Privacy Notice for Website Visitors, Customers, Suppliers, Interested Parties, Applicants, and Other Data Subjects 

With the following information, we would like to provide you, as a visitor to our online services, a customer or interested party in our services, a supplier, an applicant, or any other affected person, with an overview of how we process your personal data and inform you about your rights under data protection law. The specific data processed and how it is used depends primarily on the agreed services. Therefore, not all parts of this information may apply to you. 

1. Responsible Entity and Contact Details of the Data Protection Officer Responsible entity: peicom GmbH Am Schürholz 6 DE-49078 Osnabrück (hereinafter referred to as the "Company") You can reach our Data Protection Officer at: GENA Company Data Protection Officer - Böttgerstraße 6 DE-65439 Flörsheim datenschutz@peicom.com 2. Processing of Personal Data in Connection with Your Use of Our Websites, Applications, and Online Platforms Categories of Data, Purpose of Processing, and Legal Basis When you use our websites, applications, or online tools (collectively referred to as "Online Services"), we process the following personal data: Personal data that you voluntarily provide as part of an online service (e.g., during registration, contact requests, participation in surveys, etc.), such as first and last name, email address, phone number, information provided in a support request, comments, or forum posts. Information automatically transmitted by your web browser or device, such as your IP address, device type, browser type, operating system used, previously visited websites, visited subpages, and the date and time of each visitor request (HTTP data). We generally process your personal data for the following purposes: Technical administration of the website (prevention and detection of fraudulent or similar activities, including attacks on our IT infrastructure, enabling user authentication). The legal basis for processing personal data for these purposes is our legitimate interest in ensuring the security of the website under Art. 6(1)(f) GDPR. The transmission of personal data (e.g., IP address) is necessary for establishing a connection and displaying the website's content. Service provision (enabling the use of the services and functions of our online offerings, handling inquiries, sending marketing information upon request). The legal basis for processing personal data for this purpose is Art. 6(1)(b) GDPR and our legitimate interest in marketing under Art. 6(1)(f) GDPR. Visiting our online services establishes a quasi-contractual legal relationship within the meaning of Art. 6(1)(b) GDPR. Without processing personal data, we cannot properly provide our online services. In particular, the transmission of personal data, such as the IP address, is necessary to establish the connection. In some cases, we will explicitly ask for your consent to process your personal data. In such cases, the legal basis for processing your personal data is the consent you have given pursuant to Art. 6(1)(a) GDPR in conjunction with Art. 7 GDPR. Cookies As part of our online services, we use so-called cookies. Cookies are small text files stored by your browser on your device when you visit our website. These cookies contain information that is linked to the usage context and your device. Technically Necessary Cookies The use of technically necessary cookies primarily refers to cookies that are required to provide our online services. The legal basis for storing and accessing such cookies is regulated by § 25 (2) No. 2 TTDSG. The legal basis for further data processing in these cases is Art. 6(1)(f) GDPR (legitimate interest in providing online services and IT security). Consent Management with Usercentrics We use the Consent Management Platform (CMP) provided by Usercentrics GmbH, Sendlinger Str. 7, 80331 Munich, Germany. This tool allows you to conveniently manage your consent for setting non-essential cookies and make changes—such as withdrawing previously given consent. For this purpose, Usercentrics, as a data processor, also gains access to the collected data. The tool enables us to inform you about your consent, obtain, manage, and document it. In doing so, we process HTTP data and the consent status, if granted. The purpose of this processing is to obtain consent, provide the option to withdraw or adjust consent, ensure compliance with accountability obligations regarding granted consents, and maintain the security of the application. The legal basis for this is Art. 6(1)(f) GDPR (legitimate interest in the aforementioned purposes). Information about granted consents and consent withdrawals is stored for one year for accountability purposes. Marketing Cookies With the help of so-called marketing cookies, we process information regarding the websites visited by users to improve our marketing and tailor the use of our services to your preferences. Additionally, we use marketing cookies to statistically capture, optimize, and evaluate the use of our online services. These cookies are only activated if you have given your consent in accordance with § 25 (1) TTDSG and Art. 6(1)(a) GDPR in conjunction with Art. 7 GDPR. You provide this consent when you access our online services, which is requested through the display of our "Cookie Banner." By clicking a button, you declare your consent for the use of cookies on this website. You can revoke or change your decision regarding the use of consent-based cookies at any time with effect for the future on our website. To do so, please use the "Cookie Settings" link found at the bottom of our website. Revoking your consent does not affect the legality of any processing that occurred based on the consent before it was withdrawn. Google Analytics This website uses features of the web analytics service Google Analytics. The recipients of the data are, within the