Privacy Policy
We are pleased to welcome you to our website.
We are pleased to welcome you to our website. The protection of your personal data is important to us and we want you to feel safe when visiting our website. We protect your privacy and your personal data. We process your personal data in accordance with the provisions of this privacy policy as well as the country-specific data protection regulations and the provisions of the General Data Protection Regulation (“GDPR“).
In this privacy policy, we provide you with an overview of the types of data we collect during your visit on our website and how they are used:
1. Name and contact details of the data controller
As the operator of the website https://vmt-jobs.com, VMT GmbH, Stegwiesenstrasse 24, 76646 Bruchsal, Germany, is the data controller within the meaning of the GDPR.
2. Contacting the Data Protection Officer
You can contact our Data Protection Officer at any time with any privacy concerns at datenschutz@vmt-gmbh.de.
3. What is personal data?
Personal data refers to any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
4. Purposes of data processing
The extent and nature of the collection, processing and use of your data depends on whether you visit our website only to retrieve generally available information or make use of additional services. We always process your personal data in the course of our business activities for pre-contractual or contractual purposes. In addition, the exercise of our legitimate interest or compliance with legal requirements may also be the substantive purpose of data processing by us. We inform you about the respective specific purposes of data processing in the sections below.
5. Legal basis of data processing
We process your personal data according to the following legal bases:
- To fulfill pre-contractual or contractual obligations (Art. 6 (1) (b) GDPR)
- On the basis of your consent (Art. 6 (1) (a) GDPR)
- In the context of a balancing of interests (Art. 6 (1) (f) GDPR)
- Due to legal requirements (Art. 6 (1) (c) GDPR)
In connection with the respective instances of data processing carried out by us we will inform you of the specific legal basis of the data processing.
6. Right to object
If in the context of a balancing of interests we process your personal data on the basis of our overriding legitimate interest (legal basis for data processing is Art. 6 (1) (f) GDPR), you have the right to object to this processing at any time for reasons arising from your particular situation. If you exercise your right to object, we will stop processing the data concerned. However, we reserve the right to further processing (with the exception of direct advertising, in which case we will comply with your objection immediately) if we can demonstrate compelling legitimate grounds for the processing which outweigh your interests, rights and freedoms, or if the processing is for the assertion, exercise or defense of legal claims. More extensive data subject rights remain unaffected by this.
7. Use of our website for information purposes
For the purely informational use of our website, it is not necessary for you to provide any personal information at all. Rather, in this case, when you access our web pages, we only collect the data that your internet browser automatically transmits to us, such as:
- Referrer (previously visited website)
- Requested web page or file
- Browser type and version
- Operating system
- Device type
- Time of access
- IP address in anonymized form
- Other similar data and information used to avert danger in the event of attacks on our information technology systems.
This is usually done using log files. The purpose of processing is to ensure the functionality and compatibility of our website for technically unproblematic use, including troubleshooting and protection against technical attacks and misuse of the usage. The legal basis for this processing is our legitimate interest in accordance with Art. 6 (1) (f) GDPR. Our legitimate interest lies in the proper operation of our website. The log file data is deleted when it is no longer required for the purpose of processing.
8. Use of our website for other services
If you make use of other services of our company via our website, it may be necessary for you to provide personal information. The personal data required for the provision of services is specified in the respective input mask or application. You can voluntarily provide additional information. You can tell which information is required and which is voluntary by the fact that the mandatory information is marked with an asterisk (*) or with the note “Mandatory field”. Your data will be processed exclusively for the purpose of providing the service you requested. The legal basis for the processing of your personal data and the information on when your personal data will be deleted can be found in the description of the specific services.
9. External hosting of the website
We use an external service provider to host our website. The personal data collected on this website is stored on the hosting company’s servers. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contractual data, contact data, names, website accesses and other data generated via a website.
The use of the hosting company is in the interest of the secure, fast and efficient provision of our website (Art. 6 (1) (f) GDPR). Our hosting provider will only process your data to the extent necessary to fulfill its performance obligations in accordance with contractual obligations and instructions from us. We use STRATO AG as our hosting provider. We have concluded a data processing agreement according to Art. 28 GDPR with the hosting provider.
