DATENSCHUTZ | PONIQtax

Privacy Policy

DATA ROOM ACCESS FOR CLIENT

DIGITAL MAILBOX

Name and contact details of the controller

This Privacy policy information applies to data processing by

Controller:

PONIQtax GmbH

Manuela Ponikwar

Data protection officer:

Monika Joswig

Föhrenweg 1

85591 Vaterstetten

Tel: 08106 / 99 630 0

Fax: 08106 / 99 630 30

m.joswig@poniq.com

1. Cookies

Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user's computer system. When a user accesses a website, a cookie may be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.

We use cookies to make our website more user-friendly and to offer services that would not be possible without cookies. For example, the user of a website that uses cookies does not have to re-enter their access data each time they visit the website because this is taken over by the website and the cookie stored on the user's computer system. Another example is the cookie of a shopping basket in an online store. The online store remembers the items that a customer has placed in the virtual shopping cart via a cookie.

You can prevent the setting of cookies by our website at any time by means of a corresponding setting of the Internet browser used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programs. This is possible in all common Internet browsers. If you deactivate the setting of cookies in the Internet browser used, you may not be able to use all the functions of our website to their full extent. The transmission of Flash cookies can be changed via the Flash player settings.

2. Collection and Storage of Personal Data and the Nature and Purpose of Their Use

a. When visiting the website

When you visit our website www.poniq.com, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected without any action on your part and stored until it is automatically deleted:

IP address of the requesting computer,

Date and time of access,

Name and URL of the accessed file,

the website from which access was made (referrer URL)

browser used and, if applicable, the operating system of your computer and the name of your access provider.

The aforementioned data is processed by us for the following purposes:

Ensuring a smooth connection to the website,

Ensuring a comfortable use of our website,

Evaluating system security and stability and

for other administrative purposes.

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest follows from the data collection purposes listed above. Under no circumstances do we use the data collected for the purpose of drawing conclusions about your person.

We also use cookies and analysis services when you visit our website. You can find more detailed explanations on this in sections 4 and 5 of this privacy policy.

b. When registering for our newsletter

If you have expressly consented in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, we will use your email address to send you our newsletter on a regular basis. It is sufficient to provide an email address to receive the newsletter.

You can unsubscribe at any time, for example via a link at the end of each newsletter. Alternatively, you can also send your unsubscribe request at any time to verwaltung@poniq.com by email.

c. When using our contact form

If you have questions of any kind, we offer you the opportunity to contact us using a form provided on the website. It is necessary to provide a valid e-mail address so that we know who sent the request and can answer it. Further information can be provided voluntarily.

Data processing for the purpose of contacting us is carried out in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR based on your voluntarily given consent.

The personal data collected by us for the use of the contact form will be automatically deleted after your inquiry has been dealt with.

3. Rights of Data Subjects

You have the Right

to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected by us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information on its details;
in accordance with Art. 16 GDPR, to demand the immediate correction of incorrect or incomplete personal data stored by us
in accordance with Art. 17 GDPR, to request the erasure of your personal data stored by us, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims
in accordance with Art. 18 GDPR, to demand the restriction of the processing of your personal data if the accuracy of the data is disputed by you, the processing is unlawful, but you refuse to delete it and we no longer need the data, but you need it to assert, exercise or defend legal claims or you have lodged an objection to the processing in accordance with Art. 21 GDPR
in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transmitted to another controller
in accordance with Art. 7 para. 3 GDPR, to revoke your consent to us at any time. As a result, we may no longer continue the data processing that was based on this consent in the future and
to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority at your usual place of residence or workplace or at the registered office of our law firm.

4. Transfer of Data

Your personal data will not be transferred to third parties for purposes other than those listed below.

We only pass on your personal data to third parties if:

you have given your express consent to this in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR,
the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR is necessary for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,
in the event that there is a legal obligation for the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR, and
this is legally permissible and necessary for the processing of contractual relationships with you in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR.

