Data protection has a particularly high priority for secjur GmbH (hereinafter: "We", "Us").
With the information presented below, we provide you with an overview of the processing of your personal data on our website https://www.secjur.com/ (hereinafter "website"). In addition, the privacy policy also applies to our presences in the social and professional networks, our newsletter and the application process.
We also want to inform you about your rights under data protection laws. We always process your personal data in accordance with the General Data Protection Regulation (hereinafter "GDPR"), the Telecommunications and Telemedia Data Protection Act (hereinafter "TTDSG")and all applicable country-specific data protection regulations. This Privacy Notice is also aligned the Swiss Data Protection Act (“DPA”) and the revised Swiss Data Protection (“revDPA”). However, the application of these laws depends on each individual case.
The controllerin the sense of the GDPR is:
secjur GmbH
Steinhöft 9
20459 Hamburg
Phone: +49 40228 599 520
E-mail: dsb@secjur.com
You can reach our data protection officers as follows:
secjur GmbH
Steinhöft 9
20459 Hamburg
E-mail: internaldataprotection@secjur.com
You can contact our data protection officers directly with all questions and suggestions regarding data protection and the exercise of your rights.
This privacy policy is based on the terminology of the GDPR. For your convenience, we would like to explain some important terms in this context in more detail:
We may obtain personal information in the following ways:
You have the opportunity to provide information (e.g. contact details) about yourself on our website.
Through the use of our website, data is automatically collected and generated.
To the extent we maintain presences on social and professional networks, we may receive data from you through them (e.g., when you contact us through a social or professional network or respond to any of our content shared there).
In the following, we provide you with an overview of which personal data we process. For this purpose, we describe to what extent, for what purposes and on what legal basis we process personal data. In addition, we indicate - if available - which third-party providers we use that receive your data. Finally, we inform you whether a third country transfer takes place in the respective processing by the third party provider.
The provision of your information personal data is always voluntary. However, it may be that the respective functionality only works with the provision of your information (e.g. contact form).
We will not disclose your personal data to third parties without your consent, unless this is permitted by law (e.g. because it is necessary for the performance of the contract).
The processing of your personal data may be based on the following legal grounds:
If we transfer personal data to a third country for processing, we ensure compliance with Art. 44 et seq. GDPR, i.e., before any transfer of personal data to third parties in a country outside the EU or the EEA (Norway, Iceland, Liechtenstein), we check how an adequate level of protection can be ensured. An adequate level of protection can be ensured, among other things, by the fact that an adequacy decision of the EU Commission is available, that we have concluded standard data protection clauses with the recipient and have taken further additional measures, or that the third-country transfer is subject to other guarantees regulated in Art. 46 et seq. GDPR is permissible. The USA is assessed as a country with an insufficient level of data protection according to EU standards. There is a risk that U.S. authorities may be able to access personal data even without legal protection. In addition, the exercise of data subject rights, such as the right of access or deletion, may be more difficult. Insofar as the data transfer is based on Art. 46, 47 or 49 (1) GDPR, you can obtain a copy of the guarantees for the existence of an adequate level of data protection with regard to the data transfer or an indication of the availability of a copy of the guarantees from us. Please contact us for this purpose.
When you visit our website, data is automatically processed that your browser transmits to our server. This general data and information is stored in the log files of the server (in so-called "server log files"). Collected may be, among other things :
• Browser type and version
• Operating system used
• Referrer URL (previously visited website)
• Host name of the accessing computer
• Date and time of the server request
• IP address
We process your personal data for the following purposes:
The legal basis for data processing is pursuant to Art. 6 para.1 lit. f GDPR in conjunction with. § 25 para. 2 Nr. 2 TTDSG is our overriding legitimate interest in the technically flawless presentation (faster loading time, higher reliability, protection against brute force attacks) of our website.
The log files are stored for security reasons (e.g. to clarify acts of abuse or fraud) for a maximum of 7 days and then deleted. Data whose further retention is required for evidentiary purposes will be retained until final clarification of the matter.
