We feel committed to maintaining the privacy of our website visitors and of our customers. The protection and security of personal data are of primary concern for us.
What are personal data?
The GDPR defines the term personal data as any information relating to an identified or identifiable natural person. These are, for example, your name, your telephone number, and your birthday.
In general, it will not be necessary for you to provide personal data to use our website. However, when you visit our website our web server automatically creates and maintains so-called log files. Log files record data including:
- The IP address of the accessing computer (including its geographical location)
- The website you previously visited (referrer URL)
- Date and time of access of server request, including how long you visited our website
- Types and settings of the browser
- Operating system
- The page you visited (file name and URL)
- Data volume transferred
- Access status (file transferred etc.)
We gather these data only for statistical purposes. No information – whether for commercial or non-commercial purposes – will be disclosed to third parties. We will principally not bring these data together with other data from other sources. These data are collected and processed in order to enable the use of this website and adjust it to our users’ interests in accordance with Article 6 (1) (f) GDPR. Our legitimate interest is to provide and manage our website with all its features and to optimize it continually.
Data recorded in server log files are stored for a limited time only and will be deleted by default regularly after 30 days.
We reserve the right to verify these data later if there is clear evidence of illegal use. Such verification will only be carried out to identify and prevent the illegal use of our website and is in accordance with Article 6 (1) sentence 1 lit. (f) GDPR. Our legitimate interest here is to ensure that our offer is secure and that improper use is prevented.
Further collection, processing, and use of personal data
We only collect or process personal data if you choose to provide such data, for instance, when making an inquiry. We will store and use the data you provided in the inquiry, including any contact details you gave in the inquiry, in order to fulfill the purpose related to the data transfer, for example, to process your order or for follow-up questions. The collection and use of these personal data are carried out in accordance with Article 6 (1) sentence 1 lit. (b) GDPR to the extent that you provide these personal data in order to enter into a contract with us. Only in such case, it is necessary that you provide personal data in terms of Article 13 (2) lit. (e) GDPR. Otherwise, storage or use is carried out based on Article 6 (1) sentence 1 lit. (f) GDPR, our legitimate interest being diligent processing of your request.
If you instruct us with rendering a service or we require your services, we collect, store and use your personal data only to the extent necessary to provide such services or fulfill such a contract. Any data processing in this context is carried out in accordance with Article 6 (1) sentence 1 lit. (b) GDPR. This may also require disclosing your personal data to other companies that we engage in for the provision of services or contract processing. Other companies here can be for instance shipping companies or other service providers. Any data transfer to service providers we instructed for this purpose is also carried out in accordance with Article 6 (1) sentence 1 lit. (b) GDPR.
In all cases where data processing as described above serves the purpose to fulfill a contract, the provision of your personal data is a requirement necessary to enter into a contract (cf. Article 13 (2) lit. (e) GDPR). Without your personal data performance of the contract would be impossible for us.
Data processing in application procedures
The personal information you have made available to us in the context of an application (usually contact details, cover letter, and application documents such as certificates, jointly referred to as “Application Details”), are stored and used for no other purpose than handling your application. No information will be disclosed to third parties outside BIT Analytical Instruments GmbH unless you separately gave your consent. The following persons will have access to your data: HR staff, the competent technical supervisor, works council. Should you be invited to a second personal interview where you will meet your future colleagues, they will be provided with your CV so that they can prepare for the interview. All listed persons are bound to maintain data confidentiality and will treat your application strictly confidential.
Collection and processing of data in the context of an application for a vacant position at BIT Analytical Instruments GmbH shall be carried out in accordance with Article 88 GDPR in conjunction with sections 26 (1) and (3) BDSG. Insofar as we store your personal data after completion of the application procedure for a period of one year in our application management system, storage will be carried out in accordance with Article 6 (1) sentence 1 lit. (a) GDPR based on the consent you chose to give which we requested separately during the application procedure. Otherwise, your data (application details and interview results) will be completely erased from our application management system no later than six months following termination of the application procedure, unless we have legitimate reason opposing an erasure. If applicable national laws of EU Member States, in which one of the BIT companies is located, provide for longer or shorter retention periods for the Application Details, these periods will of course be observed.
