Privacy policy

 

Information on the collection of personal data

  1. In the following, we inform you about the collection of personal data when using our website. Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behaviour.
  2. The person responsible pursuant to Art. 4 (7) of the EU General Data Protection Regulation (GDPR) is:

MagForce NT GmbH
Max-Planck-Straße 3
12489 Berlin
Tel. +49 (0)30 308 380-0
info@magforce.com

You can reach our data protection officer at:

gds – Gesellschaft für Datenschutz Mittelhessen mbH
E-mail: datenschutz@gdsm.de
Tel.: +49 (0)6421 80413-10

  1. When you contact us by e-mail or via a contact form, the data you provide (your e-mail address, name and telephone number, if applicable) will be stored by us in order to answer your questions. We delete the data accruing in this context after the storage is no longer necessary or restrict the processing if there are legal retention obligations.
  2. If we use commissioned service providers for individual functions of our offer or would like to use your data for advertising purposes, we will inform you in detail about the respective processes below. In doing so, we will also state the defined criteria for the storage period.

Your rights

  1. You have the following rights in relation to personal data relating to you:
    • Right to information,
    • Right to rectification or erasure,
    • Right to restriction of processing,
    • Right to object to processing,
    • Right to data portability.

You also have the right to complain to a data protection supervisory authority about our processing of your personal data.

Hosting:

The website is hosted by the following service provider:

IONOS SE
Eigendorfer Str. 57
56410 Montabaur

IONOS SE will also automatically process the above-mentioned personal data in this context. This is done exclusively according to our instructions and on our behalf in accordance with a contract processing agreement pursuant to Art. 28 GDPR.

Collection of personal data when visiting our website

  1. In the case of mere informational use of the website, i.e. if you do not register or otherwise transmit information to us, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure its stability and security (legal basis is Art. 6 para. 1 p. 1 lit. f GDPR):
  • IP address
  • Date and time of the request
  • Time zone difference from Greenwich Mean Time (GMT)
  • Content of the request (concrete page)
  • Access Status/HTTP Status Code
  • Data volume transferred in each case
  • Website from which the request comes
  • Browser
  • Operating system and its interface
  • Language and version of the browser software.

Objection or revocation against the processing of your data

  1. If you have given your consent to the processing of your data, you may revoke this consent at any time. Such a revocation will affect the permissibility of the processing of your personal data after you have expressed it to us.
  2. Insofar as we base the processing of your personal data on the balance of interests, you can object to the processing. This is the case if the processing is in particular not necessary for the performance of a contract with you, which is shown by us in each case in the following description of the functions. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will review the merits of the case and either cease or adapt the data processing or show you our compelling legitimate grounds on the basis of which we will continue the processing.

Of course, you can object to the processing of your personal data for the purposes of advertising and data analysis at any time. You can inform us of your advertising objection using the following contact details: datenschutz@magforce.com

Contact possibility via e-mail

You have the option of contacting us by e-mail. You will find the relevant addresses on our website under Contact.

If contact is made via the e-mail address provided by us, the personal data transmitted with your e-mail will be stored. The legal basis for the processing of your data is Art. 6 (1) f) GDPR, as we have a legitimate interest in contacting you as a (potential) customer.

If the contact via e-mail is in connection with the conclusion or implementation of a contract between you and us, then Art. 6 para. 1 lit. b) GDPR is also the legal basis for the processing.

Personal data that we store in connection with your contact via e-mail is used exclusively for processing your contact. The data will not be passed on to third parties.

We delete your data as soon as it is no longer required to achieve the purpose for which it was collected. For personal data transmitted by e-mail, this occurs when the respective correspondence with you has ended and it is clear from the circumstances that the matter concerned has been conclusively clarified.

If the data is required for the fulfilment of a contract or for the implementation of pre-contractual measures, it can only be deleted if this is permitted by contractual or legal obligations. Which storage periods apply here must be determined individually for the respective contracts and contracting parties.

You can revoke your consent to the processing of personal data at any time. If you contact us by e-mail, you can object to the storage of your personal data at any time. To do so, simply send an informal message to the contact details provided at the beginning of this privacy policy.

Data processing for job applications

When you apply to us, we process the information we receive from you as part of the application process, e.g. through letters of application, CVs, references, correspondence, telephone or verbal details. In addition to your contact details, information about your education, qualifications, work experience and skills is particularly relevant to us. We will only assess you according to your suitability for the position in question.

Your data will initially be processed solely for the purpose of carrying out the application process. If your application is successful, it will become part of your personnel file and will be used to carry out and terminate your employment and will be deleted in accordance with the rules applicable to personnel files. If we are currently unable to offer you employment, we will continue to process your data for up to six months after sending the rejection in order to defend ourselves against any legal claims, in particular due to alleged discrimination in the application process. Insofar as you receive cost reimbursements or there are other tax-relevant transactions, the corresponding accounting records will be kept in order to fulfil the budgetary and tax law retention obligations in accordance with the respective applicable retention obligations. Your data is initially accessed by our HR department and the “Recruiting” department, but also by the specialist department of the position for which you have applied and, if required, by the accounting department. Our administrators and order processors have technically necessary access to data processed by means of IT. They are strictly bound by our instructions and may not process the data for their own purposes. In certain cases, we have to disclose your personal data to third parties, such as to our bank if you receive a reimbursement or to the post office if we communicate with you by letter.

