Our privacy notice
Introduction and general comments
This page was last updated on 21.06.2022
This privacy notice applies to the beyonnex.io GmbH, which is responsible for the processing of all personal data
Our data protection officer is
PROLIANCE GmbH
www.datenschutzexperte.de
Leopoldstr. 21
80802 München
datenschutzbeauftragter@datenschutzexperte.de
Protecting personal data is very important to beyonnex.io GmbH (hereinafter referred to as “we”). Therefore we carry out our activities in conformity with applicable legal provisions for the protection of personal data and for data security. Below you can find out what information about you we may collect, how we handle that information and to whom we may disclose it if necessary.
Processing of your personal data on our website
We do not collect any kind of personal data (e.g., names, addresses, telephone numbers or email addresses) via our website unless you voluntarily provide us with said data (e.g., by registering, answering surveys, filling in enquiry forms, making product enquires, registering from training courses or technical seminars, sending job application documents) or have approved said collection, or if it is permitted under the applicable legal provisions concerning the protection of your data. The data is received in unencrypted form.
We will only collect, process and use the personal data you make available online for the purposes disclosed to you. Your data will not be passed on to third parties. You are entitled at any time to demand information about the data stored about you, to object to its collection and demand the erasure of your data.
The only circumstances under which your data cannot be erased is if we need it for contract fulfilment or are obliged to retain it by law.
General data collection
When you visit our website your IP address (temporarily), browser type & version, operating system and the accessed Internet address are automatically stored. The data is collected in anonymised form and is used purely for statistical purposes. No evaluation of this data for the creation of personal usage profiles takes place.
Google Analytics
This website uses Google Analytics, a Web analysis service of Google Inc. (“Google”). Google Analytics uses so-called “Cookies”, text files which are stored on your computer and which make it possible to analyse your use of the website. The information that the cookie generates about your use of this website is transferred to and stored on a server operated by Google in the USA. In exceptional cases only, your full IP address may be transferred to a Google server in the USA and there abridged. On behalf of the operator of this website, Google will use this information to evaluate your use of this website, to compile reports on web activities and to perform other services for the site operator associated with website and internet use. The IP address transferred from your browser by Google Analytics will not be combined with other Google data. You can prevent cookies from being installed by using the appropriate settings in your browser software. However, please note that in this case you may not be able to use the full functionality of this website. Furthermore, you can prevent the recording by Google of the data (including your IP address) generated by the cookie and relating to your use of the website, as well as its processing by Google, by downloading and installing the browser plug-in available from the following link. You can prevent the recording (of your data) by Google Analytics by clicking on the following link. An opt-out cookie will be set which prevents the recording of your data during future visits to this website:
Deactivate Google Analytics
For further information on terms and conditions of use and data protection go to http://www.google.com/analytics/terms/de.html or to https://www.google.de/intl/de/policies/. Please note that on this website Google Analytics code is supplemented by “anonymizeIp” to ensure the anonymised collection of IP addresses (so called IP-masking).
Source: datenschutzbeauftragter-info.de
Our privacy notice concerning your job application
We are delighted that you wish to apply for a job with us. Below we explain how we process your personal data during the application process and also provide you with other information relevant in this connection.
1. Who is responsible for processing your personal data?
beyonnex.io GmbH, Heidenkampsweg 40, 20097 Hamburg (hereinafter referred to as “we”) is the controller within the meaning of the EU General Data Protection Regulation (GDPR).
2. Data protection officer
You may contact our data protection officer Dominik Fünkner with regard to all issues related to processing of your personal data and to the exercise of your rights under the GDPR. He can be reached via email at datenschutz@beyonnex.io.
3. For what purposes and on what legal basis do we process personal data?
We process personal data about you only for the purpose of your application for employment and in so far as this is necessary for the decision concerning your establishment of an employment relationship with us. The legal basis for this is Section 26 paragraph 1 in conjunction with paragraph 8 sentence 2 of the German Federal Data Protection Act (Bundesdatenschutzgesetz - BDSG).
We are also entitled to process personal data about you in so far as this is necessary in order to defend against legal claims asserted against us arising from the application process. The legal basis for this is Article 6 paragraph 1, point f of the GDPR, the legitimate interest may for example be a burden of proof in a legal case pursuant to the German General Act on Equal Treatment (Allgemeines Gleichbehandlungsgesetz - AGG).
Should you enter into our employment, pursuant to Section 26 paragraph 1 BDSG we may further process the personal data on you that we already hold for purposes of the employment relationship if this is necessary for the carrying out or terminating the employment contract or to exercise or satisfy rights and obligations of employees’ representation laid down by law or by collective agreements or other agreements between the employer and staff council.
4. What categories of personal data do we process?
We process data which is connected with your application. This might include general personal data such as your name, address and contact details, information on your professional qualifications and school education, details of vocational training or other information which you may provide us with in connection with your application. Moreover, we may process employment-related information which you have made publicly available, for instance a profile on professional social media networks.
5. What sources do personal data derive from if we do not collect them from you?
If we do not collect the data directly from you and you have an active profile, for example on LinkedIn or Xing, or you disclose an inactive or only partially active profile to us during an application process, we may also collect personal data from that profile.