Use of Google analytics
The information generated by cookies about your use of the website is usually transferred by Google to a Google server in the USA and stored there. Google Analytics also collects the IP address of your device to ensure the security of the service and to provide us, as the website operator, with information about the country, region, or location from which the website is used (so-called “IP location determination”). We use Google Analytics exclusively with the extension “_anonymizehelp()”. By activating this extension for our website, your IP address is shortened before being transmitted to a Google server in the USA within the member states of the EU or other states of the European Economic Area. Google uses the information on our behalf to evaluate your use of our website and to create reports about website activity.
Further details on data processing of data in relation with Google Analytics are available at http://google.com/analytics/terms/de.html and at support.google.com/analytics/answer/6004245?hl=de/.
We would like to point out that the transfer of data to the USA may involve additional risks, for example, it may be more difficult to enforce your rights to this data or certain US authorities may gain access to this data. We have agreed with Google on standard data protection clauses of the EU Commission in accordance with Art. 46 (2) (c) GDPR. These standard data protection clauses are intended to ensure that an appropriate level of data protection is maintained in the third country (USA).
Alternatively, you can also install the browser plugin from Google to disable Google Analytics, which can be downloaded from the following link: https://tools.google.com/dlpage/gaoptout?hl=de/
Use of Google Maps
Our website also uses the product Google Maps, a map service by Google to present an interactive map. By using Google Maps information on how you use this website (including your IP address) may be transferred and stored to a Google server even outside the EU and the EEA, notably in the United States. However, when you access our website only a placeholder is loaded and not the Google Maps service itself so that Google does not receive any personal data relating to you when you call up the website. The Google Maps service is only loaded when you consent in your data being transferred to Google. If you are logged into your Google account while Google Maps is activated, Google may associate your search queries in Google Maps with your Google account. To prevent this, you must first log out of your Google account or enable the so-called incognito mode in your Google account. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf.
You will find further information on Google’s data processing here: https://www.google.com/policies/privacy/
The information collected is stored on Google servers, including in the USA. We have agreed on the standard data protection clauses with Google, the purpose of which is to maintain an adequate level of data protection in the third country. You will find details on this in the section above for Google Analytics.
We use Google Maps to improve user comfort for our website. The data processing relating to the activated Google Maps service is only carried out with your consent and therefore based on Article 6 (1) (a) GDPR. Of course, you can withdraw your consent anytime in the future.
Use of Google reCAPTCHA
To ensure sufficient data security when submitting forms, we use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on parts of our website. The provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google LLC”).
reCAPTCHA is used to check whether the data input on our website (e.g. in a contact form) is processed by machine or automated processing. For this purpose, reCAPTCHA sets cookies and forwards the cookies and required information including your IP address and time spent on the website, technical information about the browser used and, if applicable, entries that you are prompted to make by reCAPTCHA to Google LLC. If we collect data in this context, we store and process it only for as long as is necessary to check your data entry and generally delete it afterward. We use reCAPTCHA exclusively to detect and prevent the illegal use of our website. Insofar the use of the cookies set by reCAPTCHA is absolutely necessary for the operation of the website, we are legally permitted to store the cookies on the device used and to access them. The data processing by reCAPTCHA is carried out on the basis of Art. 6 (1) sentence 1 lit. (f) GDPR. Our legitimate interest is to ensure the security of our web offers and to prevent their misuse for automated spying and SPAM. Google LLC also carries out the data processing in connection with reCAPTCHA with the help of European branches of Google LLC, for example, Google Ireland Limited, within the EU. Insofar as the data is additionally transferred to the USA and processed there, Google LLC and we take additional measures to ensure an appropriate level of protection for this data transfer to the USA in accordance with Art. 44 ff GDPR, for example, the agreement of the standard data protection clauses of the EU Commission according to Art. 46 (2) lit. (c) GDPR, which in individual cases also provides for additional safeguards such as encryption of the data, depending on the need for protection of the data.
Use of the Google Tag Manager
We use the “Google Tag Manager” on our website, a service provided by Google. The Google Tag Manager allows us to manage website tags through one interface. Google Tag Manager, which implements the tags, is a cookie-less domain and does not collect any personal data itself. Google Tag Manager provides for the triggering of other tags, which in turn may collect data. Google Tag Manager does not access this data. If deactivation has been made at the domain or cookie level, this remains in place for all tracking tags implemented with Google Tag Manager.
