Thank you for your interest in PTXRE. Protecting your personal data is very important to us. Below you will find information on how we handle the data collected through your use of PTXRE. The processing of your data is carried out in accordance with the statutory data protection regulations.
PTXRE GmbH
Junghofstraße 24
60311 Frankfurt (Main)
+49 89 262 010 020
PROLIANCE GmbH / www.datenschutzexperte.de
Data Protection Officer
Leopoldstr. 21
80802 München
datenschutzbeauftragter@datenschutzexperte.de
When contacting the Data Protection Officer, please state the company to which your inquiry refers. Kindly refrain from including any sensitive information, such as a copy of your ID, with your request.
This website is hosted by an external service provider (host). Personal data collected on this website is stored on the host’s servers. Such data may include, in particular, IP addresses, contact requests, metadata and communication data, website access data, and other data generated via a website.
We collect this data in order to ensure the smooth establishment of a connection to the website and the technically error-free provision of our services. The processing of this data is strictly necessary to make the website available to you. The legal basis for the processing is our legitimate interest in the correct presentation and functionality of our website pursuant to Art. 6 (1) lit. f GDPR.
We have concluded a data processing agreement with the provider in accordance with Art. 28 GDPR, obliging them to protect the data of our customers and not to disclose it to third parties.
For the creation and hosting of our website, we use the services of Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA.
Description of data processing and purpose
Webflow is a tool for creating and hosting websites. We use these services to make our website available to you. Personal data collected on this website is stored on the host’s servers. This may include, in particular, IP addresses, contact requests, metadata and communication data, website access data, log files, and other data generated via a website.
In addition, Webflow stores cookies or other recognition technologies that are necessary for the display of the site, the provision of website functions, and to ensure security (technically necessary cookies).
We use Webflow for the purpose of creating and providing our online presence.
Legal basis for data processing
Insofar as we use cookies and similar technologies in connection with the integration of the service, or insofar as data is stored on or accessed from your device by the service, this is carried out in accordance with Section 25 (2) TDDDG. Any subsequent data processing is based on Art. 6 (1) sentence 1 lit. f GDPR. Our legitimate interest lies in technically improving our website and making our online presence available efficiently.
Recipients
In the context of using the service, the data collected via our website is transmitted to the following recipients:
Data processing in third countries
When using the service, your data may also be processed in countries outside the European Union (EU) and the European Economic Area (EEA), i.e. in third countries, in particular in the USA. For data transfers to the USA, an adequacy decision of the EU Commission pursuant to Art. 45 (1) GDPR exists with regard to companies certified under the EU-U.S. Data Privacy Framework. Webflow, Inc. is certified under the EU-U.S. Data Privacy Framework and is therefore committed to complying with appropriate data protection standards. Certification can be verified at the following link: Participant Search (dataprivacyframework.gov).
In cases where your data is transferred to other third countries for which no adequacy decision exists, there is a risk that local authorities may access your data for security and monitoring purposes without informing you or allowing you to seek legal remedies. To ensure an adequate level of data protection for transfers to such third countries, the European Commission’s Standard Contractual Clauses pursuant to Art. 46 (2) lit. c GDPR are used. These clauses obligate the recipient to process the data in accordance with the European level of protection.
Where the Standard Contractual Clauses alone are not sufficient to guarantee the required level of protection, additional technical, contractual, and/or organizational measures are implemented to secure the transfer. In addition, it is regularly reviewed and assessed whether these additional measures continue to ensure an adequate level of protection or whether further supplementary measures may be required.
Storage period
By using the services, data is transmitted to the recipients mentioned above and processed there for as long as is necessary to achieve the purpose described above.
Description of data processing and purpose
To ensure the protection of our website against attacks, we use the services of Cloudflare Inc., 101 Townsend St, San Francisco, CA 94107, USA. Cloudflare’s DDoS protection is a service that prevents or mitigates so-called Distributed Denial-of-Service (DDoS) attacks, where web servers are overloaded by numerous simultaneous requests. The service allows us to filter out, in real time, requests from IP addresses used for such attacks or where there is a corresponding suspicion. This ensures the uninterrupted operation of our website. For this purpose, the IP address of the connection through which our website is accessed is processed.
Legal basis for data processing
Insofar as we use cookies and similar technologies in connection with the integration of the service, or insofar as data is stored on or accessed from your device by the service, this is carried out in accordance with Section 25 (2) TDDDG. Any subsequent data processing is based on Art. 6 (1) sentence 1 lit. f GDPR. Our legitimate interest lies in efficiently protecting our website against DDoS attacks.
Recipients
In the context of using the service, the data collected via our website is transmitted to the following recipient:
Cloudflare Inc., 101 Townsend St, San Francisco, CA 94107, USA.
Data processing in third countries
When using the service, your data may also be processed in countries outside the European Union (EU) and the European Economic Area (EEA), i.e. in third countries, in particular in the USA. For data transfers to the USA, an adequacy decision of the EU Commission pursuant to Art. 45 (1) GDPR exists with regard to companies certified under the EU-U.S. Data Privacy Framework. Cloudflare Inc. is certified under the EU-U.S. Data Privacy Framework and is therefore committed to complying with appropriate data protection standards. Certification can be verified at the following link: Participant Search (dataprivacyframework.gov).
