DATA PROCESSING INFORMATION
1. We take care of your personal data
The protection of your privacy and of your personal data when visiting our website is important to us. Therefore, we strictly comply with data protection rules. In the following we notify you about which information we process during your stay with our website and how we use them. This starts with visiting our website, writing an e-mail by using links to the e-mail address', using the contact form, signing for a seminar, subscribing to a newsletter, by cookies, Google Maps, Facebook, WhatsApp as well as processing your bank details. In the following we inform you about the methods of processing and the purpose of processing as well as your rights.
2. Controller of data processing and data protection officer
Controller for the processing of your personal data in connection with this website is ZIST gemeinnützige GmbH, Zist 1, 82377 Penzberg, Germany (ZIST). Our data protection officer is Mr. Jörg M. Leuchtner, attorney-at-law (Rechtsanwalt), Freiburger Datenschutzgesellschaft mbH, Luisenstr. 5, 79098 Freiburg, Germany. You may contact him by e-mail to datenschutz@zist.de.
3. Processing and storage of personal data and methods as well as purpose of processing when visiting https://zist.de
When visiting our website https://zist.de we will process your personal date on different levels.
We do protect your personal data by appropriate technical and organizational actions. However, we remind you that the transfer of data on the internet (e. g. communication by e-mail) provide for security loop holes. A complete protection of data against any third party's access is not possible.
a. Server Log Files
The provider of this website will process and store automatically information in the system log files, which your browser will transfer to us. This will be:
When visiting our website https://zist.de information will be sent by your browser to our server. This information will be stored temporarily, and which will be deleted automatically. The following information will be stored: (i) IP-Address, (ii) date and time of your visit, (iii) name and URL of files, (iv) website you were coming from, (v) type of browser and OS.
Purpose of processing is at the same time our legitimate interest (Art. 6 I 1 f) General Data Protection Regulation – GDPR), which is the technical availability of our website and access to the available information as well as the facilitated use and the guaranty of system stability and the required organizational measures. Data to identify you as person will not be processed.
b. Using links to e-mail address'
By using links to e-mail address' on our website httpss://zist.de you may contact us directly and by using the open e-mail program. By that contact, which can solely be initiated by you, the following data will be processed and stored: (i) IP-Address, (ii) date and time of your visit, (iii) name and URL of files, (iv) website you were coming from, (v) type of browser and OS, internet provider, (vi) name and address as far as named, (vii) e-mail address, (viii) e-mail provider.
Purpose of processing at the same time our legitimate interest Art. 6 I 1 f) GDPR which is the technical availability of our website and access to the available information as well as the facilitated use and the guaranty of system stability and the required organizational measures. Data to identify you as person will not be processed. Furthermore, only then your request can be processed.
c. Using contact form
In the event you send us a request by using the contact form, your information and the contact details on the contact form will be processed for processing your request.
These data will not be transferred without your consent. These data are: (i) Title, forename, surname, (ii) e-mail address, phone number, (iii) address, ZIP code, city, and your message.
The processing of this data on the contact form will hence be only processed based on your consent (Art. 6 I a) GDPR). You may withdraw your consent at any time by sending an e-mail to us. The processing until your withdrawal will remain lawful.
The information on the contact form will remain with us until you ask us for erasure of the data, you withdraw your consent, or the purpose of the request is fulfilled (e.g. after responding to your request). Binding legal rules remain valid, in particular storage periods.
d. Subscribing to a newsletter
If you like to subscribe to the newsletter provided on our website, we are required to obtain your e-mail address as well as information which enables us to certify your authorization to this e-mail address and your consent to the receipt of the newsletter. We therefore use the double opt-in method. Whereas you will receive a confirmation e-mail to the named e-mail address in order to check whether you have asked to receive the newsletter. Only by using the link in that confirmation e-mail your sign up becomes valid.
In order to dispatch the newsletter to you we are required to store and to process personal data comprising of your e-mail address, time-stamp and IP-data. Information that is provided optional such as title, name, and postal address will also be stored and processed.
For the continuing optimization of the newsletter we will analyze the personal data (e. g. response data on opening and klicks). With signing up to the newsletter you consent to the analyzation with respect to tracking (Art. 6 I 1 a GDPR).
