Privacy Statement / Privacy Policy of IBA Dosimetry GmbH

Download  German Version of Privacy Statement / Deutsche Version der Datenschutzerklärung

We would like to welcome you on our website and appreciate your interest in our company. The protection of your personal data is very important to us. When processing your data, we will comply with all applicable legal provisions on personal data protection, in particular the EU General Data Protection Regulation (EU GDPR) as well as the relevant national implementation laws. This privacy statement will inform you comprehensively about the processing of your personal data by IBA as well as the rights you are entitled to in this context.

Personal data means any information that enables the identification of a natural person. This includes in particular the name, date of birth, address, telephone number, email address and also the IP address of a person.

Anonymous data means any information that cannot be related to a specific user.

Data Controller and Data Protection Officer

IBA Dosimetry GmbH

Bahnhofstrasse 5
90592 Schwarzenbruck
Germany

Contact details of data protection officer: datenschutz@iba-group.com

Your Rights as a Data Subject

First we would like to inform you about your rights as a data subject. These rights are set out in Articles 15–22 of the EU GDPR and include the following:

  • The right of access (Article 15 of the EU GDPR);
  • The right to erasure (Article 17 of the EU GDPR);
  • The right to rectification (Article 16 of the EU GDPR);
  • The right to data portability (Article 20 of the EU GDPR);
  • The right to restriction of processing (Article 18 of the EU GDPR);
  • The right to object to processing (Article 21 of the EU GDPR).

In order to exercise the aforementioned rights, please contact: datenschutz@iba-group.com

The same applies if you have any questions regarding data processing by our company. In addition, you have the right to lodge a complaint with a supervisory data protection authority.

Rights of Objection

Please note the following with regard to your rights of objection:

In cases where we process your personal data for the purpose of direct marketing, you have the right to object to such processing at any time without giving any reasons; this also includes profiling to the extent that it is related to such direct marketing.

If you object to data processing for the purpose of direct marketing, we will cease to process your personal data for such purposes. Objections are free of charge, do not require a specific form and should be directed to: datenschutz@iba-group.com

In cases where we process your personal data in pursuance of our legitimate interests, you have the right to object, on grounds relating to your particular situation, at any time to such processing, including profiling being conducted on the basis of these provisions.

We will then cease to process your personal data, unless we can demonstrate compelling legitimate grounds for such processing that override your interests, rights and freedoms, or if such processing is necessary for the assertion, exercise or defense of legal claims.

Purposes and Legal Bases of Data Processing

When processing your personal data, we will comply with the provisions of the EU GDPR, the new German Federal Data Privacy Act (BDSG) as well as any other applicable data protection regulations. Legal bases for data processing arise in particular from Article 6 of the EU GDPR.

We will use your data for initiating business, fulfilling our contractual and legal obligations, managing the contractual relationship, offering products and services and strengthening the customer relationship, which may also involve analyses for marketing and direct marketing purposes.

Your consent may also constitute a legal basis for data processing. When you grant such consent, we will inform you about the purposes of data processing and the right to withdraw your consent. If your consent also refers to processing of special categories of personal data, we will expressly state this fact in the consent (pursuant to Article 88(1) of the EU GDPR in conjunction with Section 26(3) of the new German Federal Data Privacy Act (BDSG)).

Special categories of personal data as defined in Article 9(1) of the EU GDPR will be processed only where required by law, and if there is no reason to believe that processing of such data is outweighed by your legitimate interest to the contrary (pursuant to Article 88(1) of the EU GDPR in conjunction with Section 26(3) of the new German Federal Data Privacy Act (BDSG)).

Disclosure to Third Parties

We will disclose your data to third parties only where and to the extent permitted by law, or if you have given us your consent to do so. Beyond that, your data will never be passed on to any third parties, unless we are required to do so by mandatory legal provisions (disclosure to external bodies such as supervisory or law enforcement authorities).

Data Recipients / Categories of Data Recipients

In our company we make sure that your data is made available only to persons who actually need said data for fulfilling contractual and legal obligations.

Frequently, our specialist departments are supported by service providers in fulfilling their tasks. In each and any of these cases, we have entered into the necessary data protection agreements with our service providers.

(Intended) Data Transfer to Third Countries

Personal data will be transferred to third countries (i.e., non-member states of the European Union or European Economic Area) only where and to the extent necessary for contract performance or required by law, or if you have given us your consent to do so.

