Privacy Statement of The atarax Group
Welcome to our website and thank you for your interest in the atarax group of companies. We take the protection of your personal data very seriously. Your data is processed in accordance with the applicable legislation on the protection of personal data, in particular the EU General Data Protection Regulation (GDPR).
This privacy policy informs you of the processing of your personal data by us and the rights to which you are entitled as a data subject.
Personal data is information that makes it possible to identify a natural person. This includes, in particular, name, date of birth, address, telephone number, email address, but also your IP address.
On the other hand, data is anonymous if no personal reference to the user can be established.
atarax Consulting GmbH & Co. KG
An der Schütt 26
91074 Herzogenaurach, Germany
Personally liable shareholder
atarax GmbH
An der Schütt 26
91074 Herzogenaurach, Germany
atarax Norbert Rauch
Consulting GmbH & Co. KG
An der Schütt 26
91074 Herzogenaurach, Germany
Personally liable shareholder
atarax Norbert Rauch GmbH
An der Schütt 26
91074 Herzogenaurach, Germany
Postal Address
Luitpold-Maier-Str. 7
91074 Herzogenaurach, Germany
Website
www.atarax.de
Landline
+49 (0)91 32 / 7 98 00
Email
info@atarax.de
Data protection officer
info@atarax.de
Your rights as a data subject are regulated in Articles 15-22 GDPR and, subject to the statutory requirements, include:
To exercise these rights, please contact us via any contact channel, including info@atarax.de. The same applies if you have any questions about our data processing.
You also have the right to lodge a complaint about the processing of personal data by us with a data protection supervisory authority at your place of residence, habitual residence, our registered office or the place of the alleged infringement.
Please note the following regarding your right of objection:
If we process your data to protect legitimate interests, you can object to this processing at any time for reasons arising from your particular situation.
We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend legal claims.
We may use your data to provide a website to present our company, including the publication of our contact details (Article 6 (1) (1) (f) GDPR).
Special categories of personal data within the meaning of Article 9 (1) GDPR will only be processed if this is required by law and there is no reason to assume that your legitimate interest in excluding processing outweighs your legitimate interest. Processing of special categories of personal data is not intended in connection with the use of our website.
We will only pass on your data to third parties if and to the extent that we are legally obliged to do so or if you have given us your consent to do so. In this respect, we would like to point out that we may pass on your data to external bodies such as supervisory authorities or law enforcement agencies.
Within our company, we ensure that only those persons and functions receive your data who need it to fulfill the tasks assigned to them.
Insofar as legally independent third parties support us in fulfilling our tasks, we ensure data protection by concluding appropriate data protection agreements or applying other data protection instruments, unless we are already permitted to transfer the data without such accompanying measures because the recipient is subject to a statutory professional secrecy obligation recognized in Germany. Depending on the context, possible recipients of your personal data may include, for example, IT service providers, telecommunications providers, tax consultants, or lawyers.
Data will only be transferred to third countries (outside the European Union or the European Economic Area) if this is necessary to implement the legal relationship underlying the data transfer, if it is required by law, if you have given us your consent, or if we can rely on another legal basis, which we will provide to you either as part of the description of individual processing operations in this privacy policy or in a separate, appropriate place in direct connection with the processing itself.
We currently do not transfer your personal data to third parties outside the EU or the European Economic Area.
We store your data for as long as it is required for the respective processing purpose and, if applicable, beyond that, if we are subject to a binding retention obligation. This particularly applies to retention obligations under commercial or tax law (e.g., under the German Commercial Code or the German Tax Code in cases where you are or were involved in a paid service exchange with us).
In addition, we may retain data for as long as you have given us your permission to do so or in connection with legal disputes for which we may be entitled to use evidence within the framework of statutory limitation periods, which may be up to thirty years; the regular limitation period is three years.
To best protect the data we process against manipulation, loss, destruction, or access by unauthorized persons, we implement appropriate technical and organizational security measures. The appropriateness of the measures taken is continuously reviewed, taking into account data protection aspects and associated risk considerations, and adapted to current security standards.
Data transfer to and from our website is always encrypted. We offer HTTPS as the transmission protocol for our website, always using the latest encryption protocols.
We do not use fully automated processing to make decisions. Any decisions with legal effects on data subjects are ultimately made by humans.
Personal data may be required for the initiation, execution, and termination of legal relationships between us and the data subjects affected by their processing. Such a requirement may also arise with regard to associated contractual and legal obligations. You may also be required to provide personal data in relation to the use of our website and its functions.
We have summarized the details for you in the following points. In certain cases, data must also be collected or provided due to legal requirements. Please note that certain interactions with us may not be possible, no longer be possible, or only (still) be possible to a limited extent without providing this data.