scope of data processing agreements, Google Ireland Limited (Google Building, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland) and analysis and support service providers based in the EU. Google Ireland Limited uses Google LLC in the USA (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) as a service provider. The data will only be transmitted if you have given us your consent in accordance with Art. 6(1)(a), 49(1)(a) GDPR. Information about the risks of such data transfers and options for revocation can be found under Section 8. Details of the transmission by Google can be found in Google's privacy policy at www.google.com/policies/privacy/. Google Analytics allows us to analyze the usage behavior of our online services. The data collected (hereinafter referred to as "usage data") is used to optimize our website and advertising measures and increase the efficiency of our resources. During your visit to the website, the following usage data is recorded, including but not limited to: Visited Websites Your behavior on the websites Your approximate location (country and city) Your IP address (in anonymized form, see under (i)) Technical information such as browser, internet service provider, device, and screen resolution The source of your visit (i.e., the website or advertising medium through which you arrived at us) Google Analytics stores cookies in your web browser for its services. These cookies contain a randomly generated user ID that can be used to recognize you during future visits to the website. The mentioned data is stored together with the randomly generated user ID, allowing the creation and evaluation of pseudonymous user profiles. The storage of Google Analytics cookies and the processing of data in connection with Google Analytics is based on your consent according to Art. 6(1)(a) GDPR in conjunction with Art. 7 GDPR and § 25(1) TTDSG. We obtain your consent immediately after you visit our website via our cookie banner. The consent you grant also applies to the transfer of your data to the USA (Art. 49(1)(a) GDPR). You can revoke your decision regarding the use of Google Analytics at any time with effect for the future on our website. To do this, please use the "Cookie Settings" link, which you can find at the bottom of our website. Revoking your consent does not affect the lawfulness of the processing that occurred based on the consent before the revocation. Alternatively, you can prevent data collection by Google by downloading and installing the browser plug-in available at the following link, or by prohibiting the storage of cookies in your browser settings. We have activated IP anonymization for the use of Google Analytics. This means that the IP address transmitted by your browser is anonymized by shortening (removing the last octet of the IPv4 address or the last 80 bits of the IPv6 address) before being stored. The remaining user and event data is stored for 14 months. User and event data are data associated with cookies, user IDs (e.g., User ID), and advertising IDs (e.g., DoubleClick cookies, Android advertising ID, IDFA [Apple Identifier for Advertisers]). The cookie itself is deleted 2 years after the last visit to our website or when the consent is revoked. Facebook Pixel If you have given your consent, we use the so-called "Facebook Pixel." This involves the use of cookies from Meta Platforms Ireland Limited ("Facebook"). The recipient of the data collected through our website is Meta Platforms Ireland Limited, which is the data controller for the collection and processing of personal data. It is possible that Meta Platforms Ireland Limited may transfer personal data to the USA. As an independent data controller, Meta Platforms Ireland Limited is responsible for ensuring appropriate data protection guarantees for the data transfer. Information regarding the risks of such data transfers and options for withdrawal can be found under Section 8. The Facebook Pixel enables Facebook, among other things, to collect information about the activities of users of our website. By integrating the Facebook Pixel, we allow Facebook to collect personal data. The collection and processing of this data take place based on your consent and is solely under Facebook's responsibility, with Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland) being the data controller. We are not aware of the details of the processing of personal data under Facebook's responsibility. Information about the processing of personal data by Facebook can be found in Facebook's Privacy Policy: https://de-de.facebook.com/about/privacy/. Facebook only provides us with the analyses or other information created on the basis of the data collected in aggregated, anonymised form. We cannot assign the information provided to us to any natural person. We use Facebook Pixel for target group-orientated advertising. Facebook decides independently which users correspond to the target group. According to Facebook, the processed data is: Facebook pixel HTTP data Protocol data, which are generated for technical reasons when the Facebook pixel used on the website is used via the Hypertext Transfer Protocol (Secure) (HTTP(S)): This includes IP address, type and version of your Internet browser, operating system used, the page accessed, the previously visited page (referrer URL), date and time of access. Match data If you complete an order process with us and have consented to data processing by the Facebook pixel, we transmit the email address you provided during the order process to Facebook in the form of a hash value. This makes it easier for Facebook to recognise you and display suitable advertising for you. Facebook pixel end device data Data that is assigned to your end device by the Facebook pixel: This includes a unique ID for (re-)recognising returning visitors. Facebook pixel event data Data that Facebook collects through the Facebook pixel by assigning it to the unique