PRIVACY POLICY
Thank you for your interest in the bcc. In the following paragraphs we will inform you about the collection of personal data when using our website, contacting us and applying for one of our positions offered.
Personal Data
Personal data are all data which are personally related to you, e.g. name, address, email address, IP address and user behavior.
Responsible Party
The responsible party in regard to Article 4(7) EU General Data Protection Regulation (GDPR) is the:
bcc Berlin Congress Center GmbH
Alexanderstr. 11
10178 Berlin (Germany)
+49 30 23806 0
info@bcc-berlin.de
www.bcc-berlin.de
Managing Director:
Malte Eisenhardt
Contact of the Data Protection Officer
Visiting our Website
Type of Data Collected
Each time our website is accessed, our system automatically collects data and information from the computer system of the calling computer and stores this in our system's log files. This data is not stored together with other personal data of the user. The following data are collected in order to make the website available and create log files:
- your IP address
- the type of browser as well as the version and language
- your operating system
- your internet service provider
- the date and time of access
- the time zone difference to Greenwich Mean Time (GMT)
- the content of your request (concrete site)
- the access status/http status code
- the data volume transferred
- the website your request comes from
Purpose of Collecting Data
Temporarily storing the IP address through the system is necessary in order to deliver the website to the user's computer. The IP address of the user must be stored for the duration of the session. Log files are stored in order to ensure the functionality of the website. In addition, these data allow us to optimise the website and ensure the security of our information technology systems. We do not analyse the data for marketing purposes.
Duration of Storage
The log file data are automatically deleted after seven days.
Session Cookies
In addition to the aforementioned data, a session cookie will be saved on your computer when using our website. A small text file is saved to your hard drive allocated to the browser used and certain information – in this case the fact whether Javascript is activated or not – circulates to us. The session cookie is automatically deleted when you close your browser. Cookies cannot run programs or transmit viruses to your computer.
You can configure your browser settings to suit your wishes and, for example, refuse the use of cookies. In this case it is possible that parts of the website will not be correctly displayed or are not usable.
Hosting (Strato)
We host our website with Strato. The provider is Strato AG, headquartered at Otto-Ostrowski-Str. 7 in 10249 Berlin (Germany). When you visit our website, Strato collects various log files including your IP addresses. For further information, please refer to Strato's privacy policy: https://www.strato.de/datenschutz/.
Webfonts (Monotype)
We use web fonts for the uniform display of fonts, which are provided by Monotype GmbH (fonts.com) with headquarters at Spichernstr. 2 in 10777 Berlin (Germany) in cooperation with its parent company Monotype Imaging Holdings Inc. with headquarters at 600 Unicorn Park Drive in Woburn, Massachusetts 01801, USA.
When you call up a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly. For this purpose, the browser you are using must connect to Monotype's servers. This informs Monotype that our website has been accessed via your IP address. If your browser does not support web fonts, a standard font will be used by your computer.
Further information on these web fonts can be found at https://www.fonts.com/info/legal and in the privacy policy of fonts.com: https://www.fonts.com/info/legal/privacy/ and in the privacy policy of Monotype GmbH: https://www.monotype.com/legal/privacy-policy/.
Web Analysis (Matomo Cloud)
We use the open source web analytics service Matomo. With the help of Matomo, we are able to collect and analyse data about the use of our website by visitors. This enables us to find out, among other things, which page views were made when and from which region they came. We also collect various log files (e.g. browsers and operating systems used) and can measure whether our website visitors perform certain actions (e.g. clicks and length of time on the page).
When analysing with Matomo, we use IP anonymisation. In this process, your IP address is shortened and the last bytes are anonymised before storage and analysis, so that it can no longer be clearly assigned to you.
We have configured Matomo so that it does not save any cookies in your browser.
Matomo Cloud is hosted by InnoCraft Ltd. located at 7 Waterloo Quay PO625, 6140 Wellington, New Zealand. For more information, please visit https://matomo.org/matomo-cloud-privacy-policy/.
Legal Basis
The legal basis for the use of data in these clauses (log file data, session cookie, web fonts and web analysis) is point (f) of Article 6 (1) GDPR. Our justifiable interests are to make the use of our website without errors and to optimise our content based on the analysis of visitor behaviour.
Contacting us (e.g. via contact form or by email)
Type of Data Collected
It is possible to contact us through the contact forms and email addresses provided on our website. In this case, the personal data shared in the contact form or email will be saved. This refers to your name, contact information (e.g. company, address, telephone number and email address) and any other shared data.
Purpose of Collecting Data
We use this date in order to respond to your enquiry or questions and to ensure communication with you, to initiate contracts with you or your company and to fulfill our precontractual duties. If a contract is signed between you or your company and the bcc, we will save or keep your data in order to fulfill the contract and for invoicing purposes.