We are transferring your personal data to a service provider or an affiliated company located outside the European Economic Area (EEA), whereby we are ensuring an equal level of data protection.

Data Storage Duration

We will store your data as long as needed for the specific processing purpose. Please note that, due to numerous statutory retention periods, we may be obliged to store data for longer times. This applies in particular to retention periods required by commercial or tax laws (e.g. German Commercial Code (HGB), German Fiscal Code (AO), etc.). In the absence of longer legal retention periods, the data will be routinely deleted upon having fulfilled its intended purpose.

In addition, we may retain data if you have given us your consent to do so, or if we want to use certain data as evidence in legal disputes within the statutory periods of limitation, which may be as long as thirty years; the regular period of limitation is three years.

Safe Transfer of Your Data

In order to protect the data stored on our servers in the best possible way against accidental or intentional manipulation, loss, destruction or access by unauthorized persons, we have taken appropriate technical and organizational safety measures. In cooperation with security experts, we are constantly reviewing and adapting our safety levels to new standards.

Data transfer from and to our website is encrypted. We are using HTTPS as a transfer protocol for our internet presence, always combined with the latest encryption protocols. In addition, we are offering content encryption to visitors making use of our contact forms or applying for jobs. This data can be decrypted only by us. Furthermore, users can always resort to alternative communication channels (e.g. paper mail).

Obligation to Provide Data

A variety of personal data is needed for entering into, maintaining and terminating a contractual relationship and fulfilling the related contractual and legal obligations. The same applies to the use of our website and the various functions provided by the same.

The related details are summarized above. In certain cases, statutory provisions may require data collection or data provision. Please note that we will be unable to process your inquiry or to manage the underlying contractual relationship without this data being available to us.

Automated Individual Decisions

We do not use any fully automated processing for decision-making.

Collection of General Information

As soon as you access our website, some general information will be collected automatically. This data is stored in the so-called server log files and includes e.g. your web browser type, your computer’s operating system, the domain name of your Internet Service Provider and the like. The information involved cannot be used to identify you. It is technically indispensable for correct delivery of the website contents you have requested, and cannot be avoided when using the internet. Such anonymous information is statistically evaluated by us in order to optimize our web presence as well as the underlying technology.

Data Protection in Job Application Procedures

We will process candidate information solely for the purpose and within the scope of job application procedures and in compliance with the legal provisions. Candidate information will be processed by us in order to fulfill our (pre-)contractual obligations arising from job application procedures as defined in Articles 6(1)(b) and 6(1)(f) of the EU GDPR, or if its processing becomes necessary for us e.g. in the context of legal proceedings (in Germany, Section 26 of the German Federal Data Privacy Act is applicable in addition).
It is a prerequisite for job application handling that candidates make relevant information about them available to us. The necessary candidate information will be marked as such if an online application form is provided, and will result from the job descriptions otherwise; it always includes personal data, mail and contact addresses as well as supporting documents such as the letter of application, CV and certificates / degrees / references. Besides that, candidates may voluntarily provide additional information.
Upon sending us their application, candidates agree to the type and scope of processing of their data defined herein for application handling purposes.
If candidates voluntarily provide special categories of personal data as defined in Article 9(1) of the EU GDPR in the course of the application procedure, such data will be processed pursuant to Article 9(2)(b) of the EU GDPR in addition (e.g. health-related data, such as severe disability status, or ethnic origin). If candidates are asked to provide special categories of personal data as defined in Article 9(1) of the EU GDPR in the course of the application procedure, such data will be processed pursuant to Art. 9(2)(a) of the EU GDPR in addition (e.g. health-related data, if necessary for doing the job).
Candidates may send us their applications via an online form on our website, if available. The data will be transmitted to us in an encrypted form using state-of-the-art technology.
In addition, candidates may send us their applications by email. They should be aware, though, that emails are sent unencrypted by default, so that they may need to take care of encryption themselves. Therefore we cannot accept any responsibility for the transmission path between the sender and our server and recommend using rather online forms or paper mail for job applications. For candidates are still free to choose paper mail instead of online forms or emails for their applications.
In case of successful applications, we may continue to process the data provided by candidates for the purpose of managing the employment relationship. Otherwise, if an application for an open position is unsuccessful, candidate information will be deleted. Candidate information will also be deleted if an application is withdrawn, something which candidates are entitled to do at any time.
Subject to a justified revocation by the candidate, deletion will take place after a six-month period in order to enable us to answer possible follow-up questions on the application and to comply with our documentation obligations arising from the German General Act on Equal Treatment. Invoices referring to the reimbursement of travel expenses will be archived in accordance with the applicable fiscal regulations.