In cases where your data is transferred to other third countries for which no adequacy decision exists, there is a risk that local authorities may access your data for security and monitoring purposes without informing you or allowing you to seek legal remedies. To ensure an adequate level of data protection for transfers to such third countries, the European Commission’s Standard Contractual Clauses pursuant to Art. 46 (2) lit. c GDPR are used. These clauses obligate the recipient to process the data in accordance with the European level of protection.
Where the Standard Contractual Clauses alone are not sufficient to guarantee the required level of protection, additional technical, contractual, and/or organizational measures are implemented to secure the transfer. In addition, it is regularly reviewed and assessed whether these additional measures continue to ensure an adequate level of protection or whether further supplementary measures may be required.
Storage period
By using the service, data is transmitted to the above-mentioned recipient and processed there for as long as is necessary to achieve the purpose described above.
Description of data processing and purposeWhen you access our website, it is technically necessary for data to be transmitted from your internet browser to our web server. The following data is recorded during an active connection between your internet browser and our web server:
We collect this data to ensure the smooth establishment of a connection to the website and the technically error-free provision of our services. The processing of this data is strictly necessary in order to make the website available to you. The log files are also used to evaluate system security and stability as well as for administrative purposes.
Legal basis for data processing
The legal basis for the processing of the data is our legitimate interest in protecting and ensuring the functionality of our website pursuant to Art. 6 (1) sentence 1 lit. f GDPR.
Storage period
For technical security reasons, in particular to prevent attempted attacks on our web server, this data is stored by us for a short period of time. After no more than 7 days, the data is anonymized by truncating the IP address at domain level so that it is no longer possible to establish a link to an individual user. In anonymized form, the data may also be processed for statistical purposes. This data is not stored together with other personal data of the user, compared with other data sources, or shared with third parties at any time.
By using our website, information may be accessed on your end-user device (e.g., IP address) or information may be stored on your device (e.g., cookies). Such access or storage may be associated with further processing of personal data within the meaning of the GDPR.
Where such access or storage of information is strictly necessary for the technically error-free provision of our services, it is carried out on the basis of Section 25 (1) sentence 1 and Section 25 (2) no. 2 TDDDG. Where such access or storage serves other purposes (e.g., to design our website according to user needs), it is carried out on the basis of Section 25 (1) TDDDG only with your consent pursuant to Art. 6 (1) lit. a GDPR. Consent can be withdrawn at any time with effect for the future.
For the processing of your personal data, the provisions of the GDPR and the German Federal Data Protection Act (BDSG) apply. Further information on the processing of your personal data and the relevant legal bases in this context can be found in the following sections describing the specific processing activities on our website.
We use services on this website that deploy cookies and similar technologies to store data in your browser and to read previously stored data. These may include cookies, your browser’s local storage, pixels, and so-called tags.
Cookies are small text files that can be stored on and read from your device. A distinction is made between session cookies, which are deleted once you close your browser, and persistent cookies, which are stored for a specific period of time beyond a single browsing session.
In addition to cookies, we may use your browser’s local storage to save and retrieve data. We may also integrate pixels into our website. Pixels are small, individualized image files that are loaded when a page is accessed and can be used to track user activities. Finally, we may use tags on our website. Tags are small HTML or JavaScript code fragments or markers that allow services for website analytics or user tracking to distinguish or identify users and to track specific user activities.
Further information about the cookies and similar technologies we use can be found in the descriptions of the cookie categories below and in our consent management banner, which is displayed to you when you visit our website. You can reopen the banner at any time via the button at the bottom left of the website and change your settings.
Please note that without certain cookies and similar technologies, our website may not be displayed correctly and some functions may no longer be technically available.
Services in this category may use cookies and similar technologies to store and retrieve information on your device. We use these to enable the display of our website and to provide its basic functions — in particular, site navigation, enabling the granting and withdrawal of consent, protecting our forms from abusive entries, and safeguarding our website against cyberattacks and fraud attempts.
Some of the cookies and similar technologies used only contain information about specific settings and are not personally identifiable. We do not use them to track your interactions, for measurement or statistical analysis, or for advertising purposes.
The use of these services and the corresponding cookies and similar technologies in this category is based on Section 25 (2) nos. 1 and 2 TDDDG. Any subsequent processing of personal data takes place on the basis of Art. 6 (1) sentence 1 lit. f GDPR.
Services in this category may use cookies and similar technologies to store and access information on your device. We use them to enable the display of our website and to provide its core functions — in particular site navigation, managing the granting and withdrawal of consent, protecting our forms from misuse, and safeguarding our website against cyberattacks and fraud attempts.
Some of these cookies and similar technologies only store information about certain settings and are not personally identifiable. We do not use them to track your interactions, for measurement or statistical analysis, or for advertising purposes.
