Data Security Statement

Name and Address of the Person Responsible

The person responsible in accordance with the DSGVO and other national data safety laws in the member states as well as any other data safety regulations is:

LCTech GmbH
Daimlerstraße 4
84419 Obertaufkirchen
Germany

Tel.: +49 8082 2717-0
E-Mail: datenschutz@LCTech.de
Website: www.LCTech.de

Authorised representative partner: Amod Kher (CEO), Dr. Uwe Aulwurm (CTO)

Privacy officer of the Data Controller

The responsible person’s data security officer is:

Monika Kefer
Kefer IT-Beratung

Blumenstr. 9A
83569 Vogtareuth
Deutschland

E-Mail: info@kefer-it.de
Website: www.kefer-it.de

1. General / Scope and Changes

This Privacy policy concerns the following processes in personal data by LCTech GmbH

The website at the address: https://www.lctech.de
Contact via our email address, telephone or fax
Presence with cooperation partners and in social networks (social media)
How we handle job applicant data

This privacy policy informs you about

Data processing as Data Controller,
Data processing in Joint Controller Agreement and
Third-Party providers who process data as their own Data Controller

For other providers referred to via links, their data protection regulations apply.

Changes to Privacy Policy

If necessary, this data protection declaration will be adjusted or updated. The currently valid version applies.

Additional Data Controller

There are other parties responsible for processing your personal data. According to Art. 26 GDPR, there is a shared responsibility. The joint controllers have determined in an agreement which responsible party fulfills which obligation under the GDPR. For the respective data processing, you will find further information about those joint controllers and the agreements made.

Questions about Data Protection

If you have any questions about the handling of your personal data, you can contact our Data Protection Officer any time. Please also contact our Privacy Officer if you have any questions about exercising your rights as a data subject. You can find the contact details above.

2. How we handle your personal data

Website Provision and Creation of Log Files

a) Description an Extent of Data Handling

Every time our website is requested our system automatically saves data and information regarding the requesting computer’s system. The data are also stored in the log files of our system. The following data is being collected:

Websites from where the user’s system reached our website
Date and time of request
Time zone difference to Greenwich Mean Time (GMT)
Amount of data sent in bytes
Websites, which the user’s system requests via our website
Information regarding browser type and version
The user’s operating system
The user’s IP address
Access status/HTTP status code

Third-Party Provider:
Web host
Hetzner Online GmbH
Industriestr. 25
91710 Gunzenhausen
E-Mail: info@hetzner.com

b) Legal Basis and purpose of Data Processing

In order to correctly deliver the requested content from websites, the data processing mentioned is technically necessary.
This data processing is absolutely necessary when using the internet.
The legal basis for the temporary storage of data and log files is Article 6 (1) (f) GDPR. In the event of misuse of the website, e.g. Dos attacks, it is in our legitimate interest to carry out an error analysis, block the IP address and, if necessary, take legal action.
The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. To do this, the user's IP address must remain stored for the duration of the session.
The data collected is also used for statistical evaluations and to improve the website. If we see concrete evidence of illegal use, we reserve the right to subsequently check the server log files.

c) Duration of Store und possibility of objection

Data will be deleted after 7 days.
In order to ensure the provision and operation of the website, it is absolutely necessary that data is recorded and stored in log files. This gives the user no opportunity to object.
Log files are deleted after 30 days at the latest in accordance with Section 25 of the Telecommunications Telemedia Data Protection Act (TTDSG).

3. Cookies

Our Website does not use tracking cookies
A cookie is a piece of data that is placed on your device when you’re browsing the internet. These text files are automatically created by browsers and websites.

a) Description and Extent of Data Handling

Our cookies are session-cookies. A session-cookie helps track real-time changes in a user's activity while on a website, such as adding items while shopping on e-commerce websites. If you visit the homepage in two windows in a browser, the session cookie recognizes that both visits relate to your session.

b) Legal Basis and purpose of Data Processing

Technically necessary cookies are not absolutely obligatory to display the website.

Legal Basis for temporary storage of the data is: Art. 6 Abs. 1 lit. f GDPR: Legitimate interest, in all other cases

c) Duration of Store und possibility of objection

At the end of your visit to the website, session cookies are automatically deleted. There is no possibility for the user to object; these cookies can be deactivated by setting the respective browser.

