Welcome to the FIDES website and thank you for your interest in our company. To ensure that you can feel confident that we are handling your personal data appropriately, we would like to explain to you what we do with the data we collect and which security measures we take to protect it. Personal data include all data that can be attributed to you personally, e.g. name, e-mail address or user behaviour. We will also provide you with information about your statutory rights in connection with the processing of this data.
1. DATA CONTROLLER AND DATA PROTECTION OFFICER
The data controller within the meaning of Article 13 GDPR is FIDES Treuhand GmbH & Co. KG, represented by FIDES Verwaltungs-GmbH Wirtschaftsprüfungsgesellschaft Steuerberatungsgesellschaft, Birkenstraße 37, 28195 Bremen, Germany, Telephone +49 (421) 3013-0, Fax +49 (421) 3013-100, e-mail: email@example.com. You may contact our data protection officer, FIDES IT Consultants GmbH, at the following e-mail address: firstname.lastname@example.org.
2. INFORMATION ABOUT THE COLLECTION OF PERSONAL DATA
When you use the website for purely informational purposes, i.e. when you do not transmit any information to us, we only collect the data that your browser sends to the web server. These data include your IP address, the date and time of access, the requested website (request), a status code-based message indicating whether the website was successfully accessed, the data volume transferred, the referring website (referrer), as well as information about the browser and the operating system of the accessing device (user agent).
The legal basis for the processing of the data is Point f of Article 6(1) GDPR (legitimate interest). FIDES has a legitimate interest in ensuring the lasting operation of the FIDES website. The use of the website is not possible without the processing of these data. Technical utilization of these data on the web server is limited to the duration of your use of the website.
When you contact us via the contact form or directly by e-mail, the data you provide (e.g. last name, first name, company, e-mail address and message content) is transferred to us and stored by us. The data are processed exclusively for the purposes of answering your questions or addressing your request. The legal basis for the processing of personal data is Point f of Article 6(1) GDPR (legitimate interest). FIDES has a legitimate interest in processing the request of the person who has contacted the company in an appropriate manner. Contacting the company is voluntary. Failure to provide your personal data will not result in any consequences for you.
The information transmitted via the website may be forwarded to the responsible departments within the companies of the FIDES Group on the basis of Article 28 GDPR (order processing) and Point f of Article 6(1) Recital 48 GDPR (legitimate interest) to ensure the expedient handling of your request.
On the basis of Article 28 GDPR (order processing), external service providers are also employed to support the operation of the website. These service providers are obliged to maintain secrecy and may use your personal data strictly for the purpose of fulfilling the contract concluded between them and FIDES.
We will only store your personal data for as long as is necessary for the intended purpose of the data collection or as required by law.
In addition to establishing general contact, you may also apply for a position with us or another company of the FIDES Group via our website. During the application procedure, personal data will be processed on the basis of Article 88 GDPR, Section 26 German Federal Data Protection Act. In particular, these include your first name, last name, address, telephone number and e-mail address as well as any documents and information essential to the hiring decision (earliest possible start date, cover letter including photo, CV, transcripts, certificates, etc.). These data will be processed exclusively for the purposes of handling your application (application management).
In order to simplify the collection of application data, applicants may also access the LinkedIn and XING platforms indirectly via the website. If you wish, the applicant data you have provided will be transferred to the application form on our website following authorization on the respective platform. Links to the platform are provided solely to simplify data entry as part of your application process. Use of the portals is voluntary and is the sole responsibility of the respective applicant. We have no influence on the data processing procedures employed by these platforms. Further information on the purpose and scope of data collection and processing by the portal providers can be found in the respective providers’ privacy policies.
Supplementary information on the processing of personal data in connection with application procedures can be found in the data protection notice in accordance with Article 13 GDPR, which is also displayed within the application form on the FIDES website.
Cookies are used occasionally on our website. These are small text files that are stored on your computer and saved by your browser if cookies are enabled in your browser.
If you have selected the cookie option “Default” when accessing the website and confirmed this by selecting “Continue with Default”, only the following cookies, which are technically required for the operation of the website and the provision of page-specific functions, will be used:
The legal basis for the processing of these cookies is Point f Sentence 1 of Article 6(1) GDPR (legitimate interest). These serve our legitimate interest in ensuring the lasting operation and functionality of our website.
If you have chosen the cookie option “Analysis” when accessing the website or if you confirm this by selecting “Accept all and continue” or “Continue with Analysis”, we will use Google Analytics on the basis of your consent in accordance with Point a Sentence 1 of Article 6(1) GDPR to tailor our content to your needs as a visitor to our website. The following cookies are employed for this purpose:
You can adjust your cookie choices by clicking the “Change cookie settings” button and then revoking any consent you may have given for the use of Google Analytics at any time with effect for the future by selecting “Default” and and confirming it by selecting “Continue with Default”.
The “Change cookie settings” button can also be found in the footer of our website.
Furthermore, you can configure your browser settings according to your wishes and, for example, refuse to accept cookies at all or in part if you do not want cookies to be stored on your computer. Any cookies already stored can also be deleted in your browser settings. Please note that deactivating or deleting cookies may mean that you will not be able to use all the functions of the website.
4. USE OF GOOGLE ANALYTICS
If you have given your consent, we will use Google Analytics to tailor the content of the website to your needs as a visitor to our website. The legal basis for the processing of personal data is Point a Sentence 1 of Article 6(1) GDPR (consent).
