Privacy policy
We take data protection seriously
Protecting your privacy when processing personal data is an important concern for us. When you visit our website, our web servers store the IP of your Internet service provider, the website from which you visit us, the web pages you visit on our site and the date and duration of your visit as standard. This information is essential for the technical transmission of the web pages and secure server operation. There is no personalized analysis of this data.
Responsible party:
OptWare GmbH
Prüfeninger Street 20
93049 Regensburg
Phone: +49 941 85099600
E-mail: info@optware.de
Personal data
Personal data is data about your person. This includes your name, your address and your e-mail address. You do not have to disclose any personal data in order to visit our website. In some cases, we need your name and address as well as other information in order to be able to offer you the requested service.
The same applies if we supply you with information material on request or if we answer your inquiries. In these cases, we will always point this out to you. Furthermore, we only store the data that you have transmitted to us automatically or voluntarily.
If you use one of our services, we generally only collect the data that is necessary to provide you with our service. We may ask you for further information, but this is voluntary. Whenever we process personal data, we do so in order to be able to offer you our service or to pursue our commercial objectives.
Making contact
When contacting us (e.g. by contact form, e-mail, telephone or via social media), the data of the inquiring persons are processed insofar as this is necessary to answer the contact inquiries and any requested measures.
Contact inquiries are answered in the context of contractual or pre-contractual relationships in order to fulfil our contractual obligations or to respond to (pre)contractual inquiries and otherwise on the basis of legitimate interests in responding to the inquiries.
Processed data types: Inventory data (e.g. names, addresses), Contact data (e.g. e-mail, telephone numbers), Content data (e.g. entries in online forms).
Data subjects: Communication partners.
Purposes of processing: Contact requests and communication.
Legal bases: Contract fulfillment and pre-contractual inquiries (Art. 6 para. 1 lit. b. GDPR), Legitimate interests (Art. 6 para. 1 lit. f. GDPR).
Automatically stored data
Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are
Date and time of the request
Name of the requested file
Page from which the file was requested
Access status (file transferred, file not found, etc.)
Web browser and operating system used
Complete IP address of the requesting computer
Volume of data transferred
This data is not merged with other data sources. Processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website.
For reasons of technical security, in particular to defend against attempted attacks on our web server, this data is stored by us for a short period of time.
Cookies
When you visit our website, we may store information on your computer in the form of cookies.Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters through which websites and servers can be assigned to the specific Internet browser in which the cookie was stored. This enables the websites and servers visited to distinguish the individual browser of the data subject from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified via the unique cookie ID.
Through the use of session cookies, the controller can provide the users of this website with a user-friendly service that would not be possible without the setting of cookies. Without consent, we only use technically necessary cookies on the legal basis of legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR.
We only use personal cookies to improve our website or for marketing/advertising purposes with your consent. On your first visit, you can voluntarily consent to tracking or analysis via the cookie banner that appears.
Your data may be passed on to partners or third-party providers.These cookies are only stored if you explicitly consent to this; the legal basis is then your consent in accordance with Art. 6 para. 1 lit. a GDPR.
You can change your settings for the use of cookies at any time via the “Cookie settings” link at the bottom of this website.
Borlabs Cookie
Our website uses Borlabs Cookie’s cookie consent technology to obtain your consent to the storage of certain cookies in your browser and to document this in accordance with data protection regulations. The provider of this technology is Borlabs Rübenkamp 32, 22305 Hamburg, Germany (hereinafter referred to as Borlabs).
When you enter our website, a Borlabs cookie is stored in your browser, in which the consent you have given or the revocation of this consent is stored. This data is not passed on to the provider of Borlabs Cookie.
The data collected will be stored until you ask us to delete it or delete the Borlabs cookie yourself or until the purpose for storing the data no longer applies. Mandatory statutory retention periods remain unaffected. Details on data processing by Borlabs Cookie can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/
Borlabs cookie consent technology is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 sentence 1 lit. c GDPR.
We have concluded an order processing contract (AV) in accordance with Art. 28 GDPR with the above-mentioned provider. This is a contract prescribed by data protection law, which ensures that the provider processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.
Polylang (language switch)
The provider is WP SYNTEX, 28, rue Jean Sébastien Bach, 38090 Villefontaine, France.
Polylang generates the functional cookie pll_language. It stores a language preference for the visitor in order to support multilingual websites. The use of Polylang is in the interest of an appealing presentation of our online offers and is based on our legitimate interest. (Art. 6 para. 1 lit. f GDPR).
The storage period is one year.
You can find Polylang’s privacy policy here: https://polylang.pro/privacy-policy/
etracker
This website uses the analytics service etracker. The provider is etracker GmbH, Erste Brunnenstraße 1, 20459 Hamburg, Germany.
With etracker we can analyze the behavior of our website visitors.For this purpose, etracker collects, among other things, your shortened e-mail address, geo-information (maximum city level), log files and other information that your browser transmits to our web server when you visit the website.This allows us to measure website interactions such as time spent on the website, conversions (e.g. registrations, orders), scroll events, clicks and page views of the website visitor.
These interactions are assigned to the website visitor for the duration of the current day so that they can be recognized on subsequent visits. After the end of the day, visitor recognition is no longer possible.
Without your consent, no cookies are stored in your browser and no information is read from the memory of your end device. The cookie-free use of this analysis tool is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising. The rights and fundamental freedoms of the data subjects are safeguarded. The IP address is anonymized as early as possible during the analysis with etracker and visitor recognition is only possible for the duration of the current day.
Without your consent, no cookies will be stored in your browser and no information will be read from the memory of your end device. The cookie-free use of this analysis tool is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising. The rights and fundamental freedoms of the data subjects are safeguarded.
The IP address is anonymized as early as possible during the analysis with etracker and visitor recognition is only possible for the duration of the current day.
If a corresponding consent has been requested, the processing is carried out exclusively on the basis of
on the basis of Art. 6 para. 1 lit. a GDPR and 25 para. 1 TDDDG. Consent can be revoked at any time.
We have concluded an order processing contract (AV) in accordance with Art. 28 GDPR with the above-mentioned provider. This is a contract prescribed by data protection law, which ensures that the provider processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.
Clarity
This website uses Clarity. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA98052-6399 (USA), https://docs.microsoft.com/en-us/clarity/ (hereinafter referred to as “Clarity”).
Clarity is a tool for analyzing user behavior on this website.
Clarity records
in particular mouse movements and creates a graphical representation of which part of the website users
website users scroll particularly frequently (heat maps). Clarity can also record sessions so that we can view page usage in the form of videos. We also receive information about general user behavior within our website.
Clarity uses technologies that enable the recognition of the user for the purpose of analyzing user
user behavior (e.g. cookies or the use of device fingerprinting). Your
personal data is stored on Microsoft servers (Microsoft Azure Cloud Service) in the USA.
The use of Clarity is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in effective user analysis. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.
Further details on Clarity’s data protection can be found here:
https://docs.microsoft.com/en-us/clarity/faq.
We have concluded a data processing agreement (DPA) in accordance with Art. 28 GDPR with the above-mentioned provider. This is a contract required by data protection law, which ensures that the provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
Facebook Pixel
This website uses Facebook’s visitor action pixel to measure conversions. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected is also transferred to the USA and other third countries.
This allows the behavior of site visitors to be tracked after they have clicked on a
Facebook ad to the provider’s website. This allows the
effectiveness of Facebook ads can be evaluated for statistical and market research purposes
and optimize future advertising measures.
The data collected is anonymous to us as the operator of this website; we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes in accordance with the Facebook Data Usage Policy. This allows Facebook to place advertisements on Facebook pages and outside of Facebook. This use of the data cannot be influenced by us as the site operator.
The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and 25 para. 1 TDDDG. Consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission.
You can find details here:
https://www.facebook.com/legal/EU_data_transfer_addendum and
https://de-de.facebook.com/help/566994660333381.
Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 GDPR). The joint responsibility is limited exclusively to the collection of the data and its transfer to Facebook. The processing carried out by Facebook after forwarding is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in an agreement on joint processing. You can find the wording of the agreement at
https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the data protection information when using the Facebook tool and for the secure implementation of the tool on our website in accordance with data protection law. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g. requests for information) regarding the data processed by Facebook directly with Facebook. If you assert your data subject rights with us, we are obliged to forward them to Facebook.
You can find further information on protecting your privacy in Facebook’s data protection information: https://de-de.facebook.com/about/privacy/.
You can also deactivate the remarketing function “Custom Audiences” in the settings for
Disable ads at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this
you must be logged in to Facebook.
If you do not have a Facebook account, you can deactivate usage-based advertising from Facebook on the website of the European Interactive Digital Advertising Alliance:
http://www.youronlinechoices.com/de/praferenzmanagement/.
Google Maps
This site uses the map service Google Maps. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
To use the functions of Google Maps, it is necessary to save your IP address. This
information is usually transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. If Google Maps is activated, Google may use Google Web Fonts for the purpose of uniform display of fonts. When you access Google Maps, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.
The use of Google Maps is in the interest of an appealing presentation of our online offers and easy
offers and to make it easy to find the places we indicate on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission.
Details can be found here:
https://privacy.google.com/businesses/gdprcontrollerterms/ and
https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.
You can find more information on the handling of user data in Google’s privacy policy: https://policies.google.com/privacy?hl=de.
Google reCAPTCHA
We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on this website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
The purpose of reCAPTCHA is to check whether the data input on this website (e.g. in a contact form) is made by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent on the website by the website visitor or mouse movements made by the user). The data collected during the analysis is forwarded to Google.
The reCAPTCHA analyses run completely in the background. Website visitors are not informed that an analysis is taking place.
The data is stored and analyzed on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its website from abusive automated spying and SPAM. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.
For more information about Google reCAPTCHA, please refer to the Google Privacy Policy and the Google Terms of Service at the following links:
https://policies.google.com/privacy?hl=de and
https://policies.google.com/terms?hl=de.
YouTube
This website integrates videos from YouTube. The operator of the pages is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
We use YouTube in extended data protection mode. According to YouTube, this mode means that
YouTube does not store any information about visitors to this website before they watch the video. However, the transfer of data to YouTube partners is not necessarily excluded by the extended data protection mode. For example, YouTube establishes a connection to the Google DoubleClick network regardless of whether you watch a video.
As soon as you start a YouTube video on this website, a connection to the servers of YouTube servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.
Furthermore, YouTube can store various cookies on your end device after starting a video or use comparable recognition technologies (e.g. device fingerprinting). In this way, YouTube can obtain information about visitors to this website. This information is used, among other things, to record video statistics, improve user-friendliness and prevent fraud attempts.
If necessary, further data processing operations may be triggered after the start of a YouTube video be triggered, over which we have no influence. The use of YouTube is in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.
Further information about data protection at YouTube can be found in their privacy policy at: https://policies.google.com/privacy?hl=de.
Vimeo without tracking (Do-Not-Track)
This website uses plugins from the video portal Vimeo. The provider is Vimeo Inc, 555 West 18th Street, New York, New York 10011, USA.
When you visit one of our pages equipped with Vimeo videos, a connection to the Vimeo servers is established. This tells the Vimeo server which of our pages you have visited. Vimeo also obtains your IP address. However, we have configured Vimeo so that Vimeo does not track your user activities and does not set any cookies.
The use of Vimeo is in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission and, according to Vimeo, on “legitimate business interests”. Details can be found here:
https://vimeo.com/privacy.
Further information on the handling of user data can be found in Vimeo’s privacy policy at: https://vimeo.com/privacy.
Online Applications
On our homepage, we offer applicants the opportunity to apply for the advertised job vacancies. The data is entered into an input form or uploaded.
Your data is collected and processed as part of the application process.
