Privicy Policy according to Art. 13 DSGVO
Name and address of the responsible party
The responsible party in accordance with the General Data Protection Regulation (DSGVO) and other data protection regulations is:
WKW School Assist GmbH
Am Schützeneck 1
81241 München
Germany
Phone: 49 (0)89 248 87 39 90
E-mail: info@school-assist.de
General information on data processing
Legal basis for the processing of personal data
In accordance with Art. 13 DSGVO, we inform you of the legal basis for our data processing. If the legal basis is not specified in the data protection notice, the following applies:
The legal basis for obtaining consent is Art. 6 (1) lit. a in conjunction with. Art. 7 DSGVO. The legal basis for processing for the fulfillment of our services and implementation of contractual measures, as well as answering inquiries is Art. 6 para. 1 lit. b DSGVO. The legal basis for processing for the fulfillment of our legal obligations is Art. 6 para. 1 lit. c DSGVO. If the processing of your data is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not override the former interest, Art. 6 (1) (f) DSGVO serves as the legal basis for the processing. In the event that vital interests of the data subject or another natural person make it necessary to process personal data, Art. 6 (1) (d) DSGVO serves as the legal basis.
Data deletion and storage period
We adhere to the principles of data avoidance and data economy. We only store your personal data for as long as is necessary to achieve the purposes stated here or as stipulated by the retention periods provided for by law. After the respective purpose ceases to apply or after the expiry of these retention periods, the corresponding data is routinely blocked or deleted in accordance with statutory regulations.
Notice concerning data transfer to third countries
On our website, we have also integrated tools from companies based in third countries (this includes the USA by name). If these tools are active, your personal data may be transferred to the servers of the respective companies. The level of data protection in third countries usually does not correspond to EU data protection law. This means that there is then a risk that your data will have to be handed over to security authorities in these countries and may be processed by authorities in these countries for control and monitoring purposes, possibly without any legal recourse on your part. We have no influence on these processing activities.
Rights of the person concerned
You have the right at any time to receive information free of charge about the origin, recipient and purpose of your stored personal data. You also have the right to request that this data be corrected or deleted. If you have given your consent to data processing, you can revoke this consent at any time for the future. You also have the right to request the restriction of the processing of your personal data under certain circumstances. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
For this purpose, as well as for further questions on the subject of data protection, you can contact us at any time. You can find the contact options in the imprint.
As a data subject according to the GDPR, you have the opportunity to assert various rights. The data subject rights resulting from the DSGVO are the right to information (Article 15), the right to rectification (Article 16), the right to erasure (Article 17), the right to restriction of processing (Article 18), the right to object (Article 21), the right to complain to a supervisory authority and the right to data portability (Article 20).
Right of withdrawal::
Some data processing can only take place with your explicit consent. You have the possibility to revoke your given consent at any time. However, the lawfulness of the data processing until the revocation is not affected by this.
Right of objection::
If the processing is based on Art. 6(1)(e) or (f) DSGVO, you as the data subject may, on grounds relating to your particular situation, object at any time to the processing of personal data concerning you. You also have this right in the case of profiling based on these provisions. Unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or processing which serves to assert, exercise or defend legal claims, we will no longer process the relevant data following an objection.
If the processing of personal data serves the purpose of direct marketing, you also have the right to object at any time. The same applies to profiling that is related to direct advertising. Here, too, we will no longer process personal data as soon as you raise an objection.
Right to complain to a supervisory authority:
If you believe that the processing of personal data concerning you infringes the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your residence, workplace or the place of the alleged infringement, without prejudice to any other administrative or judicial remedy.
Right to data transfer:
If your data is processed automatically on the basis of consent or performance of a contract, you have the right to receive this data in a structured, common and machine-readable format. You also have the right to request that the data be transferred and made available to another controller, insofar as this is technically feasible.
Right of access, correction and deletion:
You have the right to obtain information about your processed personal data regarding the purpose of the data processing, the categories, the recipients as well as the duration of the storage. Furthermore, you have the right to know whether there is a right to rectification, deletion or restriction of the personal data concerning you. If you have any questions on this topic or on other topics regarding personal data, you can of course contact us using the contact options provided in the imprint.