Legal Basis
The legal bases for the use of data in these clauses are point (b) and (f) of Article 6(1) GDPR. Our interest in this case is to be able to respond to your enquiry/first contact.
Duration of Storage
We store your data until you request that we delete the data, you revoke your consent or the purpose of data storage is no longer relevant, or you limit the use in case statutory storage obligations apply.
Clients and Business Partner
Type of Data Collected
We will store personal data such as your name and business contact details (e.g. the company you work for, address, telephone number and email address) in the context of business acquisition or a business relationship. Storing further data (e.g. contact details of other colleagues, contact persons, or decision-makers) may be necessary in the course of fulfilling the contract. This also includes data or documents (e.g. emails, business letters, production plans and schedules) which may in turn contain isolated personal data. Providing this data may be necessary in order to close or fulfill the contract.
We do not use your data for profiling or any other automated decision-making nor for analysis.
Purpose of Collecting Data
Your data is collected for the purpose of closing the contract. This includes answering your precontractual questions and fulfilling the contract including the necessary communication with you for this.
Legal Basis
The legal basis for the use of your data is generally point (b) of Article 6 (1) GDPR, and to the extent that precontractual measures must be taken not based on your request, also point (f) of Article 6 (1) GDPR. In this case our justifiable interest is to make you an offer or make negotiations regarding our services.
Transfer of Data
In order to fulfill the contract, it may be that we pass your data on to third parties involved in the initiation and fulfillment of the contract such as vendors and subcontractors including IT service providers, banks or payment service providers and credit agencies. We have a contract with them about the order processing according to Article 28 (3) GDPR, insofar as this is required.
In individual cases we may be obligated to pass your data on to public authorities or to comply with a court order.
Duration of Storage
We will delete your data as soon as it is no longer necessary for the purpose of business acquisition and fulfilling the contract and assuming the deletion does not violate statutory storage obligations. If we do not delete the data, we will limit the use. Statutory storage obligations could be related to tax or commercial law and may last up to ten years.
Application
Type of Data Collected
We offer various open positions on our website and look forward to your application. The application is done electronically by sending the bcc GmbH your documents via the provided contact form or email as PDF file. In the application process, personal data such as your letter of application, CV, copies of your diplomas and certificates, first and last name, address, gender, birthday, place of birth, telephone number and e-mail address will be used and stored.
Purpose of Data Collected
We use your personal data exclusively for the purpose of the application process. We record your gender in order to properly address you in further communication. We need to know your birthday because there is a legal minimum age to work for our company.
Legal Basis
The legal basis for the processing is § 26 Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG) in connection with Article 88 GDPR.
Duration of Storage
If the application does not result in an employment contract, all recorded personal data will be automatically deleted six months after the position is declined, as long as deleting the data does not conflict with other justified interests. A justified interest in this case would be, for example, the burden of proof in a procedure according to the General Equal Treatment Act (Allgemeines Gleichbehandlungsgesetz, AGG).
Video Surveillance
Type of Data Collected
We use video surveillance on the property and in the building of the bcc GmbH. In the recording area of the installed cameras, we store the image of the persons who enter the property or the building as well as other identifiers such as clothing and belongings carried by the persons.
Purpose of Data Collected
Video surveillance is carried out for the purpose of safeguarding house rights, prevention of and clarification of criminal offences as well as preservation of evidence and protection of the building, property as well as employees and guests.
Legal Basis
The legal basis for the processing is point (f) of Article 6 (1) GDPR.
Transfer of Data
In the event of suspicion of criminal offences, we may pass on the data to law enforcement agencies. Otherwise, the data will only be disclosed if there is a legal basis for the disclosure. This may be the case, in particular, if the police or other security authorities become active in the context of so-called danger prevention and demand access to the video surveillance data.
Duration of Storage
The storage period of the video recordings is a maximum of six days, unless longer storage is necessary for the purpose of stated legitimate interests. Deletion will only take place after the purpose for processing has ended. If incidents are relevant for an investigation or legal proceedings, they will be stored for the duration of the proceedings or in accordance with statutory retention periods.
Your Rights in Regard to Your Personal Data
You have the right to request disclosure free of charge about your personal data, the purpose of the processing, the receiver, if possible the duration of storage and – in case the data was collected by third parties – their origin. Furthermore, according to legal requirement, you can request the suspension as well as the deletion or a restriction of the use of your data. You also have the right to data portability.
Insofar as the use of your personal data by us is based on your consent, you may retract this consent at any time. Please send an email to the data protection officer of the bcc at datenschutz@bcc-berlin.de.
Regulating Authority Responsible for Data Protection
You have the option to contact the data protection officer of the bcc or a regulating authority responsible for data protection. The regulating authority responsible for data protection for us is:
Berliner Beauftragte für Datenschutz und Informationsfreiheit
Alt-Moabit 59-61
10555 Berlin (Germany)
—
Version 482363-012
Berlin, 22/09/2023