We will use your e-mail address solely for dispatching the newsletter and will not transfer it to third parties. For dispatching the newsletter we use the services of Dotplex GmbH, Mr. Jan Kaspar Münnich, Reinhardtstr. 72c, 10117 Berlin, Germany. Dotplex may not use your data other than for dispatching our newsletter.
You may withdraw your consent to storage of the data and the processing of the data for dispatching the newsletter at any time. Please use the withdrawal-link at the end of a newsletter. You may also send your withdrawal by letter to our address or by e-mail to datenschutz@zist.de.
e. Transfer of bank data
With respect to signing up for a seminar we ask you to transmit your bank data. Therefore, the following data will be obtained: (i) forename and surname of the bank account holder, (ii) IBAN of the bank account, (iii) BIC of the account-holding bank, (iv) name of the account-holding bank.
This data will be provided to us encrypted and will be stored on our server. Purpose of the data processing the fulfillment of the seminar contract which you have concluded with us by singing up for the seminar. There for we have legitimate purpose for the data processing (Art. 6 I 1 b GDPR).
f. RSS-Feed
You can subscribe to our RSS feed via our website. RSS-feed is a form of the newsletter by automatically being informed about the changes on our website. To do this, the IP address of your device is registered and stored until you unsubscribe. The following data are stored: (i) Date and time of visit, (iii) name and URL of the retrieved file, (iv) browser type and operating system, (v) IP address. The storage is required to provide you with the service of the RSS feed. There is therefore a legitimate interest in the processing of data (Art. 6 I 1 lit. f GDPR), but eventually the storage of them went out and is also justified (Art. 6 I 1 lit. a GDPR). You can stop processing by ending the feed. You can subscribe to our RSS feed via our website. RSS-feed is a form of the newsletter by automatically being informed about the changes on our website. To do this, the IP address of your device is registered and stored until you unsubscribe. The following data are stored: (i) Date and time of visit, (iii) name and URL of the retrieved file, (iv) browser type and OS, (v) IP address. The storage is required to provide you with the service of the RSS feed. There is therefore a legitimate interest in the processing of data (Art. 6 I 1 lit. f GDPR), also as you have sent the request it is also justified (Art. 6 I 1 lit. a GDPR). You can stop the processing by ending the feed.
g. Signing up as user
You can register as a user on our website. Your name, user name and e-mail address will be saved for this purpose. The processing of this data is done to enable you to access our customer area. The processing of the data is therefore required within the meaning of Art. 6 I 1 lit. f GDPR. Your user data will be used as part of a password-forgotten function to send you the password if you forget it. A cookie is used for this, but you can switch off in your browser. The processing of this data is required within the meaning of Art. 6 I 1 lit. f GDPR to enable us to provide you with this service. If you do not agree with the storage, you can object to it at any time. Please see for more details under point 9 (rights affected).
4. Purposes of data processing
When you request information from us or register for a seminar or training course, we use your data to answer your inquiries, process your registration, conduct your course and keep your final documents. We are also interested in maintaining the customer relationship with you. Many data processing are only feasible with your express consent. You can withdraw an already given consent at any time. An informal message will be sent to us by e-mail. The legality of the processing until the withdrawal is not affected by this.
In order to make it easier for you to use our website and to make the website serving your interest, we log accesses to our website and retrieval of files and set cookies for this purpose. Among other data, the name of the retrieved file, date and time of retrieval, transferred data volume, message about successful retrieval, web browser and requesting domain are logged. In addition, a part of the IP address of the requesting computer is logged. The usage profiles formed in this way are processed under pseudonyms or anonymously. We also offer interfaces to social networks. For more information, please refer to this data processing information below.
We ensure the confidentiality and security of your personal data by ensuring that our employees have confidentiality obligations and we carefully select our service providers.
For the aforementioned purposes, we and our service providers process your data on the basis of Art. 6 (1) (a), (b), (c) and (f) of the GDPR.
5. We do not sell your data
If you use our website, request information from us or register for an event, we will never sell or share your address or e-mail address with third parties for advertising purposes.
6. You have the right to rectification the data processing
If you do not wish any information or offers from us, you may at any time object to the use of your data for advertising purposes. Please direct your objection to our address or send it by e-mail to datenschutz@zist.de.
You may also object to or restrict the collection of usage profiles at any time. For more information, please refer to this data processing information below.