The use of these services and the corresponding cookies and similar technologies in this category is based on Section 25 (2) nos. 1 and 2 TDDDG. Any subsequent processing of personal data takes place on the basis of Art. 6 (1) sentence 1 lit. f GDPR.
Statistics / Analytics Cookies
Services in this category may use cookies and similar technologies to store and access information on your device. We use them to:
For this purpose, individual pseudonymous identifiers (recognition features) consisting of numbers and letters are regularly stored in cookies on your device when you visit our website and are read again on subsequent visits. By using pseudonyms, it is possible to distinguish and recognize individual users without directly identifying them. The natural person behind a pseudonym cannot generally be identified directly, in particular not by name, without additional data.
Other technologies may also be used to read recognition features from your device, such as so-called browser or device fingerprinting. In this process, data about the properties of your browser (e.g., type and version), its configuration (e.g., preferred language), your device (e.g., manufacturer and model of your mobile phone, operating system), or your hardware (e.g., screen resolution) may be used to pseudonymously recognize you as a distinct user.
The use of these services and the associated cookies and similar technologies in this category is based on your consent pursuant to Section 25 (1) TDDDG. Any subsequent processing of personal data is carried out on the basis of your consent pursuant to Art. 6 (1) sentence 1 lit. a GDPR.
Services in this category may use cookies and similar technologies to store and access information on your device. We use them to:
For this purpose, individual pseudonymous identifiers (recognition features) consisting of numbers and letters are regularly stored in cookies on your device when you visit our website or another website and are read again upon subsequent visits.
Other technologies may also be used to read recognition features from your device, such as browser or device fingerprinting. This involves using data from the properties of your browser (e.g., type and version), its configuration (e.g., preferred language), your device (e.g., manufacturer and model of your mobile phone, operating system), or your hardware (e.g., screen resolution) to pseudonymously recognize you as a distinct user.
The processed pseudonymous identifiers may also be combined with additional data by us or by the providers of the services we use. In some cases, these identifiers (IDs) may be exchanged and matched between services and their providers (so-called ID matching/ID syncing). If a match occurs, identifiers are combined and assigned to the same pseudonymous user. This allows for cross-device, cross-platform, and cross-network recognition and targeted advertising of website visitors.
If you identify yourself with your real data (such as name or email address) or enter your own user data on our website, or if you log into social networks or online services of third-party providers that provide us with corresponding tracking and advertising services, pseudonymous identifiers may additionally be linked with your real or user data. In this way, we or the service providers can create and analyze comprehensive pseudonymous or non-pseudonymous user profiles and subsequently use them for targeted advertising based on your interests.
The use of these services and the associated cookies and similar technologies in this category is based on your consent pursuant to Section 25 (1) TDDDG. Any subsequent processing of personal data is carried out on the basis of your consent pursuant to Art. 6 (1) sentence 1 lit. a GDPR.
On our website, we use a consent management banner provided by Cookiebot by Usercentrics, which allows us to manage your consents regarding the use of cookies and similar technologies.
Description of data processing and purpose
We use this service to manage your consents for the use of cookies and similar technologies, as well as for the subsequent data processing activities. If you provide consent via our consent banner, the service processes the following data:
As part of this data processing, cookies are used to store your consent status on your device, to read it again upon revisiting the site, and to compare it. This enables us to check your consent status during all subsequent and future visits to our websites and, according to your decision, activate or deactivate cookies and other technologies upon revisiting.
The purpose and our legitimate interest lie in enabling us to use cookies and similar technologies on our websites in compliance with data protection requirements and to provide you with a simple option to withdraw your consent at any time.
Legal basis for data processing
Insofar as we use cookies and similar technologies in connection with the integration of the service, or insofar as data is stored on or accessed from your device by the service, this is carried out in accordance with Section 25 (2) TDDDG. Any subsequent processing of personal data takes place on the basis of Art. 6 (1) sentence 1 lit. f GDPR.
Storage period
Your consent status is stored for a period of 12 months.
Description of data processing and purpose
Google Fonts enables us to use web fonts. For this purpose, when you access our website, the required Google Fonts are loaded by your web browser into your browser cache. This is necessary to ensure that your browser can also display our texts in an improved visual format. If your browser does not support this function, a standard font from your computer will be used instead.
Since Google Fonts are provided by Google and loaded from their servers when the page is accessed, the usage data technically required for loading the page is transmitted in the process. In this context, Google also receives your IP address, which is technically necessary to retrieve the content. We use Google Fonts for optimization purposes, in particular to improve the usability of our website and to make its design more user-friendly.
Legal basis for data processing
The legal basis for the integration and use of this service is your consent, provided you have given it via our consent management platform. The use of cookies and similar technologies takes place on the basis of Section 25 (1) TDDDG. The subsequent data processing is based on Art. 6 (1) sentence 1 lit. a GDPR. Your consent is voluntary and can be withdrawn at any time with effect for the future. To withdraw your consent, please use the “Cookie settings” link at the bottom of the website to reopen our consent management banner and change your settings.