visitor ID of the respective visitor contained in the Facebook pixel end device data: This includes actions that take place on the website (so-called ‘events’). These include, for example, completing a purchase, registering, adding payment information (payment method), initiating the order completion process, adding to the shopping basket, adding to wish lists, carrying out searches, viewing content. This also includes information associated with the respective actions recorded (so-called ‘parameters’). This includes, for example, the value of purchases made, product ID, name, brand, category, value, currency, filter setting (price-related) when searching for products, the website category of the search results, the status of the customer as a new or existing customer or as a guest. Facebook pixel analysis data Data that Facebook generates on the basis of the information collected by the Facebook pixel by assigning it to the unique visitor ID of the respective visitor contained in the Facebook pixel end device data: This includes information about the effectiveness of Facebook adverts and assignments of users to target groups for Facebook adverts. Facebook may generate further data for its own purposes or for the purposes of third parties based on the information collected. We have no knowledge of the details of the data generated by Facebook. The legal basis for enabling Facebook to collect personal data via our website is your consent in accordance with Art. 6 para. 1 lit. a GDPR in conjunction with Art. 7 GDPR. Art. 7 GDPR. With regard to access to the end device, the legal basis is § 25 para. 1 sentence 1 TTDSG. We obtain the required consent immediately after accessing our website via our cookie banner. You can revoke your decision to use Facebook Pixel on our website at any time with effect for the future. To do so, please use the ‘Cookie settings’ link, which you will find at the bottom of our website. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. Alternatively, you can prevent data collection by Facebook by prohibiting the storage of cookies in your browser settings. Since we do not collect or store the data ourselves, we have no knowledge of the retention period at Facebook. Google AdWords If you have given your consent, we use the service "Google AdWords" on our website and, in this context, also use so-called conversion tracking. Google Conversion Tracking is an analytics service provided by Google Inc., based in the USA (hereinafter referred to as "Google"). The recipient of the data, within the scope of data processing agreements, is Google Ireland Limited (Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland) and analysis and support service providers based in the EU. Google Ireland Limited uses Google LLC in the USA (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) as a service provider. The data will only be transmitted if you have given us your consent in accordance with Art. 6(1)(a), 49(1)(a) GDPR. Information regarding the risks of such data transfers and options for revocation can be found under Section 8. Details of the data transmission by Google can be found in Google’s privacy policy at www.google.com/policies/privacy/. When you visit certain pages of our website and the relevant cookie has not yet expired, Google and we can recognize that you clicked on the ad and were redirected to our website. The information collected through the conversion cookie is used to create conversion statistics and perform reach analysis. This helps us determine the total number of users who clicked on one of our ads and were redirected to a page that contains a conversion tracking tag. The processed data includes: Google Ads HTTP Data: This refers to log data that is technically generated when using the Google AdWords tool on the website via the Hypertext Transfer Protocol (Secure) (HTTP(S)). This includes your IP address, browser type and version, operating system used, the page visited, the previously visited page (referrer URL), and the date and time of the request. Usage Data: This includes clicks on ads, time spent on the website, and information about the pages visited. Conversion Event: The conversion event summarizes the results of the conversion. The legal basis for enabling the collection of personal data via our website by Google is your consent according to Art. 6(1)(a) GDPR in conjunction with Art. 7 GDPR. Regarding access to the end device, the legal basis is § 25(1) S. 1 TTDSG. We immediately obtain the necessary consent after you visit our website through our cookie banner. You can withdraw your consent to the use of Google AdWords at any time with effect for the future on our website. To do so, please use the "Cookie Settings" link, which you will find at the end of our website. The withdrawal of consent does not affect the lawfulness of the processing carried out based on the consent until the withdrawal. Alternatively, you can prevent data collection by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de or disable the storage of cookies in your browser settings. Google Marketing Platform (formerly DoubleClick Ad) If you have given your consent, this website uses the online marketing tool DoubleClick by Google Ireland Limited, Gordon House Barrow Street Dublin 4, Ireland (hereinafter: Google). The recipient of the data, within the scope of data processing agreements, is Google Ireland Limited (Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland) and analysis and support service providers based in the EU. Google Ireland Limited uses Google LLC in the USA (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) as a service provider. The data will only be transmitted if you have given us your consent in accordance with Art. 6(1)(a) GDPR. Information regarding the risks of such data transfers and options for revocation can be found under Section 8. Details of the data transmission by Google can be found in Google’s