Privacy Policy

We are pleased that you have found your way to our website and are interested in our company. We take the protection of your personal data very seriously and process it on the basis of the applicable legal basis and regulations for the protection of personal data, which are derived, among other things, from the applicable country-specific implemen­tation laws of the EU General Data Protection Regulation (GDPR).

Through our privacy policy, we would like to provide you with a compre­hensive insight into how our company handles your personal data, what data is collected from you via our website, what we use it for, when it is deleted and how we protect it to the best of our knowledge and belief. We would also like to inform you in detail here about the respective legal bases on the basis of which we may process your data and inform you about your legally defined rights with regard to the processing of this data.

Personal data is data that enables identi­fi­cation of a natural person. Examples include surname, first name, date of birth, address, telephone number, e-mail address, IP address, credit card and account data, account data from online payment systems, account data from social networks, etc.

Anonymous and anonymized data exists if no reference to real persons can be made via this data, even in conjunction with other collected data.

The responsible party for this website in terms of data protection law is:

CYVED GmbH
Haffkamp 41
22958 Kuddewörde Germany
Management: Lennart Monir, F. Strahlendorff

Contact
Mail: info@cyved.com

 

Data collection / Personal data

For the mere visit of our website, we do not require any personal and person-related data from you. Nevertheless, your Internet browser sends data to our web server due to the technical necessity of calling up web pages, which is also partly recorded on the basis of technical necessity (server logs).

This data usually includes the following information:

  • Used web browser incl. browser version and used operating system
  • Type of device you are using (desktop computer/smartphone/tablet/etc.)
  • Size and colorfulness of your monitor/display
  • Information about the last opened web page from which you visit us
  • Information about the web pages you visit on our site, the date and time of your visit, and the length of time you spend on each page
  • Name of the requested files, transmission protocols, transferred data volume
  • Name of your Internet Service Provider
  • The IP address assigned to you by your Internet Service Provider.

In accordance with Art. 6 para. 1 lit. f GDPR, this data is stored by us for reasons of technical security, to defend against cyber attacks on our servers and to protect your personal data and that of other visitors. By shortening the IP addresses after seven calendar days at the latest, this data is then automat­ically anonymized by our backend and stored indefi­nitely for statistical analysis. A personal reference based on this data can then no longer be established.

Further data collection

Furthermore, you will be given opportu­nities to provide us with personal data both via our website and via other communi­cation channels. In some cases, these data collections are also legally required and the legal retention obligations are clearly defined. We would like to inform you about the use of your data and the legal basis in the following articles.

General website

The basis for the extended data collection of your personal data is the currently applicable legal provisions. For all cases in which we are not legally obligated to collect your personal data and to stockpile it for legally clearly defined periods of time, we will request your personal consent.

 

Data processing of personal data is permitted by Art. 6 GDPR if:

  • you have given your consent in accordance with Art. 6 Para. 1 lit. a GDPR,
  • the data is required for the fulfillment of a contract / pre-contractual measures according to Art. 6 para. 1 lit. b GDPR,
  • the data is necessary for the fulfillment of a legal obligation according to Art. 6 para. 1 lit. c GDPR or
  • are required to protect the legitimate interests of our company pursuant to Art. 6 (1) lit. f GDPR, provided that your interests worthy of protection do not outweigh these.

 

The personal data we collect about you will, of course, be treated confiden­tially. Within our company, we only grant access to your personal data to authorized persons and contrac­tually authorized service providers.

We will only pass on your data to third parties within the framework of the statutory provisions or with your corresponding consent, unless we are obliged to do so on the basis of mandatory legal provisions.

Contact forms

Legal basis Art. 6 para. 1 lit. a, b GDPR

You will find various contact forms on our website, which can be used by you to contact us electron­ically and to order marketing materials, slide samples and the like. If you use these forms for data transmission, you thereby grant us permission to contact you via the contact data you have provided and to process/answer your concerns, questions and requests. When designing those forms, we will only request and process the personal data from you that we absolutely need to contact you and process your concerns and requests in order to save and avoid data. For technical necessity and for legally compliant protection, we will also process your IP address when collecting this data. If these forms contain further fields that may be filled in on a voluntary basis, by submitting the forms you give us permission to process this data as well and to stock it within the legal time limits.

If, while entering your data in the forms provided by us, you decide not to send the form to us after all, the data you have entered up to that point will not be processed further. There is also no server-side tracking of this cancel­lation (conversion tracking, bounces) for statistical evaluation.

E-Mail - communication

Legal basis Art. 6 para. 1 lit. a, b GDPR

If you contact us by e-mail to one of our specified e-mail addresses, we will process your personal data provided to us in this e-mail solely for the purpose of processing your message, unless we are already permitted or required to process and store your data for other legal reasons.