10. Contacting us
Contact form
On our website we offer you the possibility of contacting us via a contact form. The personal data you provide when contacting us via a contact form will only be processed for the purpose of dealing with your contact via the contact form. Data will only be passed on to third parties if this is necessary for the purpose of processing your contact. The legal basis for this processing is Art. 6 (1) (b) GDPR. Your personal data will be deleted when no longer required to fulfill the purpose of your contact. Please note that your messages may have to be stored due to statutory retention requirements. In this case, the legal basis is Art. 6 (1) (c) GDPR.
Contact by email
On our website we offer you the possibility of contacting us by email. Please note that unencrypted communication by email is not secure. It cannot be ruled out that data transmitted in this way may be read, copied, altered or deleted by unauthorized persons. The personal data you provide when contacting us via email will only be processed for the purpose of dealing with your contact via email. Data will only be passed on to third parties if this is necessary for the purpose of processing this contact. The legal basis for this processing is Art. 6 (1) (b) GDPR. Your personal data will be deleted when no longer required to fulfill the purpose of your contact. Please note that your messages may have to be stored due to statutory retention requirements. In this case, the legal basis is Art. 6 (1) (c) GDPR.
11. Newsletter
A newsletter service is not used. Should one be used subsequently, you will find out here.
12. Security
We have taken technical and organizational measures to secure our website and other systems against loss, destruction, access, alteration or distribution of your data by unauthorized persons. In particular, your personal data provided in the contact form will be transmitted in encrypted form. We use the TLS 1.3 (Transport Layer Security) coding system for this purpose.
13. Cookies
We use cookies to track visitor preferences and to optimize the design of our web pages. Cookies are small text files that are stored on your computer whenever you use our website. If you wish, you can delete the cookies at any time. However, this may result in individual functions no longer being available to you. To delete the cookies, please refer to your browser’s help function. For more information about each cookie and its purpose, see our privacy settings.
14. Web analytics
Matomo
This website uses the open source web analytics service Matomo. Matomo is hosted on the server on which this website is operated. Matomo uses so-called “cookies”. These are text files that are stored on your computer and allow an analysis of your use of the website. For this purpose, the information generated by the cookie about the use of this website is stored on our server. The IP address is anonymized before it is stored. The Matomo cookie is a temporary cookie that is deleted from your device after the session expires (at the latest when you close the browser).
Matomo cookies are stored based on your consent according to Art. 6 (1) (a) GDPR. The information generated by the cookie about your use of this website will not be disclosed to third parties. You may refuse the use of cookies by selecting the appropriate settings on your browser; please note, however, that if you do this you may not be able to use the full functionality of this website.
WiredMinds
We use a service from Wiredminds GmbH, Lindenspürstr. 32, 70176 Stuttgart, Germany on our website. The legal basis for this data processing is Art. 6 (1) (a) GDPR.
In connection with the use of WiredMinds, cookies and tracking pixels are used to enable a statistical analysis of the use of this website by your visits. Information – including personal information – about your visitor behavior is stored in the cookie and transmitted to WiredMinds or collected directly by WiredMinds. Using a pseudonym, for analysis purposes the information is processed by WiredMinds in a usage profile and anonymized as far as possible. The data obtained in this way will not be used to identify you personally without your separate consent, nor will the data be merged with personal data about you as the bearer of the pseudonym. As far as IP addresses are collected, they are anonymized immediately after collection by deleting the last number block. For information on the WiredMinds privacy policy, please see: https://wiredminds.de/en/privacy/
15. Social Media
We maintain publicly available profiles on social networks. The individual social networks we use can be found below.
Social networks such as Facebook etc. can generally analyze your user behavior extensively when you visit their website or a website with integrated social media content (such as Like buttons or banner ads). By visiting our social media presences, numerous data protection-relevant processing operations are triggered. Specifically:
If you are logged in to your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. Under certain circumstances, however, your personal data may also be recorded if you are not logged in or do not have an account with the respective social media portal. In this case, data is collected, for example, via cookies which are stored on your device or by recording your IP address.
