Welcome to our website and thank you for your interest in our company. We take the protection of your personal data very seriously. We process your data in accordance with the applicable legal regulations for the protection of personal data, in particular the EU's General Data Protection Regulation (GDPR / DE: DS-GVO) and the German implementation laws applicable to us here in Germany. With the help of this data protection declaration, we're informing you comprehensively about how your personal data is processed by StraightONE GmbH and your entitled rights.
Personal data is information that enables a natural person to be identified. In particular, this includes name, date of birth, address, telephone number, e-mail address, but also your IP address.
Anonymous data exists if no personal reference to the user can be established.
Responsible office and data protection officer
Address: StraightONE GmbH, Fürther Str. 54, 90429 Nuremberg
Website: www.straight.one - Phone: +49-911-2177380
Data protection officer: Norbert Rauch - Norbert.Rauch@atarax.de
Your rights as a data subject:
First of all, we would like to inform you here about your rights as a data subject. These rights are standardized in article 15 - 22 of the EU GDPR. This includes:
- Right of access by data subject (Art. 15 EU GDPR)
- Right to erasure (Art. 17 EU GDPR)
- Right to rectification (Art. 16 EU GDPR)
- Right to data portability (Art. 20 EU GDPR)
- Right to restriction of processing (Art. 18 EU GDPR)
- Right to object (Art. 21 EU GDPR)
To exercise these rights, please contact: Datenschutz@straight.one
The same applies if you have questions about data processing in our company. You also have a right of appeal to a data protection supervisory authority.
Right of objection
Please note the following in connection with rights of objection: If we process your personal data for the purpose of direct marketing, you have the right to object to this data processing at any time without giving reasons. This also applies to profiling, in so far as it's related to direct mail.
If you object to direct marketing purposes, we will no longer process your personal data for these purposes. The objection is free of charge and can be made in any form, if possible to: Datenschutz@straight.one
In the event that we process your data for the protection of legitimate interests, you may object to such processing at any time for reasons arising from your particular situation, including profiling based on these provisions.
We will then no longer process your personal data, unless we can prove compelling reasons for processing that are worthy of protection, which outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims.
Passing on to third parties
We will only pass on your data to third parties within the framework of the legal provisions or with the appropriate consent. Otherwise, your data will not be passed on to third parties unless we are obliged to do so by mandatory legal provisions (passing on to external bodies such as supervisory authorities or law enforcement agencies).
Recipients of the data / categories of recipients
Within our company, we ensure that only those persons receive your data who need it to fulfil their contractual and legal obligations.
In many cases, service providers support our specialist departments in fulfilling their tasks. The necessary data protection agreements have been concluded with all service providers.
Third country transfer / intention to transfer
Data will only be transferred to third countries (outside the European Union or the European Economic Area) if this is necessary for the execution of the contractual relationship, if it is legally required or if you have given us your consent.
Secure transmission of your data
To protect the data stored with us in the best possible way against accidental or intentional manipulation, loss, destruction or access by unauthorized persons, we use appropriate technical and organizational security measures. The security levels are continuously reviewed in cooperation with security experts and adapted to new security standards.
The data exchange from and to our website is always encrypted. We offer HTTPS as a transmission protocol for our website, always using the latest encryption protocols. In addition, we offer our users a content encryption in the contact forms as well as in applications. The decryption of this data is only possible for us.
Obligation to provide the data
Various personal data are necessary for the establishment, execution and termination of the contractual relationship and the fulfilment of the contractual and legal obligations associated therewith. The same applies to the use of our website and the various functions it provides.
We have summarised details of this for you in the above-mentioned point. In certain cases data must also be collected or made available due to legal regulations. Please note that it is not possible to process your enquiry or carry out the underlying contractual relationship without providing this data.
Categories, sources and origin of data
Which data we process depends on the respective context: This depends on whether you, e.g. place an order online, enter an inquiry in our contact form, whether you send us a job application or submit a complaint.
Please note that we may also provide information for special processing situations separately in a suitable place, e.g. when uploading application documents or submitting a contact request.
