Privacy statement / Datenschutzerklärung     (Version: August 2022)

Zur deutschen Version wechseln!


We take data protection seriously

 

Protecting your privacy when processing personal data is important to us. Therefore, we would like to provide you with the following information.

Data controller in Austria:

ACP Holding Österreich GmbH
Wagenseilgasse 3
A-1120 Wien

Telefon: +43 1 89193 0
Fax: +43 1 89193 10188
E-Mail: info(at)acp.at

Data controller in Germany:

ACP Holding Deutschland GmbH
Willy-Brandt-Platz 6 
D-81829 München

Telefon: +49 89 547274100
Fax: +49 89 54727410 999
E-Mail: gruppe(at)acp.de

The data controllers manage this website for all companies in the ACP Group. You can find an overview of the companies here. If required, your data will be exchanged within the ACP Group (for example, in order to pass your query onto the relevant employee).

Personal Data

Personal data concerns data about you. This includes your name, address and email address. You do not need to provide any personal data to visit our website. In certain cases, we will need your name and address, as well as additional information in order to provide you with the requested services.

The same applies if you would like us to provide you with information material or in order to respond to your queries. In such cases, we will always inform you. Furthermore, we only store the data which you have provided to us automatically or voluntarily.

When you use one of our servers, we generally only collect data which is required in order to provide you with our service. We may ask you for additional information, but this is voluntary. Whenever we process personal data, we do so in order to provide our service or to pursue business objectives.

 

Contact form

If you provide us with data using the contact form, this data will be stored on our servers as part of the data storage process. Your data will only be used in order to process your request and, in certain cases, it may be passed on internally within the ACP Group. Your data is processed in a strictly confidential manner. It will not be passed onto third parties.

 

Newsletter

We use the software Hubspot to send our newsletter. As part of this, we use a so-called double opt-in procedure (i.e. we will only send you a newsletter if you have explicitly requested that we activate the newsletter service for you). We will then send you a notification email, asking that you click on the link in the email to confirm that you would like to receive our newsletter. When signing up to our newsletter, we store your IP address and the sign-up date. This information is stored solely in the event of third party misuse of your email address to sign up to the newsletter without your knowledge or consent. The legal basis for this is your consent, according to art. 6, para. 1, lit a of the GDPR. If you unsubscribe from the newsletter and there is no commercial relationship between us and you, your data will be deleted immediately.
If you wish to unsubscribe from our newsletter at a later date, you can do so at any time without incurring any cost other than the data transmission costs at your standard tariff (e.g. when clicking on the unsubscribe link in the email).

 

User Account (User Profile)

On our website, we give users the option to register for a user account using their personal details. Following registration on the website, you will receive a confirmation email from us, which will be sent to the email address provided by you.
The legal basis for processing this data is art. 6, para. 1, lit b of the GDPR. The registration data will not be passed on to third parties.

We store this data for the purpose of setting up and providing the user account. Your application(s) and applicant profile will be stored in this account.

As part of your registration on the ACP applicant portal, you can also sign up to a job newsletter for future ACP job vacancies. You can unsubscribe at any time via your applicant profile or through an integrated link in the job newsletter. You always have the option to download and correct the stored data. We delete your user account and the data stored in it when you request its deletion or when you explicitly withdraw the submitted application(s).

If the data is required for contractual reasons or to conduct pre-contractual measures, the data can only be deleted prematurely if there are no contractual or legal obligations to the contrary. Furthermore, we process your data until the conclusion of any legal disputes whereby the data is required as evidence.

 

Online applications (to a job vacancy or unsolicited applications)

On our website, we offer applicants the option to apply to the job vacancies online or to submit a speculative application. In doing so, the data will be entered/uploaded into an input screen and then transmitted to our systems, where it is stored. A user account is required to apply to a job offer or to send a speculative application.
Once an application has been sent, an automated email will be sent to the email address you provided.
The application data stored in your user account can be viewed, changed or deleted at any time.
For the purpose of reviewing and processing your application and in order to get in touch, your data may be viewed by the person(s) responsible for the respective job vacancy/speculative application.

When looking for the best applicants and workplaces, we take your applicant data into account for open vacancies in your region. For this reason, we pass your applicant data onto our companies within the ACP Group.
Under no circumstance will your applicant data be passed onto third parties outside the ACP Group.

