aixigo AG is pleased that you are visiting our website and wants you to feel secure regarding the protection of your personal data when visiting our internet pages. After all, protecting your personal data is a matter that we take very seriously. For us, compliance with the provisions of the Federal Data Protection Act and the General Data Protection Regulation (GDPR) is a given.
At this time, we wish to inform you which personal data we collect during your visit to our website and for what purposes such data is used. Since changes to the law or modifications of our business processes may make it necessary to amend this data protection policy, we ask that you read through this data protection policy regularly.
1. Scope of application
This data protection policy applies to the internet presence of aixigo AG, which can be accessed at the domains “aixigo.de”, “blog.aixigo.de”, “karriere.aixigo.de” and “api.aixigo.de” as well as “aixigo.ch” and “aixigo.com” (hereinafter referred to as “our website”).
2. Name and address of the responsible party
Responsible office and service provider is aixigo AG, Karl-Friedrich-Str. 68, 52072 Aachen, Germany (hereinafter referred to as “aixigo”).
3. Name and address of the data protection officer
If you have any other questions or suggestions regarding data protection in our company or these data protection guidelines, you are welcome to directly contact our external data protection officer, Dr Karsten Kinast, Hohenzollernring 54, 50672 Cologne, Germany.
4. General information on data processing
We only collect and use personal data of our users to the extent necessary to provide a functioning website and our content and services.
4.1. Personal data
Personal data is information that can be used to obtain personal or factual information about you (e.g. name, address, telephone number, date of birth or email address). Information with which we cannot (or only with a disproportionate effort) establish a reference to your person, e.g. by anonymising the information, is not personal data.
4.2. Processing of personal data
Processing means any operation or series of operations carried out, with or without the aid of an automated procedure, on personal data, such as the gathering, collection, organisation, filing, storage, adaptation or modification, retrieval, consultation, use, disclosure by transmission, dissemination or any other form of provision, reconciliation or linking, restriction, deletion or destruction.
Personal data is collected via this website if you provide it to us of your own accord, e.g. as part of the application process or by filling out the contact form. We use this data for the purposes specified or resulting from the enquiry; e.g. your email address, in order to get in contact with you. Transmission to third parties only takes place if the law expressly permits this or you have consented to it. Moreover, you can use most of our website without providing any personal data.
More specifically, personal data will be processed as follows:
4.2.1 Contact form
If you take the opportunity to send us enquiries using our contact form, we will ask you for your first and last name and your email address. You can also enter your individual message to us in the message box, specifying a subject as you do so.
It is entirely up to you to decide whether you provide us with this data. However, without this information we cannot fulfil your contact request.
The purpose of entering your email address is to assign your request and to be able to reply to you. When using the contact form, your personal data will not be passed on to third parties.
The data processing described above for the purpose of establishing contact is carried out in accordance with Art. 6 sect. 1 sub. b, Art. 6 sect. 1 sub. f GDPR.
In order to subscribe to our email newsletter, we require your consent and, at the very least, the email address of yours to which the newsletter is to be sent. It is entirely up to you to decide whether to provide us with this data. However, we cannot send you our newsletter without this information.
When subscribing to the newsletter, your email address will be used for our own advertising purposes until you unsubscribe from the newsletter. You can do this on our website by entering your email address in the field provided. Alternately, you can click on the unsubscribe link at the very end of each newsletter.
Your data will be stored for as long as you have subscribed to the newsletter. Your data will be deleted after you have unsubscribed from the newsletter. If required by law, continuing storage may take place in individual cases. When sending our newsletter, we work together with the service provider CleverReach, who processes your data on our behalf and ensures that the emails are properly sent.
The legal basis for the processing of the data after registration for the newsletter by the user is Art. 6 sect. 1 sub. a GDPR.
4.2.3. Application management
If you are interested in one of the job offers listed on our website, you can send an email to firstname.lastname@example.org or contact us via mail at the address listed in our contact data. We assure you that we will only process the personal data you provide for the purpose of carrying out the application process. We store your data 6 months after the end of the application process (acceptance or refusal). The legal basis for processing your personal data from your application documents is Art. 6 sect. 1 sub. b GDPR.
