Homepage 2021 Data protection information
Data protection information

Data protection information

The following document informs you about the processing of your personal data by us and the claims and rights to which you are entitled in accordance with the data protection regulations, in particular the European General Data Protection Regulation (GDPR).

This data protection information informs you about the type, scope and purpose of the processing of personal data within our website (hereinafter "website"). The data protection information applies regardless of the domains, platforms and devices used (e.g. desktop, mobile, etc.).

Personal data within the meaning of the GDPR is all data that can be related to you personally, e.g. name, address, email addresses, user behaviour. Which data is processed in detail and how it is used depends largely on the services used by us.

In our data protection information, we use various other terms in the sense of the GDPR. These include terms such as processing, restriction of processing, profiling, pseudonymisation, controller, processor, recipient, third party, consent, supervisory authority and international organisation. You can find the corresponding definitions for these terms in Article 4 of the GDPR.

1. Who is responsible for data processing and whom can I contact?

The responsible party is:

silver.solutions GmbH
Färberstraße 26
12555 Berlin
Phone: +49 (0)30.65.48.19.90
Fax: +49 (0)30.65.48.19.99
Email: contact@silversolutions.de

You can reach our data protection officer at:

mip Consult GmbH
Rechtsanwalt Asmus Eggert
Wilhelm-Kabus-Str. 9
10829 Berlin
datenschutz@silversolutions.de
www.sofortdatenschutz.de

2. What sources and data do we use?

We process personal data that we receive from you in the course of using our website and, if applicable, our business relationship.

In the case of purely informational use of the website, i.e. if you do not register or otherwise transmit information to us, we only collect the personal data that your browser transmits to our server. When you access our website, we collect the following access data, which is technically necessary for us to display our website to you and to ensure its stability and security. The access data includes the IP address, date and time of the request, time zone difference to Greenwich Mean Time (GMT), content of the request (i.e. name of the specific website accessed), access status/HTTP status code, amount of data transferred in each case, referrer URL (previously visited page), operating system and its interface, language and version as well as type of browser software, notification of successful retrieval.

Furthermore, we receive your personal data if you contact us via contact form or email. Personal data here are e.g. name, first name, company, email, telephone number and, if applicable, the data you send us as a message (hereinafter referred to as "contact data").

3. What do we process your data for (purpose of processing) and on what legal basis?

We process personal data in accordance with the provisions of the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG) for the following purposes and on the basis of the following legal grounds:

Purpose

Legal ground

Insofar as you have given us your consent to process personal data for certain purposes, in particular for contacting you (e.g. via our contact form or by email for processing and handling the enquiry, sending newsletters, advertising approaches by telephone, email, SMS, etc.), this processing is lawful on the basis of your consent.

Consent given can be revoked at any time. Please note that the revocation is only effective for the future. Processing that took place before the revocation is therefore not affected by the revocation. The revocation can be sent to the contact details above or to datenschutz@silversolutions.de.

Consent, Art. 6 para. 1 sentence 1 lit. a) GDPR

When contacting us (via contact form or email), your data will be processed for the purpose of handling the contact request and its processing also on the basis of the implementation of pre-contractual measures, Art. 6 para. 1 sentence 1 lit. b) GDPR.

Implementation of pre-contractual measures at the request of the person, Art. 6 para. sentence 1 lit. b) GDPR

When you contact us (via contact form or email) in connection with your application, we process your data in order to check your suitability for the position (or other open positions in our companies, if applicable) and to carry out the application process. Your applicant data will be screened by the HR department after receipt of your application. Suitable applications will then be forwarded internally to the department heads for the respective open position. They will then decide on the further procedure. In principle, only those persons in the company have access to your data who need this for the proper conduct of our application procedure.

Establishment of an employment relationship, § 26 BDSG and after completion of the application procedure in the event of rejection to safeguard legitimate interests, Art. 6 para. 1 sentence 1 lit. f) GDPR (defence against claims), if applicable, if consent has been given, Art. 6 para. 1 sentence 1 lit. a) GDPR

We process your access data (see data listed above under point 2) to protect our legitimate interests or those of third parties. In particular, we pursue the following legitimate interests:

  • Ensuring IT security, in particular the security of the website;
  • Advertising or market and opinion research, insofar as no consent is required for this and you have not objected to the use of your data;
  • Assertion of legal claims and defence in legal disputes;
  • Compiling local, non-personal analyses of the use of our website using the Matomo tool;
  • Display of map material using Openstreetmap

Within the framework of the balancing of interests for the protection of legitimate interests, Art. 6 para. 1 sentence 1 lit. f) GDPR

4. Who receives my data?

Within the company, those offices that need your data to fulfil our contractual and legal obligations will receive access to it.
Processors we use (Art. 28 GDPR) may also receive data for the above-mentioned purposes. These are companies in the categories of IT services, printing services, telecommunications, advice and consulting, and sales and marketing. Where we use processors to provide our services, we take appropriate legal precautions and corresponding technical and organisational measures to ensure the protection of personal data in accordance with the relevant legal provisions.

