Data protection
to fulfill the requirements
of Art. 13 and 14 DSGVO (duties to inform) and BDSG §§ 29, 32 and 33
General Information
The following information provides a simple overview of what happens to your personal information when you visit our website. Personal data is any data that personally identifies you. Detailed information on data protection can be found in our Privacy Policy.
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.
If you use this website, various personal data will be collected. Personal information is information that personally identifies you. This Privacy Policy explains what information we collect and what we use it for. It also explains how and for what purpose this happens.
We point out that the data transmission in the Internet (eg in the communication by E-Mail) can exhibit security gaps. A complete protection of the data from access by third parties is not possible.
1. Name and contact details of the controller and the company data protection officer
This privacy policy applies to data processing by:
Responsible:
Evosys Laser GmbH
Felix-Klein-Strasse 75
D-91058 Erlangen
Representation: Evosys Laser GmbH is represented by Frank Brunnecker and Holger Aldebert
E-Mail: info@evosys-laser.com
Phone: +49 9131 – 4088 – 0
The company data protection officer of Evosys Laser GmbH can be reached at the above-mentioned address, to Mr. Volker Beneke, or at datenschutz@evosys-laser.com.
2. Collection and storage of personal data as well as the nature and purpose of their use
a) When you visit the website
When you visit our website www.evosys-laser.com , the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file.
The access logs of the web server log which page views took place at which time. They include the following information: IP, directory protection user, date, time, pages accessed, logs, status code, dataset, referer, user agent, hostname invoked.
The IP addresses are stored anonymously. For this, the last three digits are removed, ie 127.0.0.1 becomes 127.0.0. *. IPv6 addresses are also anonymized. The anonymized IP addresses are kept for 60 days. Information about the directory protection user used will be anonymized after one day.
Error logs that log pageview errors are deleted after seven days. In addition to the error messages, these include the accessing IP address and, depending on the error, the website accessed.
Access via FTP is logged anonymously and kept for 60 days.
The email logs for sending e-mails from the web environment are anonymized after one day and then kept for 60 days. When anonymizing all data to the sender / recipient, etc. are removed. Only the data at the time of sending and the information on how the e-mail was processed are retained (queue ID or not sent).
Mail logs for sending via our mail servers will be deleted after four weeks. The longer retention period is necessary for ensuring the functionality of the mail services and spam fighting.
The data mentioned are processed for the following purposes:
- Ensuring a smooth connection of the website,
- Ensuring comfortable use of our website,
- Evaluation of system security and stability as well
- for further administrative purposes.
The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f DSGVO. Our legitimate interest follows from the data collection purposes listed above. In no case we use the collected data for the purpose of drawing conclusions about you. There is no merge of this data with other data sources.
To manage the cookies and similar technologies used (tracking pixels, web beacons, etc.) and related consents, we use the consent tool “Real Cookie Banner”. Details on how “Real Cookie Banner” works can be found at https://devowl.io/rcb/data-processing/.
The legal basis for the processing of personal data in this context are Art. 6 (1) lit. c GDPR and Art. 6 (1) lit. f GDPR. Our legitimate interest is the management of the cookies and similar technologies used and the related consents.
The provision of personal data is neither contractually required nor necessary for the conclusion of a contract. You are not obliged to provide the personal data. If you do not provide the personal data, we will not be able to manage your consents.
b) By using our contact form
If you have any questions, we offer you the possibility to contact us via a form provided on the website. It is necessary to provide a valid e-mail address, name, subject and request, as well as consent to the privacy policy, so that we know who the request came from and to respond to it. Further information can be provided voluntarily.
If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provided there, will be stored in order to process the request and in case of follow-up questions. We will not share this information without your consent.
The processing of the data entered into the contact form takes place exclusively on the basis of your consent (Art. 6 (1) lit. DSGVO). You can revoke this consent at any time. An informal message by e-mail to us is sufficient. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
The data entered by you in the contact form remains with us until you ask us to delete, revoke your consent to the storage or the purpose for the data storage is omitted (eg after completion of your request). Mandatory statutory provisions – especially retention periods – remain unaffected.
c) When using our applicant management system
We use a digital applicant management system to accept and process applicant data.
