Privacy policy

Thank you for visiting our website www.safetec-strahlenschutz.de and for your interest in our company. The protection of your personal data is important to us. Personal data is information about the personal or material circumstances of an identified or identifiable natural person. This includes, for example, the civil name, address, telephone number and date of birth, but also all other data that can be related to an identifiable person.
As personal data enjoys special legal protection, we only collect it to the extent that this is necessary for the provision of our website and the provision of our services. Below we explain what personal information we collect during your visit to our website and how we use it.

Our data protection practices comply with the statutory regulations, in particular those of the German Federal Data Protection Act (BDSG), the German Telemedia Act (TMG) and the EU General Data Protection Regulation (GDPR). We will only collect, process and store your personal data insofar as this is necessary for the functional provision of this website and our content and services, as well as for processing inquiries and, if necessary, for processing orders/contracts, but only insofar as there is a legitimate interest in this within the meaning of Art. 6 para. 1 sentence 1 lit. f GDPR or another legal basis. Only if you have previously given your consent separately will your data also be used for further purposes precisely defined in the consent, e.g. for sending advertising information by newsletter.

1. controller within the meaning of Art. 4 No. 7 GDPR

Controller within the meaning of the GDPR and other national data protection laws of the member states as well as other data protection regulations:
Safetec GmbH | Dischingerstraße 8 | 69123 Heidelberg
E-Mail: strahlenschutz@safetec-hd.de | Phone.: +49 (0) 6221 / 651750 | Fax: +49 (0) 6221 / 6517510

2. provision of the website and creation of log files

Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer. The following data is collected:

a) Scope of data processing

(1) Information about the browser type and version used
(2) The operating system of the accessing device
(3) The IP address of the accessing device
(4) Date and time of access
(5) Websites and resources (images, files, other page content) that were accessed on our website
(6) Websites from which the user’s system came to our website (referrer tracking)

This data is stored in the log files of our system. This data is not stored together with the personal data of a specific user, so that individual site visitors cannot be identified.

b) Legal basis for the processing of personal data
Art. 6 para. 1 lit. f GDPR (legitimate interest). Our legitimate interest is to ensure the achievement of the purpose described below.

c) Purpose of the data processing
Logging is carried out to maintain the compatibility of our website for as many visitors as possible and to combat misuse and troubleshooting. For this purpose, it is necessary to log the technical data of the accessing computer in order to be able to react as early as possible to display errors, attacks on our IT systems and/or errors in the functionality of our website. In addition, we use the data to optimize the website and to generally ensure the security of our IT systems.

d) Duration of storage
The aforementioned technical data is deleted as soon as it is no longer required to ensure the compatibility of the website for all visitors, but no later than 3 months after our website is accessed.

e) Possibility of objection and removal
The objection and removal options are based on the general regulations on the right to object and the right to erasure under data protection law described below in this privacy policy.

3. special functions of the website

Our website offers you various functions that collect, process and store personal data when you use them. We explain below what happens to this data:

a) Contact form(s)

(1) Scope of the processing of personal data
The data you enter in our contact forms.
(2) Legal basis for the processing of personal data
Art. 6 para. 1 lit.a GDPR (consent by clear affirmative action or behavior)
(3) Purpose of the data processing
We will only use the data collected via our contact form or via our contact forms to process the specific contact request received via the contact form.
(4) Duration of storage
Once your inquiry has been processed, the data collected will be deleted immediately, provided there are no statutory retention periods.
(5) Possibility of objection and removal
The options for objection and removal are based on the general regulations on the right to object and the right to erasure under data protection law described below in this privacy policy.

