Data Protection
The following information provides a simple overview of what happens to your personal data when you visit our website or otherwise provide us with personal data directly or indirectly (e.g., via other online services such as social media, chats, or email).
Personal data means all data by which you can be personally identified. Detailed information on data protection can be found in the privacy policy set out below.
The term “personal data” refers to all data relating to you personally — for example, your name, address, email address, and user behavior. For other terms, especially “processing” and “consent,” we refer to the legal definitions provided by data protection laws.
We process personal data only to the extent necessary to provide a functional website and the content and services we offer. Processing of personal data generally occurs only if you have given your consent or if processing is permitted by law.
Your personal data will be deleted or blocked as soon as the purpose for storing it no longer applies. Data may also be stored if required by national or European regulations to which we are subject. In such cases, data will be deleted or blocked once the legally prescribed retention period has expired, unless further storage is necessary for contract formation or performance.
Where we use commissioned service providers for individual website functions or intend to use your data for advertising purposes, we will inform you in detail below about the specific processes involved.
Data Protection at a Glance
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. Their contact details can be found in the site’s Imprint (Legal Notice).
How do we collect your data?
Some data are collected when you provide them to us, e.g., through a contact form. Other data are collected automatically by our IT systems when you visit the website — primarily technical data (e.g., browser type, operating system, or time of access). This data collection occurs automatically as soon as you enter our website.
Data are only passed on to third parties in exceptional cases, e.g., for criminal prosecution in the event of abuse or attacks on our IT systems.
Why do we use your data?
Some data are collected to ensure the proper functioning of the website. Other data may be used to analyze user behavior. Data you submit via forms are used for the intended purpose, e.g., responding to inquiries via the contact form.
What rights do you have regarding your data?
You have the right at any time to obtain free information about the origin, recipients, and purpose of your stored personal data. You also have the right to request correction, blocking, or deletion of this data. You can contact us at any time at the address listed in the Impressum regarding these matters or any other questions about data protection. You also have the right to lodge a complaint with the competent supervisory authority.
Analytics and Third-Party Tools
Your browsing behavior may be analyzed statistically when you visit this website. This is mainly done using cookies and analytics programs. The analysis is usually anonymous; browsing behavior cannot be traced back to you personally. You can object to such analysis or prevent it by not using certain tools. For detailed information, please refer to the full privacy policy below.
Privacy Policy
The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations and this privacy policy.
When you use this website, various personal data are collected. Personal data are any data that can be used to personally identify you. This privacy policy explains which data we collect, how, and for what purpose.
Please note that data transmission over the Internet (e.g., via email) can have security vulnerabilities. Complete protection of data from third-party access is not possible.
Controller
AstraCon GmbH
Waxensteinstr. 50
82347 Bernried, Germany
Commercial Register: HRB 269108
Register Court: Munich
Represented by: Dr. Carmen Peeß and Malin Baumgarten
Phone: +49 8158 9039420
Email: info@astracon.eu
Your Rights
Withdrawal of your consent to data processing
Many data processing operations are only possible with your explicit consent. You may revoke any consent already given at any time by sending an informal email to us. The legality of processing carried out before the revocation remains unaffected.
Right to lodge a complaint with a supervisory authority
In the event of a data protection violation, you have the right to lodge a complaint with the competent supervisory authority. The competent authority is the data protection officer of the federal state in which our company is based. A list of data protection officers and their contact details can be found at:
https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
Right to data portability
You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract transferred to yourself or a third party in a commonly used, machine-readable format. If you request direct transfer to another controller, this will only be done if technically feasible.
Access, blocking, deletion
Within the scope of the applicable legal provisions, you have the right at any time to obtain information free of charge about your stored personal data, their origin, recipient, and purpose of processing, as well as, if applicable, a right to rectification, blocking, or deletion. You can contact us at any time using the address given in the Impressum.