The data we process is determined by the context of your interaction with our website:
If you only access our site to obtain information or to contact us via the email address provided there, we collect and process the following data:
For reasons of technical security (in particular to prevent attempted attacks on our web server, as well as to investigate and prosecute actual actions detrimental to our systems), this data is stored and anonymized after 7 days at the latest by shortening the IP address. From this moment on, no reference to the user can be established.
Our website has a contact form that can be used for electronic contact. If you write to us via the contact form, we will process the data you enter in the contact form to contact you and answer your questions or to process your other requests (Article 6 (1) No. 1 (a) and (b) GDPR).
The principle of data economy and data avoidance is observed in this process, as you only have to provide the data we absolutely need to contact you personally. In addition, your IP address will be processed due to technical requirements and legal protection. All other data is voluntary. Please note that if you do not provide all or any of the mandatory information, it may not be possible for us to address your request or to do so only in full. If you only provide the mandatory information, you will not suffer any disadvantages.
If you contact us by email, we will process the personal data provided in the email solely for the purpose of processing your request – otherwise, the information on using our contact form applies.
As part of the application process, we may process the following personal data about you:
Your personal data is generally collected directly from you as part of the application process.
Exceptionally, in certain circumstances, your personal data may also be collected from other entities, for example, from recruitment agencies with which you have registered.
We are aware of the importance of your data. Your personal data will be processed exclusively for the purpose of conducting your application process, including possible contact during the application process, and for deciding whether to establish an employment relationship. Please note that we do not intend to process special personal data during the application process.
Consent can also constitute a legal basis for data processing. If you have given us your consent in connection with an application process (e.g. e.g. for the purpose of adding your data to an applicant’s pool we may operate, including the option to contact you in case of potentially suitable future vacancies when we have declined your application in the first instance), we can also process your data for this purpose. If we obtain your consent, we will of course inform you about the specific purpose of data processing and about your right of withdrawal. Should the consent also relate to the processing of special categories of personal data pursuant to Art. 9 GDPR, we will expressly inform you of this in advance.
We will retain your application data until your application process is completed, until we no longer need your data for the above-mentioned purposes, until you have withdrawn your consent, or until the period for which we may retain your data with your consent ends. If we notify you that we have rejected your application, we may retain your application data for up to 6 months after that date. If you have given us your consent to process your data for further recruitment processes, we will retain your data for a maximum of 12 months, unless you withdraw your consent beforehand.
If we enter into an employment relationship with you, we will continue to store the relevant data from the application process, provided it is relevant to the implementation of the employment relationship.
Recipients of the data / Categories of recipients
In our company, we ensure that only those departments, functions and people who need your application data to complete the application process have access to it.
We offer various whistleblower services as an external service provider on behalf of our clients, acting as a trusted informant. You can submit reports to the companies to whom we provide this service through various channels. This includes the contact form on this website and a web-based tool. You can also contact us by email, mail, or phone. A personal meeting is also possible upon request.
Processing is carried out on the basis of the voluntary information provided by the whistleblower and for the purpose of fulfilling our respective client's legal obligation to provide a whistleblower portal, Art. 6 (1) Sentence 1 No. 1 lit. a, lit. c GDPR in conjunction with Section 10 HinSchG (Act for Better Protection of Whistleblowers), as well as in constellations in which information relates to facts related to due diligence obligations in the supply chain, also in conjunction with Section 8 LkSG (German Federal Act on Supply Chain Due Diligence). If the whistleblower system is made available by our client without a legal obligation, your data will be processed on the basis of the voluntary information provided by the whistleblower and on the basis of our client's legitimate interest in maintaining a reporting center for (possible) grievances, Art. 6 (1) Sentence 1 No. 1 lit. f GDPR. Insofar as we process personal data in this context, this is done to fulfill our contractual obligations to our respective client with regard to the provision of the reporting office (Art. 6 (1) (s.1) (1) (b) GDPR).
The principle of data minimization is observed here, as you only have to provide the data that is objectively necessary to clarify the matter. For this purpose, you must firstly state the company to which the report refers in order to be able to assign the respective entry to the correct company. Secondly, you must state your observations as a "notification"
For technical reasons and for the purpose and provision of the system, your IP address is only recorded when you use the contact form. In addition, you can optionally provide us with information such as your first and last name, telephone number, and/or email address so that we can contact you to discuss the matter in more detail (Article 6 (1) (1) (a) GDPR). When using the web-based tool, you also have the option of an anonymous login, which allows you to contact us after submitting the report without providing any further data. You can revoke your consent at any time and without giving reasons, with effect for the future. To do so, please contact compliance@atarax.de. Please note that in the event of a revocation, we will only delete your personal data from our systems; regardless of this, the information necessary to clarify the matter will continue to be stored.