Google Analytics is a web analysis service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Google Analytics uses the aforementioned cookies, which are stored on your computer and which facilitate analysis of your use of the website. The information generated by these cookies about your use of this website is usually transferred to a Google server in the USA and stored there. As IP anonymization is activated on this website, however, your IP address will be truncated by Google within the member states of the European Union or in other signatory states to the Agreement on the European Economic Area prior to transmission. To implement the anonymization of IP addresses (known as IP masking) on our website, we have added the code “gaTracker(‘set’, ‘anonymizeIp’, true)” to Google Analytics. The full IP address will only be transferred to a Google server in the USA and truncated there in exceptional cases.
The data processing is performed mainly by Google. The information transferred is used by Google to evaluate your use of the website, compile reports on website activities, and provide us with further services related to use of the website and the internet. Google also uses the data collected to create a profile and links them with other user data such as the search history, personal accounts, usage data from other devices and all other data that Google has pertaining to a specific user.
A transfer to Google contractual partners as well as a data transfer to servers of Google in the USA cannot be excluded.
In the case of data processed in the USA, there is a risk that an adequate level of protection for personal data processing that meets the EU standards as set forth in the GDPR cannot be guaranteed on a continuous basis. Furthermore, the possibility that personal data processed by the service provider may also be accessed by U.S. government agencies due to the laws applicable in the USA cannot be ruled out.
The data transferred to Google are automatically deleted after 14 months. Data for which the retention period has expired are automatically deleted once a month.
You may revoke your consent to the use of Google Analytics at any time with effect for the future by clicking the “Change cookie settings” button and selecting the option “Default” and confirming it by selecting “Continue with Default”.
5. YOUR RIGHTS
You have the right to obtain information about the processing of your personal data and the information specified in Article 15 GDPR. If the personal data in question are incorrect or incomplete, you may request their correction or completion (Article 16 GDPR). If one of the reasons listed in Article 17 GDPR applies, you have the right to demand the immediate erasure of your personal data. You may also demand the restriction of processing in accordance with the conditions set forth in Article 18 GDPR and are also entitled to data portability pursuant to Article 20 GDPR.
In accordance with Article 21 GDPR, you have the right to object to the processing of your personal data.
If you are of the opinion that the processing of your personal data violates the provisions of the GDPR, you may lodge a complaint with a supervisory authority, e.g. with the State Commissioner for Data Protection and Freedom of Information in Bremerhaven (Article 77 GDPR).
We have taken appropriate technical and organizational measures (e.g. HTTPS encryption) in order to protect the personal data stored by us from accidental or deliberate manipulation, loss, destruction, or unauthorized access. The appropriateness of such protective measures is reviewed continuously in cooperation with security experts and they are adapted regularly to new security standards.
7. INFORMATION ON EXTERNAL LINKS
Our website contains external links to services delivered by the following providers:
XING – XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany
LinkedIn – LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA
Vimeo – Vimeo, LLC, 555 West 18th Street, New York 10011, USA
Facebook and Instagram – Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland
These links are static links that bring you directly from our website to the website of the service provider. You can track this easily by looking at the address line in your browser, which is displayed in a new window or tab after the link has been accessed successfully. When accessing the links using a terminal with an installed service app, it is also possible to access the desired service directly via the app.
The respective service provider is always responsible for operating the linked services. With the exception of the information provided by us via the services, we have no influence on the current and future design and content of the linked services. We did not identify any illegal content at the time of linking to these services. Should we become aware of any legal infringements within the content of the linked services in the future, we will remove the corresponding link from our website.
If you have a user account with one of the aforementioned services and are logged into the service at the time you access the link, information about this access can be associated with your respective user account. If you do not want the service providers to collect information about you in this way, you must log out of the respective service before visiting our website.
You can find more information about the services in the respective privacy policies of the service providers:
XING – https://privacy.xing.com/de/datenschutzerklaerung
LinkedIn – https://www.linkedin.com/legal/privacy-policy
Vimeo – http://vimeo.com/privacy
Facebook – https://www.facebook.com/about/privacy/
Instagram – https://www.facebook.com/help/instagram/519522125107875/?helpref=hc_fnav&bc=Instagram-Hilfebereich&bc=Privatsph%C3%A4re%20und%20Sicherheit
DATA PROTECTION NOTICE WITHIN THE MEANING OF ARTICLE 13 GDPR ABOUT THE PROCESSING OF PERSONAL DATA FOR VIDEO SURVEILLANCE (ON-SITE VISITS)
For the purposes of video surveillance, video recordings of the entrance areas at selected FIDES locations will be processed on the basis of Point f of Article 6(1) f GDPR (legitimate interest). These video recordings are processed exclusively for the purposes of safeguarding our domiciliary rights and to provide information in the event of burglary/theft.
If necessary, the video recordings will be forwarded to the responsible departments within the FIDES Group. The provision of your personal data is not required by law or contract, nor is it necessary for the conclusion of a contract. Failure to provide this information will not result in any consequences for you. Video recordings are not analysed automatically.
On the basis of Article 28 GDPR (order processing), external service providers are employed for the maintenance of the video surveillance systems in some locations, whereby the possibility that such providers may access the video recordings cannot be excluded.
Any further use or transmission of the video recordings shall be based on Article 6(4) GDPR and Point d of Article 23(1) GDPR in conjunction with Section 24(1)(1) German Federal Data Protection Act (prosecution of criminal offences), as far as necessary in the context of a possible criminal prosecution. In this case, the recipients of the data are the competent criminal prosecution authorities or related authorities.
The stored video recordings will be deleted after a maximum of 7 days unless this is prevented by the aforementioned circumstances (in particular criminal prosecution).