b) Login area

(1) Scope of the processing of personal data
The registration and login data you enter with us.
(2) Legal basis for the processing of personal data
Art. 6 para. 1 lit. a GDPR (consent by clear affirmative action or behavior)
(3) Purpose of the data processing
You have the option of using a separate login area on our website. If you have forgotten your password or user name for this area, it is possible to have this data sent to you again after entering your contact details (email address). We only collect, store and process the usage data collected when you use the login area to combat misuse and rectify faults or to maintain functionality. The data will not be used for other purposes or passed on to third parties.
(4) Duration of storage
The data collected will be stored for as long as you maintain a user account with us.
The data collected as part of the ‘Forgot user name or password’ function will only be used to resend forgotten access data.
(5) Possibility of objection and removal
The objection and removal options are based on the general regulations on the right to object and the right to erasure under data protection law described below in this privacy policy.

c) Application form
(1) Scope of the processing of personal data
The data entered by you in the form fields and, if applicable, uploaded.
(2) Legal basis for the processing of personal data
Art. 6 para. 1 lit.b GDPR (implementation of (pre-)contractual measures)
(3) Purpose of the data processing
Processing of your application
(4) Duration of storage
The data will be deleted as soon as the application has been processed and there is no longer a legitimate interest in storing the application data. Your application documents will therefore be deleted after 6 months at the latest if no employment relationship is established.
(5) Possibility of objection and removal
The objection and removal options are based on the general regulations on the right to object and the right to erasure under data protection law described below in this privacy policy.

4. statistical evaluation of visits to this website – web tracker

a) Scope of the data processing

On our website, we use a web tracking service provided by Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland (hereinafter: Google Googleadservices/Google AdWords Conversion/Google Dynamic Remarketing). Google Googleadservices/Google AdWords Conversion/Google Dynamic Remarketing uses cookies in the context of web tracking, which are stored on your computer and which enable an analysis of the use of our website and your surfing behavior (so-called tracking).

b) Purpose

We carry out this analysis on the basis of the tracking services of Google Googleadservices / Google AdWords Conversion / Google Dynamic Remarketing in order to constantly optimize our website and make it more available.

c) Legal basis

The legal basis for data processing is Art. 6 para. 1 lit. a GDPR.

d) Storage period

The data is deleted as soon as the purpose of its collection has been fulfilled. Further information on the handling of the transferred data can be found in the privacy policy of Google Googleadservices / Google AdWords Conversion/Google Dynamic Remarketing: https://policies.google.com/privacy . You can prevent the collection and forwarding of personal data (in particular your IP address) and the processing of this data by deactivating the execution of script code in your browser, installing a script blocker in your browser (you can find this at www.noscript.net or www.ghostery.com, for example) or activating the “Do Not Track” setting in your browser.

e) Third country transfer

When you use our website, data, in particular your IP address and your user activities, are transferred to servers of the company Google Googleadservices/Google AdWords Conversion/Google Dynamic Remarketing and processed and stored outside the European Union, e.g. in the USA. The European Commission adopted its adequacy decision for the USA on 10.07.2023. Google LLC is also certified under the EU-US Privacy Framework.

f) Objection and removal options

The objection and removal options are based on the general regulations on the right to object and the right to erasure under data protection law described below in this privacy policy.

5. integration of external web services and processing of data outside the EU

Scope of data processing

We use active JavaScript content from external providers, so-called web services, on our website. By accessing our website, these external providers may receive personal information about your visit to our website. This may result in data being processed outside the EU. You can prevent this by installing a JavaScript blocker such as the browser plug-in ‘NoScript’ (www.noscript.net ) or deactivating JavaScript in your browser. This can lead to functional restrictions on websites that you visit.

We use website-check.de as an external web service. A test seal of the company Website-Check GmbH, Beethovenstraße 24, 66111 Saarbrücken, DE (hereinafter: website-check.de) is reloaded. Due to the integration of the Website-Check seal of approval, non-personal data is transferred to Website-Check GmbH as the publisher of the seal of approval. In this context, Website-Check GmbH only receives your IP address in order to be able to deliver the seal of approval image file. Your IP address has no personal reference for Website-Check GmbH.