The legal basis for data processing in the application process and as part of the personnel file is Section 26 (1) sentence 1 FDPA and Art. 6 (1) lit b GDPR and, insofar as you have given your consent, for example by sending information not required for the application process, Art. 6 (1) lit a GDPR. The legal basis for data processing after a rejection is Art. 6 para. 1 lit f GDPR. The legal basis for storage under budgetary and tax law is Art. 6 para. 1 lit. c GDPR in conjunction with. § 147 tax code (AO). Legitimate interest for processing on the basis of Art. 6 para. 1 lit f GDPR is the defence against legal claims. As a rule, we do not require any special categories of personal data within the meaning of Art. 9 GDPR for the application process. We ask you not to provide us with such information in the first place. If such information is exceptionally relevant to the application process, we will process it together with your other applicant data. This may, for example, relate to information about a severe disability which you may provide to us voluntarily and which we then need to process in order to fulfil our specific obligations in relation to severely disabled persons. In these cases, the processing serves the exercise of rights or the fulfilment of legal obligations arising from labour law, social security law and social protection. The legal basis for data processing is then Art. 9 para. 2 lit. b GDPR, §§ 26 para. 3 FDPA, 164 Social Code IX. (SGB IX.) . Exceptionally, it may be necessary to obtain information about your health or a disability or information from the Federal Central Register, i.e. about previous convictions, in order to assess your suitability for the intended activity. The legal basis for this is § 26 FDPA. Your data will not be used by us for automated decision-making or profiling.

Data processing by social networks

We maintain publicly accessible profiles on social networks. The individual social networks we use can be found below.

Social networks such as Facebook etc. can generally analyse your user behaviour comprehensively when you visit their website or a website with integrated social media content (e.g. Like buttons or advertising banners). By visiting our social media presences, numerous data protection-relevant processing operations are triggered. In detail:

If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected under certain circumstances if you are not logged in or do not have an account with the respective social media portal. In this case, this data collection takes place, for example, via cookies that are stored on your end device or by recording your IP address.

With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-based advertising can be displayed to you inside and outside the respective social media presence. If you have an account with the respective social network, the interest-based advertising can be displayed on all devices on which you are or were logged in.

Please also note that we cannot track all processing operations on the social media portals. Depending on the provider, further processing procedures may therefore be carried out by the operators of the social media portals. For details, please refer to the terms of use and data protection provisions of the respective social media portals.

Legal basis

Our social media presences are intended to ensure the most comprehensive presence possible on the internet. This is a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR. The analysis processes initiated by the social networks may be based on different legal grounds, which are to be stated by the operators of the social networks (e.g. consent within the meaning of Art. 6 para. 1 lit. a GDPR).

Responsible person and assertion of rights

If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. In principle, you can assert your rights (information, correction, deletion, restriction of processing, data portability and complaint) both vis-à-vis us and vis-à-vis the operator of the respective social media portal (e.g. vis-à-vis Facebook).

Please note that despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are largely determined by the corporate policy of the respective provider.

Storage period

The data collected directly by us via the social media presence is deleted from our systems as soon as the purpose for storing it no longer applies, you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies. Stored cookies remain on your end device until you delete them. Mandatory legal provisions – in particular retention periods – remain unaffected.

We have no influence on the storage period of your data, which is stored by the operators of the social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their privacy policy, see below).

Social networks in detail

Facebook

We have a profile on Facebook. The provider is Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA.

We have entered into a Joint Processing Agreement (Controller Addendum) with Facebook. This agreement specifies which data processing operations we or Facebook are responsible for when you visit our Facebook page. You can view this agreement at the following link: https://www.facebook.com/legal/terms/page_controller_addendum.

You can adjust your advertising settings independently in your user account. To do so, click on the following link and log in: https://www.facebook.com/settings?tab=ads.

For details, please refer to Facebook’s privacy policy: https://www.facebook.com/about/privacy/.

Instagram

We have a profile on Instagram. The operator of the social network Instagram is Facebook Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland. For details on how they handle your personal data, please refer to Instagram’s privacy policy: https://help.instagram.com/581066165581870

Twitter

We have a profile on Twitter. The operator of the social network is Twitter Inc, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland. Details on their handling of your personal data can be found in the Twitter privacy policy: X Privacy Policy (twitter.com).

LinkedIn

We have a profile on LinkedIn. The provider of this service is LinkedIn Ireland Unlimited Community, Wilton Place, Dublin 2, Ireland.

Information about which of your data is processed by LinkedIn and for what purposes can be found in LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy.