Privacy Policy

1. Data protection at a glance

General information

The following information provides an overview of how your personal data is processed when you visit this website. Personal data is all data with which you can be personally identified. For detailed information on the subject of data protection, please refer to our data protection declaration listed below this text and the data protection information for employees, applicants and business partners in accordance with Art. 13 and Art. 14 GDPR.

Data collection on our website

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. You can find their contact details in the "Information about the controller" section.

How do we collect your data?

On the one hand, your data is collected when you provide it to us. This may, for example, be data that you enter in a contact form. Other data is collected automatically or with your consent by our IT systems when you visit the website. This is primarily technical data (e.g. internet browser, operating system or time of page view). This data is collected automatically as soon as you enter this website.

What do we use your data for?

Some of the data is collected to ensure that the website is provided in an error free format. Other data may be used to analyze your user behavior.

What rights do you have regarding your data?

You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time for the future. You also have the right to request the restriction of the processing of your personal data under certain circumstances. You also have the right to lodge a complaint with the competent supervisory authority. You can contact us at any time if you have any further questions on the subject of data protection.

2. General and mandatory information

Data protection

The controller takes the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

When you use this website, various personal data is collected. Personal data is data that can be used to identify you personally. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

We would like to point out that data transmission over the Internet (e.g. when communicating by email) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.

Note on the person responsible

aigner business solutions GmbH
Goldener Steig 42
94116 Hutthurm

Phone: +49 (0) 8505 91927 – 0
Email: info@aigner-business-solutions.com

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).

Storage period

Unless a more specific storage period has been specified in this privacy policy, your personal data will remain with us until the purpose for processing the data no longer applies. If you assert a justified request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, deletion will take place after these reasons no longer apply.

Data protection officer required by law

We have appointed a data protection officer for our company in accordance with Art. 37 et seq. GDPR has been appointed.

Benedict Taube
aigner business solutions GmbH
Goldener Steig 42
94116 Hutthurm

Telefon: +49 8505 91927-0
E-Mail: benedict.taube@aigner-business-solutions.com
Website: www.aigner-business-solutions.com

Note on data transfer to the USA

Among other things, tools from companies based in the USA are integrated on our website. If these tools are active, your personal data may be transferred to the US servers of the respective companies. We would like to point out that the USA is not a safe third country within the meaning of EU data protection law. US companies are obliged to disclose personal data to security authorities without you as the data subject being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g. secret services) may process, evaluate and permanently store your data on US servers for surveillance purposes. We have no influence on these processing activities.

Forwarding to third-party websites

We have included links to websites of third parties. If you click on these links, data will be transmitted to the operator of the website. This privacy policy does not regulate the collection, transfer or handling of personal data by third parties. Please check the privacy policy of the responsible party.

Declaration of consent according to §25 (1) New German Telecommunications-Telemedia Data Protection Act (abbreviated to TTDSG)

Depending on your consent, we use various tools on our website that process your data. If we base data processing on your declaration of consent in accordance with Art. 6 para. 1 lit. a GDPR and inform you in our privacy policy about the purpose and mode of action of the declaration of consent, your consent also applies within the meaning of §25 (1) TTDSG.

Please refer to the privacy policy to find out which cookies, plug-ins and other data processing tools are used.

Withdrawal of your consent to data processing

Many data processing operations are only possible with your express consent. You can withdraw your consent at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to object to data collection in special cases and to direct advertising (Art. 21 GDPR)

IF THE DATA PROCESSING IS BASED ON ART. 6 (1) (E) OR (F) GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA CONCERNED UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS OR THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE OR DEFENSE OF LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 21 (1) GDPR).

IF YOUR PERSONAL DATA ARE PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH MARKETING; THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR THE PURPOSE OF DIRECT MARKETING (OBJECTION PURSUANT TO ART. 21 (2) GDPR).

Right to lodge a complaint with the competent supervisory authority

In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their ordinary residence, place of work or place of the alleged violation. The right to lodge a complaint is without prejudice to any other administrative or judicial remedy.

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only take place if it is technically feasible.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Information, deletion and correction

Within the framework of the applicable legal provisions, you have the right to free information about your stored personal data, its origin, recipients and the purpose of the data processing and, if necessary, a right to correction or deletion of this data at any time. You can contact us at any time with regard to this and other questions on the subject of personal data.

Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. You can contact us at any time to do this. The right to restriction of processing exists in the following cases:

If you dispute the accuracy of your personal data stored by us, we generally need time to verify this. For the duration of the review, you have the right to request that the processing of your personal data be restricted.
If the processing of your personal data was/is unlawful, you can request the restriction of data processing instead of erasure.
If we no longer need your personal data, but you need it for the exercising, defense or assertion of legal claims, you have the right to request the restriction of the processing of your personal data instead of its erasure.
If you have lodged an objection in accordance with Art. 21 para. 1 GDPR, a balance must be struck between your interests and ours. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.

If you have restricted the processing of your personal data, this data - apart from its storage - may only be processed with your consent or for the establishment, exercising or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.

3. Data collection on this website

Cookies

Our Internet pages use so-called "cookies". Cookies are small text files and do not cause any damage to your end device. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or they are automatically deleted by your web browser.

In some cases, cookies from third-party companies may also be stored on your device when you visit our website (third-party cookies). These enable us or you to use certain services of the third-party company.

Cookies have various functions. All of the cookies we use are technically necessary, as certain website functions would not work without them.

Cookies that are required to carry out the electronic communication process (necessary cookies) or to provide certain functions that you have requested are stored on the basis of Art. 6 para. 1 lit. f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimized provision of its services.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.

If cookies are used by third-party companies or for analysis purposes, we will inform you about this separately in the context of this privacy policy and, if necessary, request your consent.

Necessary

Name	Provider	Purpose	Expiry
csrf_https-contao_csrf_token	aigner-business-solutions.com	Prevents CSRF attacks and serves the security of the website and its visitors.	Session
cookie-notice	aigner-business-solutions.com	Saves the subject's reaction to the cookie notification.	1 year
PHPSESSID	aigner-business-solutions.com	Stores the ID of the session to allow login to the backend so that security features of the CMS work properly.	Session
youtube	Google LLC	Saves the consent that YouTube videos may be loaded.	1 year

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are

Browser type and browser version
Operating system used
referrer URL
Host name of the accessing computer
Time of the server request
IP address

This data is not merged with other data sources.

This data is collected on the basis of Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of their website - the server log files must be recorded for this purpose.

Inquiry by email or telephone

If you contact us by email, telephone or fax, we will store and process your request, including all resulting personal data (name, request) for the purpose of processing your request. We will not pass on this data without your consent.

This data is processed on the basis of Art. 6 (1) (b) GDPR if your request is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the inquiries addressed to us (Art. 6 (1) (f) GDPR).

The data you send to us via contact requests will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.

Contact form

If you send us inquiries via the contact form, the contact details you provide and the content of your inquiry will be stored by us for processing. We will not pass on this data without your consent.

This data is processed on the basis of Art. 6 (1) (b) GDPR if your request is necessary to fulfill a contract or to carry out pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the inquiries addressed to us (Art. 6 (1) (f) GDPR).

The data you provide will remain with us until the purpose for data storage no longer applies or you request us to delete it. Legal provisions, in particular retention obligations, remain unaffected.

4. Newsletter

To receive the newsletter offered on our website, you can register using our form. By registering, you give a declaration of consent within the meaning of Art. 6 (1) (a) GDPR and Art. 7 (2) (3) German Law Against Unfair Competition (hierafter refered to as UWG), which entitles us to use your data for advertising purposes via our newsletter. We use the so-called double opt-in procedure to prove that the declaration of consent has been issued correctly. In this case, a confirmation email will first be sent to the email address you have provided, requesting confirmation. The registration only becomes effective when you click on the activation link contained in the confirmation email. We use your data transmitted to us exclusively for sending the newsletter, which may contain information or offers.

We use rapidmail to send our newsletter. Your data will therefore be transmitted to rapidmail GmbH. In doing so, rapidmail GmbH is prohibited from using your data for purposes other than sending the newsletter. Rapidmail GmbH is not permitted to pass on or sell your data. rapidmail is a German, certified newsletter software provider that has been carefully selected in accordance with the requirements of the GDPR and the BDSG.

You can revoke your consent to the storage of the data and its use for sending the newsletter at any time, e.g. via the unsubscribe link in the newsletter.

5. Plugins and tool

YouTube

This website integrates videos from the YouTube website. The operator of the website is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube in extended data protection mode. According to YouTube, this mode means that YouTube does not store any information about visitors to this website before they watch the video. However, the transfer of data to YouTube partners is not necessarily excluded by the extended data protection mode. For example, regardless of whether you watch a video, YouTube establishes a connection to the Google DoubleClick network and Google Fonts are used to display the video headings and content of the video ad interface.