We only disclose data to third parties who are not processors as required by law. We only pass on users' data to third parties if this is necessary, for example, on the basis of Art. 6 para. 1 sentence 1 lit. b) GDPR for contractual purposes or on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR in the economic and effective operation of our business operations, or if you have consented to the transfer of data. In the case of purely informative use of the website, we do not pass on any data to third parties.

5. How long is my data stored?

For security reasons (e.g. to defend against attacks against our IT or to clarify acts of abuse or fraud), log file information is stored for a maximum of 4 weeks and then deleted (see point 2 above). Data whose further storage is necessary to avert attacks against our IT or for evidentiary purposes are exempt from deletion until the final clarification of the respective incident.

As far as necessary, we process your personal data for the duration of our business relationship, which also includes, for example, the initiation and processing of a contract via contact form or email.

Applicant data is deleted after 6 months in the event of a rejection. In the event that you have agreed to further storage of your personal data, we will transfer your data to our applicant pool. There, the data will be deleted if you revoke your consent or after 5 years at the latest. Should we fill the advertised position with you, your data will be stored in our personnel management system.

In addition, we are subject to various storage and documentation obligations, which result from the German Commercial Code (HGB) and the German Fiscal Code (AO), among other things. The retention and documentation periods specified there are two to ten years.

Finally, the storage period is also assessed according to the statutory limitation periods, which, for example, according to §§ 195 et seq. of the German Civil Code (BGB), usually amount to three years, but in certain cases can also be up to thirty years, whereby the regular limitation period is three years.

7. What data protection rights do I have?

Every affected person has

  • the right of information according to Art. 15 GDPR (i.e. you have the right to request information about your personal data stored by us at any time),
  • the right to rectification under Art. 16 GDPR (i.e. in the event that your personal data is inaccurate or incomplete, you may request that it be rectified),
  • the right to erasure under Art. 17 GDPR and the right to restriction of processing under Art. 18 GDPR (i.e. you may have the right to request erasure or restriction of processing of your personal data if, for example, there is no longer a legitimate business purpose for such processing and legal retention obligations do not require continued storage),
  • the right to data portability under Article 20 of the GDPR (i.e. you may have the right to receive the personal data relating to you that you have provided to us in a structured, commonly used and machine-readable format and to transfer this data to another controller without hindrance).

Furthermore, you can revoke consent, in principle with effect for the future.

Furthermore, you have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR in conjunction with § 19 BDSG). You can find the supervisory authority responsible for you at https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

In addition, we would like to point out your right of objection according to Art. 21 GDPR:

Information about your right to object according to Art. 21 GDPR

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of Article 6(1) sentence 1(e) of the GDPR (data processing in the public interest) and Article 6(1) sentence 1(f) of the GDPR (data processing based on a balance of interests).

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the assertion, exercise or defence of legal claims.

In individual cases, we process your personal data to carry out direct advertising. You have the right to object at any time to the processing of personal data concerning you for the purposes of such advertising; this also applies to profiling insofar as it is related to such direct advertising. If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes.

The objection can be made form-free and you will not incur any costs other than the transmission costs according to the basic rates.

If possible, the objection should be sent to:
silver.solutions GmbH
Färberstraße 26
12555 Berlin

or by email to:
datenschutz@silversolutions.de

8. To what extent is there automated decision-making in individual cases, including profiling?

In the context of accessing our website or contacting us by form or email, we do not use fully automated decision-making pursuant to Article 22 of the GDPR. Should we use these procedures in individual cases, we will inform you about this separately if this is required by law. We do not process your data automatically with the aim of evaluating certain personal aspects (profiling).

9. Is there an obligation for me to provide data?

Within the framework of our website, you must provide the personal data that is required for the use of our website for technical or IT security reasons. If you do not provide the aforementioned data, you will not be able to use our website.

When contacting us by form or email, you only need to provide the personal data that is required to process your enquiry. Otherwise, we will not be able to process your request.

10. Newsletter

With the following information, we inform you about our newsletter as well as the registration, dispatch and evaluation procedure and inform you about your rights of objection. 

Newsletter content: We send newsletters, emails and other electronic notifications with promotional information (hereinafter "newsletter") only on the basis of the consent of the recipients. If we specifically describe individual newsletters within the scope of the registration, this description is decisive for the consent of a newsletter subscriber. If no separate description is provided, our newsletters will contain information about our products, offers and promotions as well as information about our company.