Recipients
In the context of using this service, the data collected via our websites is transmitted to the following recipients:
We generally have no influence on any further processing of the data by the third-party provider. Further information on Google’s handling of personal data can be found at: https://policies.google.com/privacy.
Data processing in third countries
When using this service, your data may also be processed in countries outside the European Union (EU) and the European Economic Area (EEA), i.e. in third countries, in particular in the USA. For data transfers to the USA, an adequacy decision of the EU Commission pursuant to Art. 45 (1) GDPR exists with regard to companies certified under the EU-U.S. Data Privacy Framework. Google LLC is certified under the EU-U.S. Data Privacy Framework and is therefore committed to complying with appropriate data protection standards. Certification can be verified at the following link: Participant Search (dataprivacyframework.gov).
In cases where your data is transferred to other third countries for which no adequacy decision exists, there is a risk that local authorities may access your data for security and monitoring purposes without informing you or allowing you to seek legal remedies. To ensure an adequate level of data protection for transfers to such third countries, the European Commission’s Standard Contractual Clauses pursuant to Art. 46 (2) lit. c GDPR are used. These clauses obligate the recipient to process the data in accordance with the European level of protection.
Where the Standard Contractual Clauses alone are not sufficient to guarantee the required level of protection, additional technical, contractual, and/or organizational measures are implemented to secure the transfer. In addition, it is regularly reviewed and assessed whether these additional measures continue to ensure an adequate level of protection or whether further supplementary measures may be required.
Storage period
By integrating the service into our websites, data is transmitted to the above-mentioned recipients and processed there for as long as is necessary to achieve the purposes described above. No further storage of the data processed by the service and made available to us takes place in our own systems.
Google Analytics
On our website, we integrate the service “Google Analytics” provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA. Within the European Union (EU) and the European Economic Area (EEA), “Google Analytics” is offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, which supports us as a processor pursuant to Art. 28 GDPR.
Description of data processing and purpose
“Google Analytics” creates usage profiles based on pseudonyms (recognition features such as cookie IDs, device IDs, and other data relating to the device used or the so-called browser fingerprint) and usage data. This includes:
This data is collected, analyzed, and combined with pseudonymous data already available at Google and with us. Cookies and similar technologies, in particular JavaScript, are used to store and read data on your device. Details on the cookies and similar technologies used can be found above under “Data processing in connection with cookies and similar technologies.”
In this way, we are able to recognize returning visitors, count them, and assign them to specific demographic target groups or customer segments. We then use these insights to place targeted online advertising measures and marketing campaigns in advertising networks, in particular within Google’s advertising services.
Legal basis for data processing
The legal basis for the integration and use of this service is your consent, provided you have given it via our consent management platform Cookiebot by Usercentrics.
Your consent is voluntary and can be withdrawn at any time with effect for the future. To withdraw your consent, please use the button at the bottom left of the website to change your settings in our consent management platform.
Data processing in third countries
When using “Google Analytics,” your data may also be processed in countries outside the European Union (EU) and the European Economic Area (EEA), i.e., in third countries without an adequate level of data protection, in particular in the USA.
In such cases, there is a risk that local authorities may access your data for security and monitoring purposes without informing you or allowing you to seek legal remedies. To ensure an adequate level of data protection when transferring your data to such third countries, the European Commission’s Standard Contractual Clauses pursuant to Art. 46 (2) lit. c GDPR are used. These obligate the recipient to process the data in accordance with the European level of protection.
Where the Standard Contractual Clauses alone are not sufficient to guarantee the required level of protection, additional technical, contractual, and/or organizational measures are implemented to secure the transfer. In addition, it is regularly reviewed and assessed whether these additional measures continue to ensure an adequate level of protection or whether further supplementary measures are required.
Recipients
In the context of using “Google Analytics,” the data collected via our websites is transmitted to the following recipients:
We generally have no influence on any further processing of the data by the third-party provider. Further information on Google’s handling of personal data can be found at: https://policies.google.com/privacy.
Storage period
By integrating this service into our websites, data is transmitted to the above-mentioned recipients and processed there for as long as is necessary to achieve the purposes described above. No further storage of the data processed by the service and made available to us takes place in our own systems.
On our websites, we integrate the service “HubSpot” provided by HubSpot, Inc., 2 Canal Park, Cambridge, MA 02141, USA. Within the European Union (EU) and the European Economic Area (EEA), the service is offered by HubSpot Ireland Limited, 1 Sir John Rogerson's Quay, Dublin 2, Ireland.
Description of data processing and purpose
The platform enables us to:
The objective is to gain new prospects for our products and services, to address acquired prospects and existing customers with targeted advertising, and to optimize our marketing strategy — particularly online and email marketing — through evaluations and analyses.
Cookies and similar technologies, in particular JavaScript, are used to store and read data on your device. Details on the cookies and similar technologies used can be found above under “Access to and storage of information in end-user devices” and “Cookies and similar technologies” as well as via our consent management platform.
Data we process
We use HubSpot to manage prospect and customer data. This includes:
We use HubSpot to analyze and evaluate website visits, including:
We use HubSpot to analyze and evaluate interactions with our social media presences and to manage communication via social media, including:
We use HubSpot to communicate with you via our website chat and to respond to your inquiries. This involves processing the personal data you provide (as listed above).
