Afinum – Privacy Notice
Status: 25 May 2018
Afinum Management GmbH (hereinafter referred to as “Afinum”, “we” or “us”), Theatinerstr. 7, D-80333 Munich, Germany, tel: +49 89 255433-01, fax: +49 89 255433-99, email: email@example.com, takes the protection of your data very seriously. Personal data means any information relating to an identified or identifiable natural person such as a name or an email address. As the responsible data controller, we will only process this data in line with applicable law, in particular the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG).
This privacy notice applies to our processing of your personal data in business communication and when you visit our website.
1. Purposes of the processing
We process your personal data for the following purposes:
1.1 Access to our website
Your browser automatically transmits certain data each time you visit our website, for example your IP address and information about your browser. We process your personal data in order to make our website available to you (Art. 6 (1) f GDPR. We also store this information in log files for seven days to detect any disruptions and for security reasons, for example to detect any attacks (Art. 6 (1) f GDPR).
This website uses MailChimp to send out newsletters, a service provided by Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA. MailChimp has self-certified its adherence to the EU-US Privacy Shield principles. This “Privacy Shield” is an agreement between the European Union (EU) and the USA to ensure compliance with European data protection standards.
We are able to analyse our newsletter campaigns using MailChimp. If and when you open an email sent via MailChimp, a file contained in the email (web beacon) connects to MailChimp’s servers in the USA. This makes it possible to tell whether a newsletter message has been opened and which links have been clicked. Technical data is also collected (e.g. time of page view, IP address, browser type and operating system). These data cannot be assigned to the respective newsletter recipient. They are only used for the statistical analysis of newsletter campaigns. The results of this analysis may be used to tailor future newsletters to the interests of the recipients.
If you do not wish an analysis by MailChimp you will have to unsubscribe to the newsletter which you can do using the link in each newsletter message or directly on our website.
This data processing is carried out on the basis of your consent (Art. 6 (1) a GDPR), which you may withdraw at any time by unsubscribing to the newsletter as described above. Such a withdrawal will not affect the lawfulness of data processing operations carried out in the past. For further details please refer to MailChimp’s privacy notice at: https://mailchimp.com/legal/terms/.
1.3 Contact query and job applications
If you contact us by telephone, email or by using our contact form, we will process your data in order to answer your request (Art. 6 (1) f GDPR). If we have ongoing business relations with you we will process your data in order to carry out these business relations (Art. 6 (1) b GDPR). If you send us job application documents we will process these in order to carry out the selection process (Art. 6 (1) b GDPR in connection with section 26 (1) BDSG).
1.4 Further processing
We also process your data to safeguard and defend our rights (Art. 6 (1) f GDPR) or because we are required to do so by law (Art. 6 (1) c GDPR).
Afinum endeavours to take all the technical and organisational security measures to safeguard your data from unintentional or unlawful deletion, alteration, unauthorised use or transfer.
Our employees are obliged to observe confidentiality and data protection.
4. Erasure of data and retention
We will only store the personal data we receive for the period of time required for the specified purpose or prescribed by law. Once the data is no longer necessary for the purpose originally processed for or if a storage period expires, the data will be deleted.
In detail, the following applies:
Personal data in log files are deleted at the latest after seven days.
We delete your application data at the latest six months after the position has been filled.
We delete other data relating to your contact queries at the latest after one year.
The deletion of cookies of service providers is based on their own data protection guidelines.
5. Your rights
You may revoke your consent at any time free of charge with effect for the future. All you need to do is to send a communication in text form to one of the addresses listed in this notice.
The same applies to your objection – which may be made at any time – to us using your personal data if the legal basis for this processing is Art. 6 (1) f GDPR.
You may at any time request information about the personal data relating to you which we process, its rectification or erasure or the restriction of our processing. You also have a statutory right to data portability.
Finally, you may also file a complaint about our data processing activities with the responsible supervisory data protection authority if in your opinion our processing activities do not comply with data protection laws.
6. International data transfer and categories of recipients
Unless otherwise stated in this privacy notice, we and our service providers process personal data within the European Union. In addition to those already mentioned in this notice, recipients to whom we may disclose your data include hosting providers and postal service providers.
7. Data protection officer
If you have any question regarding the processing of your personal data, please contact our data protection officer:
BIADES Marcus Lelle