6. What categories of data recipients are there?
We may transfer your personal data to companies affiliated with us provided this is permissible in accordance with the purposes and legal basis set forth in point 3. above. Moreover, personal data will be processed on our behalf on the basis of contracts pursuant to Article 28 GDPR, in particular by host providers or providers of job application management systems.
7. Is any transfer to a third country envisaged?
We do not intend to transfer (personal data) to a third country outside the European Union.
8. How long will your data be stored?
We will store your personal data for as long as necessary in order to arrive at a decision concerning your application. Furthermore, if we do not enter into an employment relationship with you we may nevertheless continue to store data in so far as this may be necessary to defend against possible legal claims. Accordingly, your application documents will be erased two months after we notify you of our decision not to employ you, unless longer storage is necessary due to legal disputes.
9. What rights do you have?
As an applicant for a job with us, depending on the individual situation you have the following data protection rights, for the exercise of which you may contact us or our data protection officer at any time using the contact details given in points 1 and 2 above:
a. Information
You have the right to be informed of the personal data about you which we have processed as well as to demand access to your personal data and/or copies of that data. This includes information about the purpose of its use, the category of the data used, its recipients and persons with access authorisation as well as, if possible, the planned duration of data storage or, should this not be possible, the criteria by which this duration is determined;
b. Rectification, erasure or restriction of processing
You have the right to demand the immediate rectification of inaccurate personal data concerning you. Taking duly into account the purposes of the processing, you have the right to demand the completion of incomplete personal data, including by means of a supplementary statement.
c. Right to object
Provided the processing of your personal data takes place pursuant to Article 6 paragraph 1 point f GDPR, you have the right, for reasons arising from your specific situation, at any time to object to the processing of that data. We will thereupon cease processing that personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if said processing is for the purpose of establishing, exercising or defending legal claims
d. Right to withdraw (consent)
If the processing is founded on your consent, you have the right to withdraw that consent at any time, without this affecting the lawfulness of processing based on consent before its withdrawal. You may contact us or our data protection officer at any time concerning this, using the details given above.
e. Right to erasure
You have the right to demand that we erase personal data concerning you without undue delay, and we are obliged to erase personal data without undue delay where one of the following grounds applies:
- The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed
- You object to the processing pursuant to point 9 c. above and there are no overriding legitimate grounds for the processing.
- The personal data have been unlawfully processed.
- The personal data have to be erased for compliance with a legal obligation in Union or Member State law to which we are subject.
This shall not apply to the extent that processing is necessary:
- for compliance with a legal obligation which requires processing by Union or Member State law to which we are subject.
- for the establishment, exercise or defence of legal claims.
f. Right to restriction of processing
You have the right to demand from us the restriction of processing if one of the following applies:
- you contest the accuracy of the personal data for a period long enough to enable the controller to verify the accuracy of that personal data,
- the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
- we no longer need the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims, or
- You have objected to processing pursuant to point 9.c above, and providing it is not established that our legitimate grounds override your own grounds.
Where processing has been restricted pursuant to the present point e., this personal data shall, with the exception of its storage, only be processed with your consent or for the establishment, exercise or defence of legal claims, for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State. If you have obtained a restriction of processing, we shall inform you before the restriction of processing is lifted.
g. Right of complaint
Without prejudice to any other administrative or judicial redress, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.
10. Necessity to provide personal data
The provision of personal data is neither a statutory nor a contractual requirement, nor are you obliged to provide the personal data. However, the provision of personal data is necessary in order to enter into an employment contract with us. This means that if you do not provide us with any personal data when making an application, we will not be able to enter into an employment relationship with you.
11. No automated decision-making
No automated decision-making within the meaning of Article 22 GDPR takes place in individual cases. In other words, the decision concerning your application will not be based on automated processing
Data Protection Information for Customers/other Contractual Partners and Interested Parties
Information on data protection regarding our processing of customer and prospect data in accordance with Articles 13, 14 and 21 of the General Data Protection Regulation (GDPR)
Dear customer, dear interested party, dear contractual partner
In accordance with the provisions of Articles 13, 14 and 21 of the General Data Protection Regulation (GDPR), we hereby inform you about the processing of your personal data and your rights under data protection law in this regard. Which data is processed in detail and how it is used depends largely on the services requested or agreed. In order to ensure that you are fully informed about the processing of your personal data in the context of the fulfilment of a contract or the implementation of pre-contractual measures, please take note of the following information.
1. Responsible Body within the Meaning of Data Protection Law
beyonnex.io GmbH
Heidenkampsweg 40, 20097 Hamburg
T 040 - 237 75-700
F 040 - 237 75-8700
info@beyonnex.io
www.beyonnex.io/
2. Contact Details of Our Data Protection Officer
PROLIANCE GmbH
www.datenschutzexperte.de
Leopoldstr. 21, 80802 München
datenschutzbeauftragter@datenschutzexperte.de
3. Purposes and Legal Basis of the Processing
We process your personal data in accordance with the provisions of the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG), insofar as this is necessary for the establishment, execution and fulfilment of a contract and for the implementation of pre-contractual measures. Insofar as personal data is required for the initiation or fulfilment of a contractual relationship or in the context of the implementation of pre-contractual measures, processing is lawful pursuant to Art. 6 para. 1 lit. b GDPR.