We use HubSpot for email marketing and, where applicable, email tracking. Provided you give us separate consent, we may:
We use HubSpot to create, enrich, and evaluate prospect profiles. This involves:
Legal basis for data processing
Recipients
In the context of using this service, the data collected via our websites is transmitted to the following recipients:
Further information on HubSpot’s handling of personal data can be found at: https://legal.hubspot.com/privacy-policy.
Data processing in third countries
When using this service, your data may also be processed in countries outside the European Union (EU) and the European Economic Area (EEA), in particular the USA.
Storage period
Unless otherwise specified, we store your data as long as necessary to achieve the purposes described above. Data will then be deleted unless further processing is permissible or mandatory (e.g., due to legal retention or documentation obligations).
Beschreibung der Datenverarbeitung und des Zwecks
Wir verarbeiten Ihre personenbezogenen Daten sofern diese für eine Vertragsbegründung, -durchführung, -erfüllung sowie zur Durchführung vorvertraglicher Maßnahmen erforderlich sind.
Wir verarbeiten nur solche Daten, die mit der Vertragsbegründung bzw. den vorvertraglichen Maßnahmen in Zusammenhang stehen. Dies können allgemeine Daten zu Ihrer Person bzw. Personen Ihres Unternehmens sein (Name, Anschrift, Kontaktdaten etc.) sowie ggf. weitere Daten, die Sie uns im Rahmen der Begründung des Vertrags übermitteln.
Rechtsgrundlage der Datenverarbeitung
Soweit zur Anbahnung oder Durchführung eines Vertragsverhältnisses oder im Rahmen der Durchführung vorvertraglicher Maßnahmen personenbezogene Daten erforderlich sind, ist eine Verarbeitung gemäß Art. 6 Abs. 1, S. 1 lit. b DSGVO rechtmäßig.
Quellen
Wir verarbeiten personenbezogene Daten, die wir im Rahmen der Kontaktaufnahme bzw. der Begründung eines Vertragsverhältnisses oder im Rahmen vorvertraglicher Maßnahmen von Ihnen per Post, Telefon oder E-Mail über Formulare auf unsere Webseite oder über eines unserer Social Media Profile erhalten.
Empfänger
Wir geben Ihre personenbezogenen Daten innerhalb unseres Unternehmens ausschließlich an die Bereiche und Personen weiter, die diese Daten zur Erfüllung der vertraglichen und gesetzlichen Pflichten bzw. zur Umsetzung unseres berechtigten Interesses benötigen.
Wir können Ihre personenbezogenen Daten an mit uns verbundene Unternehmen übermitteln, soweit dies im Rahmen der in dieser Datenschutzerklärung dargelegten Zwecke und Rechtsgrundlagen zulässig ist.
Ihre personenbezogenen Daten werden in unserem Auftrag auf Basis von Auftragsverarbeitungsverträgen nach Art. 28 DSGVO verarbeitet. In diesen Fällen stellen wir sicher, dass die Verarbeitung von personenbezogenen Daten im Einklang mit den Bestimmungen der DSGVO erfolgt. Die Kategorien von Empfängern sind in diesem Fall Anbieter von Internetdienstanbieter sowie Anbieter von Kundenmanagementsystemen und -software.
Eine Datenweitergabe an Empfänger außerhalb des Unternehmens erfolgt ansonsten nur, soweit gesetzliche Bestimmungen dies erlauben oder gebieten, die Weitergabe zur Abwicklung und somit zur Erfüllung des Vertrages oder, auf Ihren Antrag hin, zur Durchführung von vorvertraglichen Maßnahmen erforderlich ist, uns Ihre Einwilligung vorliegt oder wir zur Erteilung einer Auskunft befugt sind.
Unter diesen Voraussetzungen können Empfänger personenbezogener Daten z. B. sein:
Speicherdauer
Soweit erforderlich verarbeiten und speichern wir Ihre personenbezogenen Daten für die Dauer unserer Geschäftsbeziehung bzw. zur Erfüllung vertraglicher Zwecke. Dies umfasst u.a. auch die Anbahnung und die Abwicklung eines Vertrages. Darüber hinaus unterliegen wir verschiedenen Aufbewahrungs- und Dokumentationspflichten, die sich unter anderem aus dem Handelsgesetzbuch (HGB) und der Abgabenordnung (AO) ergeben. Die dort vorgeschriebenen Fristen zur Aufbewahrung bzw. Dokumentation betragen zwei bis zehn Jahre. Schließlich richtet sich die Speicherdauer auch nach den gesetzlichen Verjährungsfristen, die z. B. nach den §§ 195 ff. des Bürgerlichen Gesetzbuches (BGB) in der Regel drei Jahre, in gewissen Fällen aber auch bis zu dreißig Jahre betragen können.
