Privacy Policy

Learn more

Thank you very much for your interest in UnternehmerTUM Projekt GmbH.

It is generally possible to use our website without providing any personal data. However, if a data subject wishes to make use of special services of our company via our website, it may be necessary to process personal data. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the data subject.

As the controller, we have implemented numerous technical and organisational measures to ensure that the personal data processed via this website is protected as completely as possible.

By means of this data protection declaration, our company would like to inform the public about the type, scope and purpose of the personal data we collect, use and process.

1. definitions

The data protection declaration of the UnternehmerTUM Projekt GmbH is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our privacy policy should be easy to read and understand. To ensure this, we would like to explain the terms used in advance.

We use the following terms, among others, in this privacy policy:

  • personal data: Personal data means any information relating to an identified or identifiable natural person (hereinafter "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
  • Data subject: A data subject is any identified or identifiable natural person whose personal data is processed by the controller.
  • Processing: Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
  • Restriction of processing: Restriction of processing is the marking of stored personal data with the aim of restricting its future processing.
  • Profiling: Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
  • Pseudonymisation: Pseudonymisation is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
  • Controller: The controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
  • Processor: A processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
  • Recipient: Recipient is a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not it is a third party. However, public authorities which may receive personal data in the framework of a particular enquiry in accordance with Union or Member State law shall not be regarded as recipients.
  • Third party: A third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
  • Consent: Consent is any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

2. Controller

The Controller within the meaning of the General Data Protection Regulation is:

UnternehmerTUM Projekt GmbH
Lichtenbergstr.6
85748 Garching near Munich
Germany
+49 89 18 94 69 0
@ info@unternehmertum.de

www.unternehmertum.de

3. data protection officer

The data protection officer of the controller is

Alexander Stolberg
Stolberg SVF Attorneys at Law
Oberanger 30
80331 Munich
Germany
+49 89 210 25 120
@ stolberg@unternehmertum.de

www.svf-law.de

Any data subject can contact our data protection officer directly at any time with any questions or suggestions regarding data protection.

4. cookies

The Internet pages of the UnternehmerTUM Projekt GmbH use cookies. Cookies are text files that are placed and stored on a computer system via an Internet browser.

Numerous websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier for the cookie. It consists of a character string that allows websites and servers to be assigned to the specific internet browser in which the cookie was stored. This enables the websites and servers visited to distinguish the individual browser of the data subject from other Internet browsers that contain other cookies. A specific internet browser can be recognised and identified via the unique cookie ID.

Through the use of cookies, the UnternehmerTUM Projekt GmbH can provide the users of this website with more user-friendly services that would not be possible without the cookie setting.

Cookies can be used to optimise the information and offers on our website for the benefit of the user. As already mentioned, cookies enable us to recognise the users of our website. The purpose of this recognition is to make it easier for users to use our website. For example, the user of a website that uses cookies does not have to re-enter their access data each time they visit the website because this is taken over by the website and the cookie stored on the user's computer system. Another example is the cookie for a shopping basket in an online shop. The online shop remembers the items that a customer has placed in the virtual shopping basket via a cookie.

The data subject can prevent the setting of cookies by our website at any time by means of a corresponding setting of the Internet browser used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programmes. This is possible in all common internet browsers. If the data subject deactivates the setting of cookies in the Internet browser used, not all functions of our website may be fully usable.

5. collection of general data and information

Personal data is information that relates to an identified or identifiable natural person (Art. 4 No. 1 GDPR). This includes, in particular, names, address data, telephone numbers or email addresses.

Each time our website is accessed, information is stored in a log file by our hosting provider. These so-called log files contain information about retrieved files, status codes, time stamps and system information. This data is not personalised and does not allow any conclusions to be drawn about a specific person. IP addresses are also stored in log files. We cannot easily assign these to a specific person.

If you wish to view our website, we collect the aforementioned data, which is technically necessary for us to display our website to you and to ensure stability and security. The legal basis for the processing is the necessity to safeguard our legitimate interests in accordance with Art. 6 para. 1 f) GDPR.