7. The period of storage is regulated by certain conditions
We store your data as long as it is required for the respective processing purposes. If the data is stored for safekeeping purposes only, we restrict access to the data accordingly. We store your data for advertising purposes as long as we expect your interest in our offers.
8. SSL / TSL encryption
This website uses SSL or TLS encryption for security reasons and to protect the transfer of confidential content, such as orders or inquiries that you send to us as a page operator. An encrypted connection is recognized by the fact that the browser's address bar changes from "http://" to "https://" and to the lock icon in your browser line.
If SSL or TLS encryption is enabled, the data that you transmit to us cannot be read by third parties.
9. We do respect your rights
On request we will be happy to inform you about your personal data. We respect the legal scope of your rights to rectification, deletion, restriction, objection as well as, starting 25 May 2018, your right to data transferability. If you give us permission to process your data, you can revoke it at any time at our address or by e-mail to datenschutz@zist.de. Please contact datenschutz@zist.de if you wish to exercise your rights. You have the following rights when we collect and process your data.
Your rights are:
a. Revoke your consent once given to us at any time. As a result, we are not allowed to continue the data processing based on this consent for the future (Art. 7 (3) GDPR).
b. To request information about your data processed by us. In particular, you can provide information about the processing purposes, the category of data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction The processing or opposition, the existence of a right of appeal, the origin of your data, if it has not been collected from us, and the existence of an automated decision-making process, including profiling and, if necessary, meaningful Request information on their details (Art. 15 GDPR).
c. Promptly to rectify any incorrect or complete data stored by us (Art. 16 GDPR).
d. To request the deletion of your data stored by us, unless the Processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims (Art.17 GDPR).
e. To demand the restriction of the processing of your data, insofar as the correctness of the data is disputed by you, the processing is unlawful, but you refuse to delete it and we no longer need the data (Art. 18 GDPR) or you oppose the processing Opposition (Art. 21 GDPR).
f. To as for your data which you have provided to us in a structured, common and machine-read format or require the transmission to another person responsible (Art. 20 GDPR).
g. To complain to a competent supervisory authority. As a rule, you can contact the supervisory authority of your usual place of stay or our office (Art. 77 GDPR).
10. Processing of data (customer and contract data)
We collect, process and use personal data only as far as it is necessary for the legitimation, content design or change of the legal relationship (stock data). This is done on the basis of Article 6 I b GDPR, which authorizes the processing of data in order to fulfil a contract or pre-contractual measures. We collect, process and use personal data for the use of our websites (usage data) only to the extent necessary to enable or enable the user to use our services.
The customer data collected will be deleted after completion of the order or termination of the business relationship. Statutory retention periods remain unaffected.
11. Data transfer at contract conclusion for services and digital content
We transfer personal data to third parties only if this is necessary for complying with contract obligations, for example, to the credit institution appointed with the payment processing.
Additional transfer of the data is not required or will only be processed only if you have expressly agreed to the transfer. Your data will not be transferred to on third parties without consent, for example for the purposes of advertising.
The grounds for data processing is Article 6 I b GDPR, the processing of data for the performance of a contract or pre-contractual measures.
12. Objecting to advertising mails
The use of contact data published within the framework of the imprint obligation for the transmission of advertising and information materials not expressly requested is hereby rejected. The operators of the website expressly reserve the right to take legal action in the event of unsolicited sending of advertising information, such as spam e-mails.
13. External links
If we use external links offered within our website, our privacy policy does not extend to the offers that can be accessed from this link. When we offer links, we strive to ensure that they also comply with our privacy and security standards. However, we do not have any influence on the compliance with data protection and security regulations by other providers. Please read the information by other providers about the data protection regulations provided there.
14. What you should know about using cookies
The website use cookies. Cookies do not cause any damage to your computer and do not contain viruses. Cookies are used to make our offer more user-friendly, more effective and safer. Cookies are small text files that are stored on your computer and which your browser stores.
Most of the cookies we use are so-called "session cookies". They will be deleted automatically at the end of your visit. Other cookies remain stored on your device until you delete them. These cookies allow us to recognize your browser the next time you visit the website.
You can change the setting of your browser so that you are informed about the setting of cookies and allow cookies only on a case-to-case basis, the consent to cookies for certain situations or generally exclude, and the automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website.