Erforderlichkeit der Bereitstellung personenbezogener Daten
Die Bereitstellung personenbezogener Daten für die Entscheidung über einen Vertragsabschluss, die Vertragserfüllung oder zur Durchführung vorvertraglicher Maßnahmen erfolgt freiwillig. Wir können eine Entscheidung im Rahmen vertraglicher Maßnahmen jedoch nur treffen, sofern Sie solche personenbezogenen Daten angeben, die für den Vertragsschluss, die Vertragserfüllung bzw. vorvertragliche Maßnahmen erforderlich sind.
Description of data processing and purpose
For managing personal data of customers and prospects, we use “Salesforce” provided by Salesforce.com Germany GmbH, Erika-Mann-Straße 31-37, 80636 Munich, Germany.
The software enables us to manage data relating to existing or potential customers, business partners, and their contact persons, for the purpose of targeted marketing communication.
Legal basis for data processing
The legal basis for managing such data is Art. 6 (1) sentence 1 lit. f GDPR or Art. 6 (1) sentence 1 lit. a GDPR, depending on which of the two legal bases we rely on for the respective marketing communication by email, telephone, or post. Further information on this can be found in this section of the privacy notice.
Recipients
In the context of data processing, your data is transferred to the following recipient:
Storage period
We store your data for as long as is necessary to achieve the above-mentioned purpose or until you object to the processing of your data. Afterwards, we delete your data unless further processing is permitted or required on another legal basis (e.g., statutory retention obligations).
We process your personal data in order to contact you by email for the purpose of direct advertising, as well as to evaluate prospect data, conduct market research, and carry out customer satisfaction surveys.
Description of data processing and purpose
The purpose is to contact you or your company personally by telephone and to inform you about our products, goods, services, and offers.
Legal basis for data processing
You may object to the processing of your data at any time with effect for the future, without incurring any costs other than the transmission costs at basic rates. To exercise your right to object, please contact dataprotection@ptxre.com.
Recipients
In the context of data processing, your data is transferred to the following recipient:
Storage period
We store your data for as long as is necessary to achieve the above-mentioned purpose or until you object to the processing. Afterwards, we delete your data unless further processing is permitted or required on another legal basis (e.g., statutory retention obligations).
4.3.2.1. Marketing to existing customers
Description of data processing and purpose
We process your personal data (salutation, first name, last name, business email address) that we have received in connection with a contract conclusion for the purpose of and in our legitimate interest in sending you or your company personalized direct advertising as an existing customer. Such advertising relates to similar products, goods, and services associated with the previous contract.
Legal basis for data processing
The legal basis for this processing is Art. 6 (1) sentence 1 lit. f GDPR. Since we comply with the requirements of the exemption under Section 7 (3) UWG and process only such personal data that is connected with your professional activity, there are no overriding interests on your part that would outweigh our interest in processing, provided you have not objected.
You may object to the processing of your data at any time with effect for the future, without incurring any costs other than the transmission costs at basic rates. To exercise your right to object, please use the unsubscribe link in our marketing emails or contact dataprotection@ptxre.com.
Recipients
In the context of data processing, your data may be transferred to or disclosed to the following processors:
Storage period
We store your data for as long as is necessary to achieve the above-mentioned purpose or until you object to the processing. Afterwards, we delete your data unless further processing is permissible or required on another legal basis (e.g., statutory retention obligations).
4.3.2.2. Consent to receive marketing emails and newsletters, newsletter tracking
Description of data processing and purpose
In addition, we process your personal data (salutation, first name, last name, business email address) for the purpose of contacting you or your company personally by email or via our email newsletter and informing you about our products, goods, services, offers, events, and activities — but only if you have expressly given us your separate consent.
If you give us your consent, you also allow us to process data regarding whether you have received and opened our marketing emails, to what extent you interacted with the content (in particular, which links you clicked), and to what extent you read or skimmed our emails (newsletter tracking).
Legal basis for data processing
The legal basis for this processing is your consent pursuant to Art. 6 (1) sentence 1 lit. a GDPR. Your consent is voluntary and can be withdrawn at any time with effect for the future. The withdrawal of your consent does not affect the lawfulness of processing carried out prior to withdrawal.
To exercise your right of withdrawal, please use the unsubscribe link in our marketing emails or newsletters, or contact dataprotection@ptxre.com.
Recipients
In the context of data processing, your data may be transferred to or disclosed to the following processors:
Storage period
We store your data for as long as is necessary to achieve the above-mentioned purpose or until you withdraw your consent. Afterwards, we delete your data unless further processing is permissible or required on another legal basis (e.g., statutory retention obligations).
4.3.2.3. Statistical evaluation and analysis of customer and prospect data, market research, and customer satisfaction surveys
Description of data processing and purpose
We process data collected from you as a prospect (e.g., via forms on our website) as well as data collected from you as a customer or as an employee of a customer in the context of pre-contractual measures or contract performance, in order to:
To address prospects in a more targeted way, we create so-called target groups from the data. Data from our customer satisfaction surveys may also be included in the analysis and evaluation. For this purpose, we may collect information and data regarding:
Legal basis for data processing
The legal basis for processing your data is Art. 6 (1) sentence 1 lit. f GDPR. Our legitimate interests lie in developing our products and services in line with market requirements, gaining a better understanding of the needs and interests of our customers and potential customers, and enabling targeted direct advertising on this basis.
