PRIVACY POLICY

Type of Data Collected

Each time our website is accessed, our system automatically collects data and information from the computer system of the calling computer and stores this in our system's log files. This data is not stored together with other personal data of the user. The following data are collected in order to make the website available and create log files:

• your IP address
• the type of browser as well as the version and language
• your operating system
• your internet service provider
• the date and time of access
• the time zone difference to Greenwich Mean Time (GMT)
• the content of your request (concrete site)
• the access status/http status code
• the data volume transferred
• the website your request comes from

Purpose of Collecting Data

Temporarily storing the IP address through the system is necessary in order to deliver the website to the user's computer. The IP address of the user must be stored for the duration of the session. Log files are stored in order to ensure the functionality of the website. In addition, these data allow us to optimise the website and ensure the security of our information technology systems. We do not analyse the data for marketing purposes.

Duration of Storage

The log file data are automatically deleted after seven days.

Session Cookies

In addition to the aforementioned data, a session cookie will be saved on your computer when using our website. A small text file is saved to your hard drive allocated to the browser used and certain information – in this case the fact whether Javascript is activated or not – circulates to us. The session cookie is automatically deleted when you close your browser. Cookies cannot run programs or transmit viruses to your computer.

You can configure your browser settings to suit your wishes and, for example, refuse the use of cookies. In this case it is possible that parts of the website will not be correctly displayed or are not usable.

Hosting (Strato)

We host our website with Strato. The provider is Strato AG, headquartered at Otto-Ostrowski-Str. 7 in 10249 Berlin (Germany). When you visit our website, Strato collects various log files including your IP addresses. For further information, please refer to Strato's privacy policy: https://www.strato.de/datenschutz/.

Webfonts (Monotype)

We use web fonts for the uniform display of fonts, which are provided by Monotype GmbH (fonts.com) with headquarters at Spichernstr. 2 in 10777 Berlin (Germany) in cooperation with its parent company Monotype Imaging Holdings Inc. with headquarters at 600 Unicorn Park Drive in Woburn, Massachusetts 01801, USA.

When you call up a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly. For this purpose, the browser you are using must connect to Monotype's servers. This informs Monotype that our website has been accessed via your IP address. If your browser does not support web fonts, a standard font will be used by your computer.

Further information on these web fonts can be found at https://www.fonts.com/info/legal and in the privacy policy of fonts.com: https://www.fonts.com/info/legal/privacy/ and in the privacy policy of Monotype GmbH: https://www.monotype.com/legal/privacy-policy/.

Web Analysis (Matomo Cloud)

We use the open source web analytics service Matomo. With the help of Matomo, we are able to collect and analyse data about the use of our website by visitors. This enables us to find out, among other things, which page views were made when and from which region they came. We also collect various log files (e.g. browsers and operating systems used) and can measure whether our website visitors perform certain actions (e.g. clicks and length of time on the page).

When analysing with Matomo, we use IP anonymisation. In this process, your IP address is shortened and the last bytes are anonymised  before storage and analysis, so that it can no longer be clearly assigned to you. 

We have configured Matomo so that it does not save any cookies in your browser.

Matomo Cloud is hosted by InnoCraft Ltd. located at 7 Waterloo Quay PO625, 6140 Wellington, New Zealand. For more information, please visit https://matomo.org/matomo-cloud-privacy-policy/.

Legal Basis

The legal basis for the use of data in these clauses (log file data, session cookie, web fonts and web analysis) is point (f) of Article 6 (1) GDPR. Our justifiable interests are to make the use of our website without errors and to optimise our content based on the analysis of visitor behaviour.

Type of Data Collected

It is possible to contact us through the contact forms and email addresses provided on our website. In this case, the personal data shared in the contact form or email will be saved. This refers to your name, contact information (e.g. company, address, telephone number and email address) and any other shared data.

Purpose of Collecting Data

We use this date in order to respond to your enquiry or questions and to ensure communication with you, to initiate contracts with you or your company and to fulfill our precontractual duties. If a contract is signed between you or your company and the bcc, we will save or keep your data in order to fulfill the contract and for invoicing purposes.