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are

  • Browser type and browser version
  • Operating system used
  • Referrer URL
  • Host name of the accessing computer
  • Time of the server request
  • IP address

This data is not merged with other data sources.

Some of the data is collected to ensure that the website is provided without errors.

6. Newsletter

see our privacy policy Newsletter

7. contact via the website

The website of the UnternehmerTUM Projekt GmbH contains information that enables a quick electronic contact to our enterprise, as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If a data subject contacts the data controller by e-mail or via a contact form, the personal data transmitted by the data subject is automatically stored. Such personal data transmitted on a voluntary basis by a data subject to the controller are stored for the purposes of processing or contacting the data subject. This personal data is not passed on to third parties.

8. Data protection for applications and application procedures

The data controller collects and processes the personal data of applicants for the purpose of handling the application process. This involves processing personal data that the applicant has provided to UnternehmerTUM (CV, certificates, questionnaires, interviews, previous activities) or job-related information that the controller has obtained from publicly accessible sources (e.g. professional social media networks, website with application, etc.).

This also includes information that is publicly accessible and contains work-related data, such as a profile on professional social media networks.

Processing may also be carried out electronically. This is particularly the case if an applicant sends the relevant application documents to the controller by electronic means, for example by e-mail.

If the controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If the controller does not conclude an employment contract with the applicant, the application documents will be automatically deleted six months after notification of the rejection decision, unless deletion conflicts with any other legitimate interests of the controller.

Other legitimate interest in this sense is, for example, a burden of proof in proceedings under the General Equal Treatment Act (AGG).

9. Routine deletion of personal data

The controller shall process and store the personal data of the data subject only for the period necessary to achieve the purpose of storage, or as far as this is granted by the European legislator or other legislators in laws or regulations to which the controller is subject to.

If the storage purpose no longer applies or if a storage period prescribed by the European legislator or another competent legislator expires, the personal data will be routinely blocked or erased in accordance with the statutory provisions.

10. YouTube

We use the technical platform and services of the YouTube video portal provided by Google Ireland Limited. The contact details of the platform provider are as follows Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.one way to contact us is via the page https://www.YouTube.com/t/contact_us

We would like to point out that you use this YouTube page and its functions at your own risk. This applies in particular to the use of the interactive functions (e.g. commenting, sharing, rating).

When you visit our YouTube page, YouTube collects, among other things, your IP address and other information that is stored on your PC in the form of cookies. This information is used to provide us, as the operator of the YouTube pages, with statistical information about the use of the pages.

YouTube provides more information on this under the following link: https://www.youtube.com/static?gl=DE&template=terms&hl=de The data collected about you in this context is processed by Google Ireland Limited and may be transferred to countries outside the European Union. What information Google receives and how it is used is described by Google in general terms in its data usage guidelines. There you will also find information on how to contact YouTube and the settings options for adverts. The data usage guidelines are available at the following link: https://policies.google.com/privacy

How YouTube uses the data from visits to YouTube pages for its own purposes, to what extent activities on the YouTube page are assigned to individual users, how long YouTube stores this data and whether data from a visit to the YouTube page is passed on to third parties is not conclusively and clearly stated by YouTube and is not known to us.

When you access a YouTube page, the IP address assigned to your end device is transmitted to YouTube. YouTube also stores information about the end devices of its users; YouTube may thus be able to assign IP addresses to individual users.

If you are currently logged in to YouTube as a user, a cookie with your YouTube ID will be stored on your device as a result of your login. This enables YouTube to recognise that you have visited this page and how you have used it. This also applies to all other YouTube pages. YouTube buttons integrated into websites enable YouTube to record your visits to these websites and assign them to your YouTube profile. This data can be used to offer you customised content or advertising.

If you want to avoid this, you should log out of YouTube, delete the cookies on your device and close and restart your browser. In this way, YouTube information that can be used to directly identify you will be deleted. This allows you to use our YouTube page without revealing your YouTube identifier. If you access interactive functions on the site (like, comment, share, etc.), a YouTube login screen will appear. If you log in now, you will once again be recognisable to YouTube as a specific user. Information on how you can manage or delete existing information about you can be found on the YouTube support page at https://support.google.com/you....