This website is hosted via the Content Delivery Network (CDN) of Webflow. The provider is Webflow, Inc, 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA (hereinafter: Webflow). Webflow is a tool for creating and hosting websites. A content delivery network is a network of spatially distributed, possibly interconnected servers. The server that is closest to the respective user of the website is always used. The CDN used here includes servers in North America and parts of Europe. Webflow hosts our website using the content delivery networks of Fastly Inc. (Fastly Inc. 475, Brannan St. #300, San Francisco, CA 94107) and Amazon Web Services, Inc. (Amazon Web Services, Inc., 410 Terry Avenue North, Seattle WA 98109), to which Cloudfront also belongs. To ensure cross-browser compatibility so that the modern functionality of Webflow pages is also available in older browsers that do not natively support it, Webflow includes JavaScript using the Cloudflare CDN (Cloudflare, Inc., 101 Townsend St., San Francisco, CA 94107). When you visit our website, Webflow collects the above data. Data transfer to the USA is based on the standard contractual clauses of the EU Commission, and Webflow is also certified via the Data Privacy Framework. You can find more information about data processing by Webflow here: EU & Swiss Privacy Policy | Webflow
We use cookies on our website. These are files that your browser automatically creates and that are stored on your IT system when you visit our site. In the cookie, information is stored that arises in each case in connection with the specific end device used.
Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters by which Internet pages and servers can be assigned to the specific Internet browser in which the cookie was stored. This enables the visited Internet pages and servers to distinguish the individual browser of the data subject from other Internet browsers that contain other cookies. A specific internet browser can be recognized and identified via the unique cookie ID.
When you visit our website or a sub-website for the first time and it contains cookies, you will be shown "Privacy settings". There you will be informed about the individual cookies that we use. You can find out about each individual cookie with regard to the processing company, the purpose of the data processing, the data collected, the legal basis and the storage period. In addition, you can allow us to use non-essential cookies and reverse this decision there on. If you have closed the cookie banner, you can open it again by clicking on the icon at the bottom left.
From a legal point of view, a distinction must be made between essential and non-essential cookies.
We use essential cookies. These are cookies that are technically necessary to provide all functions of our website. The legal basis for the data processing is according to Art. 6 para.1 lit. f GDPR in conjunction with. § 25 para. 2 TTDSG is our overriding legitimate interest in the technically flawless presentation (faster loading time, higher reliability, protection against brute force attacks) of our website.
We also use non-essential cookies (functional and marketing cookies). These are cookies that are not technically necessary. We use them to understand your behavior on our website and to improve our offer. The legal basis for the data processing is your consent pursuant to Art. 6 (1) lit. a GDPR. The cookies are only set after you have given your consent via our cookie banner.
In order to present you with the information regarding cookies in the form of the "privacy settings", we use a cookie banner on our website. With our cookie banner, we inform you about the cookies we specifically use. In addition, we give you the opportunity to decide whether you want to consent to the setting of non-essential cookies. Among others, the following can be processed :
• Approved cookies of the user (cookie status), which serves as proof of consent
• Usage data (e.g. web pages visited, time of access)
• Meta and communication data (e.g. IP address)
We process your personal data for the following purposes:
• Informing the user about the cookies we use
• Enabling to consent to cookies that are not technically necessary
The legal basis for the use of the cookie banner is Art. 6 para. 1 lit. c GDPR in conjunction with. § 25 para. 2 no. 2 TTDSG. The cookie banner is used to obtain the legally required consent for the use of non-essential cookies and to comply with our duty to provide information regarding cookies.
In the event of consent, the encrypted key and the cookie status are stored on the user's terminal device by means of a cookie in order to establish the corresponding cookie status for future page views. This cookie is automatically deleted after 12 months.
On our website we use the cookie banner of the provider Usercentrics GmbH, Rosental 4, 80331 Munich.
Through our website you have the opportunity to contact us. After entering your contact details, we will contact you.