Double opt-in: Registration for our newsletter is carried out using the so-called double opt-in procedure. This means that after you have registered for the newsletter, we will send you an email in which we ask you to confirm your registration. This confirmation serves to ensure that only persons who have access to the specified email address register for our newsletter. We log the registrations to the newsletter in order to be able to prove the registration process in accordance with the legal requirements. This includes the storage of the registration and confirmation time as well as the IP address. Changes to your data stored with the newsletter service provider are also logged.

The newsletter is sent via "Sendinblue" (formerly "Newsletter2Go"). 

To register for the newsletter, it is sufficient to enter your email address. Optionally, we ask you to enter a name for the purpose of a personal address in the newsletter.

The newsletter is sent and its success is measured on the basis of the recipients' consent in accordance with Art. 6 Para. 1 Sentence 1 lit. a).

The logging of the registration process takes place on the basis of our legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR and serves as proof of consent to receive the newsletter.

You can unsubscribe from receiving our newsletter at any time, i.e. revoke your consent. You will find a link to cancel the newsletter at the end of each newsletter. If users have only subscribed to the newsletter and cancelled this subscription, their personal data will be deleted if claims for proof of previously granted consent should have become time-barred.

11. Our Facebook page

The following applies to our presence on facebook.com in addition to this data protection notice: Due to the use of Facebook Insights, we are joint controllers of our Facebook page with Facebook Ireland Ltd, 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland. The legal basis for this is the contract available on this page. The joint responsibility includes the creation of so-called events and their aggregation in page insights provided to us. What events are is described on the aforementioned Facebook Insights webpage. According to Facebook, these are in particular

• Viewing a page, post, video, story or other content associated with a page
• Interacting with a story
• Subscribe or unsubscribe to a Page
• Tag a page or post with "Like" or "Stop liking"
• Recommend a page in a post or comment
• Comment, share or respond to a Page post (including how you respond)
• Hide a Page post or report it as spam
• Hover over a link to a page or the name or profile picture of a page to preview page content
• Click on the website button, phone number button, "plan route" button or any other button on a page
• See a page's event, respond to an event (including how to respond), click on a link for event tickets
• Start a Messenger conversation with the page
• View or click on items in a page shop
• Information about the action, the person who took the action and the browser/app used to do it. These are for example:
• Date and time of the action
• Country/city (estimated from the IP address or imported from the user profile if the user is logged in)
• Language code (from the HTTP header of the browser and/or the language setting)
• Age/gender group (from user profile, only for logged in users)
• Previously visited websites (from the browser HTTP header)
• Whether the action was taken on a computer or on a mobile device (from the browser user agent or app attributes)
• Facebook user ID (only for logged in users)

Facebook Ireland ensures that it has a legal basis for processing the Insights Data, which is set out in the Facebook Ireland Data Policy. Facebook Ireland undertakes compliance with the obligations under the GDPR for the processing of Insights Data (including Articles 12 and 13 GDPR, Articles 15 to 21 GDPR, Articles 33 and 34 GDPR). Facebook Ireland takes appropriate technical and organisational measures in accordance with Article 32 of the GDPR to ensure the security of the processing. This includes the measures set out on this page below (this will be updated from time to time to take account of, for example, technological developments). All Facebook Ireland employees involved in the processing of Insights data are bound by appropriate agreements to maintain the confidentiality of Insights data.

Facebook Ireland provides data subjects with the essentials of this Page Insights supplement (Article 26(2) of the GDPR). This is currently done through the Page Insights Data information, which can be accessed from all pages.

If a data subject asserts against us the rights to which he or she is entitled under the GDPR with regard to the processing of Insights data, we are obliged to forward to Facebook Ireland without undue delay, but no later than within seven calendar days, all relevant information regarding such requests. Facebook Ireland is committed to responding to requests from data subjects in accordance with our obligations under this Policy.

The above statements do not affect the claims to which every data subject is entitled directly against us, in particular those arising from Art. 15 et seq. GDPR.

The legal basis for the corresponding data processing is Art. 6 para. 1 lit. f) GDPR. Only persons who purposefully call up our page on facebook.com and therefore deliberately use a website to which the data policy for facebook.com applies are affected by the data processing. The data processing to which the data subject is subject as a result of visiting our website on facebook.com therefore does not go beyond the data processing which Facebook would also carry out without our website existing on facebook.com. If the data subject did not agree to this, he or she would not visit facebook.com. From the visit to our website on facebook.com, it therefore follows that the data subject has an overriding interest in visiting our page there in order to be able to consume the content offered by us there and to interact with it, taking into account the resulting data processing. Our legitimate interest is therefore to use this site for our corporate communication in order to directly or indirectly promote the sales of the services we offer.

11. Cookies

11.1 General

We use cookies on our Internet pages. Cookies are small text files, usually consisting of letters and numbers, which are placed on the user's computer when they visit certain websites.

Some of these cookies are essential for our website to function, while other cookies help us to improve our website by giving us insight into how you use the website.