When you visit one of our websites on which YouTube is integrated, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited.

Furthermore, YouTube can store various cookies on your device or use comparable technologies to recognize you (e.g. device fingerprinting). In this way, YouTube can obtain information about visitors to this website. This information is used, among other things, to record video statistics, improve user-friendliness and prevent fraud attempts.

If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

The use of YouTube is in the interest of an appealing presentation of our online offers. The processing takes place exclusively on the basis of Art. 6 (1) (a) GDPR. You can revoke your consent at any time.

Data transfer to the USA is based on the EU-US Data Privacy Framework.

Further information on the handling of user data can be found in YouTube's privacy policy at: https://policies.google.com/privacy?hl=de.

Google Fonts

This website uses Google Fonts. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

YouTube uses so-called Google Fonts, which are provided by Google, for the uniform display of fonts. When you access a page on which YouTube videos are embedded, your browser loads the required fonts into your browser cache in order to display texts and fonts correctly.

For this purpose, the browser you are using must connect to Google's servers. This informs Google that this website has been accessed via your IP address. The use of Google Fonts is based on Art. 6 (1) (a) GDPR and § 25 (1) TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's end device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

Consent can be revoked at any time. Data transfer to the USA is based on the EU-US Data Privacy Framework.

If your browser does not support Google Fonts, a standard font will be used by your computer.

Further information on Google Fonts can be found at https://developers.google.com/fonts/faq and in Google's privacy policy: https://policies.google.com/privacy?hl=de.

6. Data protection information social media

We use business accounts on Facebook, Instagram, LinkedIn, Xing, YouTube and Kununu. When you visit our social media presence, you have the opportunity to react to our posts, comment on them and send us messages. Your visit to our social media profiles initiates a variety of data processing operations on your personal data. We would like to inform you about your rights in this data processing of your personal data.

You are not obliged to provide us with your personal data. However, it may be necessary to do so for the individual functionality of our social media presence. We process your data for customer-oriented company presentation, for a market-effective external presentation and for communication with the users of our social media presence. This data transfer and processing takes place through your voluntary use of the platforms in accordance with Art. 6 (1) (a), Art. 49 (1) (a) GDPR.

If you contact us via one of our social media channels, the data you provide will only be used for the purpose of contacting you. The legal basis for this form of data processing is Art. 6 (1) (a) GDPR, your consent to contact us via the respective social media channel, Art. 6 (1) (b) GDPR in the event of the initiation or execution of contracts, Section 26 BDSG for employment-related contacts and Art. 6 (1) (f) GDPR in the event of an overriding, legitimate interest in effective public relations work.

We would like to point out that the platform operators use web tracking and profiling systems that create extensive profiles about the users of these platforms. However, we have no influence over these systems. When you visit our social media pages, your personal data is not only collected, used and stored by us, but also by the social media operators. This happens even if you yourself do not have a profile on the respective social network. For details on the collection and storage of your personal data as well as the type, scope and purpose of its use by the social media, please refer to their privacy policies:

Facebook.com: https://de-de.facebook.com/privacy/explanation
Instagram.com: https://privacycenter.instagram.com/policy
LinkedIn.com: https://de.linkedin.com/legal/privacy-policy
Xing.com: https://privacy.xing.com/de/datenschutzerklaerung
YouTube.com: https://policies.google.com/privacy
Kununu: https://privacy.xing.com/de/datenschutzerklaerung

Information on data transfer to a third country

The headquarters of the providers of Facebook, Instagram, LinkedIn and YouTube are located in the USA. This means that all your data is transferred to an insecure third country where there is no protection of your personal data comparable to the standard within the European Union. Xing and Kununu have their headquartered in Germany. According to the providers, data may nevertheless be transferred to insecure third countries when using the platform.

The data transfer takes place on the basis of consent in accordance with Art. 6 (1) (a), Art. 49 (1) (a) GDPR, unless the respective provider is certified under the EU-US Data Privacy Framework.

Secure communication

Furthermore, communication via the Internet can never be fully secured. Therefore, please do not send us any particularly sensitive data and personal information, in particular no applications via our social media presence. You can also contact us with your request at any time via our other communication channels listed in the legal notice.

Information letter on data protection

Information on data protection for applicants
Information on data protection for business partners

Disclaimer

The content of this website - especially in the area of job advertisements, blog articles and information letters on data protection - is aimed equally at persons of all genders (m/f/d). For better readability, only the masculine form is generally used.