You reached this site via a link because you wanted to find information about our handling of (your) personal data. In order to meet our information duties according to Article 12 et seq. of the EU's General Data Protection Regulation (GDPR), we provide our information concerning data protection:
The data processor as defined in the privacy law is
syracom AG
Otto-von-Guericke-Ring 15
65205 Wiesbaden
You can find further information about our company, the authorized representatives, and further contacts in the imprint of our internet site: www.syracom.de/footernavi/impressum.html
If we have received data from you, then we will generally only process it for those purposes for which they were received or collected.
Data processing for other purposes is only possible if the respective required legal conditions of Art. 6 IV GDPR apply. In this case, we will consider any information duties pursuant to Art. 13 III GDPR and Art. 14 IV GDPR as self-evident.
The legal basis for processing personal data is generally Art. 6 GDPR, unless there are other specific legal regulations. The following are in particular possible:
Consent (Art. 6 I lit. a GDPR)
Data processing for fulfilling contracts (Art. 6 I lit. b GDPR)
Data processing based on a balancing of interests (Art. 6 I lit. f GDPR)
Data processing to meet a legal obligation (Art. 6 I lit. c GDPR)
If personal data are processed based on your consent, you have the right to withdraw your consent at any time effective for the future.
If we process personal data based on a balancing of interests, then you as the data subject have the right to object to the processing of personal data under consideration of the conditions of Art. 21 GDPR.
Withdrawals of consent and the use of the right of withdrawal can be implemented via the following e-mail address: unsubscribe@syracom.de .
If we have received your personal data as part of an application for freelance work, this is data processing for the fulfillment of contracts, more precisely the implementation of pre-contractual measures (Art. 6 I lit. b GDPR).
We process the data as long as this is necessary for the respective purpose.
If legal archiving duties apply – e.g. based on commercial or tax law – the respective personal data is stored for the duration of the archiving duty. After the expiration of the archiving duty we verify whether the data needs to be stored further for processing purposes. If this is no longer necessary, the data is erased.
In general, we regularly check data in terms of the requirement of further processing. Due to the quantity of data, this verification is based on certain data types or purpose of processing.
With regard to applications for freelance work, your personal data will be stored in the applicant pool for two years. If no contact or assignment has taken place during this period, we will delete your data after two years.
Of course, you can at any time (see below) demand information about your personal data that we store and, if storage of the data is no longer required, demand that we erase the data or limit the processing.
Your data is generally only disclosed to third parties if this is necessary to implement a contract with you, if the disclosure is justified based on a balancing of interests as defined in Art. 6 I lit. f GDPR, we are legally obligated to disclose the data, or you have provided your consent.
Special aspect of freelance work:
Your application data will be reviewed by the Sales Service department upon receipt of your application. Suitable applications will be forwarded internally to the person responsible for the respective project and to potential clients. The data of freelance employees is stored in Microsoft Sharepoint. According to Art. 45 GDPR, the transfer of data to foreign bodies outside the EU/EEA is legal if there is an adequate level of data protection. According to the EU Commission's adequacy decision (2000/518/EC), an adequate level of data protection exists. Within the company, only those persons have access to your data who need it for the proper operation of our sales service processes.
Cooperation with contractual processors and third parties
If we disclose or transfer data to other persons and companies (contract processors or third parties) as part of our processing or grant them access in any other manner, this occurs only if there is a legal basis (e.g. if it is necessary to transfer the data to third parties, like payment service providers, to fulfil the contract pursuant to Art. 6 I lit. b GDPR, if you have granted your consent, if we are legally required to do so, or based on our legitimate legal interests (e.g. when using subcontractors, web hosts, etc.).
If we hire third parties to process data based on a so-called "processing contract", this is based on Art. 28 GDPR.
Transfer to non-EU/EEA countries
If we process data in a non-EU/EEA country (i.e. outside of the European Union (EU) or European Economic Area (EEA)) or if this occurs due to the use of third-party services or if there is any disclosure / transfer of data to third parties, this can only occur if it is necessary to fulfil our (pre-)contractual duties, with your consent, due to a legal requirement, or based on our legitimate interests. Subject to legal or contractual permission, we process or leave the data in a non-EU/EEA country only if specific conditions apply, as specified in Art. 44 et seq. GDPR. I.e. the processing is based on specific guarantees, like the officially recognized determination of a privacy protection level corresponding to that of the EU or adherence to officially recognized special contractual obligations (so-called "standard contract clauses") or the adequacy decision (“Trans-Atlantic Data Privacy Framework”). The more detailed information on the legal basis on which the transfers are based is listed with the respective service providers.
