Scenarium logo

About

Privacy Statement

1) Information on the collection of personal data and contact details of the person responsible.

1.1 We are pleased that you are visiting our website and thank you for your interest. In the following, we inform you about the handling of your personal data when using our website. Personal data in this context is all data with which you can be personally identified.

1.2 The person responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Scenarium Group GmbH, Lohengrinstraße 25, 14109 Berin, Germany, Tel.: +49 30 81054658, e-mail: office@scenarium.org. The controller of personal data is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

1.3 This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or requests to the controller). You can recognize an encrypted connection by the string “https://” and the lock symbol in your browser line.

2) Data collection when visiting our website

During the mere informational use of our website, i.e. if you do not register or otherwise transmit information to us, we only collect data that your browser transmits to our server (so-called “server log files”). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:

§ Our visited website

§ Date and time at the time of access

§ Amount of data sent in bytes

§ Source/reference from which you came to the page

§ Browser used

§ Operating system used

§ IP address used (if applicable: in anonymized form)

The processing is carried out in accordance with Art. 6 para. 1 lit. f DSGVO on the basis of our legitimate interest in improving the stability and functionality of our website. The data is not passed on or used in any other way. However, we reserve the right to check the server log files retrospectively should concrete indications point to illegal use.

3) Cookies

In order to make visiting our website more attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your terminal device. Some of the cookies we use are deleted after the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your end device and enable us or our partner companies (third-party cookies) to recognize your browser on your next visit (persistent cookies). If cookies are set, they collect and process certain user information such as browser and location data and IP address values to an individual extent. Persistent cookies are automatically deleted after a specified period of time, which may vary depending on the cookie.

If personal data is also processed by individual cookies implemented by us, the processing is carried out in accordance with Art. 6 (1) lit. b DSGVO either for the execution of the contract or in accordance with Art. 6 (1) lit. f DSGVO to protect our legitimate interests in the best possible functionality of the website as well as a customer-friendly and effective design of the site visit.

We may work together with advertising partners who help us to make our internet offer more interesting for you. For this purpose, cookies from partner companies are also stored on your hard drive when you visit our website (third-party cookies). If we cooperate with aforementioned advertising partners, you will be informed individually and separately about the use of such cookies and the scope of the information collected in each case within the paragraphs below.

Please note that you can set your browser so that you are informed about the setting of cookies and can decide individually about their acceptance or exclude the acceptance of cookies for certain cases or in general. Each browser differs in the way it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. You can find this for each browser at the following links:

Internet Explorer: http://windows.microsoft.com/de-DE/windows-vista/Block-or-allow-cookies

Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen

Chrome: http://support.google.com/chrome/bin/answer.py?hl=de&hlrm=en&answer=95647

Safari: https://support.apple.com/de-de/guide/safari/sfri11471/mac

Opera: http://help.opera.com/Windows/10.20/de/cookies.html

Please note that if you do not accept cookies, the functionality of our website may be limited.

4) Contacting us

Personal data is collected when contacting us (e.g. via contact form or e-mail). Which data is collected in the case of using a contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of responding to your request or for contacting you and the associated technical administration. The legal basis for the processing of this data is our legitimate interest in responding to your request in accordance with Art. 6 (1) lit. f DSGVO. If your contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 (1) lit. b DSGVO. Your data will be deleted after final processing of your request. This is the case if it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.

5) Site functionalities

5.1 Applications to job advertisements by e-mail

On our website, we advertise currently vacant positions in a separate section, for which interested parties can apply by e-mail to the contact address provided.

In order to be included in the application process, applicants must provide us with all personal data required for a well-founded and informed assessment and selection together with their application by e-mail.

The required information includes general personal information (name, address, telephone or electronic contact details) as well as performance-specific evidence of the qualifications required for a position. If necessary, health-related information may also be required, which must be given special consideration under employment and social law in the interest of social protection in the person of the applicant.

The components that an application must contain in order to be considered in each individual case and the form in which these components must be submitted by mail can be found in the respective job advertisement.

After receipt of the application sent using the specified e-mail contact address, the applicant data will be stored by us and evaluated exclusively for the purpose of processing the application. For queries arising in the course of processing, we use either the e-mail address provided by the applicant with his or her application or a telephone number provided, at our discretion.

The legal basis for this processing, including contacting us for queries, is generally Art. 6 Para. 1 lit. b DSGVO (for processing in Germany in conjunction with Section 26 Para. 1 BDSG), in the sense of which going through the application process is considered to be the initiation of an employment contract.