Security
To protect your personal data from unauthorized access or misuse, we have implemented extensive technical and organizational measures. Our security procedures are regularly reviewed and adapted to technological progress. Our employees are obligated to maintain confidentiality.
SSL/TLS encryption
For security reasons and to protect the transmission of confidential content, such as orders or inquiries you send to us, this website uses SSL or TLS encryption. You can recognize an encrypted connection by the change from “http://” to “https://” in your browser’s address line and by the lock icon in your browser bar. We also use SSL/TLS encryption for email communications. When SSL/TLS encryption is activated, data transmitted to us cannot be read by third parties.
Contact
When you contact us (e.g., by mail, printed media, email, electronic message, chat, telephone, or in person), any personal data you transmit are stored for the purpose of processing and possibly responding to your request. We do not share this data without your consent.
Processing of this data is based solely on your consent (Art. 6(1)(a) GDPR). You may revoke this consent at any time. The legality of processing before revocation remains unaffected. Data you provide will remain with us until you request deletion, withdraw consent, or the storage purpose no longer applies (e.g., once your inquiry has been processed). Legal retention requirements remain unaffected.
Email, Inquiry and Contact Forms
When you contact us by email, the personal data transmitted are automatically stored. We also provide online forms (e.g., inquiry, contact, job application, recommendation forms). The data you enter in these forms are transmitted to and stored by us.
Applications
If you send us a job application, the information you provide will be stored for processing your application and any follow-up questions. Submitted data are deleted no later than six months after completion of the application process.
Storage Duration
The criterion for the storage duration of personal data is the respective statutory retention period. After this period, data are routinely deleted unless required for contract performance or initiation.
Legal Basis for Processing
- Art. 6(1)(a) GDPR – Consent
- Art. 6(1)(b) GDPR – Contract fulfillment or pre-contractual measures
- Art. 6(1)(c) GDPR – Legal obligations
- Art. 6(1)(d) GDPR – Vital interests
- Art. 6(1)(f) GDPR – Legitimate interests
A legitimate interest exists, for example, where the data subject is a customer of the controller (Recital 47 GDPR).
Our legitimate interest in processing under Article 6(1)(f) GDPR is the operation of our business in the interest of the well-being of our employees and shareholders.
Processing of Personal Data During Informational Use of Our Website
When you visit our website without registering or otherwise providing information (“informational use”), we collect only the personal data transmitted by your browser to our server, including:
- IP address (temporarily, then anonymized)
- Date and time of request
- Time zone difference from GMT
- Content of the request (specific page)
- Access status (HTTP status code)
- Amount of data transferred
- Referring website
- Browser type and version
- Operating system and interface
- Language and version of browser software
These data are also stored in log files. They are not stored together with other personal data. Collection and temporary storage of the IP address are necessary to enable website display on your device. Storage in log files (anonymized) ensures website functionality, optimization, and IT security. No marketing-related evaluation occurs.
Cookies
Our website uses cookies. Cookies do not harm your computer and do not contain viruses. They make our website more user-friendly, effective, and secure. Cookies are small text files stored on your device and saved by your browser.
Most cookies used are “session cookies,” which are automatically deleted after your visit. Other cookies remain stored until you delete them, allowing your browser to be recognized upon return.
You can configure your browser to inform you about cookie use, allow cookies only in specific cases, exclude them entirely, or automatically delete them when closing the browser. Disabling cookies may limit website functionality.
Cookies necessary for electronic communication or specific requested functions (e.g., shopping cart) are stored based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in technically correct and optimized service delivery. Other cookies (e.g., for analytics) are described separately in this privacy policy.
Processing of Personal Data in Connection with Additional Functions, Tools, and Services
In addition to informational website use, we offer various services requiring additional personal data. These data are needed to provide the respective service and are processed in accordance with the principles described above.
We may use carefully selected third-party service providers for data processing, who are bound by our instructions and regularly monitored.
Where services are provided jointly with partners or involve data transfer to third countries (outside the EEA), you will find more details in the relevant service descriptions.