The legal basis for processing your data is your consent, given especially prior to sending your application via the corresponding form on our website. (art. 6, para. 1, lit a of the GDPR, possibly in connection with art. 9, para. 2, lit a of the GDPR insofar as special personal data is included in your application).

It may be necessary to pass your data onto third parties where legally required, e.g. in order to pursue prosecution or to implement intellectual property laws. The legal basis in such cases is art. 6, para. 1, lit c of the GDPR.

We delete the application data you have provided from our systems if you explicitly withdraw your consent and/or if you delete your account.

We will also delete your data 6 months after the end of the application process, insofar as we do not suggest another vacancy to you or if you consent to us storing your application on file data for an additional 12 months. One month prior to the expiration of the retention period, you will receive an email offering you the option to extend the storage of your application data on file by a further 12 months. This consent can be withdrawn at any time in your user/application account.
You cannot delete the data if it is required to fulfil a contract or to conduct pre-contractual measures. Premature deletion of the data is only possible if there are no contractual or legal obligations preventing deletion. Furthermore, we process your data until the conclusion of any legal disputes whereby the data is required as evidence.

 

Webshop

For each customer, we setup password-protected direct access to the core data we store on them (customer account). Here, you can view the data on completed orders and you are obliged to treat the personal access data with confidentiality, preventing access to the data from third parties. We cannot accept liability for the misuse of passwords, unless we are responsible for the misuse.

We collect, store and process your data for the entire purchase process. Your personal data will only be passed on or otherwise transmitted to third parties where this is required in order to process the contract or for billing purposes. As part of the order process, the service providers we use (for example shipping and logistics companies) will receive the required data for the order and contract processing. Such data may only be used by our service providers in order to fulfil their task. Any other use of the information is not permitted and this also applies to our trusted service providers.

For your order, we require your correct and complete company name, address and VAT identification number for the purpose of billing. We need your email address in order to assign your order in our goods management system and to communicate with you. We also use this to identify you (customer login).

Your personal data will be deleted if the statutory retention obligations have been met and you have made a claim for deletion, if the data is no longer required to fulfil the purpose of storage or if the storage is otherwise not legally permitted.

 

Automatically stored data

When you visit our website, our internet servers generally store your internet service provider IP, the website from which you visited us, the webpages you visit on our site and the date and duration of the visit. This information is required for the technical transfer of webpages and the secure operation of the server. This data is not evaluated personally.

 

Server log files

The website provider automatically collects and stores information in so-called server log files, which your browser sends to us automatically. These are:

  • The date and time of the request
  • The name of the required files
  • The page from which the file was requested
  • The access status (file transfer, file not found etc.)
  • The web browser and operating system used
  • The complete IP address of the device making the request
  • The data volume transmitted

This data is not merged with other data sources. Processing takes place in accordance with art. 6, para. 1, lit f of the GDPR on the basis of our legitimate interest in the improvement of our website’s stability and functionality.

For technical security reasons, in particular to defend against attempted attacks on our web servers, this data is stored by us temporarily. It is not possible to trace a person’s identity based on this data. After no later than seven days, the data is anonymised using an abbreviated IP address at domain level, so that it is no longer possible to trace the individual user. The data is then processed in anonymised format for statistical purposes; the data is not compared with other components or passed on to third parties, even in excerpts.

 

Security

We have taken technical and administrative security measures in order to protect your personal data against loss, destruction, manipulation and unauthorised access. All of our employees and active service providers are obliged to comply with the data protection laws.
Whenever we gather and process personal data, it will be encrypted before it is sent. This means that your data cannot be misused by third parties. Our security measures are subject to a constant process of improvement and our data protection declarations are constantly updated. Please ensure that you have consulted the most recent version.

 

Cookies

When you visit our website, we store information on your computer in the form of cookies. Cookies are small files, which are sent from an internet server to your browser and stored on your hard drive. Without your consent, we will only use cookies that are technically required, on the legal basis of our legitimate interest, in accordance with art. 6, para. 1 lit f of the GDPR.

Additionally, when visiting our website for the first time, we request that you consent to cookies used to improve our website or for marketing purposes. Only if you agree to this will such cookies be stored. The legal basis for this shall then be your consent, in accordance with art. 6, para. 1, lit a of the GDPR.