When you visit our website, we collect and process the following data:
- Name of the internet service provider
- Information about the website tat you visited prior to visiting us
- Web browser and operating system used
- The IP address assigned by your internet service provider
- Requested files, transferred data volume, download/file export
- Information about the web pages that you call up on our website including date and time
- For reasons of technical security (in particular to prevent attempted attacks on our web server), this data is stored in accordance with Art. 6 (1) lit. f EU GDPR. After 7 days at the latest, anonymization takes place by shortening the IP address so that no reference to the user is established.
We collect and process the following data in the context of a contact request:
- Surname, first name
- Contact details
- Phone number
- e-mail address
- Information about wishes and interests
If applicable: We process the following data during the ordering process:
- Surname, first name
- Date of birth
- Delivery address
- Billing address
- e-mail address
- Data that may legitimately be processed from other sources
For online applications we collect and process the following data:
- Surname, first name
- Contact details
- Phone number
- e-mail address
- We also use data that we have permissibly obtained from publicly accessible directories (e.g. professional networks).
If applicable: For newsletters we collect and process the following data:
- Surname, first name
- e-mail address
- Analysis data from newsletter evaluation
If applicable: We collect and process the following data for competitions:
- Surname, first name
- e-mail address (depending on the notification channel)
Contact form / Contact per e-mail (Art. 6 paragraph 1 lit. a, b EU GDPR)
There is a contact form on our website which can be used for electronic contact. If you write to us via the contact form, we process the data you provide in the contact form to contact you, and answer your questions and requests.
The principle of data economy and data avoidance is observed, in that you only have to provide the data that we absolutely need to contact you. These are your e-mail address and the message field itself. In addition, your IP address is processed for technical reasons and for legal protection. All other data are voluntary fields and can be given optionally (e.g. for a more individual answer to your questions).
If you contact us by e-mail, we will process the personal data provided in the e-mail solely for the purpose of processing your inquiry. If you don't use the offered forms to contact us, no further data collection will take place.
Newsletter (Art. 6 paragraph 1 lit. a EU GDPR)
You can subscribe to a free newsletter on our website. The e-mail address you entered when registering for the newsletter as well as your name, company, position will be used for sending the personalized newsletter.
Here the principle of data economy and data avoidance is observed, as only the e-mail address is marked as a mandatory field. For technical reasons and for legal reasons, your IP address will also be processed when ordering the newsletter. In our newsletter, we regularly inform you about new products and offers, and we use a newsletter pixel-code to monitor the success of the newsletter. Furthermore, we carry out success evaluations and customer satisfaction surveys after completed projects as well as at irregular intervals.
You can of course cancel your subscription at any time using the unsubscription option provided in the newsletter, and thus revoke your consent. Furthermore, you have the possibility to unsubscribe from the newsletter at any time directly via our website.
Prize draw / advertising consent (Art. 6 (1) lit. a, b EU-DS GMO)
On our website you have the possibility to participate in our prize draws. If you fill out the competition form, we will process the data provided there exclusively for the purpose of carrying out the competition.
The principle of data economy and data avoidance is observed by requiring you to provide only the data that we absolutely need to execute the competition and to notify you of your prize. This is, for example, your name and your e-mail address.
The mandatory fields are marked with an asterisk (*). For technical reasons, as well as for legal reasons, your IP address will also be processed. The remaining fields are optional and can be filled in if you wish. Without the mandatory fields we cannot carry out the competition. Participation is then not possible.
Within the framework of the competition mask, you also have the option of granting us advertising permission. Of course it is also possible to participate in the competition without giving your advertising permission.
If you give us your consent, by ticking the respective checkbox, we will also process your data to send you information and offers about our products / services by e-mail.
You can revoke your consent at any time without giving reasons, by calling +49-911-2177380, sending an e-mail to email@example.com or by post to - StraightONE GmbH, Fürther Str. 54, 90429 Nürnberg.
Webshop (Art. 6 paragraph 1 lit. b EU GDPR)
We process the data you provide on the order form only for the purpose of implementing or processing the contractual relationship, unless you agree to further use.
The principle of data economy and data avoidance is observed by requiring you to provide only the data that we absolutely need to execute the contract or to fulfil our contractual obligations (i.e. your name, address, e-mail address and the payment data required for the selected payment method) or that we are legally obliged to collect.
