This website uses cookies to ensure the functionality of the website. In addition, with your consent, we can use cookies to collect information on the use of the website in order to constantly improve the website. By clicking on the “Only allow essential cookies” button, you reject the use of cookies other than essential cookies. By ticking the “Statistics” and “Marketing” boxes and clicking the “Allow selection” button, you consent to the use of other cookies. All essential, marketing and statistics cookies are accepted via the “Accept all cookies” button. You can obtain differentiated information on the individual cookies in the data protection information. You can revoke your consent at any time by clicking on the “Cookie settings” button at the bottom left.
pursuant to Art. 13, 14 and 21 of the General Data Protection Regulation (GDPR)
We take confidentiality and the protection of your personal data very seriously and would like to inform you here about data protection at Scheidt & Bachmann.
Our data protection information is regularly updated in accordance with legal and technical re-quirements. Please refer to the current version of our data protection information. If you have any questions about this information or our handling of your personal data, please contact us at any time at one of the addresses below.
This data protection information applies to the collection, processing and use of your personal data that you provide to us or that we collect from you when you use
This privacy notice applies in conjunction with any other legal notices or terms of use provided elsewhere on our website or provided to you when you download one of our apps.
We, the
(hereinafter collectively "we", "us" or "Scheidt & Bachmann")
work closely together. As a result of this cooperation, we also process your personal data jointly, unless explicitly informed otherwise.
In order to guarantee your rights and taking into account the requirements of the GDPR, we have concluded an agreement that sets out rules on the processing of your personal data. As so-called joint controllers (according to Art. 26 GDPR), we are jointly responsible for the processing of your data.
You can reach our data protection officer at the following contact details:
Who is my contact person for rights such as information or deletion?
We have jointly agreed on how we will ensure your rights and specified in more detail which obli-gations each party will fulfil to comply with the obligations of the GDPR. This concerns the exercise of the rights of the data subjects and the fulfilment of the information obligations according to Art.13 and 14 GDPR.
You can contact each company involved individually regarding the processing of your data and assert your rights.
How can I get more information on data processing?
For more information about how we process your personal data, please see our data protection information below:
If you do not agree with the data collection and processing described below when access-ing our website from the Internet, please leave this website, do not load any further parts of our website onto your computer and do not contact us by e-mail. This is because the collection and storage of data is automatic.
1. General
We process personal data collected during visits to our website for the purpose of providing the website and improving our internet services in compliance with the applicable data protection regulations. Personal data will neither be published by us without authorisation nor otherwise passed on to third parties without authorisation.
When you visit our website, our web servers temporarily save each access in a log file. The follow-ing data is collected and stored until automated deletion:
(*The IP address is not linked to other collected data. Only the date, time and IP address are rec-orded in the system access log file, in case of an attack and its defence).
This data is processed for the purpose of enabling the use of the website (connection establish-ment), system security, technical administration of the network infrastructure and optimisation of the Internet offer. The IP address is only evaluated by us in the event of attacks on the network infrastructure of Scheidt & Bachmann. Personal, non-anonymised user profiles are not created. Art. 29 of the GDPR refers to the use of user profiles under a pseudonym, provided that the infor-mation with which the personal data can be assigned to a specific person is stored separately.
The above data is technically necessary for us to display our website to you and to ensure the sta-bility and security of the website. The legal basis is Art. 6 para. 1 lit. f GDPR.
2. Cookies
To make visiting our website more attractive and to enable the use of certain functions, we use so-called cookies on various pages in addition to the data mentioned above. These are small text files that are stored on your end device. The cookies can be transmitted to a page when it is called up and thus enable the user to be identified. Cookies help to simplify the use of Internet pages for users. Some of the cookies we use are deleted again after the end of the browser session, i. e. after you close your browser (so-called session cookies). Other cookies remain on your terminal device and enable us to recognise your browser on your next visit (so-called persistent cookies). You can set your browser so that the cookies on our site are automatically deleted at the end of a session.
This website uses the following types of cookies, the scope and functionality of which are explained below:
You can configure your browser settings according to your preferences and, for example, refuse to accept third-party cookies or all cookies. Please note that you may then not be able to use all the functions of this website.