5. Data Protection for Applications and in the Application Process

The controller collects and processes the personal data of applicants for the purpose of handling the application process. Processing may also be carried out electronically. This is particularly the case if the applicant sends us the relevant application documents or contact details by email or quick application. If the controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If the controller does not conclude an employment contract with the applicant, the application documents will be automatically deleted two months after notification of the rejection decision, unless deletion conflicts with any other legitimate interests of the controller. Other legitimate interest in this sense is, for example, a burden of proof in proceedings under the General Equal Treatment Act (AGG).

We also use the tracking measures and social media plugins listed below on our website:

6. Data Protection Provisions about WhatsApp

In the course of the application process, we use WhatsApp, among other things, to communicate with applicants. WhatsApp is an instant messaging service.

The operating company of WhatsApp is WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

WhatsApp is used based on our legitimate interest in fast and effective communication with applicants. By providing your telephone number, you consent to us using WhatsApp for communication as part of the application process. This consent includes the processing of your telephone number and the use of WhatsApp to send you information and feedback regarding your application. The communication content exchanged via WhatsApp will be stored by us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Statutory retention periods remain unaffected.

When using WhatsApp, communication takes place via end-to-end encryption (peer-to-peer), which ensures that neither WhatsApp nor other third parties can access the communication content. However, WhatsApp has access to metadata that is created during the communication process, such as the sender, recipient and time of the communication. According to its own statement, WhatsApp also shares personal data of its users with its parent company Meta, which is based in the USA. Further details on data processing can be found in WhatsApp's privacy policy, which is available at https://www.whatsapp.com/legal/#privacy-policy. WhatsApp is certified in accordance with the “EU-US Data Privacy Framework” (DPF). This agreement between the European Union and the USA is intended to ensure that European data protection standards are complied with when processing data in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be found on the provider's website at https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt00000011sfnAAA&status=Active.

7. Data Protection Provisions about AddThis

We have integrated AddThis on this website. AddThis is a bookmarking provider, the service offered enables simplified bookmarking of websites via buttons.

The operating company of AddThis is AddThis, Inc. 1595 Spring Hill Road, Suite 300, Vienna, VA 22182, USA.

With each call-up to one of the individual pages of this Internet site, which is operated by the controller and on which an AddThis component was integrated, the Internet browser on the information technology system of the data subject is automatically prompted to download data from the www.addthis.com website through the AddThis component. As part of this technical process, AddThis receives information about the visit and which specific individual page of this website is used by the information technology system used by the person concerned. AddThis also obtains knowledge of the IP address assigned by the Internet service provider (ISP) of the computer system used by the data subject, the browser type, the browser language, the website accessed before our website, the date and time of the visit to our website. AddThis uses this data to create anonymized user profiles. The data and information transmitted to AddThis in this way enables AddThis itself and the companies affiliated with AddThis or its partner companies to target visitors to the controller's website with personalized and interest-based advertising.

AddThis displays personalized and interest-based advertising on the basis of a cookie set by the company. This cookie analyzes the individual surfing behavior of the computer system used by the data subject. The cookie stores the visits to websites made by the computer system.

The data subject may, as stated above, prevent the setting of cookies through our website at any time by means of a corresponding adjustment of the web browser used and thus permanently deny the setting of cookies. Such a setting of the Internet browser used would also prevent AddThis from setting a cookie on the information technology system of the data subject. In addition, cookies already set by AddThis can be deleted at any time via an Internet browser or other software programs.

The data subject also has the option of permanently objecting to the processing of personal data by AddThis. To do this, the data subject must press the opt-out button under the link http://www.addthis.com/privacy/opt-out, which sets an opt-out cookie. The opt-out cookie set with the objection is stored on the information technology system used by the data subject. If the cookies on the data subject's system are deleted after an objection, the data subject must call up the link again and set a new opt-out cookie.

With the setting of the opt-out cookie, however, there is the possibility that the Internet pages of the controller are no longer fully usable for the data subject.