4. Other Technologies

Encrypted Transmission

We use encryption (SSL or TLS) to ensure secure transmission of content. You can see whether a website is transmitted encrypted by the lock symbol in the address bar of your browser.

Shortening of the IP address

In order to make it more difficult to identify the user, we use the option to shorten the IP address as far as possible.

Data Security

We implemented appropriate technical and organizational measures to protecting data from unauthorized access, lost, corruption or theft throughout its entire lifecycle. Our security measures are continuously improved in line with technological developments.

Connection to other websites via links in graphics or text

The links we offer generally lead you directly to your destination without additional information or detours. We have marked external links that lead outside of our offering accordingly.

Intermediate and redirected links

Redirect is a technique which is used to redirect your domain's visitors to a different URL. You can forward your domain name to any website, webpage, etc. which is available online. Redirected URL´s are most used to collect unnoticed personal data and sometimes they are phishing attacks.

Active Content

Active content is any web page element that can execute code or perform actions on your browser, such as animations, videos, games, or forms. While active content can enhance your online experience, it can also pose security risks, such as malware infection, phishing, or data theft. The most popular language for active content is Java and Javascript.
This website uses the JavaScript library jQuery to increase the loading speed of our website.
On our website we use active Java script content from external providers - web services. These external providers may receive personal information about your visit to our website. Processing of data outside the EU may be possible.
You can protect yourself by installing a browser extension such as “NoScript” or “uBlock Origin” or disabling JavaScript in your browser. This may lead to functional restrictions on the websites you visit.
Further information to JavaScript: https://en.wikipedia.org/wiki/JavaScript

5. Implemented Fonts

Google Web Fonts

All Google fonts used are integrated locally. There is no connection to Google servers and therefore no personal data is transmitted to Google.

6. Plugins

TYPO3 Plugins

We use different TYPO3 plugins for the website. Great care is taken to ensure that the plugins are GDPR compliant. No personal data is collected through the plugins used.

7. Contact Form

a) Description an Extent of Data Handling

You can send us an inquiry using the contact form on our website. The personal data you provide when you contact us will be stored. In order to respond to you, all you need to do is provide your email address.
In this context, the data will not be passed on to third parties.

b) Legal Basis and purpose of Data Processing

Art. 6 Abs. 1 S. 1 lit. b. GDPR: performance of a contract, if the request is aimed at concluding a contract or the execution of the contract
Art. 6 Abs. 1 lit. f GDPR: Legitimate interest, in all other cases

The data will only be processed to answer your query.

c) Duration of Store und possibility of objection

8. Contact via our email address, by telephone or fax

a) Description and Extent of Data Handling

You can contact us using the contact details provided on our website (telephone number, fax number and email address). The personal data you provide when you contact us will be stored.
In this context, the data will not be passed on to third parties.

b) Legal Basis and purpose of Data Processing

Art. 6 Abs. 1 S. 1 lit. b. GDPR: performance of a contract, if the request is aimed at concluding a contract or the execution of the contract
Art. 6 Abs. 1 lit. f GDPR: Legitimate interest, in all other cases

The data will only be processed to answer your query.

c) Duration of Store und possibility of objection

The data will be deleted immediately after your request has been processed, if there is no legal obligation to retain such data.
If you have sent data via email, the process ends when the respective conversation has ended. Once an issue has been clarified, the conversation can be considered over.
The data for which there is a legal obligation to retain data will continue to be retained. (6 years para § 257 (1) 2, (4) HGB)
If the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot continue.
In this case, all data stored for contacting us will be deleted.

9. Handling with job applicant data

a) Description and Extent of Data Handling

You can send us spontaneous applications using the contact details (telephone number, fax number and email address) provided on our Website.
It is also possible to send an application with all the necessary personal data and relevant documents to us using the application email address we provide directly with the respective job offer.

b) Legal Basis and purpose of Data Processing

Providing your personal data in an application is voluntary. Data processing and processing of special categories of personal data is based on your content.

The data is used for the following purposes:

a) Contact you, based on your application.
b) Initiation and justification of the employment relationship.
c) If we have your consent, to send you personalized information about vacancies.
d) To fulfill legal obligations or to defend against asserted legal claims (duty of proof in accordance with the General Equal Treatment Act (AGG).