Information is stored in the cookie that arises in connection with the specific end device used. However, this does not mean that we gain direct knowledge of your identity.
In addition, we also use temporary cookies to optimise user-friendliness, which are stored on your end device for a certain fixed period of time. If you visit our site again to use our services, it is au-tomatically recognised that you have already been with us and which entries and settings you have made so that you do not have to enter them again.
On the other hand, we use cookies to statistically record the use of our website and for the pur-pose of optimising our offer for website visitors (see below). These cookies enable us to automati-cally recognise that you have already been to our website when you visit it again. These cookies are automatically deleted after a defined period of time.
Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a notice always appears before a new cookie is created. However, the complete deactivation of cookies may mean that you cannot use all the functions of our website.
Necessary cookies
We use necessary cookies to make our website more user-friendly. They enable basic functions on the website, without which the website would not function properly.
Name | Provider | Purpose | Expiry / Procedure | Type |
tx_cookies_consent | scheidt-bachmann.de | Stores the user's consent status for cookies on the current domain. | 1 year | http cookie |
tx_cookies_type_essential | scheidt-bachmann.de | Used to determine whether the visitor has accepted the "Essential" category in the cookie banner. | 1 year | http cookie |
tx_cookies_type_analytics | scheidt-bachmann.de | Used to determine whether the visitor has accepted the "Statistics" category in the cookie banner. | 1 year | http cookie |
tx_cookies_type_marketing | scheidt-bachmann.de | Used to determine whether the visitor has accepted the "Marketing" category in the cookie banner. | 1 year | http cookie |
Statistical cookies
Statistics cookies help website owners understand how visitors interact with websites by col-lecting and reporting information anonymously.
Name | Provider | Purpose | Expiry / Procedure | Type |
_ga | Registers a unique ID that is used to generate statis-tical data on how the visitor uses the website. | 2 years | http cookie | |
_ga_# | Collects data on how often a user has visited a web-site, as well as data for the first and last visit. Used by Google Analytics. | 2 years | http cookie | |
_gid | Registers a unique ID that is used to generate statis-tical data on how the visitor uses the website. | 1 day | http cookie | |
_gat | Used by Google Analytics to limit the request rate. | 1 day | http cookie |
Marketing cookies
Marketing cookies are used to follow visitors on websites. The intention is to show ads that are relevant and engaging to the individual user and therefore more valuable to publishers and advertising third parties.
Name | Provider | Purpose | Expiry / Procedure | Type |
VISITOR_INFO1_LIVE | YouTube | Attempts to estimate user bandwidth on pages with integrated YouTube videos. | 179 days | http cookie |
YSC | YouTube | Registers a unique ID to keep statistics of the videos from YouTube that the user has watched. | Session | http cookie |
We use the information contained in cookies to enable the operation and use of our website and to ensure our IT security. The legal basis for data processing is Art. 6 para. 1 lit. f DS-GVO.
3. Third party content and services
Based on our legitimate interest in the analysis, optimisation and economic operation of our web-site in accordance with Art. 6 para. 1 lit. f GDPR, we integrate content and service offers from third-party providers on our website to use their content and services, unless we explicitly refer to the fact that we have linked third-party websites. The integration of third-party content and services requires that the third-party providers are aware of the IP address of the user, as without the IP address they cannot send the content to the user's browser. The IP address is required for the dis-play of this content.
We endeavour to only include content and service offers whose respective providers only use the IP address to deliver the content. Third-party providers may also use so-called tracking pixels to collect statistical data about user behaviour. The pseudonymous information may also be stored in cookies on the user's device and may contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our online offer, as well as being linked to such information from other sources.
a) Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, 4 Barrow Street, Dublin, D04 E5W5, Ireland ("Google") with the involvement of its US parent company Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, ("Google"), provided that you have given us your voluntary consent, which can be revoked at any time. Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of this website may be transmitted to and stored by Google on servers in the United States. The anal-ysis measure we use is carried out by us based on Art. 6 para. 1 lit. f GDPR to optimise the internet offer.
However, in the event that IP anonymisation is activated on this website, your IP address will be shortened beforehand by Google within member states of the European Union or in other con-tracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. IP anony-misation is active on this website. The locations of Google's data centres can be found at: www.google.com/about/datacenters/locations/index.html.