4.3. Legal basis for the processing of personal data
The collection and use of personal data of our users takes place regularly only with user consent. Insofar as we obtain the consent of the person concerned for the processing of personal data, Art. 6 sect. 1 sub. a GDPR serves as the legal basis for the processing of personal data.
An exception applies in those cases where prior consent cannot be obtained for factual reasons and the processing of the data is permitted by law. Art. 6 sect. 1 sub. b GDPR serves as the legal basis for the processing of personal data required for the performance of a contract to which the person concerned is a party. This also applies to processing operations that are necessary to carry out pre-contractual measures.
If the processing of personal data is required to fulfil a legal obligation to which we are subject, Art. 6 sub. 1 sub. c GDPR serves as the legal basis.
If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the person concerned do not outweigh the first-mentioned interest, Art. 6 sect. 1 sub. f GDPR serves as the legal basis for processing.
5. Will your data be passed on to third parties?
Due to legal requirements, we are obliged in certain cases to pass on your personal data to third parties. Such could be the case, if, for instance, there is suspicion of a criminal offence or misuse of our website. We are then obliged to pass on your data to the responsible law enforcement authorities. Additionally, your data is stored exclusively in our database and on our servers or those of our external data processing services.
6. Security measures to protect the data stored with us
If we collect data, we or our external data processing services store your data on specially protected servers in Germany. Only a few specially authorised persons who are involved in technical, commercial or editorial support have access to the data.
In order to prevent the loss or misuse of data stored by aixigo AG, we take extensive technical and operational security precautions, which are regularly reviewed and revised to conform to the latest technological developments. However, we would like to point out that due to the structure of the Internet, it is possible that the rules of data protection and the above-mentioned security measures may not be observed by other persons or institutions for which we are not responsible. Specifically, unencrypted data which has been disclosed – even via email – can be read by third parties. We have no technical influence on this. It is the responsibility of the user to protect the data he provides against misuse through encryption or other means.
We use “cookies” (small files with configuration information). The cookies used serve the purpose of determining the frequency of use and the number of users of our websites. This tells us which part of our website and which other websites our users have visited. After the end of the session, the cookies are deleted. It is also possible to use our website without cookies. Most browsers are pre-set to accept cookies automatically. However, you can deactivate the storage of cookies or set your browser so that it notifies you before cookies are stored.
7.2. Google Analytics
This website uses Google Analytics, a web analysis service of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA (“Google”). Google Analytics uses so-called “cookies”: text files stored on your computer which enable an analysis of your use of the website.
The information generated by these cookies, for example, about the time, place and frequency of your use of this website, is usually transferred to a Google server in the USA and stored there. When using Google Analytics, there is a possibility that cookies set by Google Analytics may collect other personal data in addition to the IP address. We would like to point out that Google may transfer this information to third parties if this is required by law or if third parties process this data on behalf of Google.
Google will use the information generated by cookies on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activities and to provide the website operator with further services associated with website and Internet use. According to its own statements, Google does not merge the IP address transmitted by your browser as a part of Google Analytics with other data.
You can generally prevent cookies from being saved by adjusting your browser software accordingly. However, we would like to point out that in this case you may not be able to use all features of this website to their full extent.
There is a possibility that the cookies set by Google Analytics may collect other personal data in addition to the IP address. To prevent information about your use of the website from being collected by and transmitted to Google Analytics, you can download and install a plug-in for your browser at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
This plug-in prevents information about your visit to the website from being transmitted to Google Analytics. This plug-in does not prevent any other analysis.
Please note that you cannot use the browser plug-in described above when visiting our website via the browser of a mobile device (smartphone or tablet). When using a mobile device, you can prevent Google Analytics from collecting your usage data by clicking on the following link:
By clicking on this link, an opt-out cookie is placed in your browser. This prevents information about your visit to the website from being transmitted to Google Analytics. Please note that the opt-out cookie is only valid for this browser and only for this domain. If you delete the cookies in this browser, the opt-out cookie will also be deleted. You must click the link again to prevent further collection by Google Analytics. The use of the opt-out cookie is also available as an alternative to the above plug-in when using the browser on your computer.