In addition, your IP address is processed for technical reasons and for legal protection. Without this data, we will have to refuse to conclude the contract, as we will then not be able to execute it or we may have to terminate an existing contract. Of course, you can of your own accord provide us with more data if you wish.
Registration / Customer account (Art. 6 paragraph 1 lit. a, b EU GDPR)
On our website we sometimes offer users the possibility to register by providing personal data. The advantage is that you can view your order history and that the data you have entered is stored for the order form. This means that you do not have to enter your data again when placing a new order.
Registration is therefore either necessary or possible for the fulfilment of a contract (via our online shop) with you or for the implementation of pre-contractual measures, if guest access is provided, too. If necessary, supplement or adapt for other purposes.
In doing so, the principle of data economy and data avoidance is observed, as only the data required for registration is marked as a mandatory field with an asterisk (*). These are, for example, the e-mail address and password (includes password repetition, too).
For an order in our online shop, we also require information about the billing address (title, first name, surname, address) for delivery. If the delivery address differs from the billing address, the above-mentioned information for the delivery address must also be provided.
By registering on our website, the IP address of the user, the date and time of registration are also saved (i.e. all technical background data). By clicking the button "Register now" you give your consent to your data being processed.
Please note: The password you have assigned we store in an encrypted form. Employees of our company cannot read this password. Therefore they cannot give you any information if you have forgotten your password.
In this case, please use the "Forgot password" function, which will send you an automatically generated new password by e-mail. No employee is authorized to request your password from you by telephone or in writing. Therefore, please never disclose your password if you receive such requests.
Upon completion of the registration process, your data will be stored only for use in the protected customer area. As soon as you log on to our website, using your e-mail address / user name and password, this data is made available on our website for actions carried out by you (e.g. for orders in our online shop). Completed orders can be tracked in the order history. You can enter changes to the billing or delivery address here.
Registered persons are free to make changes / corrections to the billing or delivery address, in the order history themselves. Of course you can also cancel or delete your registration or your customer account.
Payment systems (Art. 6 paragraph 1 lit. a, b EU GDPR), credit assessment (Art. 6 paragraph 1 lit. f EU GDPR)
In our online shop you can pay by invoice, credit card, PayPal or direct debit (SEPA direct debit). For this purpose, the respective payment-relevant data is collected to be able to process your order and payment processing. In addition, your IP address is processed for technical reasons and for legal protection.
The principle of data economy and data avoidance is observed, in that you only have to provide us with the data that we absolutely need for the execution of the payment processing and thus the processing of the contract, or for the collection of which we are legally obliged.
Without this data we will unfortunately have to refuse the conclusion of the contract, as we will not be able to execute it.
The payment system used by us uses SSL encryption for the protected transmission of your data.
Note on invoice payment: If you select the invoice payment method in our online shop, we will carry out a credit check. For this purpose, the data relevant to creditworthiness is determined to determine credit or default risks.
Note on credit card payment: As usual with credit card payments, the credit card details are checked and a credit assessment is carried out.
Note on PayPal: PayPal is a company of PayPal (Europe) S.à r.l. et Cie, S.C.A. 22-24 Boulevard Royal , L-2449 Luxembourg. If the person concerned selects "PayPal" as a payment option during the ordering process in our online shop, data of the person concerned is automatically transmitted to PayPal.
By selecting this payment option, the data subject agrees to the transfer of personal data required for the processing of the payment. The personal information submitted to PayPal is usually first name, last name, address, e-mail address, IP address, phone number, cell phone number, or other information necessary to process the payment.
For the processing of the sales contract, personal data are also necessary, which are in connection with the respective order. Details on data protection at PayPal can be found at: https://www.paypal.com/de/webapps/mpp/ua/privacy-prev (for the legal situation from 25.5.2018).
Note on the direct debit procedure: As is usual with direct debit, your account data is collected to debit the corresponding amount from your account.
Advertising to Existing Customers (Art. 6 paragraph 1 lit. f EU GDPR)
StraightONE GmbH is interested in maintaining the customer relationship with you and in providing you with information and offers about our products / services. We therefore process your data to send you corresponding information and offers by e-mail. If you don't wish this, you can object to the use of your personal data for the purpose of direct advertising at any time; this also applies to profiling, in so far as it is connected with direct advertising. If you object, we will no longer process your data for this purpose.