In the course of contacting you and responding to your inquiry, we process the following personal data, among others:
• Name
• Date and time of the request
• IP address
• Phone number
• Further personal data that you provide to us in the course of contacting us
We process your data to respond to your inquiry and other matters arising from it.
If your request is based in connection with pre-contractual measures or with an existing contract with us, the legal basis is the performance of the contract and the implementation of pre-contractual measures pursuant to Art. 6 (1) lit. b GDPR in conjunction with. § 25 para. 2 Nr.2 TTDSG.
We delete your personal data as soon as it is no longer required to achieve the purpose for which it was collected and there are no statutory retention obligations to the contrary. In the context of contact inquiries that have not led to a contractual relationship, this is generally the case when the circumstances indicate that the specific matter has been conclusively processed.
We use HubSpot to provide the contact form on our website. Hubspot is a software company from the USA. Our contractual partner is HubSpot Germany GmbH (address: HubSpot Ireland Limited, HubSpot House, One Sir John Rogerson's Quay, Dublin 2, Ireland). In the course of processing via HubSpot, data may be transmitted to the USA (Hubspot Inc.). The security of the transfer is secured via standard contractual clauses, and Hubspot Inc. is also certified via the Data Privacy Framework.
If you have provided us with your e-mail address when purchasing one of our services, we will use it to inform you about our own similar goods or services via newsletter.
You can object to the sending of our newsletter at any time. For this purpose, you will find a corresponding "unsubscribe" button in each of our newsletters. You can also notify us of your revocation via e-mail or mail using our contact details above.
Our newsletters contain so-called tracking pixels. This is a miniature graphic that is embedded in emails. This allows us to track, for example, whether and when an email was opened by you and which links in the email were called up by you. This enables us to statistically evaluate the success or failure of online marketing campaigns. The personal data collected by the tracking pixel is stored and analyzed by us in order to optimize the newsletter dispatch and to better adapt the content of future newsletters to your interests.
Within the scope of the newsletter dispatch, we process the following personal data, among others:
• E-mail address
• First and last name
• Organization
• Preferred language
• Metadata (e.g. device information, IP address, date and time of logon).
• Interaction with the newsletter
We process your personal data for the following purposes:
• Newsletter distribution: implementation of marketing measures
• Newsletter tracking: measuring success
• The legal basis for sending our newsletter is, in accordance with Art. 6 para. 1 lit. f GDPR in conjunction with § 7 para. 3 UWG, our overriding legitimate interest in strengthening or maintaining customer relations with our existing customers by offering our own similar products by e-mail.
• The legal basis for newsletter tracking is, pursuant to Art. 6 (1) lit. f GDPR, our overriding legitimate interest to know whether our newsletter meets your interests and expectations.
We delete your personal data as soon as they are no longer required to achieve the purpose for which they were collected. In the context of the newsletter dispatch, this is generally the case if you object to the processing.
We use HubSpot for the purpose of newsletter distribution and newsletter tracking. Hubspot is a software company from the USA. Our contractual partner is HubSpot Germany GmbH (address: HubSpot Ireland Limited, HubSpot House, One Sir John Rogerson's Quay, Dublin 2, Ireland). In the course of processing via HubSpot, data may be transmitted to the USA (Hubspot Inc.). The security of the transmission is secured via standard contractual clauses and Hubspot Inc. is also certified via the Data Privacy Framework.
You have the possibility to contact us by e-mail, telephone or other communication channels.
In the course of contacting you and responding to your inquiry, we process the following personal data, among others:
• Name
• Date and time of the request
• IP address
• Further personal data that you provide to us in the course of contacting us
We process your data to respond to your inquiry and other matters arising from it.
If your request is based in connection with pre-contractual measures or with an existing contract with us, the legal basis is the performance of the contract and the implementation of pre-contractual measures pursuant to Art. 6 (1) lit. b GDPR.
If your request is made independently of contractual or pre-contractual measures, the legal basis for responding to your request pursuant to Art. 6 (1) lit. f GDPR is our overriding legitimate interest in answering your request and responding to the contact initiated by you.