By default, we only use necessary cookies. Necessary cookies enable the core functionalities of our website. The website may not display correctly or some areas may not function properly without these cookies. Necessary cookies can only be prevented by appropriate settings in your browser.

We only use cookies that are not necessary for the website to function ("non-essential cookies") if you have given your consent via our cookie banner.

You can revoke your consent or make changes at any time via the "Privacy settings" in the footer area.

The following additional options exist with regard to cookies:

11.2 Third party providers that use cookies

11.2.1 Google Analytics

We use the Google Analytics web analytics service from Google Ireland Limited (registration number: 368047), Gordon House, Barrow Street, Dublin 4, Ireland ("Google") based on your consent.

The Google Analytics web analytics service uses cookies. The information generated by the cookies about the use of our website is usually transmitted to a Google server in the USA and stored there. We have concluded standard data protection clauses issued by the EU Commission within the meaning of Article 46 (2) c) of the GDPR with Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Despite the conclusion of standard data protection clauses with Google, there are corresponding risks associated with the processing of your data in the USA.

Google will use this information on our behalf for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity. In doing so, pseudonymous usage profiles can be created from the processed data.

We use Google Analytics with IP anonymisation activated. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.

The IP address transmitted by the user's browser will not be merged with other data from Google. Users can prevent the storage of cookies by setting their browser software accordingly; users can also prevent the collection of the data generated by the cookie and the transmission to Google as well as the processing of this data by Google by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

Further information on data processing by Google, setting and objection options are available on Google's websites at https://www.google.de.

11.2.2. Google reCaptcha

We use the "Google reCAPTCHA" service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google") on the basis of your consent.

The processing of data within the scope of this service also takes place in the USA. Standard data protection clauses issued by the EU Commission within the meaning of Article 46 (2) (c) of the GDPR have been concluded with Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Despite the conclusion of standard data protection clauses with Google, there are corresponding risks associated with the processing of your data in the USA. By giving your consent via our cookie banner, you agree to the processing of your data in the USA despite potential access by US authorities.

The purpose of reCAPTCHA is to check whether the data input on our websites (e.g. in a contact form) is made by a human being or by an automated programme. For this purpose, reCAPTCHA analyses the behaviour of the website visitor on the basis of various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent by the website visitor on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google.

Further information and the applicable Google privacy policy can be found at https://www.google.com/intl/de/policies/privacy/.

12.2.3 Integration of YouTube videos

YouTube videos are embedded on our website. The provider of YouTube is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, https://www.youtube.com/t/impressum?hl=de&gl=DE.

You can find the data protection information on YouTube at https://policies.google.com/privacy?hl=de&gl=de.

We have integrated the corresponding videos in such a way that, according to Google, personal data is only processed when you click on a video.

We use YouTube because we do not have the technical means to deliver the videos in such a way that they can be accessed by any number of users in parallel and with high performance. In this way, we increase the usability and attractiveness of our offer. The legal basis for this is Art. 6 para. 1 f) GDPR.

Further information on the purpose and scope of data collection and processing by YouTube can be found in the data protection information. There you will also find further information on your rights and setting options to protect your privacy:
You can find the YouTube privacy information at https://policies.google.com/privacy and opt-out from personalised advertising is possible at https://adssettings.google.com/authenticated.

12. Third-party services that do not set cookies

This website uses Matomo, an open source, self-hosted software to collect anonymous usage data for this website.
We use Matomo's web analytics service to perform reach measurement for the web pages under the domain www.silversolutions.de and to understand how and why our website is used. We also use Matomo to identify any technical problems with the use of our websites. Against the background of these legitimate interests, the legal basis for this data processing is Art. 6 para. 1 lit. f GDPR.

The data collected via Matomo is not combined with other data or transmitted to other data controllers within the meaning of the GDPR.

General information on Matomo can be found at https://matomo.org/.

Open Street Maps

On this website we use the services of the Openstreetmap Foundation, 132 Maney Hill Road, Sutton Coldfield, West Midlands, B72 1JU UK.

This enables us to show you interactive maps directly on the website and allows you to use the map function conveniently.

Open Street Map is integrated in such a way that data about you as a user is only transmitted once you have activated the map by clicking on it. We have no influence on the data transmission to Openstreetmap that then takes place.

By calling up the map service, the user's data is used by OpenStreetMap exclusively for the purpose of the best possible display of the map functions and temporary storage of the selected settings. This data includes, in particular, IP addresses, data on your browser, device and operating system, as well as on website access.

Further information on the purpose and scope of the data collection and its processing by the plug-in provider can be found in the Open Street Map data protection information. There you will also find further information on your rights in this regard and setting options for protecting your privacy https://wiki.osmfoundation.org/wiki/Privacy_Policy.

Get in touch