Data privacy declaration
Thank you for visiting our website and your interest in our company!
The protection of your personal data is very important to us. For this reason, we would like to inform you which data from your visit we use for what purposes. This data privacy declaration is aimed at interested parties who contact us, at our customers and at our cooperation and business partners. It applies to all processing of personal data carried out by us, both in providing our services and as part of our online presence. If you have any further questions about how we handle your personal data, please do not hesitate to contact us (see below for contact details).
We strive to protect your personal data in the best possible way and will handle your data responsibly and in accordance with the current data protection regulations and legal provisions. We would like to point out that transferring data via the Internet (e.g. when communicating by email) can have security gaps. It is not possible to completely protect data from third party access.
WHAT IS PERSONAL DATA?
“Personal data” is information that can be used to draw conclusions about a specific person, such as name, address, date of birth, telephone number, etc.
WHAT DATA DO WE PROCESS?
Visitor details – web analysis – cookies
For security reasons and to protect the transmission of confidential content, our website uses SSL or TLS encryption, which means that data transmitted to us cannot be read by third parties.
While using our website, your browser data is transmitted to our server. This is necessary to ensure the stability and security of our website. The server log files may include the date and time of the call, the country of origin, the IP address (abbreviated and no longer assignable to a specific person) and the browser data.
Our website uses Webalizer, which is a web analysis service provided by ALL-INKL.COM – Neue Medien Münnich. Webalizer uses “cookies”, which are text files that are stored on your computer and enable an analysis of website use. For this purpose, the usage information generated by the cookie (including your shortened IP address) is transmitted to our server and stored for usage analysis purposes, which we use to optimise the website. Cookies cannot access, read or change any other data on the computer. Cookies also cannot run programs or transfer viruses to your computer. They are used to make internet offerings more user-friendly and effective overall.
If you contact us by email or using the contact form, the data you provide (name, address, telephone number, email address, etc.) will be used to process the request and stored by us in case of follow-up questions or any subsequent customer relationship, cooperation or business relationship. You can revoke the consent you have given at any time; simply send us an informal email. The legality of any data processing performed until the revocation of consent remains unaffected by this. We delete the data arising in this context when storage is no longer necessary, or restrict processing if there are statutory storage obligations. We will not pass on the data without your consent.
Please note that emails are generally not sent in encrypted form on the Internet. As a rule, emails are encrypted during transport, but (unless end-to-end encryption is used) not on the servers from which they are sent and received. Therefore, we cannot accept any responsibility for the transmission path of the emails.
We collect, process and use personal data in order to fulfil a contract or pre-contractual measures and for communication relating to these processes. The collected customer data will be deleted after completion of the order or when the business relationship ends. Statutory retention periods remain unaffected.
In the event of a successful application, the applicant's data will be processed for the purposes of the employment relationship. If the application is unsuccessful, the applicant data will be deleted 6 months after the decision, so that we can answer any follow-up questions about the application or meet our burden of proof obligations.
We use “Zoom” for our online meetings.
We use “Zoom” to conduct telephone conferences, online meetings, video conferences and/or webinars (hereinafter: “online meetings”). “Zoom” is a service of Zoom Video Communications, Inc., which is based in the United States.
OxygenConcept Klauenberg GmbH is responsible for data processing that is directly related to the implementation of “online meetings”.
Note: If you access the “Zoom” website, the provider of “Zoom” is responsible for data processing. However, accessing the website is only necessary to use “Zoom” in order to download the software for to use “Zoom”.
You can also use “Zoom” if you enter the meeting ID and, if necessary, other access data for the meeting directly in the “Zoom” app.
If you do not want to or cannot use the “Zoom” app, the basic functions can also be used via a browser version, which you can also find on the “Zoom” website.
What data is processed?
Various types of data are processed when using “Zoom”. The scope of the data also depends on what information you provide before or when you participate in an “online meeting”.
The following personal data is subject to processing:
User information: first name, last name, phone (optional), email address, password (if “single sign-on” is not used), profile picture (optional), department (optional)
Meeting metadata: topic, description (optional), participant IP addresses, device/hardware information.