Recipients
In the context of data processing, your data is transmitted to the following recipient:
Storage period
We store your data for as long as is necessary to achieve the above-mentioned purpose or until you object to the processing. Afterwards, we delete your data unless further processing is permissible or required on another legal basis (e.g., statutory retention obligations).
Description of data processing and purpose
We process your personal data insofar as this is necessary for the decision on establishing an employment relationship with us. We only process data that is related to your application. This may include:
If an employment relationship is established between you and us, we may further process the personal data already received from you for the purposes of the employment relationship, insofar as this is necessary for its performance or termination, or for exercising or fulfilling rights and obligations arising from a law, a collective agreement, or a works/service agreement.
Legal basis for data processing
Source
We process personal data that we receive from you during contact or your application via:
Recipients
We share your personal data within our company only with departments and individuals who require it to fulfill contractual and legal obligations or to implement our legitimate interests.
We may transfer your personal data to affiliated companies, insofar as this is permitted within the purposes and legal bases set out in this privacy notice.
Your personal data may also be processed on our behalf under data processing agreements pursuant to Art. 28 GDPR. In such cases, we ensure that personal data is processed in accordance with GDPR requirements. Typical categories of such recipients are:
In the context of data processing, your data is specifically transferred to:
Data is otherwise disclosed to recipients outside our company only where permitted or required by law, where disclosure is necessary for compliance with legal obligations, or where you have given consent.
Data processing in third countries
Transfer to a third country is not intended.
Storage period
We store your personal data for as long as is necessary for the decision on your application. Your personal data and application documents will be deleted no later than six months after completion of the application process (e.g., notification of rejection), unless longer storage is legally required or permissible.
We also store your personal data only insofar as this is legally required or necessary in the specific case to assert, exercise, or defend legal claims for the duration of a legal dispute.
If you have consented to longer storage of your personal data, we will store it in accordance with your consent.
If, following the application process, an employment, training, or internship relationship is established, your data will, insofar as necessary and permissible, continue to be stored and subsequently transferred to your personnel file.
Where applicable, you may receive an invitation to join our talent pool after the application process. This allows us to consider you for future vacancies in our applicant selection process. If we have your corresponding consent, we will store your application data in our talent pool in accordance with your consent and any future consents.
Necessity of providing personal data
Providing your personal data in the application process is voluntary. However, we can only make a decision on establishing an employment relationship or establish such a relationship with you if you provide the personal data necessary for carrying out the application process.
Description of data processing and purpose
For collecting applicant data via online forms, we use the HR and applicant management software “Personio” provided by Personio GmbH, Rundfunkplatz 4, 80335 Munich, Germany.
Personio allows us to store and manage incoming applicant data. If you submit your application data to us via the application form on our website, the data entered into the input fields is transmitted to Personio and stored there. No automated processing by Personio takes place. Processing only occurs when our application form is used.
In the context of your application, the service provider may process in particular the following data:
We use Personio exclusively for handling your application.
Legal basis for data processing
Recipients
In the context of using this service, the data collected via our websites is transmitted to the following recipient:
Further information on the handling of personal data by Personio can be found at: https://www.personio.de/datenschutzerklaerung/.
Storage period
The following provides information on how we handle your data collected through your use of our social media profiles on social networks and platforms.
We maintain profiles, accounts, pages, or fan pages on the following social media platforms:
Depending on how the platform operators and we as page operators are involved in processing your personal data, the respective responsibility or role differs. We may either be jointly responsible with the platform operator, or the platform operator may be solely responsible.
For processing of your personal data in connection with your visit to our profiles, accounts, pages, or fan pages, we as page operators are jointly responsible with the platform providers where the platform operators provide aggregated visitor information (e.g., “Insights” or “Analytics”).
In the case of joint responsibility, we have concluded agreements with the platform operators pursuant to Art. 26 GDPR (e.g., Page Controller Addendum or Joint Controller Addendum). These agreements specify which data processing operations we and the platform operators are responsible for. You can review these agreements at the following links:
Further information on data processing by the platform operators can be found in their privacy policies:
You can contact the data protection officers of the platform operators here:
6.3.3.1 Access to and storage of information on end-user devices
When you access our profiles on the above-mentioned platforms, cookies and similar technologies are used on your end device by the platform operator to store or retrieve data. This access and storage may involve further processing of personal data within the meaning of the GDPR.
Further information on the use of cookies and similar technologies, including legal bases, can be found in the privacy policies of the respective platform operators.
6.3.3.2 Data processing for advertising and market research purposes
In general, personal data on our social media profiles is primarily processed for market research and advertising purposes by the platform operators. Where data collection also takes place directly on our social media profile, we are jointly responsible with the platform operators.
