Contact

Privacy Policy

Preamble

With the following privacy policy, we would like to inform you about which types of your personal data (hereinafter also referred to as “data”) we process, for what purposes, and to what extent. This privacy policy applies to all processing of personal data carried out by us, both in the context of providing our services and, in particular, on our websites, in mobile applications, and within external online presences, such as our social media profiles (hereinafter collectively referred to as the “online offering”).

The terms used are not gender-specific.

Status: 15 November 2024

Table of Contents

  • Preamble
  • Controller
  • Data Protection Officer
  • Relevant Legal Bases
  • Overview of Processing
  • Security Measures
  • Transfer of Personal Data
  • Data Processing in Third Countries
  • Deletion of Data
  • Use of Cookies
  • Business Services
  • Service Providers and Tools Used in the Course of Business Activities
  • Provision of the Online Offering and Web Hosting
  • Contact and Inquiry Management
  • Video Conferences, Online Meetings, Webinars, and Screen Sharing
  • Appointment Scheduling with “Microsoft Bookings”
  • Communication via Messenger
  • Application Procedures
  • Newsletter and Electronic Notifications
  • Promotional Communication via Email, Post, Fax or Telephone
  • Competitions and Contests
  • Surveys and Polls
  • Web Analysis, Monitoring and Optimization
  • Online Marketing
  • Social Media Presences
  • Plugins and Embedded Functions and Content
  • Whistleblower Channel (Whistleblower Protection Act, Supply Chain Due Diligence Act)
  • Amendment and Updating of the Privacy Policy
  • Rights of Data Subjects
  • Definitions of Terms

Joint Controllers for Data Processing

For all processing activities mentioned, the following parties are jointly responsible for data processing:

quip GmbH | AllcuraMed Personal GmbH | equipment GmbH
Thomas-Edison-Straße 5-7
D-52499 Baesweiler
Phone: 02401 6036 – 0
zentrale@quip.de

Data Protection Officer

You can reach the data protection officer of the joint controllers for data processing by post at quip GmbH, Thomas-Edison-Straße 5-7, D-52499 Baesweiler, with the note “Data Protection Officer,” by phone at +49 (0) 2401 60 360, or by email at datenschutz@quip.de.

Relevant Legal Bases

Below you will find an overview of the legal bases of the GDPR on which we process personal data. Please note that, in addition to the provisions of the GDPR, national data protection regulations may apply in your or our country of residence or establishment. If more specific legal bases are relevant in individual cases, we will inform you of these in the privacy policy.

  • Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR) The data subject has given consent to the processing of their personal data for one or more specific purposes.
  • Contract performance and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR) Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
  • Legal obligation (Art. 6 para. 1 sentence 1 lit. c) GDPR) Processing is necessary for compliance with a legal obligation to which the controller is subject.
  • Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR) Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.
  • Application procedures as a pre-contractual or contractual relationship (Art. 6 para. 1 sentence 1 lit. b) GDPR) If, in the course of the application process, special categories of personal data within the meaning of Art. 9 para. 1 GDPR (e.g., health data, such as disability status or ethnic origin) are requested from applicants so that the controller or the data subject can exercise rights arising from employment law and social security and social protection law and fulfill respective obligations, their processing is carried out in accordance with Art. 9 para. 2 lit. b GDPR, in the case of protection of vital interests of applicants or other persons in accordance with Art. 9 para. 2 lit. c GDPR, or for purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, for medical diagnosis, the provision of health or social care or treatment, or the management of health or social care systems and services in accordance with Art. 9 para. 2 lit. h GDPR. In the case of voluntary disclosure of special categories of data, processing is based on Art. 9 para. 2 lit. a GDPR.
  • Processing of special categories of personal data in relation to healthcare, employment, and social security (Art. 9 para. 2 lit. h) GDPR)
  • Consent to the processing of special categories of personal data (Art. 9 para. 2 lit. a) GDPR)
  • Processing of special categories of personal data to protect vital interests (Art. 9 para. 2 lit. c) GDPR)

National Data Protection Regulations in Germany: In addition to the data protection regulations of the GDPR, national regulations on data protection apply in Germany. This includes, in particular, the Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG). The BDSG contains, in particular, special provisions on the right to information, the right to deletion, the right to object, the processing of special categories of personal data, processing for other purposes, and transmission as well as automated decision-making in individual cases, including profiling. Furthermore, the data protection laws of the individual federal states may apply.

Note on the applicability of the GDPR and the Swiss FADP: These data protection notices serve to provide information both under the Swiss Federal Act on Data Protection (Swiss FADP) and under the General Data Protection Regulation (GDPR). For this reason, please note that, due to the broader territorial scope and understandability, the terms of the GDPR are used. In particular, instead of the terms “processing” of “personal data,” “overriding interest,” and “particularly sensitive personal data” used in the Swiss FADP, the terms “processing” of “personal data” as well as “legitimate interest” and “special categories of data” used in the GDPR are used. However, the legal meaning of the terms will continue to be determined in accordance with the Swiss FADP within the scope of its applicability.

Overview of Processing

The following overview summarizes the types of data processed and the purposes of their processing and refers to the data subjects concerned.

Types of data processed

  • Inventory data
  • Payment data
  • Location data
  • Contact data
  • Content data
  • Contract data
  • Usage data
  • Meta, communication, and procedural data
  • Applicant data
  • Event data (Facebook)
  • Data relating to a tip or complaint

Categories of data subjects

  • Customers
  • Employees
  • Interested parties
  • Communication partners
  • Users
  • Applicants
  • Sweepstakes and competition participants
  • Business and contractual partners
  • Participants
  • Whistleblowers
  • Complainants

Purposes of processing

  • Provision of contractual services, fulfillment of contractual obligations, and customer service
  • Contact requests and communication
  • Security measures
  • Direct marketing
  • Reach measurement
  • Tracking
  • Office and organizational procedures
  • Conversion measurement
  • Audience building
  • Administration and response to inquiries
  • Application procedures
  • Conducting sweepstakes and competitions
  • Feedback
  • Marketing
  • Profiles with user-related information
  • Provision of our online offering and user-friendliness
  • Information technology infrastructure

Security Measures

We take appropriate technical and organizational measures in accordance with legal requirements, taking into account the state of the art, implementation costs, the nature, scope, circumstances, and purposes of processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons, to ensure a level of protection appropriate to the risk.

Measures include, in particular, safeguarding the confidentiality, integrity, and availability of data by controlling physical and electronic access to the data as well as access, input, transfer, securing availability, and separation of data. Furthermore, we have established procedures to ensure the exercise of data subject rights, deletion of data, and response to data threats. We also take data protection into account when developing or selecting hardware, software, and procedures, in accordance with the principle of data protection by design and by default.

TLS encryption (https): To protect the data you transmit via our online offering, we use TLS encryption. You can recognize such encrypted connections by the prefix https:// in your browser’s address bar.

Definitions of Terms

In this section, you will find an overview of the terms used in this privacy policy. Where terms are legally defined, their legal definitions apply. The following explanations are intended primarily to aid understanding.

  • Conversion measurement: Conversion measurement (also referred to as “visit action evaluation”) is a method by which the effectiveness of marketing measures can be determined. A cookie is typically stored on users’ devices on the websites where the marketing measures take place and is then retrieved again on the target website. For example, this allows us to track whether the ads we have placed on other websites were successful.
  • Personal data: “Personal data” means all information relating to an identified or identifiable natural person (hereinafter “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g., cookie), or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
  • Profiles with user-related information: The processing of “profiles with user-related information,” or simply “profiles,” includes any type of automated processing of personal data that consists of using these personal data to analyze, evaluate, or predict certain personal aspects relating to a natural person (depending on the type of profiling, this may include various information regarding demographics, behavior, and interests, such as interaction with websites and their content, etc.). Cookies and web beacons are often used for profiling purposes.
  • Reach measurement: Reach measurement (also known as web analytics) is used to evaluate the flow of visitors to an online offering and may include behavior or interests of visitors in certain information, such as website content. With the help of reach analysis, website owners can, for example, recognize at what times visitors visit their website and for which content they are interested. This enables them to better tailor the content of the website to the needs of their visitors. Pseudonymous cookies and web beacons are often used for reach analysis to recognize returning visitors and thus obtain more precise analyses of the use of an online offering.
  • Location data: Location data is generated when a mobile device (or another device with the technical prerequisites for determining location) connects to a cell, WLAN, or similar technical means and functions for determining location. Location data is used to indicate at which geographically determinable position on earth the respective device is located. Location data can be used, for example, to display map functions or other location-dependent information.
  • Tracking: “Tracking” refers to the ability to trace the behavior of users across multiple online offerings. In general, behavioral and interest information regarding the online offerings used is stored in cookies or on the servers of the providers of tracking technologies (so-called profiling). This information can then be used, for example, to display advertisements to users that are likely to match their interests.
  • Controller: The “controller” is the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
  • Processing: “Processing” means any operation or set of operations which is performed on personal data, whether or not by automated means. The term is broad and covers practically any handling of data, whether collecting, evaluating, storing, transmitting, or deleting.
  • Audience building: “Audience building” (English: “Custom Audiences”) refers to the process of defining audiences for advertising purposes, for example, displaying advertisements. For example, it can be inferred from a user’s interest in certain products or topics on the Internet that this user is interested in advertisements for similar products or the online shop where they viewed the products. “Lookalike Audiences” refers to showing content deemed suitable to users whose profiles or interests are presumed to be similar to those for whom the profiles were created. Cookies and web beacons are generally used for the purpose of building Custom Audiences and Lookalike Audiences.

Wir freuen uns auf Sie.

Jetzt anrufen

Overview

Services

Product Life Cycle

+ 1.000 Jobs

Apply now!
Facebook Tiktok Instagram Linkedin-in Xing