For recordings (optional): MP4 file of all video, audio and presentation recordings, M4A file of all audio recordings, text file of online meeting chat.
When dialling in by phone: information on the incoming and outgoing phone number, country name, start and end time. If necessary, further connection data such as the IP address of the device can be saved.
Text, audio and video data: you can also use the chat, question or survey functions in an “online meeting”. The text you enter will then be processed in order to display it in the “online meeting” and, if necessary, to log it. In order to display video and playback audio, the data from the microphone of your end device and from any video camera on the end device will be processed accordingly for the duration of the meeting. You can switch off or mute the camera or microphone yourself at any time via the “Zoom” applications.
In order to take part in an “online meeting” or to enter the “meeting room”, you must at least provide your name.
Scope of processing
We use “Zoom” to hold “online meetings”. If we want to record “online meetings”, we will inform you in advance and – where applicable – ask for your permission. You will also be able to see if recordings are made in the “Zoom” app.
If necessary for the purposes of logging results of an online meeting, we will log the chat content. However, this will usually not be the case.
In the case of webinars, we can also process the questions asked by webinar participants for the purpose of recording and following up on webinars.
If you are registered with “Zoom” as a user, reports on “online meetings” (meeting metadata, telephone dial-in data, questions and answers in webinars, survey function in webinars) can be stored on “Zoom” for up to 12 months.
Legal bases of data processing
Insofar as personal data is processed by employees of OxygenConcept Klauenberg GmbH, § 26 BDSG (Federal Data Protection Act) forms the legal basis for data processing. If, in connection with the use of “Zoom”, personal data is not required to establish, implement or terminate the employment relationship, but is nevertheless an elementary component of the use of “Zoom”, Art. 6 (1) lit. f) GDPR shall apply as the legal basis for data processing. In these cases, our interest is in the effective implementation of “online meetings”.
Otherwise, the legal basis for data processing when conducting “online meetings” is Art. 6 (1) (b) GDPR, insofar as the meetings are held within the framework of contractual relationships.
If there is no contractual relationship, the legal basis is Art. 6 (1) (f) GDPR. Our interest is in the effective implementation of “online meetings” in this respect too.
Recipient / disclosure of data
Personal data processed in connection with participation in “online meetings” is not generally passed on to third parties unless it is intended to be passed on. Please note that content from “online meetings” and from face-to-face meetings is often used to communicate information to customers, interested parties or third parties and is therefore intended to be passed on.
Other recipients: The provider of “Zoom” necessarily receives knowledge of the above data, insofar as this is stipulated in the context of our order processing contract with “Zoom”.
Data processing outside the European Union
“Zoom” is a service provided by a provider based in the United States. Personal data is also processed in a third country. We have concluded an order processing contract with the provider of “Zoom”, which meets the requirements of Art. 28 GDPR.
An appropriate level of data protection is guaranteed by the conclusion of the EU standard contractual clauses.
As an additional protective measure, we have also configured our Zoom so that we only use data centres in the EU, the EEA or safe third countries such as Canada or Japan to conduct our “online meetings”.
If you have given your consent to receive information/newsletters, we will only use this data to send the requested information and will not pass it on to third parties. You can revoke your consent to the storage and use of your data at any time, e.g. via the “unsubscribe” link in the newsletter. The legality of any previous data processing performed remains unaffected by this. The data you have stored with us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe and deleted after you have cancelled the newsletter. Data stored by us for other purposes (e.g. email addresses for business transactions) remain unaffected.
We maintain online presences within social networks in order to communicate with the users who are active there or to offer information about us and our activities. We would like to highlight that user data can be sent and processed outside the European Union. In this case, the European Union (“EU”) does not guarantee an “adequate level of protection” for the processing of personal data in correspondence to EU standards. As a rule, these providers offer equivalent protection within the framework of standard contractual clauses, but the enforcement of user rights may be more difficult. You can find the detailed processing of data and options for objection in the data privacy declarations of the providers of the platforms and networks in question. In case of requests for information or to assert data subject rights, it is most effective to contact the provider directly. If you still need help, feel free to contact us.