Legal Basis

The legal bases for the use of data in these clauses are point (b) and (f) of Article 6(1) GDPR. Our interest in this case is to be able to respond to your enquiry/first contact.

Duration of Storage

We store your data until you request that we delete the data, you revoke your consent or the purpose of data storage is no longer relevant, or you limit the use in case statutory storage obligations apply.

Type of Data Collected

We will store personal data such as your name and business contact details (e.g. the company you work for, address, telephone number and email address) in the context of business acquisition or a business relationship. Storing further data (e.g. contact details of other colleagues, contact persons, or decision-makers) may be necessary in the course of fulfilling the contract. This also includes data or documents (e.g. emails, business letters, production plans and schedules) which may in turn contain isolated personal data. Providing this data may be necessary in order to close or fulfill the contract.

We do not use your data for profiling or any other automated decision-making nor for analysis.

Purpose of Collecting Data

Your data is collected for the purpose of closing the contract. This includes answering your precontractual questions and fulfilling the contract including the necessary communication with you for this.

Legal Basis

The legal basis for the use of your data is generally point (b) of Article 6 (1) GDPR, and to the extent that precontractual measures must be taken not based on your request, also point (f) of Article 6 (1) GDPR. In this case our justifiable interest is to make you an offer or make negotiations regarding our services.

Transfer of Data

In order to fulfill the contract, it may be that we pass your data on to third parties involved in the initiation and fulfillment of the contract such as vendors and subcontractors including IT service providers, banks or payment service providers and credit agencies. We have a contract with them about the order processing according to Article 28 (3) GDPR, insofar as this is required.

In individual cases we may be obligated to pass your data on to public authorities or to comply with a court order.

Duration of Storage

We will delete your data as soon as it is no longer necessary for the purpose of business acquisition and fulfilling the contract and assuming the deletion does not violate statutory storage obligations. If we do not delete the data, we will limit the use. Statutory storage obligations could be related to tax or commercial law and may last up to ten years.

Type of Data Collected

We offer various open positions on our website and look forward to your application. The application is done electronically by sending the bcc GmbH your documents via the provided contact form or email as PDF file. In the application process, personal data such as your letter of application, CV, copies of your diplomas and certificates, first and last name, address, gender, birthday, place of birth, telephone number and e-mail address will be used and stored.

Purpose of Data Collected

We use your personal data exclusively for the purpose of the application process. We record your gender in order to properly address you in further communication. We need to know your birthday because there is a legal minimum age to work for our company.

Legal Basis

The legal basis for the processing is § 26 Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG) in connection with Article 88 GDPR.

Duration of Storage

If the application does not result in an employment contract, all recorded personal data will be automatically deleted six months after the position is declined, as long as deleting the data does not conflict with other justified interests. A justified interest in this case would be, for example, the burden of proof in a procedure according to the General Equal Treatment Act (Allgemeines Gleichbehandlungsgesetz, AGG).

Type of Data Collected

We use video surveillance on the property and in the building of the bcc GmbH. In the recording area of the installed cameras, we store the image of the persons who enter the property or the building as well as other identifiers such as clothing and belongings carried by the persons.

Purpose of Data Collected

Video surveillance is carried out for the purpose of safeguarding house rights, prevention of and clarification of criminal offences as well as preservation of evidence and protection of the building, property as well as employees and guests.

Legal Basis

The legal basis for the processing is point (f) of Article 6 (1) GDPR.

Transfer of Data

In the event of suspicion of criminal offences, we may pass on the data to law enforcement agencies. Otherwise, the data will only be disclosed if there is a legal basis for the disclosure. This may be the case, in particular, if the police or other security authorities become active in the context of so-called danger prevention and demand access to the video surveillance data.

Duration of Storage

The storage period of the video recordings is a maximum of six days, unless longer storage is necessary for the purpose of stated legitimate interests. Deletion will only take place after the purpose for processing has ended. If incidents are relevant for an investigation or legal proceedings, they will be stored for the duration of the proceedings or in accordance with statutory retention periods.