Insofar as special categories of personal data within the meaning of Art. 9 (1) DSGVO (e.g. health data such as information on severely disabled status) are requested from applicants as part of the application process, the processing is carried out in accordance with Art. 9 (2) letter b. DSGVO so that we can exercise the rights arising from labor law and social security and social protection law and fulfill our obligations in this regard.

Cumulatively or alternatively, the processing of the special categories of data may also be based on Art. 9(1)(h) DSGVO if it is carried out for the purposes of preventive health care or occupational medicine, for the assessment of the applicant’s ability to work, for medical diagnosis, care or treatment in the health or social field or for the management of systems and services in the health or social field.

If the applicant is not selected in the course of the evaluation described above, or if an applicant withdraws his or her application prematurely, his or her data transmitted by e-mail and all electronic correspondence, including the original application e-mail, will be deleted at the latest after 6 months following appropriate notification. This period is measured on the basis of our legitimate interest in being able to answer any follow-up questions about the application and, if necessary, to meet our obligations to provide evidence under the regulations on equal treatment of applicants.

In the event of a successful application, the data provided will be further processed on the basis of Art. 6 para. 1 lit. b DSGVO (for processing in Germany in conjunction with § 26 para. 1 BDSG) for the purposes of implementing the employment relationship.

5.2 – Google Web Fonts

This site uses so-called web fonts provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”) for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.

For this purpose, the browser you are using must connect to Google’s servers. This may also result in the transmission of personal data to the servers of Google LLC. in the USA. In this way, Google obtains knowledge that our website was accessed via your IP address. The processing of personal data in the course of establishing a connection with the provider of the fonts is only carried out if you have given us your express consent to do so in accordance with Art. 6 Para. 1 lit. a DSGVO. You can revoke your consent at any time with effect for the future by deactivating this service in the “Cookie Consent Tool” provided on the website. If your browser does not support web fonts, a default font will be used by your computer.

For more information about Google Web Fonts, please visit https://developers.google.com/fonts/faq and read Google’s privacy policy: https://www.google.com/policies/privacy/.

5.3 Google reCAPTCHA

On this website, we also use the reCAPTCHA function of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). This function is primarily used to distinguish whether an input is made by a natural person or is abused by machine and automated processing. The service includes the sending of the IP address and possibly other data required by Google for the reCAPTCHA service to Google and is carried out in accordance with Art. 6 (1) lit. f DSGVO on the basis of our legitimate interest in determining individual ownership on the Internet and the prevention of abuse and spam. The use of Google reCAPTCHA may also involve the transmission of personal data to the servers of Google LLC. in the USA.

Further information on Google reCAPTCHA as well as Google’s privacy policy can be found at: https://www.google.com/intl/de/policies/privacy/.

Insofar as legally required, we have obtained your consent for the processing of your data as described above in accordance with Art. 6 Para. 1 lit. a DSGVO. You can revoke your consent at any time with effect for the future. To exercise your revocation, please follow the option described above to make an objection.

6) Tools and miscellaneous

6.1 Cookie consent tool

This website uses a so-called “cookie consent tool” to obtain effective user consent for cookies and cookie-based applications that require consent. The “Cookie Consent Tool” is displayed to users in the form of an interactive user interface when they call up the page, on which consent for certain cookies and/or cookie-based applications can be given by ticking the appropriate box. By using the tool, all cookies/services requiring consent are only loaded if the respective user grants the corresponding consent by setting a check mark. This ensures that such cookies are only set on the respective user’s end device if consent has been granted.

The tool sets technically necessary cookies to save your cookie preferences. Personal user data is generally not processed in this context.

If, in individual cases, personal data (such as the IP address) is processed for the purpose of storing, assigning or logging cookie settings, this is done in accordance with Art. 6 (1) f DSGVO on the basis of our legitimate interest in legally compliant, user-specific and user-friendly consent management for cookies and thus in a legally compliant design of our website.

Further legal basis for the processing is Art. 6 para. 1 lit. c DSGVO. As the responsible party, we are subject to the legal obligation to make the use of technically unnecessary cookies dependent on the respective user consent.

Further information on the operator and the setting options of the cookie consent tool can be found directly in the corresponding user interface on our website.