The applicable data protection provisions of AddThis may be accessed under http://www.addthis.com/privacy/privacy-policy.

8. Data Protection Provisions about Facebook

We have integrated Facebook on this website. Facebook is a social network.

The operating company of Facebook is Meta Platforms, Inc, 1 Meta Way, Menlo Park, CA 94025, USA.

If a data subject lives outside the USA or Canada, the controller for the processing of personal data is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

With each call-up to one of the individual pages of this Internet site, which is operated by the controller and on which a Facebook component (Facebook plug-in) was integrated, the Internet browser on the information technology system of the data subject is automatically prompted to download a display of the corresponding Facebook component from Facebook through the Facebook component. A complete overview of all Facebook plug-ins can be accessed at https://developers.facebook.com/docs/plugins/?locale=de_DE. During this technical procedure, Facebook gains knowledge of what specific sub-page of our website was visited by the data subject.

If the data subject is logged in at the same time on Facebook, Facebook detects with every call-up to our website by the data subject-and for the entire duration of their stay on our Internet site-which specific sub-page of our Internet page was visited by the data subject. This information is collected by the Facebook component and assigned by Facebook to the respective Facebook account of the data subject. If the data subject clicks on one of the Facebook buttons integrated on our website, for example the “Like” button, or if the data subject makes a comment, Facebook assigns this information to the personal Facebook user account of the data subject and stores this personal data.

Facebook always receives information via the Facebook component that the data subject has visited our website if the data subject is logged in to Facebook at the same time as accessing our website; this takes place regardless of whether the data subject clicks on the Facebook component or not. If the data subject does not want this information to be transmitted to Facebook, they can prevent the transmission by logging out of their Facebook account before accessing our website.

The data policy published by Facebook, which is available at https://de-de.facebook.com/about/privacy/, provides information about the collection, processing and use of personal data by Facebook. It also explains what settings options Facebook offers to protect the privacy of the data subject. In addition, various applications are available that make it possible to suppress the transmission of data to Facebook. Such applications can be used by the data subject to suppress data transmission to Facebook.

9. Data Protection Provisions about Google Analytics (with anonymization function)

We have integrated Google Analytics (with anonymization function) on this website. Google Analytics is a web analysis service.

The operating company of the Google Analytics component is Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

The data controller uses the addition “_gat._anonymizeIp” for web analysis via Google Analytics. This addition is used by Google to shorten and anonymize the IP address of the data subject's Internet connection if our website is accessed from a member state of the European Union or from another state party to the Agreement on the European Economic Area.

The purpose of the Google Analytics component is to analyze the flow of visitors to our website. Google uses the data and information obtained, among other things, to evaluate the use of our website, to compile online reports for us that show the activities on our website, and to provide other services related to the use of our website.

Google Analytics places a cookie on the data subject's IT system. What cookies are has already been explained above. By setting the cookie, Google is enabled to analyze the use of our website. Each time one of the individual pages of this website is accessed, which is operated by the data controller and on which a Google Analytics component has been integrated, the Internet browser on the information technology system of the data subject is automatically prompted by the respective Google Analytics component to transmit data to Google for the purpose of online analysis. During the course of this technical procedure, Google gains knowledge of personal information, such as the IP address of the data subject, which serves Google, inter alia, to understand the origin of visitors and clicks, and subsequently create commission settlements.

The cookie is used to store personal information, such as the access time, the location from which access was made and the frequency of visits to our website by the data subject. Each time our website is visited, this personal data, including the IP address of the Internet connection used by the data subject, is transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may share this personal data collected through the technical process with third parties.

The data subject may, as stated above, prevent the setting of cookies through our website at any time by means of a corresponding adjustment of the web browser used and thus permanently deny the setting of cookies. Such a setting of the Internet browser used would also prevent Google from placing a cookie on the data subject's IT system. In addition, a cookie already set by Google Analytics can be deleted at any time via the Internet browser or other software programs.