To ensure the protection of applicant data against unauthorized access, we only accept applications (form entries and attachments) via this applicant management system. The data is transmitted in encrypted form, see section 7 Data security. Applications that reach us by e-mail or post cannot be considered for this reason and will be returned to the sender without comment.
Our applicant management system is technically operated and maintained by an external order processor as part of an order data processing commissioned by us. The external order processor guarantees us the secure storage, processing and deletion of the applicant data. The processing is carried out exclusively on the basis of the statutory provisions pursuant to Art. 28 DSGVO within the framework of a corresponding contractual agreement with the order processor.
Further processing of your data is based on the fulfillment of pre-contractual measures (Art. 6 (1) lit b DSBVO). We process your data exclusively for the purpose of finding personnel for the respective advertised position or unsolicited application. After completion of the application process, your data will be deleted from our system in the event of a rejection in compliance with the statutory deadlines. Your data will not be passed on to third parties.
If the applicant gives his or her consent by checking the box “I authorize the use of my entire application documents also for further application processes (talent pool). The consent is revocable with effect for the future. (optional)”, the application will be transferred to the talent pool. This means that the application will be processed for a longer period of time beyond the current application procedure. The further processing of your data is thus based on your consent (Art. 6 para. 1 lit. a DSGVO). We process your data exclusively for the purpose of finding personnel for the respective advertised position or unsolicited application. After expiry of the storage period (3 months from consent), your data will be deleted from our system in the event of a rejection. Your data will not be passed on to third parties. You can revoke your consent to be included in the talent pool at any time. To do so, simply send an informal message by e-mail to datenschutz@evosys-laser.com. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation. Please also refer to paragraphs 5. and 6. of this privacy policy.
If the applicant gives his/her consent by ticking the box “The application may be forwarded within the group of companies. The consent is revocable with effect for the future (optional).” the application will be forwarded within the group of companies (currently Evosys Laser GmbH, www.evosys-laser.com/ and Evosys Laser Services GmbH, www.evosys-services.com/). This means that the application will not only be processed by Evosys Laser GmbH, but also by Evosys Laser Services GmbH. The further processing of your data is therefore based on your consent (Art. 6 para. 1 lit. a GDPR). We process your data exclusively for the purpose of recruiting for the respective advertised position or unsolicited application. You can revoke your consent to the transfer within the group of companies at any time. All you need to do is send an informal email to datenschutz@evosys-laser.com. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation. Please also refer to paragraphs 5 and 6 of this privacy policy.
d) For the initiation and fulfilment of contracts
The purpose of the processing of personal data is the provision of pre-contractual measures or the fulfilment of contractual obligations (legal basis Article 6 No. 1b). We use your personal data for this purpose:
- Contact and exchange of information
- Delivery of the system
- Organisation of our services within our group of companies.
The following categories of personal data are processed
- Surname and first name of the data subject
- Business address and contact details such as telephone number and email address of the data subject
- Details of the contract and the system
The aforementioned personal data is necessary for the fulfilment of pre-contractual or contractual measures. If they are not provided, the pre-contractual or contractual measures cannot be performed. Automated decision-making, including profiling, does not take place.
The personal data is sent to the following recipients
- Internal company departments that are responsible for processing your contract
- Affiliated companies within our group of companies that are entrusted with the installation, commissioning and – in the case of a separate order – maintenance of our systems
Your data will not be forwarded to recipients abroad or to EU third countries.
Your personal data will be deleted or blocked as soon as the purpose of storage no longer applies. In the event that no contract is concluded with you, this is 2 years after the offer has been sent. In the event that a contract is concluded with you, this is 10 years after conclusion of the contract.