The objection can be made free of charge and in no particular form without stating reasons and should be sent if possible to by e-mail to firstname.lastname@example.org or by post to StraightONE GmbH, Fürther Str. 54, 90429 Nürnberg.
Applicant portal (Art. 6 (1) lit. a, b EU GDPR)
Thank you for your interest in working for StraightONE GmbH. We are aware of the importance of your data and process the personal data you provide in the application form only for the purpose of effective and correct handling of the application process, and for contacting you during the application process. The data will not be passed on to third parties without your consent.
Within the application form you will be asked to provide personal data. In doing so, we observe the principle of data economy and data avoidance, in that you only have to provide us with the data that we need to completely check your application documents, such as your curriculum vitae or that we are legally obliged to collect. These mandatory details are marked with an asterisk (*). For technical reasons, as well as for legal reasons, your IP address will also be processed.
Without this data, we are unable to check your application documents, which is why our application system does not allow you to upload your application documents in this case. Of course you have the possibility to provide voluntary information in the application form.
To protect the security and confidentiality of your data in the best possible way, we implement appropriate security measures. Your application documents will be transmitted to us in encrypted form by our application system.
We store your data for the above-mentioned purposes until the application procedure is completed and the relevant deadlines have expired - at the latest six months after receipt of a decision. However, you have the option to allow us to store your application documents for longer and compare them with other vacant positions which could apply to your profile.
To do this, we need your consent, which you can give us by clicking the checkbox before uploading your application documents. In this case, we will save your data for 12 months. Of course, you can revoke your consent at any time without giving reasons: by telephone +49-911-2177380, by e-mail to email@example.com or by post to StraightONE GmbH - Fürther Str. 54, 90429 Nürnberg.
Automated individual case decisions
We do not use purely automated processing to make a decision.
Cookies (Art. 6 paragraph 1 lit. f EU GDPR / Art. 6 paragraph 1 lit. a EU GDPR with consent)
Our internet pages use so-called cookies in several places. They serve to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser (locally on your hard disk).
These cookies enable us to analyse how users use our websites. This enables us to design the website content according to the needs of our visitors. Cookies also enable us to measure the effectiveness of a particular advertisement and to place it, for example, in accordance with the users' thematic interests.
Most of the cookies we use are so-called "session cookies". These are automatically deleted after your visit. Permanent cookies are automatically deleted from your computer when their period of validity is reached (usually six months) or if you delete them yourself before the period of validity expires.
Most web browsers accept cookies automatically. However, you can usually change the settings of your browser if you prefer not to send the information. You can then still use the offers on our website without any restrictions.
Please note: If you deactivate the setting of cookies, it is possible that not all functions of our website can be used fully.
Online offers for children
Persons under 16 years of age may not transmit any personal data to us or submit a declaration of consent without the consent of a parent or guardian. We encourage parents and guardians to actively participate in their children's online activities and interests.
Links to other providers
Our website also contains - clearly visible - links to the internet presentations of other companies. As far as links to websites of other providers are available, we have no influence on their contents. Therefore we cannot assume any guarantee or liability for these contents. The respective provider or operator of these sites is always responsible for the contents of these sites.
The linked pages were checked for possible legal violations and recognizable infringements at the time of linking. Illegal contents were not recognizable at the time of linking. However, a permanent control of the contents of the linked pages is not reasonable without concrete evidence of a violation of the law. If infringements of the law become known, such links will be removed immediately.
We will only collect, process or use data for consulting, advertising or market research purposes if you have given us your prior consent. Of course, you can revoke any consent you have given at any time.
Use and disclosure of personal data / earmarking
We will collect, process and use all personal data that we learn about you in the course of using our web pages only for the specified purpose. In doing so, we will ensure that this is only done within the framework of the applicable legal regulations or only with your consent.
We have taken appropriate technical and organisational measures to protect the data stored by us for our employees/customers/suppliers against accidental or deliberate manipulation, loss, destruction or access by unauthorised persons. The security levels are continuously reviewed in cooperation with security experts and adapted to new security standards.
If necessary, you can also contact our data protection officer directly, who will be happy to answer your questions: firstname.lastname@example.org