privacy policy at www.google.com/policies/privacy/. DoubleClick uses cookies to display ads relevant to users, improve campaign performance reports, or prevent a user from seeing the same ads repeatedly. Through a cookie ID, Google records which ads are displayed in which browser, preventing the same ad from being displayed repeatedly. Additionally, DoubleClick can use cookie IDs to track so-called conversions related to ad requests. This happens, for example, when a user views a DoubleClick ad and later visits the advertiser's website with the same browser and makes a purchase. According to Google, DoubleClick cookies do not contain personal information. Due to the marketing tools used, your browser automatically establishes a direct connection to Google's server. We have no influence over the scope and further use of the data collected by Google through the use of this tool, and therefore inform you as far as we are aware: By integrating DoubleClick, Google receives information that you have accessed the relevant part of our website or clicked on one of our ads. If you are registered with a Google service, Google may associate your visit with your account. Even if you are not registered with Google or logged in, it is possible that the provider may learn and store your IP address. The legal basis for enabling the collection of personal data via our website by Google is your consent according to Art. 6(1)(a) GDPR in conjunction with Art. 7 GDPR. Regarding access to the end device, the legal basis is § 25(1) S. 1 TTDSG. We immediately obtain the required consent after you visit our website through our cookie banner. You can withdraw your consent to the use of Google Marketing Platform at any time with effect for the future on our website. To do so, please use the "Cookie Settings" link, which you will find at the end of our website. The withdrawal of consent does not affect the lawfulness of the processing carried out based on the consent until the withdrawal. Alternatively, you can download and install the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de or disable the storage of cookies in your browser settings. Functional Cookies We also use so-called functional cookies to make the use of our online offerings more appealing and user-friendly. The legal basis for the use of such functional cookies, as well as the associated data processing and the processing of data derived from it, is our legitimate interest in designing the website according to Art. 6(1)(f) GDPR, or your consent according to § 25(1) TTDSG as well as Art. 6(1)(a) GDPR in conjunction with Art. 7 GDPR. You give your consent when you visit our online offering and the "cookie banner" appears. By pressing a button, you can declare your consent for the use of cookies on this website. You can withdraw or change your decision regarding the use of consent-required cookies at any time with effect for the future on our website. To do this, please use the "Cookie Settings" link, which you will find at the bottom of our website. The withdrawal of consent does not affect the lawfulness of the processing based on the consent until the withdrawal. Adobe Typekit Web Fonts Our online offering uses Adobe Typekit web fonts to display certain fonts consistently. The provider is Adobe Systems Incorporated, 345 Park Avenue, San Jose, CA 95110-2704, USA (Adobe). When you visit our pages, your browser loads the necessary fonts directly from Adobe to display them correctly on your device. In doing so, your browser establishes a connection to Adobe's servers in the USA. This allows Adobe to learn that our website was accessed via your IP address. According to Adobe, no cookies are stored when providing the fonts. Adobe holds a certification under the EU-U.S. Data Privacy Framework. This framework is an agreement between the United States and the European Union that aims to ensure compliance with European data protection standards. The use of Adobe Typekit Web Fonts is necessary to maintain a consistent appearance of fonts on our website. This constitutes a legitimate interest under Art. 6(1)(f) GDPR. You can find Adobe’s privacy policy here (https://www.adobe.com/privacy/policy.html). Google Tag Manager If you have given your consent, we use the Google Tag Manager service on our website, provided by Google Inc. based in the USA (hereafter "Google"). The data is processed by Google Ireland Limited (Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland) and analysis and support service providers within the EU. Google Ireland Limited employs Google LLC in the USA (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) as a service provider. The data is only transferred if you have given your consent in accordance with Art. 6 (1)(a) and Art. 49 (1)(a) GDPR. You can find further information regarding the risks and options for withdrawal under section 8. Details on data transfer by Google can be found in Google’s privacy policy at www.google.com/policies/privacy/. The Tag Manager is an organizational tool that allows us to implement and manage website tags. Tags can perform various functions, such as collecting browser data, managing marketing tools, setting cookies, or tracking users across multiple websites. Therefore, the Tag Manager helps us control our cookies and optimize our website as a whole. The legal basis for integrating the Tag Manager is your consent under Art. 6 (1)(a) GDPR in conjunction with Art. 7 GDPR. Regarding access to the end device, the legal basis is § 25 (1) S. 1 TTDSG. We obtain the necessary consent immediately after you visit our website via our cookie banner. You can withdraw your consent for the use of the Tag Manager at any time with effect for the future on our website. To do so, please use the “Cookie Settings” link found at the bottom of our website. Withdrawing consent does not affect the legality of the processing that occurred based on your consent prior to withdrawal. Newsletter