— Information requirements for experts

Data protection information for experts
according to Art. 13 and Art. 14 of the Data Protection Regulation DSGVO (GDPR)

Data protection is an important matter for us. In the following, we inform you how we process your data and what rights you are entitled to.

1. Who is responsible for data processing and whom can you contact?

Signite GmbH
Kiefernweg 3
74321 Bietigheim-Bissingen
Telephone: +49.151.2422.2022
E-mail: peter.klingler@signite-experts.com

2. Contact details of the data protection officer
Markus Geiger; datenschutz@mage-solutions.de

3. Processing purposes and legal basis

Your personal data will be processed in accordance with the provisions of the General Data Protection Regulation (DSGVO), the Federal Data Protection Act BDSG and other relevant data protection regulations. The processing and use of individual data depends on the agreed or requested service. Our contractual documents, forms, declarations of consent and other information provided to you (e.g. on the website or in the terms and conditions) provide further details and supplements on the purposes of processing.

3.1 Consent (Art. 6 para. 1 letter a DSGVO)

If you have given us consent to process personal data, the respective consent is the legal basis for the processing mentioned there. You can revoke your consent at any time with effect for the future.

3.2 Fulfilment of contractual obligations (Art. 6 para. 1 lit. b DSGVO)

We process your personal data for the performance of our contracts with you. Furthermore, your personal data is processed for the performance of measures and activities in the context of pre-contractual relations.

3.3 Fulfilment of legal obligations (Art. 6 para. 1 c DSGVO)

We process your personal data if this is necessary for the fulfilment of legal obligations (e.g. commercial, tax laws).

This includes identity and age verification, the fulfilment of control and reporting obligations under tax law and the archiving of data for data protection and data security purposes as well as for auditing by tax and other authorities. In addition, the disclosure of personal data may be necessary in the context of official/court measures for the purpose of gathering evidence, criminal prosecution or the enforcement of civil law claims.

3.4 Legitimate interest of us or third parties (Art. 6 para. 1 f DSGVO)

We may also use your personal data on the basis of a balance of interests to protect the legitimate interest of us or of third parties. This is done for the following purposes:

– for advertising or market research, if you have not objected to the use of your data.
– for the limited storage of your data if deletion is not possible or only possible with disproportionate effort due to the special nature of the storage.
– for the further development of services and products as well as existing systems and processes.
– for the disclosure of personal data in the context of due diligence, e.g. in the case of company sales.
– for the enrichment of our data by using or researching publicly available data.
– for statistical evaluations or for market analyses.
– for benchmarking.
– for the assertion of legal claims and defence in legal disputes which are not directly attributable to the contractual relationship.
– for internal and external investigations and/or security audits.
– for certifications of private law or official matters.
– for securing and exercising our house rights through appropriate measures (e.g. video surveillance).

4. Categories of personal data that we process

The following data are processed:

Name, first name
Contact details (such as email address, address, telephone no.)
Complete application documents (such as curriculum vitae, certificates, references)

5. Who receives your data?

We pass on your personal data within our company to the departments that need this data to fulfil contractual and legal obligations or to implement our legitimate interests.

In addition, the following departments may receive your data:

– Order processors used by us (Art. 28 DS-GVO), service providers for supporting activities and other responsible parties within the meaning of the DS-GVO, in particular in the area of.

(e.g. IT services, logistics and printing services, external data centres, support/maintenance of IT applications, archiving, document processing, call centre services, compliance services, controlling, data screening for anti-money laundering purposes, data validation or plausibility checks, data security services, etc.). -data validation or plausibility check, data destruction, purchasing/procurement, customer administration, lettershops, marketing, media technology, research, risk controlling, billing, telephony, website management, auditing services, credit institutions, printing services or companies for data disposal, courier services, logistics

– Public bodies and institutions in the event of a legal or official obligation, according to which we are obliged to provide information, report or pass on data or the passing on of data is in the public interest.
– bodies and institutions on the basis of our justified interest or the justified interest of the third party for the purposes stated in section 3.5 (e.g. to authorities, credit agencies, debt collection, lawyers, courts, experts, companies belonging to the group and committees and supervisory bodies);

6. Transfer of your data to a third country or to an international organisation

Data is transferred to bodies in countries outside the European Union (EU) or the European Economic Area (EEA), so-called third countries, if it is necessary for the execution of an order/contract from or with you, if it is required by law (e.g. tax reporting obligations), if it is in the legitimate interest of us or a third party or if you have given us your consent.

The processing of your data in a third country may also be carried out in connection with the involvement of service providers within the framework of commissioned processing. If the EU Commission has not passed a resolution on an appropriate level of data protection for the country in question, we will ensure that your rights and freedoms are adequately protected and guaranteed in accordance with EU data protection regulations by means of corresponding contracts. We will provide you with detailed information on request.

7. How long do we store your data?

If the controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If the controller does not conclude an employment contract with the applicant, the application documents will be automatically deleted three months after notification of the rejection decision, provided that no other legitimate interests of the controller conflict with such deletion. Other legitimate interest in this sense is, for example, a duty to provide evidence in proceedings under the General Equal Treatment Act (AGG).

8. To what extent is there automated decision-making in individual cases (including profiling)?

We do not use any purely automated decision-making procedures in accordance with Article 22 of the GDPR. Should we use such procedures in individual cases, we will inform you of this separately, insofar as this is required by law.

9. Your data protection rights

You have the right to information pursuant to Article 15 of the Data Protection Regulation, the right to rectification pursuant to Article 16 of the Data Protection Regulation, the right to deletion pursuant to Article 17 of the Data Protection Regulation, the right to restriction of processing pursuant to Article 18 of the Data Protection Regulation and the right to data portability pursuant to Article 20 of the Data Protection Regulation. In addition, there is a right of appeal to a data protection supervisory authority (Art. 77 DSGVO). In principle, there is a right to object to the processing of personal data by us in accordance with Article 21 of the GDPR. However, this right of objection only applies in the case of very special circumstances of your personal situation, whereby rights of our company may possibly conflict with your right of objection. If you wish to exercise one of these rights, please contact our data protection officer (datenschutz@mage-solutions.de).

10. Scope of your obligations to provide us with your data

You only need to provide us with the data that is required for the establishment and implementation of a business relationship or for a pre-contractual relationship with us, or which we are legally obliged to collect. Without this data, we will generally not be able to conclude or execute the contract. This may also refer to data required later in the course of the business relationship. If we request additional data from you, you will be informed separately of the voluntary nature of the information.

11. Your right to complain to the competent supervisory authority

You have the right to lodge a complaint with the data protection supervisory authority (Art. 77 DSGVO). The supervisory authority responsible for us is:

The State Commissioner for Data Protection and Freedom of Information of Baden-Württemberg.
Lautenschlagerstraße 20
70173 Stuttgart / Germany