1.1 Name and address of the Controller
The Controller as defined in the GDPR and other national data protection laws of the EU member states as well as other data protection regulations is:
EWAB International AG
Phone: +41 41 418 64 50
1.2 Name and address of the Representative
The Representative as defined in the GDPR and other national data protection laws of the EU member states as well as other data protection regulations is:
EWAB Group Services GmbH
Zum Lichtblick 2
Phone: +49 5545 999100
2 Scope and purpose of collecting, processing and use of the personal data
The GDPR defines personal data as «data/ information relating to an identified or identifiable natural person ». Online identifiers, such as IP addresses, should be considered personal information unless they are specifically anonymised.
We generally process your personal data for the following purposes:
• Customer support
• Optimization of the website
• Creation of usage statistics
2.1 Visiting the Website
When you visit our website, our servers temporarily store the following data in a log file, the so-called server log files.
• IP address of the computer sending a request
• Date and time of access/retrieval
• Name and URL of the retrieved data
• Operating system of your computer and the browser you are using
• Country from which our website is accessed
• Name of your Internet access provider
• The amount of data transferred in each case
• Our last visited website
• Browser settings
• Language and version of the browser software
• Activated browser plug-ins
The legal basis for the temporary storage of personal data and log files is the legitimate interest. The legitimate interest exists in order to
• deliver the contents of our website correctly
• optimise the content as well as the advertising of our website
• provide law enforcement authorities with the information necessary for law enforcement in case of a cyber attack
• collect statistical data
Such data are not stored together with other personal data. The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. In the case of the collection of your personal data for the provision of the website, this is the case at the end of the respective session.
2.2 Online applications
When you apply for a job with us, we process your information to process your application. Further information can be found in the job advertisement on the corresponding online platform.
Processing can also be carried out by other electronic means if you send us the relevant application documents, for example by E-mail.
We process data in connection with your application. This may include general information about you (such as your name, address and contact details), information about your professional qualifications and training or information about professional development or other information you provide us in connection with your application.
If necessary, personal data will be processed by host providers on our behalf on basis of contracts in accordance with Art. 28 GDPR.
The legal basis for processing is our legitimate interest in processing your application.
If we enter an employment contract with you, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If the application procedure ends without employment, your personal data will be stored for another 12 months for documentation purposes and will then be deleted, unless you have given us your consent to use your data for further application procedures with us and to contact you again in connection therewith.
You can subsequently revoke your consent at any time. You can send your revocation to the person named as contact person in the job advertisement or to the following E-mail address firstname.lastname@example.org.
EWAB has taken the necessary organisational and technical measures to ensure the confidentiality, integrity and availability of your application. All employees of our company as well as our software partner and third parties called in for support are obliged within the framework of their (employment) contract to keep personal data strictly confidential. Data processing is based on general standards for data security in accordance with the current state of the art.
2.3 Contact database
If you are a customer, supplier or service provider of EWAB (or contact person) or will be in the future, we collect the following information from you in the contact database on one of our own servers: First name, last name, professional function as well as business e-mail address, postal address and telephone number. This information is used to provide you with appropriate support.
The legal basis for processing your personal data is our legitimate interest in your support. If contacting us serves to fulfil a contract to which you are a party or to take necessary steps prior to entering into contract, this is an additional legal basis for the processing of your personal data.
We archive your personal data recorded in the contact database three years after the last contact between us has taken place. Access to your data is limited to a minimum. After another year, in which we neither contacted you nor you contacted us, we will delete this data.
2.4 Project Management Information System (PMIS)
As a customer of EWAB, you are free to post entries within the framework of our Project Management Information System, which can only be viewed by you and us, and which we can use for entering into a dialogue with you for processing your project. We will collect the following information about you:
First name, last name, user name, E-mail address, IP address and time and date of entry.
The collection of your personal data in our Project Management Information System serves for the performance of a contract to which you are a contracting party. Another legal basis for the processing is our legitimate interest in your support.
We process and store your personal data only for the period necessary to achieve the storage purpose or to the extent as this was required by laws or regulations we have to comply with. If the storage purpose no longer applies and a prescribed retention period expires, your data will be blocked or erased as a matter of routine and in accordance with legal regulations.
In addition, we delete your data if you request us to do so under email@example.com_and if we have no legal or contractual obligation to store or otherwise secure this data.
4 Disclosure to third parties
We will only disclose your personal data outside the EWAB Group if you have expressly agreed to this, if we are legally obliged to do so or if this is necessary for the use of the website or for the provision of any services requested by you.
