Thank you for visiting our website and your interest in our company. The protection of your personal data is important to us and we take the protection of this data very seriously. We therefore adhere to the valid data protection regulations in all our business processes.
Explanation of terms
This data protection declaration is based on the terminology of the European Data Protection Basic Regulation (DSGVO) and is intended to be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we would like to explain the terms used in advance.
Personal data is any information relating to an identified or identifiable natural person (hereinafter “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Data subject means any identified or identifiable natural person whose personal data are processed by the controller.
Processing is any operation or set of operations, performed with or without the aid of automated means, concerning personal data, such as collection, recording, organization, organization, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Limitation of processing
Restriction of processing is the marking of stored personal data with the aim of restricting their future processing.
Profiling is any automated processing of personal data consisting of the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to the job performance, economic situation, health, personal preferences, interests, reliability, conduct, whereabouts or change of location of that natural person.
Pseudonymization is the processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without the use of additional information, provided that this additional information is kept separately and is subject to technical and organizational measures that ensure that the personal data is not assigned to an identified or identifiable natural person.
Responsible or responsible for processing
Controller or data controller is the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union law or by the law of the Member States, the controller or the specific criteria for its designation may be provided for by Union law or by the law of the Member States.
Processor is a natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller.
The recipient is a natural or legal person, authority, institution or other body to whom personal data is disclosed, whether or not it is a third party. However, public authorities which may receive personal data in the course of a specific investigation mandate under Union or national law shall not be considered as recipients.
A third party is a natural or legal person, public authority, agency or body other than the data subject, the controller, the processor and the persons who, under the direct authority of the controller or the processor, are authorized to process the personal data.
Consent is any freely given, informed and unequivocal expression of the data subject’s will in a specific case, in the form of a statement or other unequivocal affirmative act by which the data subject signifies his or her consent to the processing of personal data relating to him or her.
Name and contact details of the person responsible and the data protection officer
is responsible for the processing of personal data in accordance with Art. 4 No. 7 DSGVO
Easy Street GmbH, Haindlstraße 10, 83313 Siegsdorf, represented by Markus Birk, firstname.lastname@example.org, +49 (0)89 – 21 55 44 06
Processing of personal data and the nature and purpose of their use
We process personal data exclusively within the lawful framework of the relevant legal norms and, if necessary, your consent. Personal data is all information that refers to a natural person or at least can be referred to and thus allows conclusions to be drawn about the person.
Processing is any operation or set of operations, carried out with or without the aid of automated procedures, concerning personal data, such as collection, recording, organization, organization, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, deletion or destruction.
Visiting the website
When you call up our website, the browser used on your end device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file.
The following information is recorded without your intervention and stored until it is automatically deleted:
IP address of the requesting computer,
Date and time of access,
Name and URL of the retrieved file,
Website from which the access takes place (referrer URL),
the browser used and, if applicable, the operating system of your computer and the name of your access provider.
The above-mentioned data will be processed by us for the following purposes:
To ensure a smooth connection of the website,
Ensuring a comfortable use of our website,
Evaluation of system security and stability and
for further administrative purposes.
The legal basis for data processing is Art. 6 Par. 1 S. 1 letter f DSGVO. Our legitimate interest follows from the above listed purposes for data collection. Under no circumstances do we use the collected data for the purpose of drawing conclusions about your person.
Passing on of data
Your personal data will not be transferred to third parties for purposes other than those listed below. We only pass on your personal data to third parties if:
you have given your express consent in accordance with Art. 6 Para. 1 S. 1 lit. a DSGVO
the disclosure pursuant to Art. 6 para. 1 sentence 1 letter f DSGVO is necessary for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,
in the event that there is a legal obligation to pass on the data pursuant to Art. 6 para. 1 sentence 1 lit. c DSGVO, and
this is legally permissible and, in accordance with Art. 6 Para. 1 S. 1 lit. b DSGVO, necessary for the processing of contractual relationships with you.
Information is stored in the cookie which is related to the specific terminal device used. This does not mean, however, that we obtain direct knowledge of your identity.
In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your end device for a certain defined period of time. If you visit our site again to use our services, we will automatically recognize that you have already been with us and what entries and settings you have made so that you do not have to enter them again.
The data processed by cookies is required for the above-mentioned purposes to protect our legitimate interests and those of third parties in accordance with Art. 6 Para. 1 S. 1 lit. f DSGVO.
If you do not want this, you can deactivate the storage of cookies in the browser you are using or have the system notify you as soon as cookies are sent.
The tracking measures listed below and used by us are carried out on the basis of Art. 6 para. 1 p. 1 lit. f DSGVO. With the tracking measures we use, we want to ensure a needs-based design and the ongoing optimization of our website. On the other hand, we use the tracking measures to record the use of our website statistically and evaluate it for the purpose of optimizing our offer for you. These interests are to be regarded as justified in the sense of the above-mentioned regulation.
The respective data processing purposes and data categories can be taken from the corresponding tracking tools.
Contact possibility via the website
Due to legal regulations, the website contains information that enables quick electronic contact with our company as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If a data subject contacts the data controller by e-mail or via a contact form, the personal data transmitted by the data subject is automatically stored. Such personal data transmitted voluntarily by a data subject to the data controller are stored for the purposes of processing or contacting the data subject. This personal data is not disclosed to third parties.