3. Disclosure of data
A transfer of your personal data to third parties for purposes other than those listed below or further described in this privacy policy (eg point 10) purposes does not take place. We will share your personal information with third parties if:
- You according to Art. 6 para. 1 p. 1 lit. a DSGVO have given express consent to this
- the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f DSGVO is required to assert, exercise or defend legal claims and there is no reason to believe that you have an overriding interest in not disclosing your data,
- in the event that disclosure pursuant to Art. 6 para. 1 sentence 1lit. c DSGVO there is a legal obligation, as permitted by law and in accordance with Art. 6 para. 1 sentence 1 lit. b DSGVO is required for the settlement of contractual relationships with you.
4. Plug-ins
This site uses the map service Google Maps via a so-called API interface [1] . Provider is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. To use the features of Google Maps, it is necessary to save your IP address . This information is usually transmitted to and stored by Google on servers in the United States. The provider of this page has no influence on this data transfer. The use of Google Maps takes place only with the express consent of the user in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
For more information on how to handle user data, please refer to the Google Privacy Policy: https://www.google.com/intl/en/policies/privacy/ .
5. Affected rights
You have the right:
- in accordance with Art. 15 DSGVO, to request information about your personal data processed by us. In particular, you may provide information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been disclosed, the planned retention period, the right of rectification, deletion, limitation of processing or opposition, the existence of a The right to complain, the source of your data, if it was not collected from us, and the existence of automated decision-making including profiling and, where appropriate, meaningful information about their details;
- in accordance with Art. 16 DSGVO to demand the rectification of incorrect or completed personal data stored by us immediately;
- in accordance with Art. 17 DSGVO, to require the deletion of your personal data stored by us, except where the processing is for the exercise of the right to freedom of expression and information, for the fulfillment of a legal obligation, for reasons of public interest or for the assertion, exercise or defense of legal claims is required;
- in accordance with Art. 18 DSGVO to demand the restriction of the processing of your personal data, as far as the accuracy of the data is disputed by you, the processing is unlawful, but you reject their deletion and we no longer need the data, but you to assert, exercise or defense of legal claims or you have objected to the processing in accordance with Art. 21 GDPR;
- pursuant to Art. 20 GDPR to obtain your personal data provided to us in a structured, common and machine-readable format or to request transmission to another person responsible;
- pursuant to Art. 7 para. 3 DSGVO your once granted consent to revoke against us at any time. An informal message by e-mail to us is sufficient. As a result, we are no longer allowed to continue the data processing based on this consent for the future, and
- according to Art. 77 GDPR to complain to a supervisory authority. In general, you can contact the supervisory authority of your usual place of residence or work or our company headquarters.
6. Right to object
If your personal data are based on legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f DSGVO are processed, you have the right to file an objection against the processing of your personal data in accordance with Art. 21 DSGVO, provided that there are reasons for this arising from your particular situation or the objection is directed against direct mail . In the latter case, you have a general right of objection, which is implemented by us without stating a particular situation. If you would like to exercise your right of revocation or objection, please send an e-mail to Datenschutz@evosys-laser.com
7. Data security
This site uses SSL or TLS encryption for security purposes and to protect the transmission of sensitive content, such as requests that you send to us as a site operator. An encrypted connection is indicated by the browser’s address bar changing from “http: //” to “https: //” and the lock icon in your browser bar.
If SSL or TLS encryption is enabled, the data you submit to us can not be read by third parties. We also take appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
8. Opposition to advertising emails
The use of published under the imprint obligation for sending unsolicited advertisements and information is contradicted hereby. The operators of the sites expressly legal steps in case of unsolicited promotional information, such as spam e-mails.
9. Links/redirection to third party website
On our website, we use links that refer to our own content (within our website or that of our group of companies) and to third-party content (e.g. pages of partners or social media).
Links to our own content are usually executed as text. As content providers, we are responsible for this own content in accordance with Section 7 (1) of the German Telemedia Act.
Links to third-party content are usually implemented as a logo or symbol.
We would like to point out that the external content has its own data protection declarations and that we do not accept any responsibility for these.