Furthermore, the data subject has the option of objecting to and preventing the collection of data generated by Google Analytics relating to the use of this website and the processing of this data by Google. To do this, the data subject must download and install a browser add-on from the link https://tools.google.com/dlpage/gaoptout. This browser add-on informs Google Analytics via JavaScript that no data and information about visits to websites may be transmitted to Google Analytics. The installation of the browser add-on is considered an objection by Google. If the data subject's IT system is deleted, formatted, or reinstalled at a later date, the data subject must reinstall the browser add-on in order to deactivate Google Analytics. If the browser add-on is uninstalled or deactivated by the data subject or another person who is attributable to their sphere of control, it is possible to reinstall or reactivate the browser add-on.

Further information and the applicable data protection provisions of Google may be retrieved under https://www.google.de/intl/de/policies/privacy/ and under http://www.google.com/analytics/terms/de.html. Google Analytics is explained in more detail at this link https://www.google.com/intl/de_de/analytics/.

10. Data Protection Provisions about Google AdWords

We have integrated Google AdWords on this website. Google AdWords is a service for internet advertising.

The operating company of the Google AdWords services is Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

The purpose of Google AdWords is to advertise our website by displaying interest-relevant advertising on the websites of third-party companies and in the search engine results of the Google search engine.

If a data subject reaches our website via a Google ad, a so-called conversion cookie is stored on the data subject's IT system by Google. What cookies are has already been explained above. A conversion cookie loses its validity after thirty days and is not used to identify the data subject. If the cookie has not yet expired, the conversion cookie is used to track whether certain sub-pages, such as the shopping cart from an online store system, have been accessed on our website. The conversion cookie enables both us and Google to track whether a data subject who has reached our website via an AdWords ad has generated sales, i.e. completed, or cancelled a purchase.

The data and information collected using the conversion cookie is used by Google to compile visit statistics for our website. These visit statistics are in turn used by us to determine the total number of users who were referred to us via AdWords ads, i.e. to determine the success or failure of the respective AdWords ad and to optimize our AdWords ads for the future. Neither our company nor other Google AdWords advertisers receive information from Google that could be used to identify the data subject.

The conversion cookie is used to store personal information, such as the websites visited by the data subject. Each time our website is visited, personal data, including the IP address of the Internet connection used by the data subject, is transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may share this personal data collected through the technical process with third parties.

The data subject may, as stated above, prevent the setting of cookies through our website at any time by means of a corresponding adjustment of the web browser used and thus permanently deny the setting of cookies. Such a setting of the Internet browser used would also prevent Google from placing a conversion cookie on the data subject's IT system. In addition, a cookie already set by Google AdWords can be deleted at any time via the Internet browser or other software programs.

Furthermore, the data subject has the option of objecting to interest-based advertising by Google. To do this, the data subject must call up the link www.google.de/settings/ads from each of the Internet browsers they use and make the desired settings there.

Further information and the applicable data protection provisions of Google may be retrieved under https://www.google.de/intl/de/policies/privacy/.

11. Data Protection Provisions about Jetpack for WordPress

We have integrated Jetpack on this website. Jetpack is a WordPress plug-in.

The operating company of the Jetpack plug-in for WordPress is Automattic Inc, 132 Hawthorne Street, San Francisco, CA 94107, USA. The operating company uses the tracking technology of Quantcast Inc, 201 Third Street, San Francisco, CA 94103, USA.

Jetpack places a cookie on the information technology system of the data subject. What cookies are has already been explained above. Each time one of the individual pages of this website is accessed, which is operated by the controller and on which a Jetpack component has been integrated, the Internet browser on the information technology system of the data subject is automatically prompted by the respective Jetpack component to transmit data to Automattic for analysis purposes. As part of this technical process, Automattic obtains knowledge of data that is subsequently used to create an overview of website visits. The data obtained in this way is used to analyze the behavior of the data subject who has accessed the controller's website and is evaluated with the aim of optimizing the website. The data collected via the Jetpack component will not be used to identify the data subject without the prior express consent of the data subject. The data is also disclosed to Quantcast. Quantcast uses the data for the same purposes as Automattic.