If you wish to subscribe to the newsletter offered on the website, we require an email address from you, as well as information that allows us to verify that you are the owner of the provided email address and agree to receive the newsletter (Double-Opt-In procedure). We will only use this data for sending the requested information and for documenting your consent. For the documentation of consent, we will also store the IP address of the internet connection from which you accessed our website, as well as the date and time of your registration. You can withdraw the consent for storing the data, the email address, and its use for sending the newsletter at any time and with effect for the future, for example, by using the "Unsubscribe" link in the newsletter. The legal basis for processing the data is your consent in accordance with Art. 6 (1)(a) GDPR. We use the external service provider Klaviyo (225 Franklin St, Boston, MA 02110, USA) for managing and sending our newsletters as a data processor. We forward your data provided during the newsletter registration to Klaviyo. Klaviyo is certified under the EU-U.S. Data Privacy Framework. Contacting Us Our website contains contact forms that can be used for electronic communication. When a user uses these options, the data entered into the input form is transmitted to us, and some of the data is stored. There is no transfer of data to third parties outside the company in this context. The data is used exclusively for processing the correspondence. The legal basis for processing the data transmitted via email is our legitimate interest in communicating with you in accordance with Art. 6 (1)(f) GDPR. If the email contact aims at concluding a contract, Art. 6 (1)(b) GDPR is an additional legal basis for processing. The processing of personal data from the input form serves to process the contact and prevent misuse of the contact form. The data will be deleted as soon as they are no longer needed for the purposes for which they were collected. For personal data from the input form of the contact form and those sent via email, this will be the case once the respective correspondence has ended. The user has the right to object to the processing of their personal data at any time. In such cases, the correspondence cannot be continued. Please send your request for deletion via email to datenschutz@peicom.com. All personal data stored during the contact process will be deleted in this case. 3. Processing of Personal Data for Customer Satisfaction Surveys and Direct Marketing If you have given us your consent or if we are entitled to do so within the framework of existing customer relationships, we will use your contact details for direct marketing purposes (e.g., invitations to trade fairs, newsletters) or for conducting customer satisfaction surveys. You have the right to object to the use of your contact details for these purposes at any time. If you wish to exercise your right to object, please send us an email to datenschutz@peicom.com or follow the relevant instructions that you may have received in any advertising email from us. The legal basis for the processing of your data for advertising purposes is our legitimate interest in marketing under Art. 6 (1)(f) GDPR in the case of existing customer relationships, or Art. 6 (1)(a) GDPR if you have given us your consent. 4. Processing of Personal Data from Business Partners Categories of Data In the context of collaboration with business partners, the company processes personal data of contacts from customers, suppliers, prospects, distributors, and cooperation partners (hereinafter "business partners"): Contact information such as first and last names, business address, business phone numbers, business mobile numbers, business fax numbers, and business email addresses, Payment data, such as information necessary for processing payments or fraud prevention, including credit card information and card verification numbers, Additional information, provided voluntarily by business partners, such as orders, inquiries, or details about projects, Personal data: collected from publicly available sources, information databases, or credit agencies, and Compliance screenings (if legally required): date of birth, ID card and ID number, information on relevant court proceedings or other legal disputes involving business partners. Purpose of Processing and Legal Basis The personal data mentioned above will be processed for the following purposes: Communication with business partners regarding products, services, and projects (e.g., to process business partner inquiries or provide technical information about products), Contract execution, Planning, execution, and management of the contractual business relationship (e.g., processing orders for products and services, collecting payments, accounting, billing, and carrying out deliveries, maintenance, or repairs), Processing the registration for a customer account, Managing a customer account for pre-contractual services, contract fulfillment, or customer care purposes (e.g., to provide an overview of past orders or to offer a "wishlist" feature), Conducting customer surveys, marketing campaigns, market analyses, contests, etc., Maintaining and securing our products and services, as well as our websites, preventing and detecting security risks, fraudulent activities, or other criminal or malicious actions, Cross-checking personal data with U.S. sanctions lists according to European regulations 2580/2001 and 881/2002, Complying with (i) legal requirements (e.g., tax and commercial retention obligations), (ii) obligations for compliance screenings (to prevent economic crime or money laundering), and (iii) guidelines and industry standards, and Resolving legal disputes, enforcing existing contracts, and asserting, exercising, and defending legal claims. The processing of personal data is necessary to achieve the aforementioned purposes. Unless