Further information on the handling of the transmitted data can be found in the privacy policy of website-check.de: https://www.website-check.de/datenschutzerklaerung/. You can prevent the reloading of the Website-Check test seal and thus the transmission of your IP address (anonymous for Website-Check GmbH) to Website-Check GmbH by deactivating the execution of script code from Website-Check GmbH in your browser or by installing a script blocker in your browser (you can find this e.g. at www.noscript.net or www.ghostery.com ).

a) Purpose

We include this seal of approval on our website to show that we take the issue of data protection seriously.

b) Legal basis

The legal basis for data processing is Art. 6 para. 1 lit. f GDPR (legitimate interest). The legitimate interest is to enable the error-free display of the Website-Check seal of approval on the website.

c) Possibility of objection and removal

The objection and removal options are based on the general regulations on the right to object and the right to erasure under data protection law described below in this privacy policy.

d) Google Fonts

We use Google Fonts for the visual design of our website. When Google Fonts are integrated locally, no data is transferred to Google or stored by Google. Only the font files are hosted and used on our own server to ensure a consistent display of the fonts. This means that Google Fonts are used without personal data being transmitted to Google.


e) Matomo

We use the open source software tool Matomo (formerly PIWIK) on our website to analyze the surfing behavior of our users.
Scope of the data processing

The software places a cookie on the user’s computer (for cookies, see above). If individual pages of our website are accessed, the following data is stored:

(1) Two bytes of the IP address of the user’s accessing system
(2) The website accessed
(3) The website from which the user came to the accessed website (referrer)
(4) The subpages that are accessed from the accessed website
(5) The time spent on the website
(6) The frequency with which the website is accessed

The software runs exclusively on the servers of our website. The user’s personal data is only stored there. The data is not passed on to third parties.

Legal basis

The legal basis for the processing of users’ personal data is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest lies in the data processing purposes listed below.

Purpose

The processing of users’ personal data enables us to analyze the surfing behavior of our users. By evaluating the data obtained, we are able to compile information about the use of the individual components of our website. This helps us to constantly improve our website and its user-friendliness. 1 lit. f GDPR. f GDPR. By anonymizing the IP address, the interest of users in the protection of their personal data is sufficiently taken into account.

Storage period

The data is deleted as soon as it is no longer required for our recording purposes.

Possibility of objection and removal

The objection and removal options are based on the general regulations on the right to object and the right to erasure under data protection law described below in this privacy policy.

Google Analytics Consent Mode

We use the new Google Analytics consent mode, which has been mandatory since March 2024. With this mode, Google, as gatekeeper, fulfills its legal obligations under the new Digital Markets Act (DMA). Previously, visitors gave their consent to us, the website operator. With the new consent mode, consent must also be given directly to Google. This consent mode does not replace our consent management tool, but merely provides an interface between it and Google Analytics so that the consent also applies to Google. We are required to use this mode because we use Google AdServices and Google AdWords Conversion, among other things.

If you consent to tracking using Google Analytics, there is little change to the previous procedure without the consent mode. The main difference is that once you have given your consent, our consent management tool transmits information to Google about whether and, if so, which consents have been given. This allows Google to understand which services it is also allowed to control or link. If you refuse consent, no cookies will be stored on your end devices.

The consent mode therefore primarily serves Google. It is intended to ensure that the user’s consent obtained on websites also applies to Google.

6. information on the use of cookies

a) Scope of the processing of personal data

We use cookies on various pages to enable the use of certain functions of our website. Cookies are small text files that your browser can store on your computer. Diese Textdateien enthalten eine charakteristische Zeichenfolge, die eine eindeutige Identifizierung des Browsers beim erneuten Aufrufen unserer Website ermöglichen. The process of storing a cookie file is also called ‘setting a cookie’.

b) Legal basis for the processing of personal data

Art. 6 para. 1 lit. f GDPR (legitimate interest). Our legitimate interest lies in maintaining the full functionality of our website, improving usability and enabling a more personalized customer approach. We are only able to identify individual website visitors with the help of cookie technology if the website visitor has previously provided us with corresponding personal data on the basis of a separate consent.

c) Purpose of data processing

Cookies are set by our website in order to maintain the full functionality of our website and to improve its usability. In addition, cookie technology enables us to recognize individual visitors through pseudonyms, e.g. an individual, arbitrary ID, so that it is possible for us to offer more individual services.