The data subject may, as stated above, prevent the setting of cookies through our website at any time by means of a corresponding adjustment of the web browser used and thus permanently deny the setting of cookies. Such an adjustment to the Internet browser used would also prevent Automattic/Quantcast from setting a cookie on the information technology system of the data subject. In addition, cookies already set by Automattic can be deleted at any time via the Internet browser or other software programs.

Furthermore, the data subject has the possibility of objecting to and preventing the collection of data generated by the Jetpack cookie, which is related to the use of this website, as well as the processing of this data by Automattic/Quantcast. To do this, the data subject must press the opt-out button under the link https://www.quantcast.com/opt-out/, which sets an opt-out cookie. The opt-out cookie set with the objection is stored on the information technology system used by the data subject. If the cookies on the data subject's system are deleted after an objection, the data subject must call up the link again and set a new opt-out cookie.

With the setting of the opt-out cookie, however, there is the possibility that the Internet pages of the controller are no longer fully usable for the data subject.

The applicable data protection provisions of Automattic may be accessed under https://automattic.com/privacy/. The applicable data protection provisions of Quantcast may be accessed under https://www.quantcast.com/privacy/.

12. Data Protection Provisions about LinkedIn

We have integrated LinkedIn on this website. LinkedIn is a social network.

The operating company of LinkedIn is LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA. LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible for data protection matters outside the USA.

Each time our website, which is equipped with a LinkedIn plug-in, is accessed, this component causes the browser used by the data subject to download a corresponding representation of the LinkedIn component. Further information about the LinkedIn plug-ins can be found at https://developer.linkedin.com/plugins. During this technical procedure, LinkedIn gains knowledge of what specific sub-page of our website was visited by the data subject.

If the data subject is logged in at the same time on LinkedIn, LinkedIn detects with every call-up to our website by the data subject-and for the entire duration of their stay on our Internet site-which specific sub-page of our Internet page was visited by the data subject. This information is collected by the LinkedIn component and assigned by LinkedIn to the respective LinkedIn account of the data subject. If the data subject clicks on one of the LinkedIn buttons integrated on our website, LinkedIn assigns this information to the personal LinkedIn user account of the data subject and stores this personal data.

LinkedIn always receives information via the LinkedIn component that the data subject has visited our website if the data subject is logged in to LinkedIn at the same time as accessing our website; this takes place regardless of whether the data subject clicks on the LinkedIn component or not. If the data subject does not want this information to be transmitted to LinkedIn, they can prevent the transmission by logging out of their LinkedIn account before accessing our website.

LinkedIn offers the possibility to unsubscribe from e-mail messages, SMS messages and targeted ads and to manage ad settings at https://www.linkedin.com/psettings/guest-controls. LinkedIn also uses partners such as Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua and Lotame, which may set cookies. Such cookies can be rejected at https://www.linkedin.com/legal/cookie-policy. The applicable data protection provisions of LinkedIn may be retrieved under https://www.linkedin.com/legal/privacy-policy LinkedIn's cookie policy is available at https://www.linkedin.com/legal/cookie-policy.

13. Data Protection Provisions about Xing

We have integrated Xing on this website. Xing is a social network.

The operating company of Xing is XING SE, Dammtorstraße 30, 20354 Hamburg, Germany.

Each time one of the individual pages of this website is accessed, which is operated by the data controller and on which a Xing component (Xing plug-in) has been integrated, the Internet browser on the information technology system of the person concerned is automatically prompted by the respective Xing component to download a representation of the corresponding Xing component from Xing. Further information about the Xing plug-ins may be accessed under https://dev.xing.com/plugins. As part of this technical process, Xing receives information about which specific subpage of our website is visited by the data subject.