Cookies, which are required for the execution of the electronic communication process or to provide certain functions requested by you (e. g. shopping cart function) are based on Article 6 I f GDPR. The website operator has a legitimate interest in the storage of cookies for the technically flawless and optimized provision of its services. As far as other cookies (e. g. cookies for the analysis of your surfing behavior) are stored, these are treated separately in this data processing information.
15. What plugins and tools do we use
This website uses various tools to provide links to social networks and to improve contact with users through tracking, retargeting and analytics. Below we will inform you about how these tools work.
YouTube
Our website uses plugins of Google-powered YouTube page. The site operator is the YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
If you visit one of our websites equipped with a YouTube plugin, you will be connected to the YouTube servers. This informs the YouTube server which of our pages you have visited. The videos are stored and available at www.youtube.com, respectively from their respective countries, and can be played directly from our website.
The videos on YouTube are included in the "Extended privacy mode", so that data from you is not transferred to YouTube through the sole visit of our website, but only by actively playing the videos. When the videos are played, YouTube uses cookies and transmits data to Google Inc. as the operator of the YouTube platform. The following data, if known to us by careful examination, are transferred to Google Inc. as a YouTube operator: (i) IP address, cookie ID, the specific address of our site, system date and time of the call as well as ID of your browser.
The aforementioned transfer of data when playing the videos through the Google/YouTube cookies occurs even if you do not have a user account with Google, are logged in there or there is no user account at all. In the event that you have a Google user account and you are logged in at the time of video playback, the aforementioned data will be assigned to your account and stored accordingly. Please note the corresponding one-position variants of your Google user account in order to interrupt the aforementioned transmissions.
If you are logged in to your YouTube account, YouTube allows you to assign your browsing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.
The use of YouTube is in the interest of a user-friendly presentation of our online offers. This constitutes a legitimate interest within the meaning of Article 6 I 1 f GDPR.
Please make sure that YouTube and Google Inc. use your aforementioned data for various purposes, including advertising, market research and the design of Internet sites as well as the evaluation of statistical values. Nor can it be excluded that the stored data and their evaluation are used to inform other users about their activities.
Please also note the YouTube and Google specific user and privacy notices, which you can access and view from the following links: https://www.youtube.com/static?gl=DE&template=terms&hl=de and https://policies.google.com/privacy?hl=de&gl=de
16. Tracking-Tools
Our website uses tracking measures to enable the design and optimization of our website and our newsletters. Because of this, there is a legitimate interest in the processing of data (Art. 6 I 1 f GDPR). We use the Google Analytics tracking tool to do this.
Google Analytics
This website uses features of the Web Analytics service. Provider is the Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google Analytics uses so-called cookies. These are text files that are stored on your computer and allow you to analyze the use of the website.
This will create pseudonymized usage profiles and use cookies, which will transfer the following information about the use of our website to Google's servers in the USA and store them there:
IP address, date and time of visit, name and URL of the retrieved file, webpage from which you came, browser type and operating system, name of the ISP.
The information is used according to Google's statement to evaluate the usage behavior for market research purposes, to generate reports on Internet activities, and other services for the purpose of marketing research and the needs-based design of Internet sites. The transfer of this information to third parties cannot be excluded. Your IP address will be anonymized and not associated with Google (IP-masking).
Google Analytics cookies are stored on the basis of Article 6 I 1 f GDPR. The website operator has a legitimate interest in analyzing the user behavior in order to optimize both his web offer and his advertising.
IP anonymization
We have enabled the IP anonymization feature on this website. This will reduce Google's IP address storage within Member States of the European Union or in other States parties to the Agreement on the European Economic Area prior to transmission to the United States. Only in exceptional cases will the full IP address be transferred to a Google server in the United States and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on the website activities and to provide further services related to the use of the website and the Internet with the website operator. The IP address submitted by your browser as part of Google Analytics will not be merged with other Google data.
Browser plugin
You can restrict the storage of cookies by a corresponding setting of your browser software. However, we emphasize that in this case you may not be able to use all functions of this website in full. You can also restrict Google from capturing the data generated by the cookie and related to your use of the website (including your IP address) to Google as well as the processing of this data by using the browser plugin available at the following link download and install: https://tools.google.com/dlpage/gaoptout?hl=de
Objection to data collection
You can restrict Google Analytics from obtaining your data by clicking on the following link. An opt-out cookie is set to prevent your data from being collected on future visits to this website: Disable Google Analytics.