As soon as you click on the link to third-party content, data is transferred to this destination. These are in particular:
– your IP address
– the time you clicked on the link
– address of the website from which you came
– operating system and browser version of your terminal device (user agent)
We would also like to point out that clicking on links may mean that the aforementioned data is transferred to non-European countries.
If you do not want this to happen, do not click on any links to external content.
10. Social Media
10.1 Facebook
We operate a page about our company on Facebook, a so-called fan page. This fan page can be reached either via a link, e.g. on the website www.evosys-laser.com, or via the search function in Facebook.
The fan page uses the services of Meta Platforms Ireland Limited, 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland as a technical platform.
We would like to point out that you use this Facebook page and its functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g. commenting, sharing, rating). Alternatively, you can also access the information offered via this page on our website at www.evosys-laser.com.
When you visit our Facebook page, Facebook collects, among other things, your IP address and other information that is present on your PC in the form of cookies. This information is used to provide us, as operators of the Facebook pages, with statistical information about the use of the Facebook page. Facebook provides more detailed information on this at the following link: https://www.facebook.com/privacy/policy/?section_id=1-WhatInformationDoWe.
The data collected about you in this context is processed by Meta Platforms Ireland Limited and may be transferred to countries outside the European Union. Facebook describes in general terms what information it receives and how it is used in its data usage guidelines. There you will also find information on how to contact Facebook and on the settings options for advertisements.
For information on how to manage or delete information held about you, see Facebook’s full data policy https://www.facebook.com/privacy/policy
In what way Facebook uses data from visits to Facebook pages for its own purposes, to what extent activities on the Facebook page are assigned to individual users, how long Facebook stores this data and whether data from a visit to the Facebook page is passed on to third parties, is not conclusively and clearly stated by Facebook and is not known to us.
When you access a Facebook page, the IP address assigned to your terminal device is transmitted to Facebook. According to Facebook, this IP address is anonymized (for “German” IP addresses). Facebook also stores information about the end devices of its users (e.g. as part of the “login notification” function); this may enable Facebook to assign IP addresses to individual users.
If you are currently logged in to Facebook as a user, a cookie with your Facebook ID is located on your end device. This enables Facebook to track that you have visited this page and how you have used it. This also applies to all other Facebook pages. Via Facebook buttons embedded in websites, it is possible for Facebook to record your visits to these website pages and assign them to your Facebook profile. Based on this data, content or advertising can be offered tailored to you. If you wish to avoid this, you should log out of Facebook or deactivate the “stay logged in” function, delete the cookies present on your device and exit and restart your browser. In this way, Facebook will delete information by which you can be directly identified. This will allow you to use our Facebook page without revealing your Facebook identifier. When you access interactive features of the page (like, comment, share, message, etc.), a Facebook login screen will appear. After any login, you will again be recognizable to Facebook as a specific user.
We, as the provider of the information service, do not collect or process any other data from your use of our service.
If you have any questions about our information service, you can contact us at the above contact details.
10.2 Instagram
We operate a page about our company on Instagram, a so-called fan page. This fan page can be reached either via a link, e.g. on the website www.evosys-laser.com, or via the search function in Instagram.
The fan page uses the services of Meta Platforms Ireland Limited, 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland as a technical platform.
We would like to point out that you use this Instagram page and its functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g. commenting, sharing, rating). Alternatively, you can also access the information offered via this page on our website at www.evosys-laser.com.
When you visit our Instagram page, Instagram collects, among other things, your IP address and other information that is present in the form of cookies on your PC. This information is used to provide us, as the operator of the Instagram pages, with statistical information about the use of the Instagram page. More detailed information on this is provided by Instagram under the following link: https://privacycenter.instagram.com/policy/?section_id=1-WhatInformationDoWe.
The data collected about you in this context is processed by Meta Platforms Ireland Limited and may be transferred to countries outside the European Union. Instagram describes in general terms what information it receives and how it is used in its data usage guidelines. There you will also find information on how to contact Instagram and on the settings options for advertisements.