d) Duration of storage

Our cookies are stored until they are deleted in your browser or, if it is a session cookie, until the session has expired.

e) Possibility of objection and removal

You can set your browser yourself according to your wishes so that the setting of cookies is generally prevented. You can then decide on a case-by-case basis whether to accept cookies or to accept cookies in principle. Cookies can be used for different purposes, e.g. to recognize that your PC has already had a connection to our website (persistent cookies) or to save recently viewed offers (session cookies). We use cookies to offer you an enhanced user experience. In order to use our convenience functions, we recommend that you allow the acceptance of cookies for our website. The objection and removal options are otherwise based on the general regulations on the right of objection and deletion under data protection law described below in this data protection declaration.

7. data security and data protection, communication by email

Your personal data is protected by technical and organizational measures during collection, storage and processing in such a way that it is not accessible to third parties. In the case of unencrypted communication by e-mail, we cannot guarantee complete data security on the transmission path to our IT systems, so we recommend encrypted communication or the postal service for information requiring a high level of confidentiality.

8. automatic e-mail archiving

a) Scope of the processing of personal data

We would like to expressly point out that our mail system has an automated archiving procedure. All incoming and outgoing e-mails are digitally archived in an audit-proof manner.

b) Legal basis for the processing of personal data

Art. 6 para. 1 lit. f GDPR (legitimate interest). Our legitimate interest lies in compliance with tax and commercial law requirements (e.g. Sections 146, 147 AO).

c) Purpose of data processing

The purpose of archiving is to comply with tax and commercial law requirements (e.g. Sections 146, 147 AO).

d) Duration of storage

Our email communication is stored until the expiry of retention obligations under tax and commercial law. The storage period can be up to 10 years.

e) Right of objection and removal

If you have any questions regarding our mail archiving system, please contact our data protection officer. We would also like to point out that we only consider application documents in PDF file form. Zipped (WinZip, WinRAR, 7Zip, etc.) files are filtered out by our security systems and will not be delivered. We do not consider applications in Word file format and other file formats and delete them unread. Please note that unencrypted application documents sent by e-mail may be opened by third parties before they reach our IT systems. We assume that we may also reply to unencrypted application emails in unencrypted form. If you do not wish this to happen, please let us know in your application email.

9. revocation of consent, data information and change requests, data deletion and blocking

You have a right to free information about your stored data at appropriate intervals and a right to correction, blocking or deletion of your data at any time. Your data will be deleted by us on first request, unless this is contrary to legal regulations. You can revoke any permission you have given us to use your personal data at any time. You can send requests for information, deletion and correction of your data and suggestions at any time to the following address:

Safetec GmbH | Dischingerstraße 8 | 69123 Heidelberg
E-mail: strahlenschutz@safetec-hd.de | Phone: +49 (0) 6221 / 6517526 | Fax: +49 (0) 6221 / 6517510

10. right to data portability

You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format. You can also request that we transfer this data to a third party without delay at your first instruction, provided that the processing is based on consent pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR or on a contract pursuant to Art. 6 para. 1 lit. b GDPR and the processing is carried out by us within the framework of automated data processing.

When exercising this right to data portability, you also have the right to obtain that the personal data concerning you be transferred directly to another controller, insofar as this is technically feasible. The freedoms and rights of other persons must not be impaired by this.

The right to data portability does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.


11. right to lodge a complaint with the supervisory authority pursuant to Art. 77 para. 1 GDPR

If you suspect that your data is being processed unlawfully on our website, you can of course seek judicial clarification of the issue at any time. Irrespective of this, you have the option of contacting a supervisory authority. . You have the right to lodge a complaint in the EU Member State of your place of residence, your place of work and/or the place of the alleged infringement, i.e. you can choose the supervisory authority to which you turn at the above-mentioned locations. The supervisory authority with which the complaint has been lodged will then inform you of the status and outcome of your complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.