On behalf of the operator of this website, Google will use this information for the purpose of eval-uating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data unless you have permitted this in your Google account.
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link (download page for the browser add-on to disable Google Analytics or download page for the browser add-on to disable Google Analytics).
Further information on Google's terms of use and data protection can be found under Terms of use for Google Analytics - Google, Data protection - Google Analytics help or the Google data protection declaration under Data protection declaration - Data protection declaration & terms of use - Google.
b) Google Maps
This website is linked to Google Maps of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, to display geographical information. Privacy policy: policies.google.com/privacy.
c) Google Fonts
External fonts from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, https://fonts.google.com/ ("Google Fonts"). The integration of Google Fonts takes place via a server call at Google. Privacy policy: https://policies.google.com/privacy
d) Google-Re/Marketing-Services
Provided you have given us your prior consent (Art. 6 para. 1 lit. a GDPR), we use the marketing and remarketing services (Google Marketing Services) of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland for analysis and optimisation purposes and for the economic operation of our.
Google Marketing Services allow us to show advertisements for and on websites in a more targeted way in order only to present users with advertisements that may be of interest to. If users, for example, are shown advertisements for products that they have shown an interest in on other websites, this is known as “remarketing.” For these purposes, when our website and other websites on which Google Marketing Services are active are accessed, a code is executed by Google and (re)marketing tags (invisible graphics or codes, which are also known as "web beacons") are incorporated into the website. These are used to save an individual cookie on the user’s device, i.e., a small file (comparable technologies can also be used instead of cookies). The cookies can be created by various different domains, including google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com, or googleadservices.com. This file records which websites users look at, what content they show an interest in, and which offerings they click on. The file also contains technical information about the browser and operating system, referring websites, duration of the visit, as well as other information about the use of the online content. The IP addresses of users are also recorded, although we state within Google Analytics that the IP addresses within the member states of the European Union or in other signatory states of the Agreement on the European Economic Area and only sent in full to Google server in the USA and abbreviated there. The IP address is not combined with the users’ data within other offers from Google. Google an also combine the aforementioned information with information from other sources. If users then visit other websites, they can be shown advertisements tailored to their interests.
The users’ data is processed in a pseudonymous manner within Google Marketing Services. This means that Google does not process the name or email addresses of the users, but rather processes the relevant data based on cookies within pseudonymized user profiles. This means that from the point of view of Google, the information is not managed and viewed for a concrete, identified person, but rather for the cookie owner, irrespective of who this cookie owner is. This does not apply if a user has expressly given Google permission to process the data without this pseudonymization. The information collected by Google Marketing Services about the users is transmitted to Google and stored on Google’s servers in the USA.
In addition, we may use the "Google Tag Manager" in order to incorporate the Google analysis and marketing services into our website and to manage them.
Additional information on data use for marketing purposes by Google is available at https://policies.google.com/technologies/ads, the Google Privacy Policy is available at https://policies.google.com/privacy.
If you want to opt-out of interest-based advertising by Google Marketing Services, you can make use of the settings and opt-out options provided by Google: https://accounts.google.com/
e) Instagram
We use functions of the Instagram network. The provider is Meta Platforms, Inc, Menlo Park, California, USA ("Instagram"). Each time one of our pages containing Instagram functions is accessed, a connection to Instagram servers is established. Privacy policy: https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect&__coig_consent=1
f) LinkedIn
We use functions of the LinkedIn network. The provider is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland ("LinkedIn"). Each time one of our pages containing LinkedIn functions is accessed, a connection to LinkedIn servers is established. Privacy policy: https://de.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy
g) LinkedIn Insight Tag
We use the conversion tool "LinkedIn Insight Tag" of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland on our website. This tool creates a cookie in your web browser that enables the collection of the following data, among others: IP address, device and browser properties and page events (e. g. page views). This data is encrypted, anonymised within seven days and the anonymised data is deleted within 90 days. LinkedIn does not share any personal data with us but provides anonymised reporting on website audience and ad performance. In addition, LinkedIn offers the possibility of retargeting via the Insight Tag. Using this data, we can display targeted ads outside of our website without identifying you as a website visitor.