Information on how to manage or delete information held about you can be found in Instagram’s full data policy: https://privacycenter.instagram.com/policy/.
In what way Instagram uses the data from the visit of Instagram pages for its own purposes, to what extent activities on the Instagram page are assigned to individual users, how long Instagram stores this data and whether data from a visit to the Instagram page is passed on to third parties, is not conclusively and clearly stated by Instagram and is not known to us.
When accessing an Instagram page, the IP address assigned to your end device is transmitted to Instagram. According to Instagram, this IP address is anonymized (for “German” IP addresses). Instagram also stores information about the end devices of its users (e.g., as part of the “login notification” function); if necessary, Instagram is thus able to assign IP addresses to individual users.
If you are currently logged in to Instagram as a user, a cookie with your Instagram ID is located on your end device. This enables Instagram to track that you have visited this page and how you have used it. This also applies to all other Instagram pages. Via Instagram buttons embedded in websites, it is possible for Instagram to record your visits to these website pages and assign them to your Instagram profile. Based on this data, content or advertising can be offered tailored to you. If you want to avoid this, you should log out of Instagram or deactivate the “stay logged in” function, delete the cookies present on your device and exit and restart your browser. In this way, Instagram information through which you can be directly identified will be deleted. This allows you to use our Instagram page without revealing your Instagram identifier. When you access interactive features of the site (like, comment, share, message, etc.), an Instagram login screen will appear. After any login, you are again recognizable to Instagram as a specific user.
We, as the provider of the information service, do not collect and process any data from your use of our service beyond this.
If you have any questions about our information service, you can reach us at the contact details above.
10.3 YouTube
We operate a page about our company on YouTube. This page can be accessed either via a link on this website or via the search function in YouTube. The page uses the services of Google as a technical platform. ‘Google’ is a group of companies consisting of Google Ireland Ltd (provider of the service), Gordon House, Barrow Street, Dublin 4, Ireland and Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and other affiliated companies of Google LLC. We would like to point out that you use this YouTube page and its functions on your own responsibility. This applies in particular to the use of interactive functions (e.g. commenting, sharing, rating). When you visit our YouTube page, Google Ireland Limited collects, among other things, your IP address and other information that is stored on your PC in the form of cookies. This and other data collected about you may also be transferred to the United States of America. A transfer to the United States of America takes place on the basis of an adequacy decision by the European Commission and Google LLC’s participation in the Data Privacy Framework. Please note that American authorities, such as intelligence agencies, may be able to gain access to personal data collected when using this service due to American laws such as the Cloud Act.
What other information Google Ireland Limited receives and how it is used is described by Google Ireland Limited here: https://policies.google.com/privacy?hl=de.
We do not know how Google Ireland Limited uses the data from visits to YouTube pages for its own purposes, to what extent activities on the YouTube page are assigned to individual users, how long YouTube stores this data and whether data from a visit to the YouTube page is passed on to third parties. If you are currently logged in to YouTube as a user, a cookie with your YouTube ID is stored on your device. This enables YouTube to recognise that you have visited this page and how you have used it. If you want to avoid this, you should log out of YouTube or deactivate the ‘stay logged in’ function, delete the cookies on your device and close and restart your browser. This will delete YouTube information that can be used to directly identify you. This allows you to use our YouTube page without revealing your YouTube identifier. If you access interactive functions on the site (like, comment, share, news, etc.), a YouTube login screen will appear. After logging in, you will once again be recognisable to YouTube as a specific user. As the provider of the information service, we do not collect or process any other data from your use of our service.
10.4 LinkedIn
We operate a page about our company on LinkedIn. This page can be reached either via a link on this website or via the search function in LinkedIn. The page uses the services of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, as a technical platform. We would like to point out that you use this LinkedIn page and its functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g. commenting, sharing, rating). When you visit our LinkedIn page, LinkedIn Ireland Unlimited Company collects, among other things, your IP address and other information that is stored on your PC in the form of cookies. This and other data collected about you may be transferred to countries outside the European Union. What other information LinkedIn Ireland Unlimited Company receives and how it is used is described by LinkedIn Ireland Unlimited Company here: https://privacy.LinkedIn.com/de.