We delete your personal data as soon as it is no longer required to achieve the purpose for which it was collected and there are no statutory retention obligations to the contrary. In the context of contact inquiries that have not led to a contractual relationship, this is generally the case when the circumstances indicate that the specific matter has been conclusively processed.
We do notdisclose the above-mentioned data to any recipients for the processingpresented here.
We maintain presences in social and professional networks in order to communicate with you, to be able to inform you about our services and to find new employees.
If you visit one of our pages maintained there, we may be responsible with the provider of the respective platform within the meaning of Art. 26 DS-GVO with regard to the processing operations triggered thereby which concern personal data.
Within the scope of the processing operations, according to our knowledge, the following data are processed, among others:
• Inventory data (e.g. first and last name, address, age, gender)
• Content data (e.g. texts, photos, videos)
• Usage data (e.g. visit to websites, interests)
• Metadata (e.g. device information, IP address).
This usage data is often processed in social and professional networks for advertising purposes or for the analysis of user behavior by the providers, without us being able to influence this. In addition, the providers often create usage profiles, on the basis of which user-based advertising can subsequently be placed inside and outside the network. Cookies are often used for this purpose or the usage behavior is directly assigned to your own member profile of the network (if you are logged in here).In addition, we use the user data to communicate with you via the respective network and to provide you with information. If you interact with our company profile in the respective network (e.g. visit our company profile, comment or "like" something), it is possible that your user profile including the personal data will be made public.
Information on the processing of your data in social and professional networks and the possibility to make use of your right of objection or revocation (opt-out), we have listed below.
We process your personal data for the following purposes:
• Public relations and marketing purposes, i.e. we provide information about our services and offers, among other things, and communicate with you
• (Only in professional networks:) Recruitment, i.e. we engage in "active sourcing".
• The legal basis for our public relations work and the marketing purposes pursued with it is your consent pursuant to Art. 6 (1) lit. a GDPR.
• Pursuant to Art. 6 (1) lit. f GDPR, the legal basis for recruitment is our overriding legitimate interest in finding new employees.
In principle, your data is stored by the respective provider of the network and not directly by us. We store your activities and personal data published via our presence until the purpose of the processing has ceased to apply or your consent has been revoked, provided that there are no retention obligations to the contrary.
We maintain presences in the following social and professional networks.
We also offer you the opportunity to apply for jobs and send us your application online or by mail.
As part of the application process, we process the following personal data:
• Master data (e.g. first and last name, address)
• Contact details (e.g. e-mail address, telephone number)
• Application data (e.g. cover letter, CV, certificates and other supporting documents)
The purpose of the processing is to carry out the application procedure.
The legal basis for the processing of personal data is the fulfillment of the contract and the implementation of pre-contractual measures according to Art. 6 para. 1 lit. b, Art. 88 para. 1 GDPR in conjunction with § 26 para. 1 Federal Data Protection Act (BDSG).
If we obtain your consent (e.g. for inclusion in our applicant pool), this constitutes the legal basis for data processing pursuant to Art. 6 (1) a GDPR.
If an employment relationship is established after completion of the application process, the personal data provided may be processed further. Otherwise, we generally retain the data for six months after the end of the application process. We then delete all personal data. Longer storage is possible if we include the personal data in our applicant pool after obtaining your consent.
We use Personio as our personnel management tool. The contractual partner is Personio GmbH & Co KG, Rundfunkplatz 4, 80335 Munich, Germany.
We process your personal data that we receive from you in the course of our business relationship. In addition, we process personal data from you that we have received from a legal entity (interested party and/or customer or other contractual partner) in your capacity as a representative/authorized agent. Insofar as this is permitted, we also take certain data from publicly accessible sources (e.g. commercial register, press, Internet) or from authorities. In addition to the data about you that you give us directly, the categories of personal data that we receive about you from third parties include, in particular, information from public registers, information that we receive in connection with official and judicial proceedings, information in connection with your professional functions and activities (so that we can, for example, with your help conclude and process transactions with your employer), information about you in correspondence and meetings with third parties and creditworthiness information (insofar as we process transactions with you personally).