We disclose your personal data to the following categories of recipients in addition to those already mentioned:
• Entities of the EWAB Group
• Government bodies
• Service operators
The use of the disclosed data by third parties is strictly limited to the contractually agreed purposes. You are obliged to maintain your privacy to the same extent as we do. Furthermore, you are obliged to process your personal data in accordance with our instructions and to comply with the EU data protection level. If the level of data protection in a country is not considered equivalent within the meaning of the GDPR, we use a contract to ensure that your personal data is protected at all times.
If we use subcontractors to provide our services, we will take appropriate
legal precautions and appropriate technical and organisational measures to ensure the protection of your personal data in accordance with the relevant legal regulations.
We use so-called cookies on our website on the basis of legitimate interests. These are small text files that are stored on your mobile device using the browser. When you visit a website, a cookie may be stored on your operating system. This cookie contains a characteristic string of characters that enables a unique identification of the browser when the website is called up again.
By means of a cookie, information and offers on our website can be optimised in your interest. Cookies enable us to recognize visitors. The purpose of this recognition is to make it easier for you to use our website.
We use temporary cookies. These are automatically deleted when you close your browser. This includes in particular the session cookies. You save a so-called session ID, with which you can assign various requests of your browser to the shared session. This will allow your computer to be recognized when you return to the website. We use this type of cookies to ensure the operation and functionality of our website.
In addition, we use cross-session cookies. These remain on your hard drive after the session. Thanks to the cookies, we can make our offer more user-friendly.
We use performance cookies to collect information about how you use our services. This helps us to improve our services. We may use these cookies, for example, to determine whether you have visited a particular page.
Analysis and performance cookies allow us to measure the number of visitors and to see how visitors move around our website. This helps us to improve the functionality of our website.
Accepting cookies is not a prerequisite for visiting our website. Most browsers automatically accept cookies. If you do not wish this, you can set your browser to inform you about the setting of cookies and you only allow this in individual cases. You can also set your browser in such a way that no cookies are stored on your computer or you receive a warning message when a new cookie is about to be placed.
The procedure for checking and deleting cookies depends on your browser. Please refer to your browser's help function. Alternatively, you can visit the website http://www.aboutcookies.org. There you will find step-by-step instructions on how to control and delete cookies in most browsers.
6 Analysis tools
The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
Google uses this information on our behalf to evaluate your use of our website, to compile reports on website activity and to provide us with other services relating to website and Internet use. The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data.
We use Google Analytics only with an activated IP anonymization. This means that Google will abbreviate the IP address of users within Member States of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases the complete IP address will be transmitted to a Google server in the USA and truncated there.
You can prevent the collection and transmission of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plug-in available under the following link (http://tools.google.com/dlpage/gaoptout?hl=en). An opt-out cookie is set to prevent future collection of your data when you visit this website. However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.
7 Your rights
In principle, with reference to your personal data, you have the right to information, rectification, erasure, restriction, data portability and the right to object to the processing of your personal data. In particular, we like to inform you that you have a right of objection when processing your data, for which we assume a legitimate interest, which we will carefully examine. If you believe that the processing of your data violates data protection law or your data protection rights have otherwise been violated in any way, you can lodge a complaint to the supervisory authority.
Please contact firstname.lastname@example.org with your concerns.
8 Use of the website by minors
The website is aimed at an adult audience. Minors, especially children under the age of 16, are prohibited from transmitting personal data to us or registering for a service. If we find that such data has been transmitted to us, it will be deleted. The child’s parents (or legal custodian) can contact us and request cancellation or deregistration.
9 Data security
We take technical and organisational security precautions to protect your personal data against manipulation, loss, destruction or against access by unauthorised persons and to guarantee the protection of your rights and compliance with the applicable data protection regulations.
The measures taken are intended to ensure the confidentiality and integrity of your data and the long-term availability and resilience of our systems and services for processing your data. They are also designed to ensure rapid recovery and access to your data in the event of a physical or technical incident.
Our security measures also include the encryption of your data. When your data is transmitted to us, it is encrypted using Https encryption. All information you enter online is transmitted via an encrypted transmission path. As a result, this information can never be viewed by unauthorised third parties.
Our data processing and security measures are continuously improved in line with technological developments.
We also take our own internal data protection very seriously. Our employees and the service companies commissioned by us are bound to secrecy and compliance with data protection regulations. Moreover, they are only granted access to personal data to the extent necessary.
10 Links to websites of other providers
Download PDF here