LinkedIn members can control the use of your personal data for advertising purposes in their account settings. Privacy Policy: https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy
h) Twitter
We use functions of the microblogging service Twitter. The provider is Twitter Inc. The Academy, 42 Pearse Street, Dublin 2, Ireland. Each time one of our pages containing Twitter functions is accessed, a connection to Twitter servers is established. Privacy policy: https://de.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy
i) XING
We use functions of the XING network. The operator is New Work SE, Am Strandkai 1, 20457 Hamburg, Germany. Each time one of our pages containing Xing functions is accessed, a connection to Xing servers is established. Privacy policy: https://privacy.xing.com/de
j) YouTube
Videos from the "YouTube" platform of the third-party provider Google Ireland Limited, Gordon House, Barrow St, Dublin, D04 E5W5, Ireland. Privacy Policy: Privacy Policy - Google, Opt-Out: Sign In - Google Accounts.
In this case, the "extended data protection mode" is used to integrate the YouTube videos, through which a cookie is only stored on the user's computer when the respective YouTube video is played. YouTube states that no personal cookie information is stored when playing embedded videos in extended data protection mode. For more information on data processing and privacy notices by YouTube (Google), please see Privacy Policy - Google. If you want to ensure that YouTube does not receive any data from you, please do not click on the embedded YouTube videos."
4. Contact
On our website you will find contact forms that can be used for electronic contact. Alternatively, it is possible to contact us via the e-mail addresses provided. If you contact us via one of these channels, we collect the personal data entered and transmitted.
Scheidt & Bachmann Parking Solutions GmbH and Scheidt & Bachmann Parking Solutions Germany GmbH use the services of Salesforce, Inc, San Francisco, USA. Salesforce is contractually obliged towards Scheidt & Bachmann to observe the applicable data protection regulations.
The personal data collected when using the contact form consists of the master data entered there (mandatory fields: Surname, e-mail address, country; voluntary fields: Salutation, First name, Company, Telephone number) and possibly further personal data entered by you in the "Message" field. If you contact us directly by e-mail, we collect your e-mail address and any personal data resulting from the text of the e-mail.
Should it be necessary to answer your enquiry, we will pass on personal data to Scheidt & Bachmann group companies.
The processing is based on Art. 6 para. 1 lit. f GDPR. The purpose of the data processing and our legitimate interest lie in the maintenance of business relations and in being able to answer the messages sent to us.
5. Newsletter and downloads
You have the option of subscribing to various newsletters on our website with information about general company information and news, products, trade fairs and events. We also provide downloads on selected topics.
Scheidt & Bachmann Parking Solutions GmbH and Scheidt & Bachmann Parking Solutions Germany GmbH use the services of Salesforce, Inc, San Francisco, USA. Salesforce is contractually obliged towards Scheidt & Bachmann to observe the applicable data protection regulations.
Scheidt & Bachmann Fare Collection Systems GmbH and Scheidt & Bachmann Energy Retail solutions GmbH use the service of CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede, Germany. CleverReach is contractually obliged towards Scheidt & Bachmann to observe the applicable data protection regulations.
As part of the administration of the newsletter subscription and for downloading certain documents, we process the personal data you provide using the registration form. This involves master data (mandatory fields: E-mail address; voluntary information: first name, last name).
The newsletter is sent or the document downloaded on the basis of the consent of the recipients pursuant to Art. 6 para. 1 lit. a, Art. 7 GDPR in conjunction with § 7 para. 2 no. 3 Act against Unfair Competition or on the basis of the legal permission pursuant to § 7 para. 3 Act against Unfair Competition. The logging of the registration process takes place on the basis of our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR and serves as proof of consent to receive the newsletter. Furthermore, the purpose of the data processing and our legitimate interest lie in the maintenance of business relationships as well as direct advertising.
6. Job notifications
You also have the option of subscribing to notifications of new job offers on our website. We use the services of concludis GmbH, Auenweg 3, 50679 Cologne. concludis is contractually obligated to Scheidt & Bachmann to comply with the applicable data protection regulations.
As part of the administration of the subscription, we process the personal data that you provide via the registration form. These are the email address, the areas of interest and your postcode, as well as the geographical area in which you are interested in jobs.
