their rights to data portability and, in the event of unlawful data processing, to lodge a complaint with the competent regulatory authority.
11.3 Likewise, users can revoke consent, generally with implications for the future.
12.1 On the basis of our legitimate interests (i.e. the interest in the analysis, optimisation and economic operation of our website as defined by Section 6 Subsection 1 lit. f. GDPR), within our website, we use offers of content and services by third-party providers such as embedding possibilities for recommending our website (hereinafter holistically called “contents”). This always presupposes that the third-party providers perceive the users’ IP address, because they could not send the contents to their browser without the IP address. The IP address is thus necessary for the presentation of these contents. We endeavour to only use such contents whose respective provider solely uses the IP address to send out the contents. Furthermore, third-party providers can use so-called pixel tags (invisible graphic images also called “web beacons”) for statistical or marketing purposes. Via the “pixel tags”, information such as visitor traffic on the pages of this website can be evaluated. The pseudonymous information can also be stored in cookies on the users’ device and contain, among others, technical information about the browser and operating system, referring websites, time of visit as well as other details on using our website, and can also be associated with such information from other sources.
12.2 The following provides an overview of third-party providers as well as their contents plus links to their Privacy Policies, which contain further information on the processing of data and, partially stated here, possibilities of revocation (so-called “opt-out”):
12.4 Our website uses functions of the network, LinkedIn. The provider is the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. When visiting one of our pages that contains functions of LinkedIn, a connection is established to servers of LinkedIn. LinkedIn is informed that you have visited our web pages with your IP address. If you click on the “Recommend-Button” of LinkedIn and are logged into your LinkedIn account, LinkedIn is able to assign your visit to our website to you and your user account. We must point out that we as the provider of the pages receive no knowledge of the content of the transmitted data nor of the use of it by LinkedIn. Data Policy of LinkedIn: https://www.linkedin.com/legal/privacy-policy, Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
13.1 The data stored by us will be deleted as soon as they are no longer necessary for their intended purpose and the deletion does not conflict with any statutory storage requirements. Unless the users’ data are deleted because they are required for other and legally permitted purposes, their processing will be restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to data of users who must be kept for commercial or tax reasons.
13.2 According to legal requirements the storage takes place for 6 years according to § 257 Abs. 1 HGB (trading books, inventories, opening balance sheets, annual accounts, trade letters, accounting documents, etc.) as well as for 10 years according to § 147 Abs. 1 AO (books, records, management reports, Accounting documents, commercial and business letters, documents relevant for taxation, etc.).
14.1 Users can revoke future processing of their personal data according to statutory regulations at any time. The revocation may, in particular, be directed towards processing for purposes of direct marketing.
For easier readability, a gender-specific representation, such as employee, is dispensed with. Appropriate terms apply in the sense of equal treatment, of course, for all genders.
The Company is fully committed to providing equality to individuals fairly and irrespective of age, disability, gender, gender reassignment, marital or civil partnership status, pregnancy or maternity, race including colour, ethnic or national origins and nationality, religion or belief or sexual orientation We aim to create a working environment that is free from discrimination and harassment in any form, in which all staff, [customers][and suppliers] are treated with dignity and respect.