With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way you can be shown interest-based advertising within and outside of the particular social media presence. If you have an account with the respective social network, the interest-based advertising can be displayed on all devices on which you are or were logged in.
Please also note that we cannot reconstruct all processing processes on the social media portals. Depending on the provider, therefore, additional processing operations may possibly be carried out by the operators of the social media portals. Details can be found in the terms of use and privacy policy of the respective social media portals.
Legal basis
Our social media presences are designed to provide an informative presence on the internet. This is a legitimate interest within the meaning of Art. 6 (1) (f) GDPR. In necessary cases, the legal basis is also Art. 6 (1) (a) GDPR. The analysis processes initiated by the social networks may be based on divergent legal bases to be specified by the operators of the social networks (for example, consent within the meaning of Article 6 (1) (a) GDPR).
Data controller and assertion of rights
If you visit any of our social media sites, together with the social media platform operator we are jointly responsible for the data processing operations triggered during this visit. As a matter of principle, you can assert your rights (access, rectification, erasure, restriction of processing, data portability and complaint) both to us and to the operator of the respective social media portal.
Please note that despite the shared responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are determined by the company policy of the respective provider.
Duration of storage
The data collected directly by us via the social media presence will be deleted from our systems as soon as the purpose of storage no longer exists, you ask us to delete it, you withdraw your consent to the storage or the purpose for the data storage no longer exists. Saved cookies remain on your device until you delete them. Mandatory legal provisions – in particular retention periods – remain unaffected.
We have no control over the duration of storage of your data stored by the social network operators for their own purposes. For details, please refer to the social network operators directly (e.g. in their privacy policy, see below).
Social networks in detail
We have a profile on XING. The operating company of XING is XING AG, Dammtorstrasse 29-32, 20354 Hamburg, Germany. For details on how they handle your personal information, please refer to XING’s privacy policy: https://privacy.xing.com/en.
We have a profile on LinkedIn. The operating company of LinkedIn is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies. If you wish to disable LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out. For details on how they handle your personal information, please refer to LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy.
AddToAny – Bookmark & Share
Our blog allows you to share content on social services via the AddToAny service. Data is only collected when these services are accessed by you. Since you can only use these services if you have a user account there and have to log in with your login details, the responsibility from this point on is no longer with us, because the creation of user accounts, i.e. membership of social services, requires your consent to the respective privacy policy. According to its privacy policy, the AddToAny service does not store any personal data. We also do not receive any data from AddToAny or data resulting from the use of the share buttons. AddToAny provides an opt-out option for a large number of ad networks. You can opt out directly via this link.
16. Other functions and content
If we use additional functions and content (e.g. map or font services) on our website, by means of which we or the provider of the services process personal data from you, we will inform you about this here.
CloudFlare
Our pages use functions of Cloudflare. The operating company of Cloudflare is Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, U.S.A. Cloudflare offers a so-called worldwide distributed Content Delivery Network with DNS. Technically, the transfer of information between your browser and our web pages is routed through the Cloudflare network. Cloudflare is thus able to analyze the traffic between users and our websites, for example, to detect and ward off attacks on our services. In addition, Cloudflare may store cookies on your computer for optimization and analysis. The legal basis for the data processing is your consent in accordance with Art. 6 (1) (a) GDPR. For more information, please visit https://www.cloudflare.com/privacypolicy and https://www.cloudflare.com/gdpr/introduction
jQuery
On our website, we use the service jQuery from the company JSFoundation, Inc., Attn: Privacy Office, 1 Letterman Drive, San Francisco, CA 94129, U.S.A. (hereinafter “jQuery”). The legal basis for the data processing is your consent in accordance with Art. 6 (1) (a) GDPR.
The relevant files of this service are hosted directly by our server whereby there is no direct connection between your browser and the jQuery servers and thus no data is transmitted to JQuery.