11. LinkedIn

The data controller has integrated components of LinkedIn Corporation on this website. LinkedIn is an Internet-based social network that enables users to connect with existing business contacts and make new business contacts. Over 400 million registered people use LinkedIn in more than 200 countries. This makes LinkedIn currently the largest platform for business contacts and one of the most visited websites in the world.

The operating company of LinkedIn is LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA. LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible for data protection matters outside the USA.

Each time you visit our website, which is equipped with a LinkedIn component (LinkedIn plug-in), this component causes the browser used by the data subject to download a corresponding representation of the LinkedIn component. Further information on the LinkedIn plug-ins can be found at https://developer.linkedin.com... can be accessed. As part of this technical process, LinkedIn receives information about which specific subpage of our website is visited by the data subject.

If the data subject is logged in to LinkedIn at the same time, LinkedIn recognises which specific sub-page of our website the data subject is visiting each time the data subject accesses our website and for the entire duration of their stay on our website. This information is collected by the LinkedIn component and assigned by LinkedIn to the respective LinkedIn account of the data subject. If the data subject clicks on one of the LinkedIn buttons integrated on our website, LinkedIn assigns this information to the personal LinkedIn user account of the data subject and stores this personal data.

LinkedIn always receives information via the LinkedIn component that the data subject has visited our website if the data subject is logged in to LinkedIn at the same time as accessing our website; this takes place regardless of whether the data subject clicks on the LinkedIn component or not. If the data subject does not want this information to be transmitted to LinkedIn, they can prevent the transmission by logging out of their LinkedIn account before accessing our website.

LinkedIn offers the option to unsubscribe from email messages, SMS messages and targeted ads and to manage ad settings at https://www.linkedin.com/psett.... LinkedIn also uses partners such as Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua and Lotame, which can set cookies. Such cookies can be rejected at https://www.linkedin.com/legal... can be rejected. The applicable data protection provisions of LinkedIn can be found at https://www.linkedin.com/legal... can be accessed. LinkedIn's cookie policy is available at https://www.linkedin.com/legal....

12. Google Analytics (with anonymisation function)

This website uses Google Analytics, a web analytics service provided by Google Ireland Ltd ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymisation is activated on this website, your IP address will first be truncated by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. Google will use this information on behalf of the operator of this website to analyse your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage.

The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

This website uses Google Analytics with the extension "_anonymiseIp()". This means that IP addresses are further processed in abbreviated form, so that they cannot be linked to a specific person. If the data collected about you is personally identifiable, it is immediately excluded and the personal data is deleted immediately.

We use Google Analytics to analyse and regularly improve the use of our website. We can use the statistics obtained to improve our offer and make it more interesting for you as a user. The legal basis for the use of Google Analytics is Art. 6 para. 1 sentence 1 lit. f GDPR.

Information from the third-party provider: Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.

Terms of use: http://www.google.com/analytics/terms/de.html

Overview of data protection: http://www.google.com/intl/de/analytics/learn/privacy.html , as well as the privacy policy: https://policies.google.com/privacy?hl=de

This website also uses Google Analytics for a cross-device analysis of visitor flows, which is carried out via a user ID. You can deactivate the cross-device analysis of your usage in your customer account under "My data", "Personal data".

13. legal basis

Art. 6 I lit. a GDPR serves our company as the legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is party, as is the case, for example, with processing operations necessary for the supply of goods or the provision of any other service or consideration, the processing is based on Art. 6 I lit. b GDPR. The same applies to such processing operations that are necessary for the performance of pre-contractual measures, for example in cases of enquiries about our products or services. If our company is subject to a legal obligation which requires the processing of personal data, such as for the fulfilment of tax obligations, the processing is based on Art. 6 I lit. c GDPR. In rare cases, the processing of personal data may become necessary in order to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor were injured in our company and their name, age, health insurance details or other vital information would have to be passed on to a doctor, hospital or other third party. The processing would then be based on Art. 6 I lit. d GDPR. Ultimately, processing operations could be based on Art. 6 I lit. f GDPR. Processing operations that are not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary to safeguard a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject do not prevail. We are permitted to carry out such processing operations in particular because they have been specifically mentioned by the European legislator. In this respect, it took the view that a legitimate interest could be assumed if the data subject is a customer of the controller (Recital 47 Sentence 2 GDPR).