You can change your cookie settings here at any time:

 

Tawk

This website uses Tawk.to to provide a live chat. This website uses consultants from thomashutter.com and hutter-consult.com, an external platform for managing chats. The chat is integrated via a script in the source text on thomashutter.com and hutter-consult.com. By using the chat, you will automatically use the services of Tawk.to. The data is transmitted there for the purpose of security and documentation for thomahutter.com and hutter-consult.com. The data collected includes: The chat content, given name, IP address at the time of the chat and the country of origin. This data is not passed onto third parties and only serves the purpose of protection and internal statistics. By using the chat, you agree to consent. Here, you can find further information on Tawk.to! Please read them carefully. Please note, however, that the page is only available in English: https://www.tawk.to/privacy-policy/ 

 

HOTJAR

For the purpose of website analysis, the technologies provided by Hotjar [https://www.hotjar.com]Ltd., Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 3155, Malta (“Hotjar”) are used to automatically collect and store data (IP address, time of visit, device and browser information and information on your use of the website), which will be used on the basis of a pseudonymised user profile. This may involve the use of cookies. Without specially issuing explicitly consent, the pseudonymised user profiles will not be merged with personal data. Hotjar is a service currently used by us.

 

HubSpot

 

To create our website, we use HubSpot, a software by HubSpot Inc., 25 First Street, 2nd FloorCambridge, MA 02141, USA. As part of its use, this software uses so-called inbound marketing. The software helps us, amongst other things, to optimise our marketing strategy based on statistical analyses and the evaluation of logged user behaviour. For this purpose, HubSpot uses cookies. You can, of course, prevent the storage of cookies or delete existing cookies by adjusting the corresponding settings in your browser. Please note that in this case, certain services on our website may not function completely. Detailed information on HubSpot can be found in the user agreement and privacy guidelines for HubSpot Inc. at http://www.hubspot.com/terms-of-service and http://www.hubspot.com/privacy-policy

Lead-Scoring in HubSpot

Lead scoring is a process by which a contact can be qualitatively assessed on the basis of a pre-defined points system. This allows any contact with a concrete interest in a topic, service or product or with a concrete intention to purchase to be identified.

Explicit and implicit data is used as evaluation criteria.
Explicit contact data, i.e. any data which a contact provides themselves, can be collected by, for example, filling out a form on our website. For example, such explicit data provided can include:

  • Country
  • Company
  • Company size
  • Job descriptions
  • Industry
  • Interests
  • etc.

Implicit information can also be used. This primarily concerns information obtained by using our website, emails and other channels, which assigns contact with HubSpot. Examples of such implicit interactions for collecting data include:

  • The number of website sessions
  • Form submissions (such as newsletter or contact queries and the number of these)
  • The number of email ‘openings’ and ‘clicks’
  • Interactions on social media
  • etc.

The evaluation of this data helps us to determine your interests more precisely, to provide you with targeted information and to optimise our website for you.

 

SOCIAL PLUGINS FROM FACEBOOK, TWITTER, INSTAGRAM, PINTREST, XING, ADDTHIS AND WHATSAPP


Our website uses social buttons from social networks. This are just HTML links embedded in the page, so simply accessing our website does not yet establish a connection with the servers of the respective providers. Clicking on one of the buttons will open the website of the respective social network in a new window on your browser. There, you can, for example, click on the like or share button.

 

ONLINE PRESENCE ON FACEBOOK, TWITTER, INSTAGRAM, LINKEDIN, XING


If you have given consent to the respective social media operator, according to art. 6, para. 1, lit a of the GDPR, your data will be collected and stored automatically when visiting our online pages in the abovementioned social media channels for marketing and advertising purposes. This takes place using pseudonymised user profiles. These may be used to, for example, display advertisements on and off the platform, which more or less correspond to your interests. This generally involves the use of cookies. For detailed information on the processing and use of data by the respective social media providers, as well as contact information and your rights and privacy settings options in this regard, please visit the providers’ privacy policies linked below. If you still require help in this regard, you can get in touch with us.

 

Facebook Custom Audiences Pixels


In order to present interest-related advertisements to our website visitors during their visit, we use Custom Audiences Pixel by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). As part of this, we have implemented a Facebook Pixel on our website, which establishes a direct connection with Facebook’s servers when visiting our website. This informs the Facebook servers that you have visited our website and Facebook assigns this information to your personal Facebook user account. For more information on the collection and use of data by Facebook, as well as your rights and privacy options in this regard, please see Facebook’s privacy policy at https://www.facebook.com/about/privacy/.