To ensure the best possible protection of your personal data, Google Analytics has been extended on this website by the code “anonymizeIp”. This code has the effect of deleting the last 8 bits of the IP address, thus allowing your IP address to be anonymously recorded (so-called IP masking). Google essentially shortens your IP address, making it anonymous, even before transmission within member states of the European Union or in other signatory states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
7.3. Google AdWords
We use the Google AdWords technology; more specifically, we utilise conversion tracking. Google Conversion Tracking is an analysis service of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. If you click on an ad placed by Google, a cookie for conversion tracking is stored on your PC. The cookies are valid for 30 days and are not used for personal identification. When you visit certain pages of our website, and the cookie has not expired, Google and we can recognize that you clicked on a particular ad and were redirected to that page. Google AdWords customers receive a different cookie. This means that it is not possible to track cookies on the websites of AdWords customers.
The data collected using the conversion cookie is used to generate conversion statistics for AdWords customers who use conversion tracking. Customers can see the number of users who clicked on their ad and were then redirected to a page with a conversion tracking tag. However, they do not receive any information which would allow users to be personally identified.
If you do not wish to participate in conversion tracking, you can prevent this by adjusting the appropriate settings in your browser, e.g. by preventing the overall installation of cookies. You can also deactivate cookies for conversion tracking by setting your browser so that only cookies from the web address “googleadservices.com” are blocked.
Our legitimate interest lies in the aforementioned data processing operations and the purposes pursued with them. The legal basis for this is Art. 6 sect. 1 sub. f GDPR.
7.4. Google Data Studio
We use an additional data management tool called Google Data Studio to visually create custom reports and interactive dynamic dashboards for our users. Here, we use the data from Google Analytics and other interfaces to data sources (such as Google AdWords, Google Sheets, YouTube Analytics). The Web tool does not require a local application and can be started over the web. Access is via a browser and the data sources are directly connected via Google Data Studio. For further information about using Google Data Studio, see: https://support.google.com/datastudio/answer/6283323?hl=en
7.5. Social plug-ins (Facebook, Twitter, YouTube, LinkedIn and Google+)
It is possible that personal data about visitors to the website may also be collected via these plug-ins, transmitted to each service and linked to the respective service of the visitor.
No collection of any personal data about the social plug-ins and their use takes place on the part of aixigo AG itself. In order to prevent data being transferred to service providers in the USA without the user’s knowledge, we have used passive social media buttons or the so-called Shariff solution on our website. As a result, initially, each social plug-in on the website is initially integrated as a graphic on the website. These graphics contain a link to the website of the corresponding plug-in provider. You will only be forwarded to the service of the respective provider when clicking on a graphic. This solution ensures that personal data is not automatically forwarded to the providers of the social plug-in involved when you visit our website. If you click on one of the social plug-in graphics, data can be transferred to the respective service provider and stored there. If you do not click on any of the graphics, no data transfer takes place between you and the respective provider of the social plug-in. For more information about the Shariff solution, please visit: https://www.heise.de/ct/artikel/Shariff-Social- Media-Buttons-mit-Datenschutz-2467514.html
After clicking on a social plug-in, the respective service provider receives information that you have visited the corresponding page on our website. Please note that you do not need to have a user account with the service in question, nor are you already logged in there. However, if you already have a user account with the relevant service provider and are already logged in to this account while visiting our website, the data collected by the social plug-in will be assigned directly to your account. If you do not wish to be associated with your profile with the service provider, you must log out of your user account before clicking on one of the social plug-ins.
The scope and purpose of the data collection by the respective service as well as the further processing and use of your data there can be directly obtained in the data protection information on the website of the respective service. There you will also receive further information about your corresponding data protection rights and setting options for the protection of your privacy.