The job notification is sent on the basis of the recipient's consent pursuant to Art. 6 para. 1 p. 1 lit. a, Art. 7 GDPR. The logging of the subscription process is based on our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR and serves as proof of consent to the subscription. Furthermore, the purpose of the data processing and our legitimate interest lies in the communication of vacancies in our group of companies to potentially interested parties.
7. Applications
We publish job offers on our website. You have the option to apply for a job offer by using the online form of our applicant portal or the online form via your XING member account.
For the online form of our applicant portal, we use the services of concludis GmbH, Auenweg 3, 50679 Cologne. concludis is contractually obliged vis-à-vis Scheidt & Bachmann to comply with the applicable data protection regulations.
We process the personal data submitted using the form. This is master data (mandatory fields: First name, last name, street and house number, postcode, city, e-mail address; voluntary information: title, telephone number, availability). In addition, the documents that you upload online in the application portal may contain further personal data, such as date of birth, data on school education, training and studies as well as previous professional career, data on driving licence, data on possible impairments, curriculum vitae, certificates, photo. You alone are responsible for the content of the uploaded documents.
The processing is based on Art. 6 para. 1 lit. b GDPR and § 26 para. 1 p. 1 Federal Data Protection Act (BDSG). The purpose of the data processing is to check your suitability for the position or for another position in our group of companies (or in the case of a speculative application for a position in our group of companies) and to carry out the application procedure as well as the decision on the establishment of an employment relationship.
If we conclude an employment contract with you, we will pass on your data to our personnel administration system for the purposes of the employment relationship, insofar as this is necessary for its implementation or termination. The legal basis for the described data processing is Art. 6 para. 1 lit. b GDPR and § 26 para. 1 Federal Data Protection Act (BDSG) (implementation of the employment relationship).
We store your data for as long as is necessary to make a decision about your application.
If no employment relationship is established, we will continue to store your data for as long as is necessary to defend against possible legal claims. As a rule, your data will be deleted 180 days after notification of the rejection decision, unless longer storage is necessary due to legal disputes.
If an employment relationship is established, we transfer your data from the online application portal to our personnel management system. We delete data that is not required for the implementation of the employment relationship 180 days after completion of the application process.
If an applicant is inactive in our applicant pool, we will delete the applicant's data no later than 180 days after pool acceptance, unless the applicant extends his or her membership of the applicant pool himself or herself after being notified by us of the impending deletion.
The employees of the Scheidt & Bachmann Group companies have access to an organisation-internal computer network. It is based on the same network technology as the Scheidt & Bachmann website but is only available to a selected group of users. All information contained in this information also applies to the Intranet.
1. App Store
The app is offered in the app store by our subsidiary, Scheidt & Bachmann Parking Solutions GmbH. When downloading the app, required information is transferred to the respective app store, i. e. in particular username, email address, customer number at the app store and the individual device identification. We have no influence on this data processing. The operator of the respective app store is responsible for this. We only process the data that is required to operate the app on your device.
2. Use of the App
The processing of the IP address is required here as a technical prerequisite for the use of the app.
The provider commissioned by us automatically collects and stores information in so-called server/app log files that your browser/app transmits to us. These are:
In order to further optimise this service, your access data is analysed anonymously for statistical purposes. Furthermore, the processing serves to ensure the proper operation of the app, in particular the correction of errors. This data is not merged with other data sources. The basis for the data processing is the protection of our legitimate interest according to Art. 6 para. 1 lit. f GDPR.
We commission service providers, so-called order processors, to maintain and service the app software. These service providers are contractually obliged to comply with the provisions of data protection law and are not considered third parties in the sense of data protection law.
All content of the app is stored in the content management system of Staffbase GmbH, Germany, and hosted via the external provider Microsoft Ireland Operations Ltd. This company is ISO 27001 certified and uses other subcontractors, such as for the provision of media (images, video, files) within our app (Content Delivery Network) via a service of Cloudfare Inc, USA, with a German hosting location. Google LLC, USA, for Google Firebase Cloud Messaging to send push notifications to users.
We have integrated Google Maps from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as an external tool. Privacy policy: policies.google.com/privacy.
Our app uses a tracking tool to record the general usage behaviour of all users but does not use cookies. No other personal data is passed on to third parties.