You can prevent jQuery from running by disabling the execution of script code in your browser or installing a script blocker in your browser. You can find more information about data processing by jQuery here: https://js.foundation/about/governance/privacy-policy
Google Fonts
We use “Google Fonts” external fonts on our website. Google Fonts is a service of the company Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland. The relevant font files are hosted directly by our server. The legal basis for the data processing is Art. 6 (1) (a) GDPR. You can find more information about data processing by Google here: https://policies.google.com/privacy
Google Maps
This website uses Google Maps, a map service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland to display an interactive map. In the process, your browser also passes on personal data to Google LLC in the U.S.A. The legal basis for the data processing is Art. 6 (1) (a) GDPR. You can find more information about data processing by Google here: https://policies.google.com/privacy
You can prevent Google Maps collecting and processing your data by disabling the execution of script code in your browser or installing a script blocker in your browser.
Monotype GmbH / fonts.com / fonts.net
This site uses so-called web fonts for the uniform display of fonts, which are provided by Monotype GmbH, Spichernstrasse 2, 10777 Berlin, Germany via fonts.com or fonts.net. When you visit a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly. The relevant font files are hosted directly by our server. Web fonts are used in the interest of a uniform and attractive presentation of our online offerings. The legal basis for the data processing described here is your consent in accordance with Art. 6 (1) (a) GDPR. If your browser does not support web fonts, a default font will be used by your computer. For more information about these web fonts, please see the Monotype GmbH privacy policy: https://www.monotype.com/legal/privacy-policy/.
17. Recipients and data transfer
We have bundled certain data processing operations within our company. These can be used centrally by individual areas of our company, e.g. for processing inquiries. External contractors and service providers (e.g. logistics companies or IT service providers) may also be used to ensure our responsibilities are met and to fulfill contracts. In addition, data may go to recipients to whom we are obligated or entitled to disclose data due to contractual or legal obligations or due to your consent.
18. Data transfer to third countries
Data is only transferred to third countries (countries outside the EU and the European Economic Area EEA) if this is necessary for the execution of a contract/order/business relationship, including the initiation thereof, or if it is permissible due to our legitimate interest or your consent, and only in compliance with the data protection requirements stipulated for this purpose.
Note on data transfer to the U.S.A.
Our website includes services provided by companies based in the U.S.A. In connection with the use of these services, personal data may be transmitted to U.S. servers of the respective service providers. Please note that the U.S.A. is not a secure third country in the sense of EU data protection law. U.S. companies are obliged to hand over personal data to security agencies without you as the data subject being able to take sufficient legal action against this. It can therefore not be completely ruled out that U.S. agencies (e.g. intelligence services) process, analyze and permanently store your data located on U.S. servers for surveillance purposes. We have no influence on these processing activities.
19. Deletion of your data
We process your personal data only for as long as this is necessary to fulfill the respective purpose or until there is no longer a legal basis for processing (e.g. revocation of consent to data processing). In doing so, we observe the existing statutory retention and storage periods.
20. Your rights
You have the right:
- to gain access free of charge to the personal data concerning you that are stored by us (right to access)
- to obtain confirmation whether we are processing personal data concerning you (right to confirmation)
- to request us to immediately delete the personal data concerning you if the processing is no longer required and the other requirements for the erasure pursuant to GDPR have been fulfilled (right to erasure)
- to request the immediate rectification and completion of inaccurate personal data concerning you (right to rectification)
- to request restriction of processing of your personal data (right to restriction of processing)
- to receive the personal data concerning you in a structured, commonly used and machine-readable format (right to data portability)
- to object to the processing of your personal data (right to object)
- You have the right not to be subject to a decision based solely on an automated processing of data, including profiling, and that may have a legal effect on you or any similarly significant restrictive effect (right to individual decision-making).
- to revoke your consent to the processing of your personal data at any time with effect for the future.
- to lodge a complaint with a supervisory authority if you believe that the processing of your personal data is in violation of GDPR (right to lodge a complaint).
For more information on your rights, please contact our Data Protection Officer.
21. Changes to our privacy policy
In order to ensure our privacy policy always complies with the current statutory requirements, we reserve the right to make changes at any time. This also applies in the event that the privacy policy needs to be adapted due to new or revised offerings, for example new service offerings. The new privacy policy will then take effect the next time you visit our site.
22. Information for customers, suppliers and other third parties according to Art. 13 / Art. 14 GDPR
This information can be found in this PDF.
23. Information on the processing of employee data
This information can be found in this PDF.