The required data includes, in particular, your personal details (especially first and last name, name suffixes, nationality), your contact details (especially private address, mobile and landline number, email address), other data such as skill data, and, if applicable, special health data (e.g., severe disability).
We process your personal data in compliance with all relevant laws, such as the GDPR and the German Federal Data Protection Act (BDSG).
Data processing is carried out as part of the application process. The relevant legal basis for this is Article 6 (1) (b) GDPR and, where applicable, your explicit consent (e.g., for health data).
After the application process has been completed, the data is stored in accordance with legal retention periods and then deleted.
If you are hired, the data processed so far will be retained and processed in accordance with the employee information obligations.
Online presence on Linkedin
If you have given your consent pursuant to Article 6 (1) sentence 1 (a) GDPR to the respective social media provider, your data will be automatically collected and stored for market research and advertising purposes when you visit our online presence on the aforementioned social media platforms. User profiles are created using pseudonyms. These may be used to place advertisements within and outside the platforms that presumably match your interests. Cookies are generally used for this purpose. For detailed information on the processing and use of data by the respective social media provider, as well as contact details and your rights and settings options to protect your privacy, please refer to the data protection notices of the respective providers linked below. If you need further assistance, you may contact us.
Security
We have implemented technical and administrative security measures to protect your personal data against loss, destruction, manipulation, and unauthorized access. All our employees and service providers working for us are bound by applicable data protection laws.
Whenever we collect and process personal data, it is encrypted before transmission. This means that your data cannot be misused by third parties. Our security measures are subject to continuous improvement, and our privacy policies are regularly updated. Please ensure that you have the latest version available.
Rights of Data Subjects
You have the right to access, rectify, delete, or restrict the processing of your stored data at any time, as well as the right to object to processing and the right to data portability and to file a complaint in accordance with data protection laws.
Right of Access: You can request information from us about whether and to what extent we process your data.
Right to Rectification: If we process incomplete or incorrect data, you may request its correction or completion at any time.
Right to Deletion: You can request the deletion of your data if we process it unlawfully or if the processing disproportionately interferes with your legitimate protection interests. Please note that there may be reasons that prevent immediate deletion, such as statutory retention obligations.
Regardless of your right to deletion, we will immediately and completely delete your data as long as no contractual or legal retention obligation opposes this.
Right to Restriction of Processing:
You may request the restriction of data processing if:
You dispute the accuracy of the data, for a period allowing us to verify the data’s accuracy.
The processing is unlawful, but you oppose deletion and instead request restriction of data use.
We no longer need the data for the intended purpose, but you require it for asserting or defending legal claims.
You have objected to the processing of your data.
Right to Data Portability: You can request that we provide you with the data you have given us in a structured, commonly used, and machine-readable format and that we transmit this data to another controller without hindrance, provided that:
We process this data based on your consent or to fulfill a contract between us, and
This processing is carried out using automated procedures.
If technically feasible, you may request that we transmit your data directly to another controller.
Right to Object: If we process your data based on legitimate interest, you may object to this processing at any time, including profiling based on these provisions. We will then no longer process your data unless we can demonstrate compelling legitimate grounds for processing that override your interests, rights, and freedoms or if the processing serves to assert, exercise, or defend legal claims. You may object to the processing of your data for direct marketing purposes at any time without providing reasons.
Right to Lodge a Complaint: If you believe that we are processing your data in violation of German or European data protection law, please contact us so that we can clarify any questions. You also have the right to contact the relevant supervisory authority, the respective state data protection office.
If you wish to exercise any of the above rights, please contact our Data Protection Officer. In case of doubt, we may request additional information to verify your identity.
Changes to this Privacy Policy
We reserve the right to amend our privacy policy if this becomes necessary due to new technologies. Please ensure that you have the latest version available. If fundamental changes are made to this privacy policy, we will announce them on our website.
All interested parties and visitors to our website can contact us regarding data protection issues at:
Mr. Robert Heindl
Projekt 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg
Tel.: +49 941 2986930
Fax: +49 941 29869316
Email: anfragen@projekt29.de
Website: www.projekt29.de