3. Services without login
The public area of the app can be used without registration and login. The public area contains public information/news of the Scheidt & Bachmann Group as well as links to further offers.
4. Services with login
The app enables the provision of internal and external company information/news as well as further links for employees, shareholders and bodies of the Scheidt & Bachmann Group as well as, in individual cases, for third parties who have been given the opportunity to register in the app by the data controller (hereinafter "users"). Thus, information of the intranet can also be made available outside the office. The app represents a flexible communication platform that can be individually adjusted to the respective information needs of the user.
The data is used to check authentication, to display the user's comments/likes, to list them in the app's staff directory, and for users to communicate with each other and us.
In addition, employees can also make use of further services within the framework of the app as part of the "Self Service". The data collected here is either provided by the employees themselves (e.g. sickness notification) or made available by us via interfaces from other existing Scheidt & Bachmann systems (e.g. holiday planning).
The basis for data processing is Art. 6 para. 1 lit. a GDPR (consent), if applicable in conjunction with Section 26 para. 2 Federal Data Protection Act (BDSG). Employees and employers generally have a similar interest in the provision of company information and communication on privately used end devices. The information that is absolutely necessary for the performance of the employment relationship is provided to the employee in parallel via other company communication channels. The voluntary nature of the consent to data processing required to use the services is therefore given. The user can revoke this consent at any time. In doing so, the e-mail address used, the profile picture set, if any, is deleted from the system's database. The data will then be kept in the backup for another 30 days. Content created by the user will be anonymised. The content created by the user (esp. texts, images, graphics, audio files, video files, links) remain on the user profile, which no longer exists, without being linked. At the user's request, the administrator deletes this content.
Registration in the app
After downloading the app from the app store, you must register to use the app. This requires an e-mail address, surname and first name as well as a password of your choice. Optionally, you can also enter a photo as a profile picture and other personal details. This data is stored on the servers hosted for us as long as the user account exists and can be viewed by other users of the app. If the account is deleted, the data is also deleted.
When using the app
When you use the app, the servers temporarily record the IP address of your device and other technical characteristics, such as the content requested.
There is no possibility to participate anonymously in the content of the app. The name is visible in all activities. Each user who posts content to the app (e. g. chat messages, comments or likes) is stored as the associated author of the content (surname, first name, time, profile picture if applicable) and is visible to all other users. This information is retained for the lifetime of the app unless the respective content or user account is deleted by the user himself or by the app administrators.
If a post is only read, this is only registered anonymously by the app and cannot be evaluated on a personal basis via the app.
Contributions, e. g. comments, that are made by the user and are not anonymous can only be evaluated for statistical purposes (e. g. number of comments/likes on an article, number of active users, last activity and latest comments of the user, most popular articles). The number of logins is stored by the app for maintenance purposes and security measures. The technical possibilities of the app to anonymously evaluate user behaviour serve the purpose of improving the content offered by the app.
Via the app there is the limited possibility to access contents of the Scheidt & Bachmann intranet, such as the S&B telephone directory or forms of the HR department.
Authorisations
In order for you to be able to use the app on your device to its full extent, the app may need to be able to access various functions and data on the device. This requires that certain permissions are granted.
The permission categories can vary depending on the manufacturer of the device. For example, with Android, individual permissions are combined into permission categories and you can also only agree to permission categories as a whole.
If you object to this, it may be the case that not all functions of the app are available.
As far as you have granted permissions, we use the access to the camera and the photos/videos of the device to upload them in the app. This access must be initially confirmed by the user.
Push notifications are messages that are sent by the app to the device and displayed there in a prioritised manner. By default, the app uses push notifications if you have consented to this when installing the app or using it for the first time. The device ID is processed for this purpose.
You can deactivate the receipt of push notifications at any time in the settings of your device or within the user account.
Evaluation of the usage behaviour
In order to make the app as user-friendly as possible, we analyse your usage behaviour anonymously. Within the scope of legal regulations, we, or companies commissioned by us within the scope of data processing, may create usage profiles. It is not possible to draw any direct conclusions about an individual user of the app.
Translation service
The app offers a translation service that is technically implemented by Microsoft Corporation. Only data that you have entered as text or sound for translation is processed. This data is only stored temporarily for the execution of the translation and is not written to permanent data storage. There will be no recording of the submitted text or any part of it in a Microsoft data centre. The audio and text will also not be used for training purposes.