Microsoft
We use the services of Microsoft in order to be able to use the following services. We use these services to enable easily accessible communication channels outside our business premises.
To protect personal data, Microsoft has been certified with the Trans-Atlantic Data Privacy Framework. This guarantees a level of data protection equivalent to that of the EU as an adequacy certificate. More information at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000KzNaAAK&status=Active.
By using Microsoft's services, the terms of use and privacy policy of Microsoft are accepted.
Microsoft Forms
We use Microsoft Forms for the digital collection of contact data at on-site events and for surveys. The specific personal data we collect and how long we store it can be found in the respective Microsoft Forms.
No access data, registration or login is required to use Microsoft Forms.
The legal basis for processing personal data in Microsoft Forms is Article 6 I lit. f GDPR. The legitimate interest of syracom is to enable contact after trade fairs with potential applicants (m/f/d) or potential customers and partners and to improve our services through surveys.
Microsoft Bookings
We use Microsoft Bookings to make it easier for interested parties to book appointments for the purpose of exchanging information about our services (advertising measures). Using the web-based tool, interested parties can view the free appointment slots published by the respective syracom employee and book the slot that suits them.
The following personal data is processed: surname, first name and e-mail address.
The legal basis for the processing of personal data in Microsoft Bookings is Art. 6 I lit. a GDPR. The consent of the interested party is obtained via Bookings.
Microsoft Teams
To communicate outside our business premises, we use the Microsoft Teams application in addition to the conventional means of telecommunication, such as telephone and email. This application enables written communication within chats as well as voice and video calls that can be used to hold online meetings or video conferences. There is also a function that enables sharing the screen or individual application windows with the participants of a video conference.
One of the ways this application can be used is with a guest account and a Microsoft account. The access data is sent by email. If you access the Microsoft Teams website, this provider is responsible for the data processing on its website. Accessing the Microsoft Teams website may be required to download the software to use Microsoft Teams. Microsoft Teams can also be used with a browser without downloading the software. In that case, the service is provided via the Microsoft Teams website.
During the use of Microsoft Teams, different types of data are processed. The scope of the data also depends on the information you provide before or during your participation in an online meeting.
The following personal data is subject to processing:
Information about the user: e.g. display name, email address if applicable, profile image (optional), preferred language.
Meeting metadata: e.g. date, time, meeting ID, phone numbers, location.
Text, audio and video data: You may have the option to use the chat function in an online meeting. In this respect, the text you enter is processed in order to display it in the online meeting. To enable the display of video and playback of audio, the data from the microphone of your device as well as from any video camera of your device is processed accordingly during the duration of the meeting. You can turn off or mute the camera or microphone yourself at any time via the Microsoft Teams apps.
When you use Microsoft Teams to hold online meetings, no recording is intended, which means that no visual or audio material is stored or processed for any purpose other than the one described.
Chat content is logged and stored when using Microsoft Teams until the purposes below are fulfilled. There is no automated decision-making in the sense of Article 22 GDPR.
Insofar as the communication via Microsoft Teams is carried out for the purpose of fulfilling contracts or implementing pre-contractual measures with customers and business partners, the legal basis for processing the personal data required for this communication results from Article 6 I lit. b GDPR.
If the communication is carried out without a contractual relationship with the participants via Microsoft Teams, the legal basis for this is Article 6 I lit. f GDPR. In this case, the legitimate interest is the effective implementation of online meetings and video conferences.
As a matter of principle, no personal data will be disclosed to third parties, unless it is intended to be disclosed. The Microsoft Teams provider obtains knowledge of the above-mentioned data for the purpose of providing the service, insofar as this is provided for in our order processing agreement with Microsoft Teams.
Data processing outside the European Union is not intended by us, since data centers within the European Union are specified as the storage location. However, it cannot be ruled out that the routing of data via Internet servers is performed outside the European Union. This may be the case particularly if the participants of an online meeting are located in a third country. However, the data is encrypted during transport via the Internet and thus protected against unauthorized access by third parties.
You have the right to receive information about your personal data that we process.
If you do not request information in writing, we ask for your understanding that we may require evidence from you that shows that you are the person you claim to be.
Furthermore, you have the right to correct or erase or restrict the processing if you have the legal right to do so.
Furthermore, you have a right to object to the processing within the legal framework. The same applies to a right for data transferability.
To assert your rights as a data subject or if you have any other questions, please send an e-mail to datenschutz(at)syracom.de.
We have named an external Data Protection Officer in our company. You may reach him at the following address:
syracom AG
Data Protection Officer
Otto-von-Guericke-Ring 15
65205 Wiesbaden
E-mail: datenschutz(at)syracom.de
Website: www.syracom.de