Right to restriction of data processing:
You can assert the restriction of the processing of your personal data at any time. To do so, you must meet one of the following requirements:
- You dispute the accuracy of the personal data. For the duration of the verification of the accuracy, you have the right to request a restriction of processing.
- If processing is carried out unlawfully, you may request restriction of the use of the data as an alternative to erasure.
- If we no longer need your personal data for the purposes of processing, but you need the data for the assertion, exercise or defense of legal claims, you can request the restriction of processing as an alternative to erasure.
- If you object to the processing pursuant to Art. 21 (1) DSGVO, a balancing of your and our interests will be carried out. Until this balancing has taken place, you have the right to request the restriction of processing.
The consequence of a restriction of processing is that the personal data, apart from storage, may only be processed with your consent or for the assertion, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State.
Provision of the website web hoster
When you visit our website, we automatically collect and store information in so-called server log files. Your browser automatically transmits this information to our server or to the server of our hosting company.
This includes:
- IP address of the end device of the website visitor
- device used
- host name of the accessing computer
- operating system of the visitor
- browser type and version
- name of the retrieved file
- time of the server request
- amount of data
- information whether the retrieval of the data was successful
We do not combine this data with other data sources.
The legal basis for the processing of this data is Art. 6 para. 1 lit. f DSGVO. Our legitimate interest is the technically error-free presentation and optimization of this website.
Instead of operating this website on our own server, we can also have it operated on the server of an external service provider (hosting company). In this case, the personal data collected on this website will be stored on the servers of the hosting company. In addition to the data mentioned above, this may include, for example, contact requests, contact details, names, website access data, meta and communication data, contract data and other data generated via a website.
The legal basis for processing data by engaging a hosting company is our interest in a secure, fast and efficient provision of our website (Art. 6 para. 1 lit. f DSGVO). Another legal basis may be for the purpose of fulfilling contracts with our future and existing customers (Art. 6 para. 1 lit. b DSGVO). In the event that we have commissioned a hosting company, there is an order processing contract with this service provider.
Host details:
MIRA Webhosting
Mathias Grothe
Hertzstraße 32
14612 Falkensee
Use of external services
External services are used on our website. External services are third-party services that are used on our website. This can be done for various reasons, for example, for embedding videos or for the security of the website. When using these services, personal data is also passed on to the respective providers. If we do not have a legitimate interest in using these services, we will obtain your consent as a visitor to our website, which can be revoked at any time, before using them (Art. 6 para. 1 lit. a DSGVO).
Content Delivery Network (CDN)
We use a Content Delivery Network (CDN) to optimize the performance and availability of our website. For this purpose, this service provider, which provides this network, processes your IP address and the information about when you visited our website. All further information on data processing by this service provider can be found in its privacy policy.
We base this processing on a legitimate interest (Art. 6 para. 1 lit. f DSGVO).
Our legitimate interest in using a content delivery network is to be able to present our website as quickly, securely and reliably as possible.
Google Static
We use the Google Static service on our website. The provider of this service is Google Ireland Limited. This company has its branch office in Gordon House, Barrow Street Dublin 4, Ireland.
The use of the service may result in data transfer to a third country (USA).
Further information can be found in the manufacturer's data protection information at the following URL: https://policies.google.com/privacy.
Websecurity
We have tools in use on our website that protect us from unauthorized access, spam and other attacks. On the one hand, this serves our security, and on the other hand, the security of our website visitors.
We base this processing on a legitimate interest (Art. 6 para. 1 lit. f DSGVO).
Our legitimate interest is to be able to guarantee the security of our website as well as to protect ourselves from unauthorized access, spam and other attacks.
Google Recaptcha
We use the Google Recaptcha service on our website. The provider of this service is Google Ireland Limited. This company has its branch office in Gordon House, Barrow Street Dublin 4, Ireland.
The use of the service may result in data transfer to a third country (USA).
Further information can be found in the manufacturer's data protection information at the following URL: https://policies.google.com/privacy.