If you wish to object to the connection with Facebook described above, you can do this as follows:
Consent to Facebook Pixel takes place in connection with your consent to the use of cookies on our website. You can withdraw your consent by clicking on the cookies button and changing your cookie settings.

 

USE OF GOOGLE SERVICES

We use the following technologies by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Irland (“Google”). The information on your use of our website automatically collected by the Google technology is usually sent to a server of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA and stored there. The European Commission has not taken a decision on the USA’s adequacy. Our cooperation is based on the European Union’s standard data protection clauses.

If your IP address is collected using Google technology, it will be abbreviated prior to storage on the Google servers by using an IP anonymisation process. Only in exceptional cases will the full IP address be sent to a Google server and abbreviated there. Unless otherwise stated for the individual technologies, the data processing takes place on the basis of an agreement concluded between the data controller and the respective technologies, in accordance with art. 26 of the GDPR. You can find detailed information on data processing at Google in Google’s privacy policies: https://policies.google.com/privacy?hl=de.

 

Google Tag Manager


This website uses Google Tag Manager. The Tag Manager does not collect personal data. The tool triggers the other tags, which in turn may collect data. Google Tag Manager does not access this data. If deactivated at domain or cookie-level, it will remain for all tracking tags implemented by Google Tag Manager. Google’s privacy policy for this tool can be found here: https://www.google.com/analytics/terms/tag-manager/. 

 

Google Adsense


Our website provides marketing space for third party advertising using AdSense. These advertisements are displayed to you in different locations on this website. The so-called DoubleClick cookie allows the display of targeted advertising by collecting and processing data (IP address, time of visit, device and browser information and information on your use of our website), as well as the automatic designation of a pseudonymised UserID. This determines the interests of visitors to this and other websites.

 

Google Doubleclick


Doubleclick by Google uses cookies to display the relevant advertisements to you. Your browser will be assigned a pseudonymised identification number (ID) in order to check which advertisements have been embedded in your browser and which advertisements have been invoked. The cookies do not contain any personal information. The use of DoubleClick cookies only enables Google and its partner websites to display advertisements based on previous visits to our or other websites on the internet. The information created by the cookies is sent by Google to a server in the USA and stored there.

 

Google Maps


In order to visually display geographical information, Google Maps sends data to Google, which processes data about your use of the maps function, in particular your IP address and location data. We have no influence over the subsequent data processing.

Adform


To improve the comfort and quality of our service, we use conversion tracking and retargeting technology, both webservices by Adform ApS, Wildersgade 10B, 1, 1408 Copenhagen K, Denmark.

Conversion-Tracking:
This website uses conversion tracking by Adform. The temporary cookie for conversion tracking is set when a user contacts an advertisement using Adform.

Users who do not wish to take part in tracking can deactivate the Adform or Google cookie in their internet browser. They can also object to data collection and storage at any time with future effect by clicking here. Cookies already stored on your computer can be deleted in your browser or removed by deleting temporary websites.

Retargeting:
This website uses retargeting technology by Adform. This makes it possible to target those internet users who are already interested in our website and our products with advertising on our partners’ websites. The integration of advertising material through retargeting uses a cookie-based analysis of previous user behaviour. This involves a temporary cookie, which becomes invalid after 60 days. If you do not wish for Adform to show you interest-targeted advertising, you can object to data collection and storage with future effect here. More information on Adform’s privacy policy can be found at http://site.adform.com/privacy-policy/en

 

AddThis


Our website uses the bookmark service addthis.com. AddThis is a service provided by Clearspring Technologies Inc., 8000 Westpark Drive, Suite 625, McLean, VA 2210, USA. Each individual visit to our website equipped with an AddThis component causes the browser you are using to download a corresponding representation of the component from addthis.com. Through this process, addthis.com is made aware of the exact page you visit on our website. Furthermore, addthis.com obtains information about your IP address, browser type, browser language, the previously visited website, as well as the date and time of your visit to the website in order to create anonymised user profiles with the data. This data allows AddThis and its partner companies to provide visitors to our website with personalised, interest-related advertising. The integration of advertising material takes place on the basis of the browser cookie set by addthis.com, which analyses the user behaviour of the website visitor. You can permanently object to addthis.com placing this cookie by clicking on the following link and downloading and installing the opt-out cookie: http://www.addthis.com/privacy/opt-out.