If you give us your express consent to process personal data for certain purposes (e.g. disclosure to third parties, evaluation for marketing purposes or advertising by e-mail), the lawfulness of this processing is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR. Any consent given can be revoked at any time with effect for the future (see section 9 of this data protection information).
If necessary and legally permissible, we process your data beyond the actual contractual purposes to fulfil legal obligations in accordance with Art. 6 para. 1 lit. c GDPR. In addition, processing may be carried out to protect the legitimate interests of us or third parties and for the defence and assertion of legal claims in accordance with Art. 6 para. 1 lit. f GDPR. If necessary, we will inform you separately, stating the legitimate interest, insofar as this is required by law.
4. Categories of Personal Data
We only process data that is related to the establishment of the contract or the pre-contractual measures. This may be general data about you or persons in your company (name, address, contact details, etc.) as well as any other data that you provide to us in the context of establishing the contract.
5. Sources of the Data
We process personal data that we receive from you in the context of establishing contact or establishing a contractual relationship or in the context of pre-contractual measures.
6. Recipient of the Data
We only pass on your personal data within our company to those areas and persons who need this data to fulfil contractual and legal obligations or to implement our legitimate interest.
We may transfer your personal data to companies affiliated with us insofar as this is permitted within the scope of the purposes and legal bases set out in section 3 of this data protection information sheet.
Your personal data is processed on our behalf on the basis of order processing contracts in accordance with Art. 28 GDPR. In these cases, we ensure that the processing of personal data is carried out in accordance with the provisions of the GDPR. The categories of recipients in this case are providers of internet service providers and providers of customer management systems and software.
Otherwise, data will only be passed on to recipients outside the company if this is permitted or required by law, if the transfer is necessary for processing and thus for the fulfilment of the contract or, at your request, for the implementation of pre-contractual measures, if we have your consent or if we are authorised to provide information. Under these conditions, recipients of personal data may be, for example:
- External tax consultant
- Public bodies and institutions (e.g. public prosecutor's office, police, supervisory authorities, tax office) if there is a legal or official obligation.
7. Transfer to a Third Country
A transfer to a third country is not intended.
8. Duration of Data Storage
Where necessary, we process and store your personal data for the duration of our business relationship or for the fulfilment of contractual purposes. This also includes the initiation and fulfilment of a contract.
In addition, we are subject to various retention and documentation obligations, including those arising from the German Commercial Code (HGB) and the German Fiscal Code (AO). The retention and documentation periods stipulated there are two to ten years.
Finally, the storage period is also based on the statutory limitation periods, which, for example, according to Sections 195 et seq. of the German Civil Code (BGB), are generally three years, but in certain cases can be up to thirty years.
9. Your Rights
Every data subject has the right of access under Art. 15 GDPR, the right to rectification under Art. 16 GDPR, the right to erasure under Art. 17 GDPR, the right to restriction of processing under Art. 18 GDPR, the right to notification under Art. 19 GDPR and the right to data portability under Art. 20 GDPR.
In addition, you have the right to lodge a complaint with a data protection supervisory authority in accordance with Art. 77 GDPR if you believe that your personal data is being processed unlawfully. The right to lodge a complaint is without prejudice to any other administrative or judicial remedy.
If the processing of data is based on your consent, you are entitled under Art. 7 GDPR to withdraw your consent to the use of your personal data at any time. Please note that the revocation is only effective for the future. Processing that took place before the revocation is not affected. Please also note that we may have to retain certain data for a certain period of time in order to fulfil legal requirements (see section 8 of this data protection information).
Right of objection
Insofar as your personal data is processed in accordance with Art. 6 para. 1 lit. f GDPR to safeguard legitimate interests, you have the right to object to the processing of this data at any time in accordance with Art. 21 GDPR for reasons arising from your particular situation. We will then no longer process this personal data unless we can demonstrate compelling legitimate grounds for the processing. These must outweigh your interests, rights and freedoms, or the processing must serve the assertion, exercise or defence of legal claims.
In individual cases, we process your personal data for the purpose of direct advertising. You have the right to object at any time to processing for the purpose of such advertising. This also applies to profiling insofar as it is associated with this direct advertising. If you object to processing for the purpose of direct marketing, we will no longer process your personal data for these purposes.
To safeguard your rights, you can contact us using the contact details provided in section 1.
10. Necessity of the Provision of Personal Data
The provision of personal data for the decision on the conclusion of a contract, the fulfilment of a contract or for the implementation of pre-contractual measures is voluntary. However, we can only make a decision within the framework of contractual measures if you provide personal data that is necessary for the conclusion of the contract, the fulfilment of the contract or pre-contractual measures.
11 Automated Decision-Making
In principle, we do not use fully automated decision-making in accordance with Art. 22 GDPR to establish, fulfil or implement the business relationship or for pre-contractual measures. Should we use these procedures in individual cases, we will inform you of this separately or obtain your consent if this is required by law.