Social media links
Social networks are only included on our website as a link to the services in question. After clicking the integrated button, you will be forwarded to the website of the provider in question. User information is only transferred to the provider in question after you have been forwarded to their site. Details on the purpose and scope of the data collection, further processing and use of the data by the respective provider, and your rights in this regard and setting options for protecting your privacy can be found in the data protection information of the provider in question:
Social network; provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; website: https://www.linkedin.com
Data privacy declaration: https://de.linkedin.com/legal/privacy-policy?
Standard contractual clauses (ensuring the level of data protection when processing data outside the EU): https://www.linkedin.com/help/linkedin/answer/62533
Maps from OpenStreetMap are integrated into this website. Provider of the services is OpenStreetMap Foundation, 132 Maney Hill Road, Sutton Coldfield, West Midlands, B72 1JU, United Kingdom. To display maps for you, information about the use of this website, including your IP address, will be forwarded to OpenStreetMap. Cookies may also be saved on your computer. Furthermore, your location can be detected if you have consented to this in your settings. We have no influence over any data transmission in this context. For more details, please visit the data privacy declaration of OpenStreetMap at: https://wiki.osmfoundation.org/wiki/Privacy_Policy
FORWARDING OF DATA
External service providers
As part of our activity, it may happen that we entrust other companies or individuals with the performance of certain tasks that contribute to our activity; this is done within the framework of data processing agreements. Our external service providers are also contractually obliged to maintain confidentiality and not to use the data in any improper context or for their own purposes or to pass them on to third parties or to market them. The provider of our online meeting tool may obtain knowledge of the above data, if this is intended within the context of the data processing agreement.
If we are required by law or by a court order to disclose your personal data to public authorities, such as courts, law enforcement agencies, regulatory authorities, etc., we must comply with this request after a thorough examination.
We do not carry out automated decision-making or profiling in accordance with Art. 22 GDPR.
PURPOSES OF DATA PROCESSING
We process your personal data for the following reasons:
LEGAL BASES OF PROCESSING
If you have given your consent to the processing of your personal data for a specific purpose, then this processing is based on Art. 6 (1) lit a GDPR. If such processing is necessary in order to fulfil a contract with you or to carry out pre-contractual measures, this shall be done in accordance with Art. 6 (1)(b) GDPR. In some cases, for example, to fulfil tax obligations, there may be a legal obligation to process personal data; the legal basis for this is Art. 6 (1)(c). Ultimately, processing can be based on Art. 6(1)(f) GDPR. This is the case if the processing is carried out to protect our overriding legitimate interest, provided that your interests, fundamental rights and fundamental freedoms do not prevail. Such a legitimate interest can be assumed if you are a customer or cooperation or business partner of ours. If the processing of personal data is based on Art. (6)(1)(f) GDPR, our legitimate interest is the processing of our business activities.
DURATION OF DATA STORAGE
We adhere to the principles of data minimisation. We therefore only store your personal data for as long as this is necessary to achieve the stated purposes or as intended by the various storage obligations stipulated by the legislature. After the purpose no longer applies or these periods have expired, the corresponding data will be blocked or deleted as a matter of routine and in accordance with the statutory provisions. If none of the above storage reasons apply, any data that is no longer required will be deleted after 12 months as standard.
We have taken extensive technical and operational precautions to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorised persons. It goes without saying that we adhere strictly to data confidentiality. Our security procedures are checked regularly and adjusted to meet technological advances.
You have the right to information, correction, deletion, restriction, data transferability, retraction and objection without charge. If you believe that the processing of your data violates data protection law or your data protection claims have otherwise been violated in any way, you can contact the responsible supervisory authority.
YOU CAN REACH US USING THE FOLLOWING CONTACT DETAILS
OxygenConcept Klauenberg GmbH
Hildesheimer Straße 30/31a
38114 Braunschweig, Germany
Tel: +49 (0)531 615 79 600
Please contact us if you have any queries about data privacy.
CHANGE TO THE DATA PRIVACY DECLARATION
We reserve the right to occasionally adapt this data protection declaration so that it always corresponds to the current legal requirements or to implement changes to our services in the data privacy declaration. The current version of the data privacy declaration will then apply to your next visit.
This declaration was last updated in October 2022.