Online - registration

Legal basis Art. 6 para. 1 lit. a, b GDPR

On our website, we do not offer users the opportunity to register by providing personal data.

Newsletter

Legal basis Art. 6 para. 1 lit. a GDPR

On our Internet site, we do not offer users the opportunity to subscribe to newsletters in the languages offered.

Advertising purposes Existing customers

Rechts­grundlage Art. 6 Abs. 1 lit. f EU-DS-GVO

We are very interested in maintaining our customer relationship with you. For this purpose, we would also like to send you information, samples, data sheets and offers about our products, services and our company by e-mail and by post on a regular basis. We will also process your data for this purpose.

If you do not wish this in the future, you can also object to the use of your personal data for direct marketing purposes at any time. For this purpose, a short e-mail without giving reasons to info@cyved.com, a postal letter to  CYVED GmbH, Haffkamp 41, 22958 Kuddewörde, Germany.

Applications

Legal basis Art. 6 para. 1 lit. a, b GDPR

We are very pleased about your interest in our company and a possible cooperation.

Among other things, we also offer vacancies via our website and would be pleased to receive your unsolicited application. For this purpose, we provide you with various options for submitting your application documents to us. These include contact addresses for our human resources department for applications by mail as well as special e-mail addresses and application forms.

We are aware of the importance of your personal data and process it with the utmost care on the basis of legal requirements via any communi­cation channel offered and chosen by you. In the case of applications, your data will only be processed by us for the purpose of correctly handling the application/selection process and for contacting you as part of the application process. It goes without saying that no data will be passed on to third parties without your consent.

If you use one of the application forms offered on the website, we will ask you to provide personal data. In doing so, we observe the principle of data economy and data avoidance and only request the data that we need to fully review your application or that we are legally obligated to collect. Furthermore, we record your current IP address during the application process for technical necessity and for legal protection.

Mandatory fields in the application form are marked with an asterisk * and an upload of your file attachments and submission of your application is only possible after these mandatory fields have been filled in completely. Furthermore, you have the option of voluntarily providing data and information in unmarked input fields. If you would like us to retain your application documents beyond the legally prescribed maximum retention periods and to include them in the selection process again in the event of vacancies becoming available at a later date, please inform us of this clearly when submitting your documents. In the application form on our website, you will find a special input area for this in the form of a checkbox or selection field, which you must activate as required before submitting the form. If we have such consent from you, we will store your data for a maximum of 6 months or the maximum period clearly communicated to us by you. You can withdraw your consent to the extended storage period of your personal data at any time without giving reasons directed to the future. To do so, please send us an e-mail with an appropriately executed request and your clearly formulated data for smooth data reconcil­iation to career@cyved.com. You are also welcome to send us this revocation by post to CYVED GmbH, Haffkamp 41, 22958 Kuddewörde, Germany.

In order to protect the security and confiden­tiality of your data in the best possible way, we use and implement appropriate security measures and methods. Your application documents submitted by form are transmitted to us in encrypted form by our server front-end and back-end. For more information on the server-side data encryption we use, please refer to Secure transmission of your data.

Cookies

Legal basis Art. 6 para. 1 lit. ff GDPR

We use cookies on our website at cyved.com. Cookies are text files with a low data volume that are generated when you visit our website and stored locally on your terminal device. We need these cookies to improve the user-friend­liness of our website, to temporarily store your preferences, such as your language selection, and to increase the security of our website. Cookies are automat­ically generated by our server when you visit our website and are saved locally on your data storage by your browser. Your browser can then access them as needed and change their content.

We primarily use so-called session cookies on our website, which are normally automat­ically deleted by your browser after your visit as soon as their validity period - usually six months - is exceeded. However, you can also delete these cookies yourself at any time. This can be done either via the security settings of your browser or manually by deleting these files from the corresponding folders in your file system.

Internet browsers are normally set to automat­ically accept cookies after the instal­lation process. You can, of course, change this preselection at any time, restrict the use of cookies or switch them off completely.

Please note, however, that after deleting our cookies or by rejecting their use, you will no longer be able to visit our Internet pages to their full extent and only with a reduction in user-friend­liness.

Secure transfer of your data

We take the security of your personal data very seriously and therefore only use security mechanisms of the highest quality when operating our web and mail servers. Our security measures are developed by security experts according to the current state of the art, reviewed at regular intervals and adapted to new standards and trends.