If the data subject is logged in at the same time on Xing, Xing recognizes with each call-up to our website by the data subject and for the entire duration of their stay on our Internet site, which specific sub-page of our Internet page was visited by the data subject. This information is collected by the Xing component and assigned by Xing to the respective Xing account of the data subject. If the data subject clicks on one of the Xing buttons integrated on our website, for example the “Share” button, Xing assigns this information to the personal Xing user account of the data subject and stores this personal data.

Xing always receives information via the Xing component that the data subject has visited our website if the data subject is logged in to Xing at the same time as accessing our website; this takes place regardless of whether the data subject clicks on the Xing component or not. If the data subject does not want this information to be transmitted to Xing, they can prevent the transmission by logging out of their Xing account before accessing our website.

The data protection provisions published by Xing, which can be accessed at https://www.xing.com/privacy, provide information about the collection, processing and use of personal data by Xing. Xing has also published data protection information for the XING share button at https://www.xing.com/app/share?op=data_protection.

15. Data Protection Provisions about Google Maps

We have integrated Google Maps on our website. Google Maps is an online map service.

The operating company of the Google Analytics component is Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

When you visit the website, Google receives the information that you have accessed the corresponding sub-page of our website. When Google Maps is used, Google also collects, processes, and uses data about the use of the Maps functions by visitors to the websites. This takes place regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be assigned directly to your account. If you do not wish your data to be associated with your Google profile, you must log out before activating the button. Google stores your data as usage profiles and uses them for the purposes of advertising, market research and/or the needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right.

Further information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the provider's privacy policy. There you will also find further information on your rights in this regard and setting options to protect your privacy: http://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

16. Data Protection Provisions about 5F Software (Clients.Portal)

We have integrated 5F Software on our website. 5F Software is a service provider for data exchange in accordance with data protection regulations.

The operating company of 5F Software is 5F Software GmbH, Franz-Mayer-Str. 1, Regensburg, Germany.

We use 5F Software for the secure exchange of data with our customers. Personal data, such as the e-mail addresses of clients, are used for this purpose. Further information on 5F Software's privacy policy can be found under the following link https://www.5fsoftware.de/datenschutzerklaerung/ for download.

17. Legal Basis of the Processing

Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 a) GDPR serves as the legal basis.

In the processing of personal data necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) b) GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.

Insofar as the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 para. 1 c) GDPR serves as the legal basis.

In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 d) GDPR serves as the legal basis.

If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art. 6 para. 1 lit. F) GDPR serves as the legal basis for the processing.

18. Legitimate interests in the Processing pursued by the Controller or a Third Party

If the legal basis for the processing of personal data is Article 6(1)(f) GDPR, our legitimate interest is the performance of our business activities for the benefit of the well-being of our employees and our shareholders.

19. Duration for which the personal data is stored

The duration of the storage of personal data depends on the respective statutory retention period. After expiry of these periods, the corresponding data is routinely deleted, provided that it is no longer required for contract fulfilment or contract initiation.

20. Legal or Contractual Provisions for the Provision of Personal Data; necessity for the Conclusion of the Contract; Obligation of the Data Subject to provide the Personal Data; possible consequences of Non-provision

As the controller, we inform you that the provision of personal data is partly required by law (e.g. tax regulations) or may also result from contractual provisions (e.g. information on the contractual partner). In order to conclude a contract, it may be necessary for a data subject to provide us with personal data that must subsequently be processed by us. For example, the data subject is obliged to provide us with personal data if our company concludes a contract with them. Failure to provide the personal data would mean that the contract with the data subject could not be concluded. Before personal data is provided by the data subject, the data subject must contact one of our employees. Our employee will inform the data subject on a case-by-case basis whether the provision of the personal data is required by law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data and what the consequences would be if the personal data were not provided.

21. Topicality and Amendment of this Privacy Policy

This Privacy Policy is currently valid and was last updated in August 2024.

Due to the further development of our website and offers on it or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can access and print out the current privacy policy at any time on the website at https://www.poniq.com/.