explicitly stated otherwise during the collection of personal data, the legal basis for data processing is: The performance and fulfillment of a contract with you under Art. 6 (1)(b) GDPR, Compliance with legal obligations to which the company is subject under Art. 6 (1)(c) GDPR, or Safeguarding legitimate interests under Art. 6 (1)(f) GDPR. The legitimate interest lies in the initiation, execution, and handling of the business relationship in commercial transactions. If you have explicitly given your consent for the processing of your personal data in individual cases, that consent serves as the legal basis for processing under Art. 6 (1)(a) GDPR. 5. Processing of Personal Data of Applicants Categories of Data and Purpose of Data Processing As part of the application process, we generally process the following categories of personal data: Personal Data: First and last name, date of birth, address, school graduation Communication Data: Phone number, mobile number, fax number, email address Data related to assessment and evaluation in the application process Education Data: School, vocational training, military/civil service, university, doctorate Data on previous professional career: Educational and work certificates Information about other qualifications: e.g., language skills, computer skills, voluntary work Application photo Salary expectations Application history Social Media Links: Link to Xing or LinkedIn profile, if data transfer from these profiles was selected. Personal data that you provide to us in the course of your application will be stored and used solely for the purpose of processing the application and, if applicable, for the subsequent employment relationship. Legal Basis for Data Processing The processing of your personal data as part of the application process is based on the following legal grounds: Article 6(1) lit. b DS-GVO: (Establishing and performing a contract) Article 6(1) lit. f DS-GVO: (Legitimate interest in communication and processing of the application) Further processing of the applicant data will only occur on the basis of explicit consent. This is particularly the case when we are unable to offer you a current vacancy within the company, but we consider your application suitable for future positions. The storage and processing of your data in this context will occur based on your consent in accordance with Article 6(1) lit. a DS-GVO. The storage and processing of your data for transfer to other companies within the corporate group also occurs based on your consent in accordance with Article 6(1) lit. a DS-GVO. Data Sharing Your data will be made accessible to the relevant employees of the Human Resources department and the relevant employees or supervisors of the department(s) for the position you have applied for. In the case of a speculative application, your documents will be made available to the relevant employees of the Human Resources department and the relevant employees or supervisors of the departments that might be interested in your application. We do not pass on your applicant data to affiliated subsidiaries or parent companies unless your application is also directed at or open to these companies. We also use service providers (e.g., IT service providers) as processors. The transfer of your data to these service providers will be done in strict compliance with confidentiality obligations and the requirements of the DS-GVO. The processors we engage may only process the data on our behalf and not for their own purposes. Responsibility for the data processing remains with us. Data transfer may also occur if we are obligated to do so due to legal requirements and/or government or court orders. Transfer of Personal Data to Third Countries Our company is part of a corporate group where personnel responsibilities may extend across borders. Therefore, responsible supervisors in other countries may have access to your applicant data. These data processes are necessary to make a decision regarding the establishment of an employment relationship. Furthermore, data may be transferred to third countries when your data is included in the talent pool. This allows our affiliated foreign entities to access your applicant data. In the case of data transfer to a third country, appropriate safeguards will be implemented to ensure that the data protection level of the European Union is maintained. Deletion periods for applicant data If no employment relationship is established, the application documents will be deleted six months after rejection. The legal basis for the storage in this respect is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR for the defence against any claims arising from the General Equal Treatment Act (‘AGG’). In all other respects, the general deletion periods and notes under Section 9 apply. 6. social media We use links to the social network Instagram on our website to draw attention to our services and products and to get in touch with you as a visitor and user of these social media pages and our website. You can recognise the links by the logo of the respective social network. When you click on the logo, a direct connection is established between your browser and the server of the respective service and you are redirected to the website of the service provider. Below you can find out how your data is processed on the respective social media sites. We operate the following sites: Facebook https://www.facebook.com/peikercee/ und https://www.facebook.com/peikercee_outdoor/ Meta Platforms Ireland Ltd, Merrion Road, Dublin 4, D04 X2K5, Irland https://de-de.facebook.com/privacy/policy/ Instagram https://www.instagram.com/peikercee.equine/ und https://www.instagram.com/peikercee.outdoor/ Meta Platforms Ireland Ltd, Merrion Road, Dublin 4, D04 X2K5, Irland https://de-de.facebook.com/privacy/policy/?entry_point=facebook_help_center_ig_data_policy_redirect Youtube https://www.youtube.com/channel/UChVgyz0S5tl1PR_HHpo4e-w/feed