We only transfer your personal data to third parties if
In addition, we pass on your personal data to Scheidt & Bachmann group companies, which also process personal data partly under their own responsibility (so-called data controller, cf. Art. 4 No. 7 GDPR), to the extent necessary.
Scheidt & Bachmann group companies are located in the following third countries, among others: United Kingdom of Great Britain and Northern Ireland, Russia, Switzerland, Tunisia, Israel, Ukraine, USA and Canada.
The processing of your data in a third country may also take place in connection with the involvement of service providers within the framework of commissioned processing. If there is no adequacy decision by the EU Commission for the country in question in accordance with Art. 45 GDPR, we ensure that your rights and freedoms are adequately protected and guaranteed by means of appropriate contracts in accordance with the requirements of the GDPR. We will be happy to provide you with detailed information on this on request.
Information on the appropriate or adequate safeguards and how to obtain a copy from you can be obtained from our data protection officer.
Within Scheidt & Bachmann, only those organisational units receive your data that require it to fulfil our contractual and legal obligations or in the context of processing and implementing our legitimate interest.
Beyond that, we do not pass on your personal data to third parties.
We do not intend to transfer your personal data to countries outside the European Union (EU) or the European Economic Area (EEA), but this may be done by external service providers if necessary. If external service providers come into contact with your personal data, we take legal, technical and organisational measures to ensure that they comply with the provisions of data protection laws and - if they act as processors - only process your data on our behalf and in accordance with our instructions.
We only process your personal data for as long as is necessary to fulfil the respective processing purpose.
In addition, we are subject to various storage and documentation obligations, which result from the German Commercial Code (HGB) or the German Fiscal Code (AO), among other things. These can be up to 10 years.
Finally, the storage period is also assessed according to the statutory limitation periods, which can be up to thirty years, for example, according to §§ 195 et seq. German Civil Code (BGB), with the regular limitation period being three years.
The data are regularly deleted when they are no longer required for the fulfilment of contractual or legal obligations and rights, unless their (temporary) further processing is necessary for the fulfilment of the purposes listed above due to the overriding legitimate interest. Such an overriding legitimate interest exists, for example, if deletion is not possible or only possible with disproportionate effort due to the special nature of the storage and processing for other purposes is precluded by suitable technical and organisational measures.
Every data subject has the right to information under Art. 15 GDPR, the right to rectification under Article 16 of the GDPR, the right to erasure under Art. 17 GDPR, the right to restriction of processing under Art. 18 of the GDPR and the right to data portability under Art. 20 GDPR. In order to exercise the aforementioned rights, you can contact the offices listed under clauses II and III.
If you have given us your consent to data processing, you can revoke this consent at any time without formalities. If possible, the revocation should be addressed to the offices mentioned under clauses II and III.
Furthermore, there is a right of appeal to a data protection supervisory authority (Art. 77 GDPR). The competent supervisory authority for Scheidt & Bachmann is:
North Rhine-Westphalia State Commissioner for Data Protection and Freedom of Information (LDI NRW)
However, we recommend that you first contact our data protection officer with a complaint.
You have the right to file an objection at any time, on grounds relating to your particular situation, against the processing of personal data relating to you which is carried out on the basis of Art. 6 para. 1 lit. f GDPR (processing of data on the basis of a weighing-up of interests) or Art. 6 para 1 lit. e GDPR; this also applies to any profiling based on this provision within the meaning of Art. 4 para. 4 GDPR.
If you file an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
In individual cases, we process your personal data for the purpose of direct advertising. You have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising.
If you file an objection to processing for direct marketing purposes, we will no longer process your personal data for these purposes.
The objection may be filed without any formalities and should, if possible, be addressed to the offices mentioned in the data protection information under clauses II and III.
Security: We use technical and organisational security measures in order to adequately protect your personal data processed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorised persons.
Validity and actuality of the privacy policy: This privacy policy is dated May 2023 and is valid as long as no updated version replaces it.
Due to the implementation of new technologies, it may become necessary to change this privacy policy. We reserve the right to change the privacy policy at any time with effect for the future. We recommend that you re-read the current data protection declaration from time to time.