Legal Basis for data processing: Art. 6 Abs. 1 S. 1 lit. a. GDPR: Consent to the processing, voluntary sending of job application data
Legal Basis for carrying out the application process: Art. 6 Abs. 1 lit. b GDPR
Legal Basis for temporary storage of your personal data: Art. 6 Abs. 1 lit. f GDPR: Legitimate interest, in all other cases

c) Transfers to Third Party

Only certain people and positions in our company receive your personal data in order to fulfill our contractual and legal obligations. These are, for example, the respective specialist areas and departments, representatives of the severely disabled employees and other.

d) Duration of Store und possibility of objection

Your data will be stored for as long as it is necessary to fulfill the respective purpose. It will be also stored as long as there are legal retention obligations and no different information is provided about individual processing. (Duty of proof for the General Equal Treatment Act (AGG))
Six months after the end of the application process, this is the time of announcement of the decision
If you have agreed that we may store your data in our applicant pool for a longer period, we will do so with your consent for 24 months. Your data will then be deleted.

Receipts/booking data for any reimbursement of travel expenses or expenses are archived in accordance with tax law requirements.
If an employment relationship begins between us, your personal data will be included in our personnel file.
You can revoke your consent at any time.

Automated individual decision-making

We don´t use purely Automated individual decision-making to decide.

10. Data processing in third countries

Data transfer to third countries (countries outside the European Economic Area -EEA) does not take place and is currently not planned.

11. Links in graphics or text

The links we offer generally lead you directly to your destination without additional information or detours. We have marked external links that lead outside of our offering accordingly. We have marked external links that lead outside of our offering accordingly.

12. Deletion of Data

Revocation of your consent to processing in accordance with Art.6 (1) a or Art. 9 (2) a GDPR
Objection of processing para Art. 21 (1) GDPR if there are no other overriding legitimate reasons, or you submit objection para 21 (2) GDPR
The data for which there is a legal obligation to retain data, will be stored by law stored for a specified period (10 years after § 257 Abs. HGB, § 146 (2) AO).
Log files are deleted after 30 days at the latest in accordance with Section 25 of the Telecommunications Telemedia Data Protection Act (TTDSG).

13. Data Subject Rights

As a user of our website, you are a data subject and you have various rights under the GDPR. These result from Articles 15 to 18, 21 GDPR:

Right of Information

You can obtain information in accordance with Art.15 GDPR to request information about your personal data processed by us. Please specify your request to make it easier for us to compile the necessary data. Please note that your right to information may be restricted under certain circumstances in accordance with legal regulations (in particular Section 34 BDSG).

Right to rectification

If your information is no longer correct, you can request a report para Art. 16 GDPR. If your data is not complete, you can request it to be completed.

Right to erasure

You can request (Art. 17 GDPR) the deletion of your personal data. This only applies to data that is not subject to a legal obligation to be stored.

Right to restriction of processing

You can request (Art. 18 GDPR) that the processing of your data be restricted.

Right to object

You can object to the processing of your personal data at any time (Art. 21 GDPR). We can only comply with this if no legal regulations stand in the way of fulfilling our tasks.

Right for no Automated individual decision-making, including profiling

You have the right to reject an Automated individual decision-making, including profiling.

Right to complaint

If you believe that we have not correctly followed all regulations when processing your personal data, you can contact us at any time with a complaint.

Right to lodge a complaint with a supervisory authority

In addition to other administrative or judicial options, you have the right to contact the supervisory authority with a complaint. You have this option in the member state of your place of residence, your place of work or the place of the alleged violation, if you believe that the processing of your personal data is not in compliant with the GDPR.

If you file a complaint, you will be informed of the status of the matter and the outcome. The options for legal redress (Art. 78 GDPR) will also be explained to you.

The supervisory authority responsible for LCTech GmbH is:

Bayerisches Landesamt für Datenschutzaufsicht
Postfach 606
91511 Ansbach
Deutschland
Telefon: +49 (0) 981 53 1300
Telefax: +49 (0) 981 53 98 1300
E-Mail: poststelle@lda.bayern.de

Copyright notice

Status of the currently valid version: November 2023