14. Your rights

Every data subject has the right

  • for information in accordance with Article 15 GDPR
  • the right to rectification in accordance with Article 16 GDPR
  • the right to erasure in accordance with Article 17 GDPR
  • the right to restriction of processing in accordance with Article 18 GDPR
  • the right to object under Article 21 GDPR and
  • the right to data portability under Article 20 GDPR.

The restrictions under Sections 34 and 35 BDSG apply to the right to information and the right to erasure. In addition, there is a right of appeal to a competent data protection supervisory authority (Article 77 GDPR in conjunction with & 19 BDSG).

You can withdraw your consent to the processing of personal data at any time. This also applies to the revocation of declarations of consent given to us before the General Data Protection Regulation came into force, i.e. before 25 May 2018.

Please note that the cancellation is only effective for the future. Processing that took place before the cancellation is not affected.

15. legitimate interests in the processing pursued by the controller or a third party

Where the processing of personal data is based on Article 6 I lit. f GDPR, our legitimate interest is the performance of our business activities for the benefit of the well-being of all our employees and our shareholders.

16. duration of data storage

The criterion for the duration of the storage of personal data is the respective statutory retention period. After this period has expired, the corresponding data is routinely deleted, provided it is no longer required for the fulfilment or initiation of a contract.

17. legal or contractual provisions for the provision of personal data; necessity for the conclusion of the contract; obligation of the data subject to provide the personal data; possible consequences of non-provision

We would like to inform you that the provision of personal data is partly required by law (e.g. tax regulations) or can also result from contractual regulations (e.g. information on the contractual partner). Sometimes it may be necessary for a contract to be concluded for a data subject to provide us with personal data that must subsequently be processed by us. For example, the data subject is obliged to provide us with personal data if our company concludes a contract with them. Failure to provide the personal data would mean that the contract with the data subject could not be concluded. Before the data subject provides personal data, the data subject must contact our data protection officer. Our data protection officer will inform the data subject on a case-by-case basis whether the provision of the personal data is required by law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data and what the consequences would be if the personal data were not provided.

18. existence of automated decision-making

As a responsible company, we do not use automated decision-making or profiling.

19. zapier

To integrate various databases and tools, we use Zapier, a service provided by Zapier Inc, 548 Market St #62411, San Francisco, California 94104, USA. Customer data, with the exception of payment data, may be transmitted. Further information on data protection at Zapier can be found at https://zapier.com/privacy/

20. Crazyegg.com

We use the Crazy Egg web tracking tool on our website. Crazy Egg is operated by Crazy Egg, Inc, 6220 E. Ridgeview Lane , La Mirada, CA , 90638, USA. Crazy Egg uses "cookies", which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of this website is usually transferred to a Crazy Egg server in the USA and stored there. You can prevent the storage of cookies by selecting the appropriate settings in your browser software. You can also prevent Crazy Egg from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Crazy Egg by following the instructions under the following link:

http://www.crazyegg.com/opt-ou...

More detailed information about the collection, processing and use of data by Crazy Egg can be found in their privacy policy at the following link:

http://www.crazyegg.com/privac...

21. Google Maps

We use the Google Maps service on this website. This allows us to show you interactive maps directly on the website and enables you to use the map function conveniently.

By visiting the website, Google receives the information that you have accessed the corresponding subpage of our website. In addition, the data mentioned in section 5 of this statement will be transmitted. This takes place regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be assigned directly to your account. If you do not wish your data to be associated with your Google profile, you must log out before activating the button. Google stores your data as usage profiles and uses them for the purposes of advertising, market research and/or customising its website. Such an analysis is carried out in particular (even for users who are not logged in) to provide customised advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right.

Further information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the provider's privacy policy. There you will also find further information on your rights in this regard and setting options to protect your privacy: http://www.google.de/intl/de/policies/privacy.

Status: 07/2024