For the purpose of designing our pages to meet your needs and continuously optimizing them, we use Google Analytics, a web analytics service provided by Google Inc (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter “Google”). In this context, pseudonymous user profiles are created and cookies (see explanation above) are used. The information generated by the cookie about your use of this website such as
operating system used,
Referrer URL (the previously visited page),
Time of the server request,
are transmitted to a Google server in the USA and stored there. The information is used to evaluate the use of the website, to compile reports on the website activities and to provide further services connected with the use of the website and the Internet for the purposes of market research and the design of these Internet pages in line with requirements. This information may also be transferred to third parties if required by law or if third parties process this data on our behalf. Under no circumstances will your IP address be merged with other data from Google. The IP addresses are made anonymous, so that an assignment is not possible (IP masking).
As an alternative to the browser add-on, especially in the case of browsers on mobile devices, you can also prevent Google Analytics from recording the data by clicking on this link. An opt-out cookie is set to prevent the future collection of your data when you visit this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you will need to set the opt-out cookie again. Further information on data protection in connection with Google Analytics can be found in the Google Analytics help (https://support.google.com/analytics/answer/6004245?hl=de).
Social Media Plug-ins
We use social plug-ins of the social network Facebook on our website on the basis of Art. 6 para. 1 p. 1 lit. f DSGVO. The advertising purpose behind this is to be regarded as a legitimate interest within the meaning of the DSGVO. The responsibility for the operation of the social plug-ins in accordance with data protection regulations must be guaranteed by their respective providers. The integration of these plug-ins by us takes place by means of the so-called two-click method (?) in order to protect visitors to our website in the best possible way.
On our website, social media plugins from Facebook are used to make their use more personal. For this we use the “LIKE” or “SHARE” button. This is an offer from Facebook. If you call up a page of our website that contains such a plugin, your browser establishes a direct connection with the Facebook servers. The content of the plugin is transmitted by Facebook directly to your browser, which integrates it into the website. Through the integration of the plugin, Facebook receives the information that your browser has called up the corresponding page of our website, even if you do not have a Facebook account or are not currently logged in to Facebook. This information (including your IP address) is transmitted by your browser directly to a Facebook server in the USA and stored there. If you are logged in to Facebook, Facebook can assign your visit to our website directly to your Facebook account. If you interact with the plugins, for example by clicking the “LIKE” or “SHARE” button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information is also published on Facebook and displayed to your Facebook friends.
Facebook may use this information for the purposes of advertising, market research and the design of Facebook pages to meet the needs of the users. For this purpose, Facebook creates usage, interest and relationship profiles, e.g. to evaluate your use of our website with regard to the advertisements displayed on Facebook, to inform other Facebook users about your activities on our website and to provide other services associated with the use of Facebook. If you do not want Facebook to assign the data collected via our website to your Facebook account, you must log out of Facebook before visiting our website. For the purpose and scope of data collection and the further processing and use of data by Facebook, as well as your rights in this regard and setting options for protecting your privacy, please refer to Facebook’s data protection information (https://www.facebook.com/about/privacy/).
Rights of persons concerned
Since we process your personal data, you have the following rights:
Right of access to information
In accordance with Art. 15 DSGVO, you can request information about your personal data processed by us. In particular, you may request information on the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right of rectification, cancellation, restriction of processing or opposition, the existence of a right of appeal, the origin of your data, if not collected by us, as well as the existence of automated decision making including profiling and, if applicable, meaningful information on the details of the data;
In accordance with Art. 16 DSGVO, you can immediately request the correction of incorrect or incomplete personal data stored by us.
In accordance with Art. 17 DSGVO, you can demand the deletion of your personal data stored with us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.
In accordance with Art. 18 DSGVO, you can demand the restriction of the processing of your personal data if the accuracy of the data is disputed by you, if the processing is unlawful but you refuse to delete it and we no longer require the data, but you require it for the assertion, exercise or defence of legal claims or if you have lodged an objection to the processing in accordance with Art. 21 DSGVO.
In accordance with Art. 20 DSGVO, you may receive your personal data that you have provided us with in a structured, common and machine-readable format or request that it be transferred to another responsible party.
Right of withdrawal
In accordance with Art. 7 Para. 3 DSGVO, you can revoke your consent to us at any time.
As a result, we may no longer continue to process the data which was based on this consent in the future.
Right of appeal
You can lodge a complaint with a supervisory authority in accordance with Art. 77 DSGVO if you believe that the processing of personal data concerning you violates data protection regulations. As a rule, you can contact the supervisory authority at your usual place of residence or workplace or at our company headquarters.
Right of objection
If your personal data are processed on the basis of legitimate interests pursuant to Art. 6 para. 1, sentence 1, letter f) DSGVO, you have the right to object to the processing of your personal data pursuant to Art. 21 DSGVO, if there are reasons for doing so arising from your particular situation or if the objection is directed against direct marketing. In the latter case, you have a general right of objection, which will be implemented by us without specifying a special situation.
If you wish to exercise your right of revocation or objection, simply send us an e-mail.
Data protection for applications and in the application process
We process the personal data of applicants for the purpose of processing the application procedure. The processing can also be done electronically. This is particularly the case if an applicant submits the relevant application documents to us electronically, for example by e-mail or via a web form on the website. If we conclude an employment contract with an applicant, the data transmitted will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If the data controller does not conclude an employment contract with the applicant, the application documents are automatically deleted two months after notification of the rejection decision, provided that no other legitimate interests of the data controller conflict with deletion. Other legitimate interests in this sense include, for example, a duty of proof in proceedings under the General Equal Treatment Act (AGG).
Duration for which the personal data are stored
The criterion for the duration of storage of personal data is the respective legal retention period. After this period has expired, the corresponding data is routinely deleted if it is no longer required for the fulfillment or initiation of a contract.
Existence of automated decision making
As a responsible company, we avoid automatic decision making or profiling.
We use the common SSL (Secure Socket Layer) method for encryption within the website visit. You can tell whether an individual page of our website is being transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.
We also use suitable technical and organizational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
Status March 2018