Contact us
T +49 39203 964 200
info(at)bexema(dot)com

Privacy Policy of BeXema GmbH

1. Privacy Policy at a Glance

General Information

The following notes offer a simple overview of what happens to your personal data when you visit this website. Personal data is any information that can identify you personally. For detailed information on data protection, please refer to our full privacy policy listed below this text.

Data Collection on This Website

Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find their contact details in the legal notice (Impressum) of this website.

How do we collect your data?
On one hand, we collect data that you voluntarily provide to us, for example, information entered into a contact form.
Other data is collected automatically (or after your consent) when you visit the website through our IT systems. This includes technical data (e.g. internet browser, operating system, or time of page access). This collection occurs automatically as soon as you enter this website.

What do we use your data for?
Some of the data is required to ensure error-free provision of the website. Other data may be used to analyze your user behavior.

What rights do you have regarding your data?
You have the right, at any time and free of charge, to obtain information about the origin, recipients, and purpose of your stored personal data. You also have the right to request the correction or deletion of this data. If you have given your consent for data processing, you can withdraw your consent at any time for the future. Additionally, you have the right, under certain circumstances, to request restriction of the processing of your personal data. You also have the right to lodge a complaint with the relevant supervisory authority.

For these rights and further questions about privacy, you can contact us at any time using the address provided in the legal notice (Impressum).

Analysis Tools and Third-Party Tools

When you visit this website, your surfing behavior may be statistically evaluated. This happens mainly with cookies and so-called analysis programs. Detailed information about these analysis programs can be found in the following privacy policy.

2. Hosting and Content Delivery Networks (CDN)

External Hosting

This website is hosted by an external service provider (host). The personal data collected on this website is stored on the host’s servers. This may include IP addresses, contact inquiries, metadata and communication data, contract data, contact details, names, website visits, and other data generated through a website.

Using the host takes place for the performance of a contract with our prospective and existing customers (Art. 6 (1) lit. b GDPR) and in the interest of secure, fast, and efficient provision of our online offering by a professional provider (Art. 6 (1) lit. f GDPR).

Our host processes your data only to the extent necessary to fulfill its service obligations and follows our instructions regarding this data.

Processing Agreement

To ensure GDPR-compliant processing, we have concluded a data processing agreement with our host.

3. General Notes and Mandatory Information

Data Protection

The operators of this site take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with legal data protection regulations and this privacy policy.
When you use this website, various personal data is collected. Personal data is data that can personally identify you. This privacy policy explains which data we collect and for what purposes we use it. It also explains how and for what purpose this takes place.

We point out that data transmission over the Internet (e.g. communication by email) may have security gaps. Complete protection of data from third-party access is not possible.

Controller Information & Data Protection Officer

Responsible entity:
BeXema GmbH
Otto‑von‑Guericke‑Allee 20
D‑39179 Magdeburg‑Barleben
Germany
Phone: +49 39203 964 200
Email: info@bexema.com

Revocation of Consent

Many data processing operations are only possible with your express consent. You can revoke a previously given consent at any time. A simple informal message by email is sufficient. The legality of processing carried out up to the point of revocation remains unaffected.

Right to Object in Special Cases and Against Direct Advertising (Art. 21 GDPR)

If data processing is based on Art. 6 (1) lit. e or f GDPR, you have the right to object, at any time, for reasons arising from your particular situation, to the processing of your personal data; this also applies to profiling based on these provisions. You can find the legal basis for processing in this privacy policy. If you object, we will no longer process your affected data, unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend legal claims (objection under Art. 21(1) GDPR).

If your personal data is processed for direct advertising, you have the right to object at any time to the processing of personal data concerning you for such advertising; this also applies to profiling insofar as it is related to such direct advertising (objection under Art. 21(2) GDPR). After your objection, your data will no longer be used for such advertising purposes.

Right to File a Complaint

In case of GDPR violations, data subjects have the right to lodge a complaint with a supervisory authority, especially in the member state of their habitual residence, place of work, or alleged infringement.

Right to Data Portability

You have the right to receive data that we process based on your consent or in performance of a contract, in a commonly used, machine-readable format, and to request its transfer to another controller, where technically feasible.

SSL/TLS Encryption

For security reasons and to protect confidential content (like orders or inquiries), this site uses SSL/TLS encryption. You can see this from the address bar changing from “http://” to “https://” and from the lock icon in your browser’s address line.
When SSL/TLS encryption is active, the data you transmit to us cannot be read by third parties.

Access, Deletion and Correction

You have the right to obtain free information about your stored personal data, its origin, recipients, and processing purposes, as well as the right to request correction or deletion at any time, under applicable laws. For this and further questions about personal data, please contact us at the address provided in the legal notice.

Right to Restrict Processing

You have the right to request restriction of processing of your personal data. You can contact us at the address in the legal notice. The right to restriction applies if:

  • You contest the accuracy of the data and need time to verify it.

  • The processing is unlawful and you prefer restriction over deletion.

  • We no longer need the data for processing, but you need it to establish, exercise, or defend legal claims.

  • You have objected under Art. 21(1) GDPR pending verification of whether our grounds override yours.