The information you provide to us will only be shared with those individuals who need to process your report, insofar as this is objectively necessary to investigate the facts. The individuals assigned for this purpose are bound to confidentiality. The name of the reporting person will generally not be shared, even if it was provided for contact purposes. However, depending on the incident you report, we may be legally obligated to share your report and, if applicable, other data with third parties (e.g., authorities) for law enforcement purposes.
As soon as your data is no longer required for the purposes stated above and no further retention obligations exist, it will be deleted.
Automated decision-making does not take place; information on your rights and transfer to third countries can be found in this privacy policy under the headings "Your rights as a data subject" and "Third country data transfer / intent to transfer data to third countries" in this privacy policy. There is no obligation to provide the data. Whether you submit a report and whether and which data you provide is entirely up to you.
Our website does not use cookies for the purposes of analysis, tracking user activities, or creating user profiles. If technical solutions are used on our website that require the processing of personal data, this is done solely to ensure technically secure and flawless website operation. The legal basis is our legitimate and overriding interest in technically secure and flawless website operation. In this respect, we regularly pursue interests that are aligned with those of our users.
Analysis programs and other techniques for evaluating your user behavior are not used on our website.
No social plugins are active on our pages.
We maintain social media presences in order to communicate with their users and inform them about our offerings.
We would like to point out that the use of these platforms, including the functions provided there, is your own responsibility. This particularly applies to your specific usage behavior on these platforms, especially to the use of interactive functions (e.g., commenting, sharing, rating).
We would also like to point out that your data may be processed outside the European Union or the European Economic Area due to the location or structure of the network. Please note that when data is transferred to so-called third countries outside the EU (e.g., the USA), the level of protection for personal data may not be equivalent to that provided by the GDPR. This means that security authorities may be able to access your data without you having any legal recourse or only enjoying limited legal protection.
Below you will find the most important information on data protection law with regard to our presence, as well as name and address of the person responsible for the company. Responsible for its corporate appearances within the meaning of the EU GDPR and other data protection regulations is, in addition to the atarax group of companies,
We maintain these websites ourselves to communicate with visitors to these sites and to inform them about our offerings.
We may also collect data for statistical purposes in order to further develop and optimize the content and make our offerings more attractive. The data required for this purpose (e.g., total number of page views, page activities, and data provided by visitors, interactions) is processed by the social networks and made available to us anonymously. We have no influence on their creation and presentation.
In addition, your personal data will be processed by the social media providers for market research and advertising purposes in accordance with their terms of use, which you generally accepted when you registered with the respective network. For example, it is possible that the networks will create user profiles based on your usage behaviour and the resulting interests. This allows, among other things, advertisements to be placed within and outside the platforms that correspond to your interests. Cookies are usually stored on your computer for this purpose. Irrespective of this, data that is not directly collected on your devices may also be stored in your user profiles. Storage and analysis also occurs across devices; this applies in particular, but not exclusively, if you are registered as a member and logged in to the respective platforms.
As the provider of this information service, we do not collect or process any data from your use of our service beyond the anonymous usage statistics described above.
The processing of users' personal data is based on our legitimate interests in providing effective information and communication with users in accordance with Art. 6 (1) No. 1 lit. f. of the GDPR. If you are asked by the respective providers for consent to data processing (e.g., via a checkbox or button), the legal basis for processing is Art. 6 (1) No. 1 lit. a. and Art. 7 of the GDPR.
If you are a member of one of the social networks on which we maintain a page and do not want the network to collect data about you via our website and link it to your saved membership data on the respective network, you must log out of the respective network before visiting our website, delete the cookies on your device, and close and restart your browser.
However, after logging in again, you will be recognizable to the network as a specific user.
For a detailed description of the respective processing and the opt-out options, please refer to the information provided by the providers linked below.
In general, you are entitled to the general rights of data subjects, as described in our privacy policy.
We would like to point out that, if these rights are directed against a social network, experience has shown that these rights are best asserted with the providers themselves. This is because only the providers have access to user data and can respond directly to your request and provide information. If you still need help, you can contact us.
Privacy statement: https://www.linkedin.com/legal/privacy-policy;
Opt-out: https://www.linkedin.com/legal/cookie-policy und http://www.youronlinechoices.com;
Privacy statement: https://privacy.xing.com/de/datenschutzerklaerung;
Opt-out: http://www.youronlinechoices.com.