We wish to point out, however, that if you do so, not all functions of our website may work to their full extent. Through the following internet address, you can find the privacy policy for AddThis with information on their collection and use of data: http://www.addthis.com/privacy/privacy-policy


Bitly


To generate short URLs, we use the tool “Bitly” by bitly.inc (39 5th Avenue, New York, NY 10010, USA). Privacy statement and opt-out: https://bitly.com/pages/privacy?lang=en

 

Moat


To provide the relevant advertisements, we use the tool, Moat.
Moat is provided by Moat Inc., 228 Park Ave South #17953, New York NY 10003, United States.
Link to privacy policy: https://www.oracle.com/legal/privacy/services-privacy-policy.html
Link to opt-out: https://www.oracle.com/legal/privacy/privacy-choices.html

 

Microsoft Bookings


Our website uses the service Microsoft Bookings (part of Microsoft 365) to book appointments online. This service is provided by Microsoft Ireland Operations Limited (hereinafter: “Microsoft”).
This software enables the booking of consultancy or event appointments. A connection to the service is only established if you click on a link or button for the online booking function on our website.

To book appointments, your details are sent to an appointment form at Microsoft. A potential data transfer to the USA is ensured by the use of EU standard clauses and additional guarantees. Detailed information on handling your data can be found in the Microsoft privacy policy at https://privacy.microsoft.com/en-us/privacystatement.

The legal basis for providing the “Microsoft Bookings” service is art. 6, para. 1, lit f of the GDPR (legitimate interest in data processing). The legitimate interest is based on our desire to provide you with a user-friendly website and to provide you the opportunity to book an appointment quickly and simply when you need it.

We wish to point out that you are not obliged to use Microsoft Bookings to book an appointment. If you do not wish to use the service, please contact us through our other channels to book an appointment. The legal basis for processing your data by sending the form is art. 6, para. 1, lit a of the GDPR (consent).

 


Data subject rights

You always have the right to information on and correction, deletion or restriction of the processing of your stored data, as well as a right to object to processing, to data portability and to submit a complaint in accordance with the provisions of the data protection act.

Right to information:


You can request information on whether and to what extent we process your data.

 

Right to correction:


If we process your data incompletely or incorrectly, you can request that we correct or complete your data at any time.

 

Right to erasure:

You can request the erasure of your data, insofar as we process the data unlawfully or if the processing disproportionately affects your legitimate interest in protection. Please note that there may be reasons to prevent an immediate erasure, e.g. in the event of statutory regulations on retention obligations.


Regardless of your perception of your right to erasure, we will erase your data immediately and in full insofar as there are no commercial legal or statutory retention obligations.

 

Right to restrict processing:


You can request a restriction to the processing of your data if

  • You dispute the accuracy of the data for a period that allows us to check the accuracy of the data,
  • The processing of data is unlawful but you refuse erasure and instead request a restriction to the use of your data,
  • We no longer require the data for the intended purpose but you still require the data to assert or defend legal claims or
  • You have submitted an objection to the processing of data.


Right to data portability:


You can request that we provide your data, that you have given us, to you in a structured, conventional and machine-readable format or that we send this data to another data controller without delay, insofar as

  • we process this data on the basis of your issued and revocable consent or in order to fulfil a contract and
  • the data is processed using automated means.

If technically feasible, you can request that we send your data to another data controller directly.


Right to object:


If we process your data due to a legitimate interest, you can submit an objection to data processing at any time; this would also apply to profiling on the basis of one of these provisions. We will then no longer process your data, unless we can prove compelling, protection-based reasons for processing which outweigh your interests, rights and freedoms or if the processing serves to assert, execute or defend legal claims. You can object to the processing of your data for the purpose of direct advertising at any time without providing a reason.

 

Right to appeal:

If you believe that our processing of your data violates German or European data protection laws, we request that you contact us in order to clarify any queries. You have, of course, the right to appeal to the relevant supervisory authority at the respective state department for data protection supervision.

If you wish to assert one of the above rights to us, then please contact our data protection officer. If in doubt, we may also request additional information to confirm your identity
.

 

Amendments to this privacy policy

We reserve the right to amend our privacy policy in the event that new technologies require such. Please ensure that you have the most recent version. If substantial changes are made to this privacy policy, we will provide information about this on our website.
All interested parties and visitors to our website can contact us about data protection issues at:

Mr. Christian Volkmer

Projekt 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg

Tel.:  0049 941 2986930
Fax:  0049 941 29869316
E-Mail: anfragen(at)projekt29.de
Internet: www.projekt29.de