If processing is restricted, the data (apart from storage) may only be processed with your consent, for legal claims, for protecting another person’s rights, or for important public interest of the EU or a member state.

4. Data Collection on This Website

Cookies

Our web pages use so-called “cookies”—small text files that do not harm your device. They are stored either temporarily during a session (session cookies) or permanently until you delete them (persistent cookies).
Session cookies are deleted after the session ends. Persistent cookies remain until you delete them manually or your browser does so automatically.
Third-party cookies may also be stored when you visit the site, allowing you or us to use certain third-party services (e.g. for payment).
Cookies serve various functions. Some are technically necessary (e.g. shopping cart, video display). Others are used to analyze user behavior or display advertising.
Cookies necessary for electronic communications, desired functions, or website optimization are stored based on legitimate interest (Art. 6 (1) lit. f GDPR), unless another legal basis is specified. Cookies requiring consent (Art. 6 (1) lit. a GDPR) are only set with your consent, which can be revoked at any time.
You can configure your browser to be informed of cookie settings, allow them per case, block them entirely, or delete them automatically when the browser closes. Disabling cookies may impair website functionality.
For third-party or analytics cookies, we will inform you separately, and—if required—ask for consent.

Server Log Files

The website provider automatically records and stores information in so-called server log files, which your browser sends automatically, including:

  • Browser type and version

  • Operating system used

  • Referrer URL

  • Hostname of the accessing computer

  • Time of server request

  • IP address

These data are not combined with other data sources. Collection is based on legitimate interest (Art. 6 (1) lit. f GDPR) for functioning and optimizing the website.

Contact Form

If you send us inquiries via the contact form, your details (including contact data) are stored to process your request and for follow-up questions. We do not share this data without your consent.
Processing is based on contract performance (Art. 6 (1) lit. b GDPR), legitimate interest in efficient handling (Art. 6 (1) lit. f GDPR), or consent (Art. 6 (1) lit. a GDPR), if collected.
Your submissions remain with us until deletion is requested, consent is withdrawn, or the purpose is fulfilled (e.g. after inquiry resolution), subject to retention laws.

Email, Telephone, or Fax Requests

If you contact us via email, phone, or fax, your inquiry, including personal data (name, inquiry), is stored to process your request. We do not share it without consent.
Processing is based on contract performance (Art. 6 (1) lit. b GDPR), legitimate interest (Art. 6 (1) lit. f GDPR), or consent (Art. 6 (1) lit. a GDPR), if given.
These data remain stored until deletion is requested, consent withdrawn, or purpose fulfilled, under applicable retention rules.

5. Analytics and Advertising

Matomo (formerly Piwik)

This website uses the open-source web analytics service Matomo. Matomo does not use cookies.

6. Plugins and Tools

Google Maps

This site uses Google Maps via an API. Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
To use Google Maps functions, your IP address must be stored. Usually, this data is transmitted to Google servers in the USA and stored there. We have no influence over this transfer.
Google Maps is used to present our online offerings attractively and to make the locations listed on our website easy to find. This is based on our legitimate interest (Art. 6 (1) lit. f GDPR). If consent is required, processing occurs only after consent (Art. 6 (1) lit. a GDPR), which can be revoked at any time.
For more information on handling user data, please see Google’s privacy policy.

7. Our Own Services

Handling Applicant Data

We offer you the opportunity to apply to us (e.g. by email, post, or online form). The following explains which personal data is collected during the application process, for what purpose, and how it is used. We assure you that processing is in compliance with applicable data protection law and kept strictly confidential.

Scope and purpose of data collection
If you apply to us, we process your personal data (contact and communication details, application documents, notes from interviews, etc.) insofar as it is necessary to decide on establishing an employment relationship. Legal bases are § 26 BDSG-neu, Art. 6 (1) lit. b GDPR, and—if consent is given—Art. 6 (1) lit. a GDPR. Consent can be withdrawn at any time. Your data is shared only with individuals involved in processing your application.

If the application is successful, your submitted data is stored in our systems based on § 26 BDSG-neu and Art. 6 (1) lit. b GDPR for employment purposes.

Data retention period
If we cannot make you an offer, you decline our offer, or withdraw your application, we reserve the right to retain your submitted data based on legitimate interest (Art. 6 (1) lit. f GDPR) for up to six months from the end of the application process (rejection or withdrawal). Thereafter, the data will be deleted and any physical documents destroyed. Retention serves, among other things, as evidence in legal proceedings. If it is foreseeable your data will be needed after six months (e.g. for pending legal matters), deletion will occur when this reason ends.
Longer retention may occur if you have consented (Art. 6 (1) lit. a GDPR) or if legal retention obligations oppose deletion.

Inclusion in the applicant pool
If we cannot make you an offer, you may be included in our applicant pool. In that case, all documents and information are transferred to the pool to contact you for future suitable vacancies. Pool inclusion is solely based on your explicit consent (Art. 6 (1) lit. a GDPR). Consent is voluntary and unrelated to the application process. You can withdraw consent at any time, leading to irrevocable deletion of your applicant-pool data, unless legal retention reasons apply. Data in the pool is deleted at the latest two years after consent is granted.

Source: eRecht24