We do not know how LinkedIn Ireland Unlimited Company uses the data from visits to LinkedIn pages for its own purposes, to what extent activities on the LinkedIn page are assigned to individual users, how long LinkedIn stores this data and whether data from a visit to the LinkedIn page is passed on to third parties. If you are currently logged in to LinkedIn as a user, a cookie with your LinkedIn ID is stored on your device. This enables LinkedIn to track that you have visited this page and how you have used it. If you want to avoid this, you should log out of LinkedIn or deactivate the ‘stay logged in’ function, delete the cookies on your device and close and restart your browser. In this way, LinkedIn information that can be used to directly identify you will be deleted. This allows you to use our LinkedIn page without revealing your LinkedIn identifier. When you access interactive functions on the site (like, comment, share, message, etc.), a LinkedIn login screen appears. Once you have logged in, you will once again be recognisable to LinkedIn as a specific user. As the provider of the information service, we do not collect or process any other data from your use of our service.
10.5 Xing
We operate a page about our company on Xing. This page can be reached either via a link on this website or via the search function in Xing. The page uses the services of New Work SE, Am Strandkai 1, 20457 Hamburg, Germany, as a technical platform. We would like to point out that you use this Xing page and its functions at your own risk. This applies in particular to the use of the interactive functions (e.g. commenting, sharing, rating). When you visit our Xing page, New Work SE collects, among other things, your IP address and other information that is stored on your PC in the form of cookies. This and other data collected about you may be transferred to countries outside the European Union. What other information New Work SE receives and how it is used is described by New Work SE here: https://privacy.xing.com/de.
We do not know how New Work SE uses the data from visits to Xing pages for its own purposes, to what extent activities on the Xing page are assigned to individual users, how long Xing stores this data and whether data from a visit to the Xing page is passed on to third parties. If you are currently logged in to Xing as a user, a cookie with your Xing ID is stored on your device. This enables Xing to recognise that you have visited this page and how you have used it. If you want to avoid this, you should log out of Xing or deactivate the ‘stay logged in’ function, delete the cookies on your device and close and restart your browser. In this way, Xing information that can be used to directly identify you will be deleted. This allows you to use our Xing page without revealing your Xing ID. If you access interactive functions on the site (like, comment, share, message, etc.), a Xing login screen will appear. Once you have logged in, you will once again be recognisable to Xing as a specific user. As the provider of the information service, we do not collect or process any other data from your use of our service.
11. Matomo
This website uses the open source web analytics service Matomo. Matomo uses so-called “cookies”. These are text files that are stored on your computer and allow an analysis of the use of the website by them. For this purpose, the information generated by the cookie about the use of this website is stored on our server. The IP address is anonymized before saving.
Matomo cookies remain on your device until you delete them.
The storage of Matomo cookies and the use of this analysis tool are based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in the anonymized analysis of user behavior in order to optimize both its website and its advertising. If a corresponding consent has been requested (eg consent to the storage of cookies), the processing is carried out exclusively on the basis of Article 6 (1) lit. a GDPR; the consent is revocable at any time.
The information generated by the cookie about the use of this website will not be disclosed to third parties. You can prevent the storage of cookies by a corresponding setting of your browser software; however, we point out that in this case you may not be able to use all the functions of this website in full.
If you disagree with the storage and use of your data, you can disable storage and use here. In this case, an opt-out cookie is deposited in your browser that prevents Matomo from saving usage data. Deleting your cookies will result in deletion of the Matomo opt-out cookie as well. The opt-out must be reactivated when visiting this website again.
10. Updating and changing this privacy policy
This privacy statement is currently valid as of August 2022. As our website evolves and offers become available, or as a result of changes in legal or regulatory requirements, it may be necessary to change this privacy policy. The current privacy policy can be retrieved and printed by you at any time.