In the course of initiating or fulfilling a contract, we process the following personal data:
• Master data (e.g. first and last name, address)
• Contact data (e.g. e-mail address, telephone number) and of affiliated companies
• Contact person data: company, industry and job title, contact details
• Bank details for SEPA procedures, invoice and payment data
We use the personal data we collect primarily to enter into and process our contracts with our customers and business partners, such as in particular in the context of licensing our products and providing expert support as well as the activities of a data protection officer for our customers and the purchase of products and services from our suppliers and subcontractors, as well as to comply with our legal obligations in Germany and abroad. If you work for such a customer or business partner, your personal data may of course also be affected in this capacity.
The legal basis is the fulfillment of the contract and the implementation of pre-contractual measures according to Art. 6 (1) b GDPR.
We delete your personal data as soon as they are no longer required to achieve the purpose for which they were collected and there are no legal retention obligations to the contrary.
We use HubSpot as our CRM system. Hubspot is a software company from the USA. Our contractual partner is HubSpot Germany GmbH (address: HubSpot Ireland Limited, HubSpot House, One Sir John Rogerson's Quay, Dublin 2, Ireland). In the course of processing via HubSpot, data may be transmitted to the USA (Hubspot Inc.). The security of the transmission is secured via standard contractual clauses, and Hubspot Inc. is also certified via the Data Privacy Framework.
We use sevDesk to create and send invoices. The contractual partner is sevDesk GmbH, Hauptstraße 115, 77652 Offenburg, Germany.
You have various rights under the data protection law applicable to you and where provided for therein (such as in the case of the GDPR) in relation to personal data processed about you.
You have the right to request confirmation from us as to whether personal data concerning you is being processed.
You have the right to receive from us at any time free of charge information about the personal data stored about you, as well as a copy of this data in accordance with the statutory provisions.
You have the right to request the correction of inaccurate personal data concerning you. Furthermore, you have the right to request the completion of incomplete personal data, taking into account the purposes of the processing.
You have the right to demand that personal data concerning you be deleted immediately if one of the reasons provided for by law applies and insofar as the processing or storage is not necessary.
You have the right to demand that we restrict processing if one of the legal requirements is met.
You have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format. Furthermore, you have the right to transfer this data to another controller without hindrance from us, to whom the personal data has been provided, provided that the processing is based on consent pursuant to Art. 6 (1) lit. a GDPR or Art. 9 (2) lit. a GDPR or on a contract pursuant to Art. 6 (1) lit. b GDPR and the processing is carried out with the aid of automated procedures, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.
In addition, when exercising your right to data portability pursuant to Article 20(1) of the GDPR, you have the right to have the personal data transferred directly from one controller to another controller, to the extent that this is technically feasible and provided that this does not adversely affect the rights and freedoms of other individuals.
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of data processing in the public interest pursuant to Art. 6 (1) (e) GDPR or on the basis of our legitimate interest pursuant to Art. 6 (1) (f) GDPR.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims.
In individual cases, we process personal data in order to conduct direct advertising. You may object to the processing of personal data for the purpose of such advertising at any time. If you object to us processing for direct marketing purposes, we will no longer process the personal data for these purposes.
In addition, you have the right to object, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out by us for scientific or historical research purposes or for statistical purposes pursuant to Article 89(1) GDPR, unless such processing is necessary for the performance of a task carried out in the public interest.
You have the right to revoke your consent to the processing of personal data at any time with effect for the future.
You have the right to lodge a complaint about our processing of personal data with a supervisory authority responsible for data protection.
The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).
This privacy policy is currently valid and has the following status: October 2023.
If we further develop our website and our offers or if legal or regulatory requirements change, it may be necessary to amend this data protection declaration. You can access the current data protection declaration at any time here