Further information on data protection can be found on the following Google web pages:
FAQ Google Tag Manager: https://support.google.com/tagmanager/?hl=en#topic=3441530
Google Tag Manager Terms of Service: https://marketingplatform.google.com/intl/de/about/analytics/tag-manager/use-policy/
No automated decision-making
We will not carry out any automated decision-making process, including profiling, pursuant to Article 22 (1) and (4) GDPR.
Data transfers to third parties
Your personal data will not be passed on to any third parties without your expressive consent, unless necessary to provide the services or fulfill the contract. Accordingly, a transfer of your data to third parties will only be carried out subject to your consent pursuant to Article 6 (1) sentence 1 lit. (a) GDPR, or for the purpose of performance of a contract pursuant to Article 6 (1) sentence 1 lit. (b) GDPR. The communication to state institutions and authorities entitled to obtain information will also only be carried out within the framework of legal duties of disclosure or if we are obligated by a court decision to disclose information. In such a case, the disclosure of your data is required under Article 6 (1) sentence 1 lit. (c) GDPR in order to comply with a legal duty we are subject to.
Insofar as external service providers have access to personal data we have ensured by legal, technical, and organizational measures as well as by regular checks that they comply with the regulations of data protection laws.
General storage period and erasure
We will store your personal data no longer than necessary to achieve the purpose for which the information was provided (e.g. performance of a contract, reply to your inquiry) or for legitimate reasons in terms of Article 17 (3) GDPR, such as statutory retention periods, require storage. As long as statutory retention periods such as, for instance, tax and commercial law provisions conflict with the erasure of your personal data, we will restrict the processing of your data; then your data will be erased according to statutory provisions.
Applicant details will be erased within a maximum period of six months after termination of the application procedure, unless you have given your consent to exceeding storage or legitimate reasons by us oppose an erasure, such as the defence of legal claims. If applicable national laws of EU Member States, in which one of the BIT companies is located, provide for longer or shorter retention periods for the Application Details, these periods will of course be observed.
Security of your data
We have taken adequate technical and organizational precautionary measures to prevent loss, misuse or an unauthorized change of your personal data. We store all personal data you provide on our secure servers (which are password and firewall-protected). All electronic transactions you perform with us or receive from us are encrypted. Please keep in mind, however, that a data transfer over the Internet is never entirely secure and that we cannot guarantee the security of data transferred over the Internet.
Your rights as data subject
You will obtain from us confirmation or information on personal data concerning you at any time, without providing any reasons and at no costs (Article 15 GDPR). Above that, you are entitled to correction of inaccurate data as well as deletion of your personal data, unless we have legitimate reason opposing an erasure (Article 17 (3) GDPR), or blocking of your personal data. Insofar as data processing is carried out on the basis of Article 6 (1) sentence 1 lit. (f) GDPR (legitimate interests) you are entitled pursuant to Article 21 GDPR to exercise your right to object to the processing of your personal data at any time on grounds relating to your particular situation, or if you object to processing for direct marketing purposes. As regards the latter case, you are entitled to a general right of objection with which we will comply without your specifying any reasons on grounds relating to your particular situation (Article 21 (2) GDPR). In the event of such an objection on grounds relating to your particular situation, we shall no longer process your personal data, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or such processing serves the establishment, exercise or defense of legal claims (Article 21 (1) GDPR).
You may revoke any consent you provided to us at any time with effect for the future.
Moreover, in case you have provided personal data concerning yourself and we have processed your data due to your consent or for the purposes of performance of contract, you have the right to request to be provided with these data in a structured, commonly used and machine-readable format, as well as the right to have this information transmitted to another data controller, where it is technically feasible (so-called right to data portability).
You may also lodge a complaint with a supervisory authority if you believe that data processing performed by us infringes on statutory regulations.
To assert your rights specified above please contact us under our address above or contact either us or our data protection officer by e-mail.
Data protection officer
We have appointed internal data protection coordinators in our company and an external data protection officer. They perform organizational and technical measures to ensure that your personal data are well protected. Please contact the BIT Analytical Instruments GmbH data protection officer if you have questions on data protection at firstname.lastname@example.org.
If you wish to mail please use our mail address above.
Links to other websites