Google Ireland Ltd, Gordon House, Barrow St, Dublin 4, Irland https://policies.google.com/privacy?hl=de For Instagram and Facebook, there are additional and supplementary notes below in 6.4. Data processing by us We operate the social media presences to draw attention to our products, services and career opportunities and to communicate with users for this purpose and to achieve improvements. The processing of personal data is generally carried out on the basis of Art. 6 para. 1 lit. f GDPR due to our legitimate interests in public relations, communication and product improvement, unless otherwise stated. We are able to view your posts and similar interactions on our social media presences and - depending on your privacy settings - your public profile. We may use this data to improve our information and products, particularly on our social media sites. If you contact us via our social media presence, we will process the personal data you provide in order to process your request, in particular to respond to enquiries. We may then answer your enquiry via the respective social media presence. In many cases, the legal basis for the processing of personal data is Art. 6 para. 1 lit. b GDPR (contract fulfilment or pre-contractual measures) or, if this legal basis is not relevant, Art. 6 para. 1 lit. f GDPR due to the legitimate interests arising from the aforementioned purposes. In addition, we may also process personal data in connection with the social media presences in accordance with the information in the other sections of the data protection information. As a precaution, we would like to point out that communication via social media platforms may be insecure. You can contact us at any time via other communication channels and will then also receive a response via these other channels. We also receive aggregated usage statistics from the platforms, which we use to evaluate user behaviour and improve our information offering. The usage statistics may also be compiled by the platforms on the basis of personal usage data. Further information on this can be found in the data protection notices of the respective providers linked above. Processing by the platform operators We have no influence on the processing of your personal data by the respective providers. Rather, the platform operators have control over data processing in the context of the use of the respective service. This includes, for example, the storage and use of cookies on user devices and the analysis of your behaviour on the social network. Notes on the deletion of posts If you publish personal data on our social media presences in the form of posts, such as images, texts, videos, or interact in other ways, e.g. ‘liking’ posts, your data will be processed and in many cases published. If this involves inappropriate content, we may delete it in accordance with the usual procedures and policies of the respective platforms. Insights When you visit our Instagram or Facebook presence, Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (‘Meta’) collects in particular your IP address and other information transmitted by your browser, as well as any other information that may be available on your PC in the form of cookies. This information is used to provide us, as the owner of the Instagram presence, with statistical information about the use of the respective presences (Insights). In this respect, Meta and we process the personal data as joint controllers within the meaning of Art. 26 GDPR and have concluded a corresponding joint controller agreement. The essential information on the corresponding agreement pursuant to Art. 26 GDPR between us and Meta can be found at https://de- en.facebook.com/legal/terms/page_controller_addendum. Further information on data processing by Meta in the context of Insights can also be found at https://de-de.facebook.com/legal/terms/page_controller_addendum. Notwithstanding the information in the linked agreement, you can assert your data subject rights against us and Meta. The data collected about you in this context will be processed by Meta and may be transferred to countries outside the European Union, in particular to companies in Meta's group of companies based in the USA. We would like to point out that Meta is responsible under data protection law for the corresponding transfer and subsequent processing operations. The specific data Meta receives and how it is used is described in Meta's privacy policy. Further information can be found in Meta's privacy policy: https://de-de.facebook.com/policy.php. The legal basis for the processing of personal data in this context is Art. 6 para. 1 lit. f GDPR (legitimate interests in achieving the above-mentioned purposes) or, if consent has been obtained, Art. 6 para. 1 lit. a, Art. 7 GDPR (consent). At https://www.facebook.com/settings?tab=privacy and https://www.instagram.com/accounts/privacy_and_security/ you can make additional settings for the processing of your personal data by Instagram. 7 Recipients and categories of recipients Within our company, those departments that need your data to fulfil contractual and legal obligations will have access to it. Service providers and vicarious agents employed by us may also receive data for these purposes if they maintain confidentiality and integrity in particular. These are companies in the categories of IT services, telecommunications, sales and marketing. With regard to the transfer of data to recipients outside our company, it should first be noted that we only pass on necessary personal data in compliance with the applicable data protection regulations. We may only pass on information about you if this is required by law, if you have given your consent or if we are authorised to provide information. Under these conditions, recipients of personal data may be public bodies and institutions (e.g. law enforcement authorities) in the event of a legal or official obligation, other affiliated companies for risk management due to legal or official obligations, Service providers that we use within the scope of order processing relationships Service providers that are explicitly named as recipients in this data protection notice As part of the contract processing, we pass on your data to the transport company commissioned with the delivery of goods or to the financial service provider on the basis of Art. 6 para. 1 lit. b) GDPR, insofar as the transfer is necessary for the delivery of goods or for payment purposes. 