Data processing involves cookies and similar technologies that allow the platform operator to recognize you when you visit a social media profile. For platform members, the operator extensively evaluates interactions (clicks, comments, likes) and processes information provided by you (e.g., profile data, profile picture, profile name). Demographic information (age, gender, country, industry, profession, etc.) from your member profile may also be processed.
Using the data collected, usage profiles can be created and used by the platform operators to display advertising inside and outside the platform that is presumed to match your interests. While we do not have direct access to this data, we also benefit from these processing activities by running targeted advertising campaigns based on the target groups identified by the platform operators.
The legal basis for this processing of your personal data is your consent given to the platform operator pursuant to Art. 6 (1) lit. a GDPR.
6.3.3.3 Data processing in the context of “Insights” or “Analytics”
In addition, your data is jointly processed in connection with “Page Insights” or “Page Analytics.”
These are analysis functions provided by the platform operators that allow your profile data, demographic information, and interaction data with our profile to be collected by the platform operators and us jointly. The platform operator then analyzes this data and provides us with aggregated data (“aggregated insights”), showing which demographic groups visited our profile and how it was used.
We do not have direct access to the individual data; it is only available to us in aggregated form. This means we cannot identify individual visitors or their interactions. We use the aggregated data to align our social media profiles with target groups and to optimize them for advertising purposes (increasing reach and awareness, evaluating campaign success).
The legal basis for this processing is your consent given to the platform operator pursuant to Art. 6 (1) lit. a GDPR.
6.3.3.4 Data processing based on consent
Where you are asked by the platform operator for consent to processing for specific joint purposes, the legal basis is Art. 6 (1) lit. a and Art. 7 GDPR. Consent may be withdrawn at any time with effect for the future.
6.3.3.5 Recipients and international data transfers
Where we transfer personal data to social media platform operators, these operators are the recipients within the meaning of Art. 4 no. 9 GDPR:
Processing of your data when visiting our social media profiles may also take place in countries outside the European Union (EU) and the European Economic Area (EEA), particularly in the USA.
As a visitor to our page, you may exercise your rights (access, rectification, erasure, restriction, data portability, complaint to a supervisory authority, objection or withdrawal of consent) with both the platform operator and us.
6.4 Our own responsibility
For the following data processing activities via our social media profiles, we are solely responsible.
6.4.1 Data processing through the operation of the social media profile
When you visit or interact with our social media profile, we process your personal data. This may include:
The legal basis for processing personal data in connection with the operation of our social media profile is Art. 6 (1) sentence 1 lit. f GDPR. Our legitimate interest lies in addressing visitors for advertising purposes as well as providing an effective communication and interaction channel with our company on the social media platform.
6.4.2 Data processing when contacting us
We collect personal data ourselves if you contact us, e.g., via a contact form or a messenger function on the respective platform.
The legal basis for processing the data is our legitimate interest in responding to your request pursuant to Art. 6 (1) sentence 1 lit. f GDPR.
Your data will be deleted once your inquiry has been fully processed, provided that no statutory retention obligations apply. We assume a request has been fully processed if it is apparent from the circumstances that the matter has been conclusively clarified.
6.4.3 Data processing for contract execution
If your contact via a social network or another platform aims at the conclusion of a contract for the supply of goods or the provision of services with us, we process your data for the performance of the contract, the implementation of pre-contractual measures, or the provision of the requested services.
The legal basis for processing your data in this case is Art. 6 (1) sentence 1 lit. b GDPR.
Your data will be deleted once it is no longer required for the performance of the contract or once it is clear that the pre-contractual measures will not lead to a contract in line with the purpose of your contact. Please note, however, that even after the conclusion of the contract, it may be necessary to store personal data of our contractual partners in order to meet contractual or statutory obligations.
6.4.4 Data processing based on consent
Where we ask you for consent to process your data for a specific purpose, the legal basis is Art. 6 (1) sentence 1 lit. a and Art. 7 GDPR. Consent given can be withdrawn at any time with effect for the future.
Description of data processing and purpose
We process your personal data insofar as this is necessary to comply with our accountability obligations under Art. 5 (2) GDPR. This includes:
Legal basis for data processing
Recipients
Storage period
Description of data processing and purpose
We process your personal data in individual cases for the following purposes:
Legal basis for data processing
Recipients
Your data may be transferred to the following recipients insofar as necessary:
Storage period
Description of data processing and purpose
We process personal data where this is necessary to fulfill a legal obligation. The scope of data processing is determined by the legal requirements that we are subject to. Examples include:
Legal basis for data processing
Recipients
Your data may be transferred to the following recipients insofar as necessary:
Storage period
Below you will find information on the data subject rights that applicable data protection law grants you vis-à-vis the controller with regard to the processing of your personal data:
Right to object
Where we process your personal data on the basis of legitimate interests pursuant to Art. 6 (1) sentence 1 lit. f GDPR, you have the right under Art. 21 GDPR to object to the processing of your personal data on grounds relating to your particular situation. Where the objection concerns processing for direct marketing purposes, you have a general right to object without the need to state a particular situation.
If you wish to exercise your right to withdraw consent or to object, please send an email to dataprotection@ptxre.com.
.svg)