The exchange of your personal data to and from our web server as well as to and from our mail servers is encrypted to protect against data loss and data theft. For our web and mail server, we have chosen a TLS certificate from the provider Thawte (DigiCert Inc.) with PKCS #1 SHA-256 and RSA encryption algorithm at domain level, which can be classified as extremely secure. You can check this certificate and its validity at any time via your web browser. An automatic check is performed by most web browsers every time you visit a page and successful encryption is usually indicated by a green closed padlock in the URL bar. We use this TLS encryption both in the frontend (visitor display) and in the backend (adminis­tration interface) of our web server to also prevent data loss and data theft during the adminis­tration and content maintenance of our website.

Alterna­tively, of course, you always have the option of foregoing data exchange with us in digital form and choosing analog communi­cation channels (e.g., postal dispatch of data and information).

Storage duration

We store your personal data without your individual consent exclusively for the period of time required to achieve the respective processing purpose or as specified by statutory retention periods. A data transfer of your personal data to third parties will only take place if this is required by law or if this is necessary within the scope of the respective processing purpose to fulfill your request or order. If an exchange of data should be necessary within the scope of these requirements, this exchange will always be carried out in compliance with the legal requirements and obligations with the highest possible security and in compliance with the principle of data economy and data avoidance only with the data actually required for the processing process.

Examples of unavoidable data transfer to third parties:

  • Government agencies and institutions (such as the tax office)
  • External data protection officers (generally only with contractually secured data protection clause)
  • External quality management representatives (in principle only with contractually secured data protection clause)
  • External environmental management officers (in principle only with contractually secured data protection clause)
  • Companies that perform credit checks
  • Banks, savings banks and credit institutions
  • Shipping service providers, suppliers, payment services
  • Other business units at the corporate group
  • Service providers within the scope of commissioned processing (in principle only with contractually secured data protection clause)
  • Internal and external specialist departments
User profiles / web tracking methods
We use only local analysis tools for the greatest possible protection of your personal data in accordance with (Art. 6 para. 1 lit. a EU GDPR). Your data will not be exchanged with external service providers for statistical analysis. Currently, we use the on-premise solution of Matomo installed locally on our web server with anonymized IP address (1 bit anonymization). You can deactivate this tracking manually at any time using the following option or generally set your browser to avoid automatic tracking ("Do Not Track" option).
In order to protect your personal data, we have deliberately refrained from using additional, external, mostly cloud-based tracking tools such as those offered by Google Ireland Limited or other well-known providers. A data transfer of your personal data outside our company or even outside the EU does not take place.
Social network plugins

To protect your personal data as effectively as possible, we do not use any form of social network plug-ins on our website. An exchange of your data with external service providers for statistical evaluation does not take place. If you would like to follow our accounts on social media, you will find simple links to these accounts at the bottom of all our pages. After clicking on these links, our user profile usually opens directly in the respective network and you are free to follow it via your own account in the same network. Of course, we welcome any contact and networking with you outside of our own website in the social networks. For the use of these networks, however, the terms of use and data protection declarations published by the operators apply.

Links to other providers

Where our website contains links to the websites of other companies, e-mail addresses or telephone numbers, these are identified as such. You can also check each link before clicking by positioning the pointer of your mouse (desktop computer/laptop) or your finger or operating stylus (mobile devices/touchscreen/touchpad) over the link or by holding the link longer instead of clicking (hover behavior).

We would like to point out that we have no influence on the contents of linked external websites and cannot accept any guarantee or liability for these contents. The provider and operator is responsible for the content and data security of these linked pages. All external sites linked to our website have been checked and evaluated by us for possible legal violations, illegal content and data security within the scope of our possibilities before linking. Only after a positive evaluation have these links then been included on our pages. However, we cannot reasonably be expected to permanently monitor and control the content of the linked pages. However, we remove such external links immediately after becoming aware of any legal violations and violations of data protection laws. If you become aware of such violations, please send us this information to info@cyved.com.

Data subject rights

Based on the statutory requirements, you have the right to free information about the use and content of the personal data stored by us from you and about you. Furthermore, you have the right to correction, restriction of data collection and processing as well as deletion of your data, provided that this does not conflict with any legally prescribed retention periods.

In addition, based on the current legal situation, you have the right to a general objection to data processing, the right to data transfer or to file a complaint with the competent supervisory authority for data protection.

You can, of course, revoke any consent given to us for data processing at any time without giving reasons for the future after asserting this right.

If we process your data to protect legitimate interests, you may object to this processing on personal grounds at any time. Unless there are demonstrably compelling legitimate grounds for the processing which override your interests, rights and freedoms, the processing is required by law or the processing is for the purpose of asserting, exercising or defending legal claims, we will then no longer process your data in the future after receipt of the objection and completion of the review of the legal claim.

 

Our data protection officer will be happy to answer any questions you may have regarding data protection, data collection and data processing at CYVED GmbH at any time at privacy@cyved.com