8. transfer to third countries Data is transferred to bodies in countries outside the European Union (so-called third countries) if it is necessary for the fulfilment of your orders (e.g. delivery orders) it is required by law (e.g. reporting obligations under tax law) or you have given us your consent. Furthermore, a transfer to bodies in third countries to maintain and ensure the IT operations and IT security of the company cannot be ruled out. The use of our social media services may also result in the transfer of data and subsequent processing of usage data of the respective services in the USA. When transferring data to so-called third countries, we ensure that this is done in accordance with the law. As a rule, data transfers are permitted on the basis of an adequacy decision, particularly in the case of transfers to the USA. If this does not apply in individual cases, we will conclude the standard data protection clauses or obtain your explicit consent. You can completely reject the use of cookies and other technologies or make individual settings. You can also revoke your consent at any time with effect for the future. Previously carried out processing operations remain unaffected by a revocation. In addition, personal data may be transferred to third countries by the companies to which we pass on personal data in accordance with the explanations in the other sections. 9. storage period We process and store your personal data for as long as is necessary to fulfil our contractual obligations and exercise our rights. The revocation of a previously given consent will be kept for three years (accountability). The administration cookie is deleted 6 months after the last visit. Server log data is deleted or anonymised after seven days at the latest, unless further storage is required for evidence purposes. Data relating to newsletters and invitations are deleted immediately after cancellation. In individual cases, longer storage of data for evidence purposes may be justified in justified individual cases. According to §§ 195 ff. of the German Civil Code (BGB), these limitation periods can be up to 30 years, whereby the regular limitation period is 3 years. 10. data security For security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator, SSL or TLS encryption is implemented on our website. You can recognise an encrypted connection by the fact that the address line of the browser changes from ‘http://’ to ‘https://’ and by the lock symbol in your browser line. Our employees and the service companies commissioned by us are also obliged to maintain confidentiality and to comply with the provisions of the applicable data protection laws. The company takes appropriate technical and organisational security measures to protect your personal data from loss, alteration, destruction and access by unauthorised persons or unauthorised disclosure. Our security measures are constantly being improved in line with technological developments. 11 Rights of data subjects Every data subject has the right of access under Art. 15 GDPR, the right to rectification under Art. 16 GDPR, the right to erasure under Art. 17 GDPR, the right to restriction of processing under Art. 18 GDPR and the right to data portability under Art. 20 GDPR. The restrictions under Sections 34 and 35 BDSG apply to the right of access and the right to erasure. In addition, there is a right of appeal to a competent data protection supervisory authority (Art. 77 GDPR in conjunction with Section 19 BDSG). You can withdraw your consent to the processing of personal data at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. You also have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based in particular on point (f) of Article 6(1) GDPR. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms. In particular, this includes that the processing is necessary for the establishment, exercise or defence of legal claims. You also have the right not to be subject to fully automated decision-making in accordance with Art. 22 GDPR. In principle, we do not use fully automated decision-making to establish, conduct and terminate the business relationship. Should we use these procedures in individual cases (e.g. to improve our products and services), we will inform you separately about this and about your rights in this regard, insofar as this is required by law. Further information and explanations regarding the above-mentioned rights can be found on the European Commission's ‘Rights for Citizens’ website. 12. obligation to provide data As part of our online offering, we rely on the processing of such usage data as is necessary for the performance and termination of the service and for the fulfilment of the associated obligations. Without the collection of usage data, we and our service providers will not be able to provide you with our online services. If processing is based on consent, the provision of data is also voluntary. 13 Profiling We do not process your personal data automatically in such a way that this has a legal effect on you or significantly affects you in a similar way. 14. topicality and changes to this privacy policy This privacy policy is currently valid and was last updated in July 2024 15. This English text has been generated by a translation program and is for a better user experience. This Privacy policy is only legally binding in the German version.