6.2 – Wordfence

For security purposes, this website uses the “Wordfence” plugin, a service provided by Defiant Inc, 800 5th Ave Ste 4100, Seattle, WA 98104, USA (hereinafter “Wordfence”). The plugin protects the website and related IT infrastructure from unauthorized third-party access, cyber attacks, and viruses and malware. Wordfence collects the IP addresses of users and, if necessary, other data about your behavior on our website (in particular, URLs accessed and header information) in order to detect and prevent illegitimate page accesses and threats. In the process, the captured IP address is compared with a list of known attackers. If the captured IP address is identified as a security risk, Wordfence can automatically block it from accessing the site. The information collected in this way is transferred to a server of Defiant Inc. in the USA and stored there.

The described data processing is carried out pursuant to Art. 6 (1) lit. f DSGVO on the basis of our legitimate interests in protecting the website from harmful cyber attacks and in maintaining structural and data integrity and security.

Defiant Inc. invokes the standard data protection clauses according to Art. 46 sentence 2 lit. c DSGVO as the legal basis for the transfer of data to the USA.

If visitors to the website have login rights, Wordfence also sets cookies (= small text files) on the respective end device used by the visitor. With the help of the cookies, certain location and device information can be read, which enables an assessment of whether the login-authorized access originates from a legitimate person. At the same time, access rights can be evaluated via the cookies and released via a site-internal firewall according to the authorization level. Finally, the cookies are used to register irregular access by site administrators from new devices or new locations and to notify other administrators about this.

These cookies are set only if a user has login privileges. Wordfence does not set cookies for site visitors without login authority.

If personal data is processed via the cookies, the processing is carried out in accordance with Art. 6 Para.1 lit f. DSGVO on the basis of our legitimate interest in preventing illegitimate access to the site administration and defense against unauthorized administrator access.

We have concluded a data processing agreement with Defiant Inc., which obliges the company to protect the data of site visitors and not to pass it on to third parties.

For more information on Defiant Inc.’s data use for Wordfence, please see Wordfence’s privacy policy at https://www.wordfence.com/privacy-policy/.

7) Rights of the data subject

7.1 The applicable data protection law grants you the following data subject rights (rights of information and intervention) vis-à-vis the controller with regard to the processing of your personal data, whereby reference is made to the stated legal basis for the respective exercise requirements:

§ Right to information pursuant to Art. 15 DSGVO;

§ Right to rectification pursuant to Art. 16 DSGVO;

§ Right to erasure pursuant to Art. 17 DSGVO;

§ Right to restriction of processing pursuant to Art. 18 DSGVO;

§ Right to information pursuant to Art. 19 GDPR;

§ Right to data portability pursuant to Art. 20 GDPR;

§ Right to withdraw consent given pursuant to Art. 7(3) GDPR;

§ Right to lodge a complaint pursuant to Art. 77 DSGVO.

7.2 RIGHT OF OBJECTION

IF WE PROCESS YOUR PERSONAL DATA IN THE CONTEXT OF A BALANCING OF INTERESTS ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING WITH EFFECT FOR THE FUTURE AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED. HOWEVER, WE RESERVE THE RIGHT TO CONTINUE PROCESSING IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING IS FOR THE PURPOSE OF ASSERTING, EXERCISING OR DEFENDING LEGAL CLAIMS.

IF WE PROCESS YOUR PERSONAL DATA FOR THE PURPOSES OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSES OF SUCH MARKETING. YOU MAY EXERCISE THE OBJECTION AS DESCRIBED ABOVE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.

8) Duration of the storage of personal data

The duration of the storage of personal data is measured on the basis of the respective legal basis, the purpose of processing and – if relevant – additionally on the basis of the respective statutory retention period (e.g. retention periods under commercial and tax law).

When processing personal data on the basis of explicit consent pursuant to Art. 6 (1) a DSGVO, this data is stored until the data subject revokes his or her consent.

If there are statutory retention periods for data that is processed within the scope of legal or quasi-legal obligations on the basis of Art. 6 (1) (b) DSGVO, this data will be routinely deleted after the retention periods have expired, provided that it is no longer required for the fulfillment of the contract or the initiation of the contract and/or there is no legitimate interest on our part in continuing to store it.

When processing personal data on the basis of Art. 6(1)(f) DSGVO, this data is stored until the data subject exercises his or her right to object pursuant to Art. 21(1) DSGVO, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.

When processing personal data for the purpose of direct marketing on the basis of Article 6 (1) (f) DSGVO, this data is stored until the data subject exercises his or her right to object pursuant to Article 21 (2) DSGVO.

Unless otherwise stated in the other information in this statement about specific processing situations, stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.