For more information on how to handle user data in Google Analytics, see the Google Privacy Policy: https://support.google.com/analytics/answer/6004245?hl=de
Order Data Processing
We have signed a contract for data processing with Google and are fully implementing the strict specifications of the German privacy authorities when using Google Analytics.
Demographics in Google Analytics
This website uses the "demographic features" feature of Google Analytics. This enables us to create reports that contain statements about the age, gender, and interests of the website's visitors. This data comes from Google's interest-based advertising and third-party visitor data. This data cannot be assigned to a specific person. You can disable this feature at any time through the ad settings in your Google Account or prohibit the collection of your data by Google Analytics as shown in the "Objection to data collection" section.
Google Maps
This website uses an API to use the map service Google Maps. Provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
The use of Google Maps means that information about your use of the website, your IP address is transferred to Google Maps and is stored on a server in the United States and is used there. Information that Google Maps receives through this transfer may, among other things, be passed on to third parties. In addition, location data will be sent to Google even if you do not have a Google user account or are logged out of your Google user account. If necessary and if you are logged into your Google account, Google Maps will assign the collected data to your Google user account. If you do not want this assignment, you can change this in the user settings of your Google account. Google Maps uses your data for market research purposes, for analyzing user behavior, for creating user-oriented webpages or for providing user-orientated advertising, and finally for other users of social networks on their whereabouts and their user behavior. You can also restrict or prevent the sharing of your information by settings on Google Maps by disabling the JavaScript in your browser. This also stops other functions of the website so that a map display is no longer possible.
The use of Google Maps is in the interest of an appealing presentation of our online offers and the easy findability of the places we have indicated on the website. This constitutes a legitimate interest within the meaning of Article 6 I 1 f GDPR.
For more information on how to use user data, please see the Google Privacy Policy: https://www.google.de/intl/de/policies/privacy/
17. Online applications
In order to process your online application, we collect, process and use your personal data. Your application data sent by e-mail will be sent directly to the human resources department and, of course, treated confidentially. Appropriate technical and organizational measures ensure that your personal data is treated in accordance with the legal regulations – confidentiality and security are the main focus. Please note that the transfer of the data is done in unencrypted form by e-mail and the data may be taken into account by unauthorized persons or may also be falsified. You are welcome to send us your documents by mail instead. After completion of the application process, but no later than 6 months, your personal data will be automatically deleted, unless you expressly consent to a storage for a longer period of time. The processing of the data is in accordance with Article 6 I 1 b GDPR in conjunction with Art. 88 GDPR in conjunction with § 26 German Data Protection Law necessary for the initiation and conclusion of an employment relationship with ZIST. Therefore, processing is lawful. In accordance with your respective rights, you may object to the processing, otherwise we refer to point 9 (rights concerned).
18. Social media
Facebook plugins with sharer.php
On our website we use so-called social plugins (plugins) of the social network Facebook, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA (Facebook).
In order to increase the protection of your data when you are visiting our website, these buttons are not fully integrated as plugins, but only by using an HTML link in the page. This type of integration ensures that when you call a page on our website that contains such buttons, you are not yet connected to the Facebook servers. When you click on the button, a new browser window opens and calls up the page from Facebook, where you can interact with the plugins (if necessary after entering your login data). The information collected by Facebook serves the purpose of advertising, market research and needs-appropriate design of other Facebook pages by creating profiles that are evaluated by Facebook. At the same time, these profiles serve to provide Facebook services to you that fit to these profiles.
Facebook Inc., based in the United States, is certified for the US-European Data Protection Convention, "privacy Shield", which ensures compliance with the data protection standards in force in the EU.
The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as your rights and settings for the protection of your privacy, please refer to the Privacy policy of Facebook: http://www.facebook.com/policy.php
In addition, WhatsApp uses cookies to store and reuse the aforementioned data. The usage comprises the diagnosis of errors, saving of language preferences, security and verification of your account, communication with services of the Facebook company group, improvement of WhatsApp service as well as market research purposes and Advertising purposes.
For further information, please refer to the data protection instructions of WhatsApp at: https://www.whatsapp.com/legal