Created by:
© IT-Recht-Kanzlei DURY – www.dury.de
© Website-Check GmbH – www.website-check.de

12. Whistleblowing

Safetec GmbH is a company of E.ON SE. E.ON has a hotline and an externally operated website for the anonymous reporting of possible violations of laws and regulations: Whistleblower (eon.com). Not only E.ON employees, but also our business partners, their employees and other third parties can contact this hotline or website in confidence. They can report possible cases of corruption, fraud, embezzlement, tax evasion, human rights violations, violations of antitrust and capital market law, insider trading rules, data protection law or other violations of the Code of Conduct by telephone or via the website.
The aforementioned channels are not intended for customer complaints or other contractually relevant matters relating to customer business. Please get in touch with your contact person at Safetec GmbH.

Contact options via website
Compliance Solutions GmbH
https://eon-wb.compliancesolutions.com/

Contact via hotline
Compliance Solutions GmbH
Available 24 hours a day
Phone +49 711 95339973 +49 711 95339973

13. Our social media presence

a) Data processing by social networks

We maintain publicly accessible profiles in social networks. The individual social networks we use are listed below.
Social networks such as Facebook, X (formerly Twitter) etc. can generally analyze your user behavior comprehensively when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). Visiting our social media presences triggers numerous data protection-relevant processing operations.

In detail:
If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies that are stored on your device or by recording your IP address.
With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-based advertising can be displayed to you inside and outside the respective social media presence. If you have an account with the respective social network, the interest-based advertising can be displayed on all devices on which you are logged in or were logged in.

Please also note that we cannot track all processing operations on the social media portals. Depending on the provider, further processing operations may therefore be carried out by the operators of the social media portals. For details, please refer to the terms of use and data protection provisions of the respective social media portals.

b) Legal basis

Our social media presences are intended to ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. The analysis processes initiated by the social networks may be based on different legal bases, which must be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 para. 1 lit. a GDPR).

c) Controller and assertion of rights

If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. You can assert your rights (information, rectification, erasure, restriction of processing, data portability and complaint) against both us and the operator of the respective social media portal (e.g. Facebook).
Please note that, despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are largely determined by the corporate policy of the respective provider.

d) Storage duration

The data collected directly by us via the social media presence will be deleted from our systems as soon as the purpose for its storage no longer applies, you request us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Stored cookies remain on your end device until you delete them. Mandatory statutory provisions – in particular retention periods – remain unaffected.
We have no influence on the storage period of your data that is stored by the operators of social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their privacy policy, see below).

e) Social networks in detail

(1) Facebook

We have a profile on Facebook. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. According to Facebook, the data collected is also transferred to the USA and other third countries.
We have concluded an agreement with Facebook on joint processing (Controller Addendum). This agreement specifies which data processing operations we or Facebook are responsible for when you visit our Facebook page. You can view this agreement at the following link: https://www.facebook.com/legal/terms/page_controller_addendum.
You can adjust your advertising settings yourself in your user account. To do this, click on the following link and log in: https://www.facebook.com/settings?tab=ads.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.
Details can be found in Facebook’s privacy policy: https://www.facebook.com/about/privacy/.

(2) Instagram

We have a profile on Instagram. The provider is Instagram Inc, 1601 Willow Road, Menlo Park, CA, 94025, USA.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here:
https://www.facebook.com/legal/EU_data_transfer_addendum, https://help.instagram.com/519522125107875 und https://de-de.facebook.com/help/566994660333381.
Details on how they handle your personal data can be found in Instagram’s privacy policy: https://help.instagram.com/519522125107875.

(3) XING

We have a profile on XING The provider is New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany. For details on how they handle your personal data, please refer to XING’s privacy policy: https://privacy.xing.com/de/datenschutzerklaerung.

(4) LinkedIn

We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.
If you wish to deactivate LinkedIn advertising cookies, please use the following link https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs. Details on how they handle your personal data can be found in LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy.

(5) YouTube

We have a profile on YouTube. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Details on how they handle your personal data can be found in YouTube’s privacy policy: https://policies.google.com/privacy?hl=de