Google , 1600 Amphitheatre Parkway, Mountain View, California 94043, USA
Twitter , 1355 Market St, Suite 900, San Francisco, California 94103, USA
YouTube, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA
LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA
We use a “XING” network button on our website. When you press this button, a short-term connection is established via your browser to the XING AG (hereinafter “XING”) servers, with which the “XING button” functions are performed.
7.7. Legal foundation
Our legitimate interest lies in the aforementioned data processing operations and the purposes pursued with them. The legal basis for this is Art. 6 sect. 1 sub. f GDPR.
8. Hyperlinks to external websites
Our website contains so-called hyperlinks to websites of other providers. When these hyperlinks are activated, you will be redirected from our website directly to the websites of other providers. You can recognize this, for example, by the change of the URL. We cannot assume any responsibility for the confidential handling of your data on these third-party websites, as we have no influence on whether these companies comply with data protection regulations. This applies especially to the social plug-ins mentioned above, such as “facebook.com”. Please consult these websites directly to obtain information about the handling of your personal data by these companies.
9. Use of service providers for the processing of personal data / processing of data in countries outside the European Economic Area
We use service providers to perform services and to process your data relating to our services and products. The service providers process the data exclusively in accordance with our instructions and have been obliged to comply with the applicable data protection regulations. All contracted external data processors have been carefully selected and will only have access to your data to the extent and for the time required to provide the services or to the extent to which you have consented to the processing and use of your data.
Service providers in countries such as the USA or in countries outside the European Economic Area are subject to data protection regulations which do not generally protect personal data to the same extent as is the case in the member states of the European Union. If your data is processed in a country that does not have a recognised high level of data protection such as the European Union, we use contractual regulations or other recognised instruments to ensure that your personal data is adequately protected.
10. Storage period
We only store your personal data for as long as this is permitted by law. Stored personal data will be deleted if the user withdraws his consent to its storage or if knowledge of this data is no longer necessary to fulfil the purpose for which it was stored, especially if the storage is inadmissible for other legal reasons. Relevant legal retention periods from the code of commercial law or the tax code remain unaffected by this. During the legal retention period, access to your personal data will be blocked and it will not be used for any other data processing.
11. Rights of the parties concerned
11.1. Right to access
You have the right to request information from us at any time about your personal data stored with us, as well as its origin, recipients or categories of recipients to whom this data is passed on and the purpose of storage.
11.2. Right to revocation
If you have given your consent to the use of data, you can revoke this consent at any time without stating reasons with future effect.
11.3. Right to rectification
You can immediately demand the correction of incorrect data or the completion of your data stored with us.
11.4. Right to erasure and blockage
You have the right to block and delete your personal data stored with us. As a rule, your personal data will be deleted within 2 working days after the assertion of this right. Should the deletion contradict legal, contractual, fiscal or commercial storage obligations or other legally-founded reasons, only the blocking of your data can be carried out instead of deletion. Once your data has been deleted, it is no longer possible to disclose information about it.
11.5 Data transmission law
Should you request the surrender of your personal data provided to us, we will release or transmit the data to you or another responsible party, if you so desire, in a structured, current and machine-readable format. The latter, however, will occur only if this is technically possible.
11.6. Right to object
You have the right to object to the processing of your data at any time and without stating reasons. However, once the right to object has been exercised, we may no longer be able to offer our services in full, as processing of certain personal data is mandatory in order to carry out some of our services.
11.7. Establishing contact for assertion of the rights of the persons concerned
When you contact us by mail at aixigo AG, Karl-Friedrich-Str. 68, 52072 Aachen, Germany, we will store the data you provide (your email address, your name and your telephone number, if applicable) in order to answer your questions or comply with your request. We delete the data arising for this purpose after the storage is no longer necessary, or limit the processing if legal storage obligations exist.
12. Right of appeal to the supervisory authority
You have the right to file a complaint against the processing of your personal data with the competent supervisory authority if you feel that your rights under the GDPR have been violated.