Privacy Policy

General information

In this privacy policy, we inform you processing of personal data (hereinafter referred to as "data") as part of the provision of our services as well as the use of our website and social media presences.

Personal data is all data with which you can be personally identified. The terms used in this privacy policy like personal data, data subject, processing, profiling, controller, processor, recipient, third party, consent are taken from the law and defined in Art. 4 GDPR. Who is responsible for data processing? 

Who is responsible for data processing on this website?

 The responsible body within the meaning of the GDPR (data processor) is

Stephan Matheiowetz

Betastraße 10 E

85774 Unterföhring

Mail: stephan@matheiowetz.de

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).

Contact details of the data protection officer

The data protection officer of the controller can be reached under

Computer Bauer & Liebchen GmbH, Maximilianstraße 69, 87719 Mindelheim

Theresa Liebchen, phone: 08261 / 23285-60, email: info@bauer-liebchen.de

Data collection on our website

This website is hosted by an external service provider (hoster). When you use this website, the hoster of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are: IP address, time, "request", status code, bytes transmitted, "user agent". This is technically necessary in order to display our website to you. The data is not merged with other data sources. The legal basis for the collection of this data is Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures. In order to ensure data protection-compliant processing, we have concluded an order processing contract with our hoster.

Our host is:

DomainFactory GmbH

c/o WeWork

Neuturmstrasse 5

80331 München / Deutschland

Kommunikation

If you contact us by e-mail, telephone or fax, your enquiry including all personal data (name, enquiry) will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent. This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your enquiry is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested.

WhatsApp

We only use WhatsApp if you have first contacted us via it and you have expressly requested communication. We use WhatsApp for the purpose of communication and for exchanging and transmitting photos and videos. The legal basis is our legitimate interest in effective and improved communication in accordance with Art. 6 Para. 1 lit. f GDPR or Art. 6 Para. 1 lit. b GDPR, insofar as the contact relates to an existing contractual relationship or serves to initiate such a contractual relationship.

If you contact us via WhatsApp, your data will be processed by WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, also on servers outside the EU in the USA. WhatsApp passes on the data to other companies within and outside the Meta group. The USA currently does not have an adequate level of data protection. However, there are so-called standard contractual clauses: https://faq.whatsapp.com/general/about-standard-contractual-clauses. According to these agreements, access by the US authorities is effectively excluded. For more information, see WhatsApp's privacy policy https://www.whatsapp.com/legal/#privacy-policy.

The communication content (i.e., the content of the message and attachments) is encrypted end-to-end. This means that the content of the messages cannot be viewed, not even by Meta. You should always use a current version of the messenger with encryption activated to ensure that the message content is encrypted.

However, we also point out to our communication partners that although the messenger providers cannot view the content, they can find out that and when communication partners communicate with us as well as technical information about the device used by the communication partner and, depending on the settings of their device, location information (so-called metadata) are processed.

The right to deletion is restricted in accordance with Art. 17 GDPR, because we cannot delete the contact details, photos or videos on the WhatsApp servers. If you request deletion, your contact details as well as transmitted photos and videos will be deleted immediately on the mobile device, other storage media and on our servers, unless statutory retention periods apply.

You can object to the use of WhatsApp at any time and without giving reasons. Alternatively, we offer communication via email or telephone.

Online Meetings (Microsoft Teams)

If you communicate with us via Microsoft Teams, your personal data may be processed by both us and Microsoft. As soon as you join the meeting or access the Microsoft Teams website, Microsoft is responsible for data processing. Within the EU this is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland.

We process registration data and participant data (actual participants, time of start and end of participation) on the legal basis of Art. 6 Para. 1 lit. f GDPR, our legitimate interest in conducting online meetings and making them efficient. If we record a meeting, this is done on the basis of Art. 6 Para. 1 lit. a GDPR, your consent.

In addition, Microsoft processes all technical data that is required to process the meeting. This includes in particular IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speaker as well as the type of connection.

Please note that we have no influence on data processing by Microsoft. In particular, under the CLOUD Act, US investigative authorities also have the opportunity to demand that Microsoft hand over data stored on servers in the EU. We have concluded an order processing agreement with Microsoft incorporating the EU standard contractual clauses. Furthermore, Microsoft is compliant with the EU-U.S. Data Privacy Framework certified https://www.dataprivacyframework.gov/list.

Further information on data processing by Microsoft can be found at https://privacy.microsoft.com/de-de/privacystatement and https://docs.microsoft.com/de-de/microsoftteams/teams-privacy. There you will also find further information about your rights in this regard.