Contact form
On our website you have the possibility to contact us via a contact form. For contacting us via this form, we ask for certain information. In particular, the request must be described and a contact option must be provided. At least this information is mandatory and must be provided in order to use the contact form.
The legal basis for answering the contact questions is the fulfillment of a contract or the implementation of pre-contractual measures. In addition, there may be a legitimate interest to maintain business relations or to answer your inquiry for any other reason.
The legal basis for processing your data is therefore either Art. 6 (1) lit. f DSGVO or Art. 6 (1) lit. b DSGVO.
The data will be deleted when we have answered your inquiry to your satisfaction and if no other retention periods (e.g. tax or commercial law retention periods) exist.
Contact by telephone or e-mail
In accordance with legal requirements, we have provided a telephone number and e-mail address on our website. The data transmitted in these ways is automatically stored by us in order to process corresponding inquiries or to be able to contact the inquiring person. Data that we obtain in this way will not be passed on by us to third parties without consent.
If contacting us by telephone or via our e-mail address serves pre-contractual or contractual purposes, the processing of personal data is based on the legal basis of Art. 6 (1) lit. b DSGVO. For all other contacting on your part, the processing of personal data by us is based on our legitimate interest (Art. 6 para. 1 lit. f DSGVO).
Processing of applicant data
It is possible to send us an application (e.g. by post, online application form or e-mail). The personal data received as a result will be stored and processed by us for the purpose of deciding whether to enter into an employment relationship.
The basis for the processing is Art. 6 para 1 lit. b DSGVO as well as Art. 6 para 1 lit. a DSGVO, if consent has been given. Insofar as German law is applicable, Section 26 BDSG is also the legal basis for processing (initiation of an employment relationship). You can revoke your consent at any time. The lawfulness of the processing carried out until the revocation remains unaffected.
If an employment relationship results from the application, the collected data will be stored for the processing of the employment relationship on the basis of Art. 6 (1) lit. b DSGVO. Insofar as no employment relationship results, the data will be stored on the basis of Art. 6 para.1 lit. f DSGVO for up to 6 months after termination of the application process. We have a legitimate interest in storing the data in order to be able to defend ourselves against any lawsuits or accusations. If consent has been given, the data will be stored longer on the basis of Art. 6 (1) a DSGVO. You can revoke your consent at any time. The lawfulness of the processing carried out until the revocation remains unaffected.
Applicant pool
If no employment relationship is established, the applicant may be included in our applicant pool. In this case, all details of the application are stored in order to be able to contact the relevant person in the event of suitable job vacancies.
The storage of data in the applicant pool takes place only after consent has been given on the basis of Art 6. para.1 lit.a DSGVO. This consent can be revoked at any time, whereupon the corresponding data will be deleted, unless there are legal reasons for retention. Deletion will take place no later than two years after the consent was given. The lawfulness of the processing carried out until the revocation remains unaffected.
Datenschutzhinweis/Cookie-Meldung
Zur Verwaltung der eingesetzten Cookies und ähnlichen Technologien (Tracking-Pixel, Web-Beacons etc.) und diesbezüglicher Einwilligungen setzen wir das Consent Tool „Real Cookie Banner“ ein. Details zur Funktionsweise von „Real Cookie Banner“ findest du unter https://devowl.io/de/rcb/datenverarbeitung.
Rechtsgrundlagen für die Verarbeitung von personenbezogenen Daten in diesem Zusammenhang sind Art. 6 Abs. 1 lit. c DS-GVO und Art. 6 Abs. 1 lit. f DS-GVO. Unser berechtigtes Interesse ist die Verwaltung der eingesetzten Cookies und ähnlichen Technologien und der diesbezüglichen Einwilligungen.
Die Bereitstellung der personenbezogenen Daten ist weder vertraglich vorgeschrieben noch für den Abschluss eines Vertrages notwendig. Du bist nicht verpflichtet die personenbezogenen Daten bereitzustellen. Wenn du die personenbezogenen Daten nicht bereitstellst, können wir deine Einwilligungen nicht verwalten.