Applications

The data you provide in context with an application will only be used to process the application. The legal basis for this data processing is Art. 6 Para. 1 lit. b GDPR, for the performance of a contract or in order to take steps prior to entering into a contract. A transfer to third parties does not occur. Your data and the documents sent to us (e.g. cover letter, CV, certificates, qualifications, etc.) will be deleted immediately, but no later than 6 months after completion of the application process (awarding the job to you or another person), unless longer storage is legally required or permitted. If you have agreed to store your data for a longer period of time, we will store your data with your given consent on the legal basis of Art. 6 Para. 1 lit. a GDPR. If special categories of personal data are processed in accordance with Art. 9 Para. 1 GDPR, this may serve to initiate an employment relationship and may be based on Art. 9 Para. 2 b GDPR in conjunction with. V. m. § 26 para. 3 BDSG

What rights do you have regarding your data?

As a “data subject” within the meaning of the GDPR, you are entitled to the following rights, which arise in particular from Articles 15 to 21 GDPR:

You have the right to receive information about the scope, origin and purpose of your stored personal data free of charge at any time. You also have the right to request the correction or deletion of this data.

If you have given us your consent to process your data, you can revoke this consent at any time for the future. You also have the right to demand the restriction of the processing of your personal data, provided that there are no legal provisions to the contrary.

Who is responsible for data processing on this website? You have the right to have data that we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a commonly used, machine-readable format. If you request the direct transfer of the data to another controller, this will only take place if it is technically feasible. You also have the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority for data protection issues is the state data protection officer of the federal state in which our company is based. A list of data protection officers and their contact details can be found at the following Link entnommen werden.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from http:// to https:// and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Cookies

Most of the cookies we use are so-called "session cookies". They are automatically deleted at the end of your visit. The legal basis for the use of these technically necessary cookies is the legitimate interest in the proper, commercial and secure operation of our website in accordance with Art. 6 Para. 1 lit. f GDPR, as part of a balancing of interests. For all other cookies we need your express consent.

Children and young poeple

According to Art. 8 GDPR young people over the age of 16 may consent to a data processing. Below this age, we require the confirmation of one or all legal guardians. We do not collect data from children and young people under the age of 16, as this data is considered particularly sensitive data under the GDPR.

Reservations, online orders (restaurant or conference center)

When you visit our restaurant, make an order or reservation or book our conference center, your master data, order or booking data, communication and payment data provided to us is processed. The legal basis for this data processing is Article 6 Paragraph 1 Letter b GDPR, the fulfillment or initiation of a contract when making a reservation. If necessary, we process customer and prospective customer data for evaluation and marketing purposes based on Art. 6 Para. 1 lit. f GDPR our legitimate interest in adapting our offering to your needs and in informing you specifically about offers for our services. Further data processing can take place on the basis of Art. 6 Para. 1 lit. a GDPR, your consent given for defined purposes, or to fulfill a legal obligation based on Art. 6 Para. 1 lit. Unless statutory retention periods or other legally permissible purposes conflict with deletion, your data will be deleted as soon as processing is no longer necessary to fulfill the intended purpose or consent is revoked. 

Pay-Jet

To process cashless payments, we use the Pay-Jet service from the Pay-Jet GmbH, Rumfordstrasse 42, 80469 Munich. Pay-Jet generally only processes the data that is necessary to be able to offer the corresponding service. The legal basis for data processing is Article 6 Paragraph 1 Letter b GDPR (processing to fulfill a contract). Information on data processing by Pay-Jet can be found at https://www.pay-jet.de/privacy-policy.

Social media presences

In addition to our own website, we have a presence in the following social networks. User data can be comprehensively analyzed by the respective network and processed in the USA. If you visit one of our social media pages, we and the provider of the social media platform are responsible for the data processing triggered by this visit. In principle, you can assert your rights both against us and against the respective provider. Please note that despite our shared responsibility with the social media providers, we do not have full influence on the data processing carried out by them. 

Data such as user name, contact details or content data (e.g. messages and statements), usage data (e.g. websites visited, interest in content, access times) and meta/communication data (e.g. IP address or device information) can be processed. The legal basis for this data processing is a balancing of interests in accordance with Article 6 Paragraph 1 Letter f of the GDPR, to make our services known to a broad audience, to provide insights into our operations and to get in touch with people who inquire. Further data processing, if necessary for evaluation and marketing purposes, can take place if you have consented (Art. 6 Para. 1 lit. a GDPR).

Data processed on our systems will be deleted as soon as you request us to do so, revoke your consent or the purpose for data processing no longer applies and there are no legal provisions to the contrary. Saved cookies remain on your device until you delete them. We have no influence on the storage period processed by the social network provider for its own purposes.

Facebook

Facebook is a social network of Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland, a subsidiary of Meta Platforms, Inc., Menlo Park, California. Meta data policy: https://www.facebook.com/privacy/explanation

The Page Controller Addendum on joint responsibility according to Article 26 GDPR can be found at https://www.facebook.com/legal/terms/page_controller_addendum

Instagram

Instagram is a social network of Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland, a subsidiary of Meta Platforms, Inc., Menlo Park, California. Meta Data Policy: https://privacycenter.instagram.com/policy