Talent Pool

As part of job applications, we are offering candidates the option to include them in our “Talent Pool” for a period of two years based on their consent pursuant to Article 6(1)(a) and Article 7 of the EU GDPR.
The candidate data contained in the Talent Pool will be processed solely for future job postings and recruitments and will be deleted upon expiry of the aforementioned storage period at the latest. Candidates will be informed that their consent to their inclusion in the Talent Pool is voluntary, that it does not have any influence on the current application procedure and that they may revoke their consent with effect for the future at any time or object to data processing pursuant to Article 21 of the EU GDPR.

Newsletter

When you subscribe to our newsletter, the data provided by you will not be used for any other purposes. Subscribers may also be informed by email about circumstances that are relevant for the service or registration (such as changes in the newsletter offer or technical conditions).

For a successful registration we need a valid email address. In order to verify whether a signup request actually comes from the email address owner, we use the “double opt-in” method. For that purpose, we are logging the newsletter signup request, the emailing of a reconfirmation request and the receipt of the response requested in the latter. Besides that, we will not collect any other data. The data will be used exclusively for newsletter delivery and will not be passed on to any third parties.

You may withdraw your consent to the storage of your personal data and the use of said data for newsletter delivery at any time. A corresponding link can be found in each newsletter. In addition, you may unsubscribe from the newsletter directly on this web page at any moment or inform us about your wish to unsuscribe using the contact channels provided at the bottom of this page.

Newsletters – Mailchimp

Our newsletters will be delivered via the mail provider “MailChimp”, a newsletter distribution platform operated by the U.S. company Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. For details on the privacy policy of the mail provider, please refer to: https://mailchimp.com/legal/privacy/. The Rocket Science Group LLC d/b/a MailChimp is certified under the Privacy Shield Framework, thus guaranteeing compliance with the EU data protection levels (https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active). The email service provider has been contracted by us for the purpose of pursuing our legitimate interests pursuant to Article 6(1)(f) of the EU GDPR and on the basis of a processing contract pursuant to Article 28(3)(1) of the EU GDPR.
The email service provider may use recipient data pseudonymously, i.e. without relating it to specific users, for improving or optimizing its own services, e.g. for optimizing the delivery or presentation of the newsletters technically, or for statistical purposes. The email service provider will, however, never use any information about our newsletter subscribers itself for contacting them directly or for disclosure to third parties.

Newsletters – Email Tracking

Our newsletters contain a so-called “web beacon”, i.e. a one-pixel file that will be downloaded from our web server or our email service provider’s web server (if any) as soon as you open the newsletter. While processing the download request, the web server will gather primarily technical data such as information on your web browser and your operating system, as well as your IP address and the exact request time.
This information will be used for technical improvement of the services based on the above technical data or conclusions about the target groups and their reading behaviors in terms of geographical locations (which can be determined by means of the IP address) or access times. Statistical data collected also include the information whether users open the newsletters, when they open them and which links they click. Although these pieces of information may be assigned to individual newsletter subscribers for technical reasons, it is neither our aim nor that of our email service provider (if any) to monitor individual users. Instead, such analyses rather help us to identify the reading habits of our users and to match our content to them or to serve different content to our users based on their interests.
Unfortunately, it is not possible to revoke only your consent to email tracking. In case of disagreement, you must unsuscribe completely from our newsletter service.

Contact Form

If you contact us via email or contact form, the information provided by you will be stored for the purpose of processing your request and for possible follow-up questions.

CRM System by Salesforce

We are using the CRM system of salesforce.com Germany GmbH, Erika-Mann-Str. 31, 80636 München, to process user requests more quickly and efficiently (legitimate interest pursuant to Article 6(1)(f) of the EU GDPR).
salesforce is certified under the Privacy Shield Framework, thus ensuring compliance with the EU data protection laws even if data is processed in the United States of America (https://www.privacyshield.gov/participant?id=a2zt0000000KzLyAAK&status=Active).
salesforce will use information provided by users solely for technical processing of the inquiries and will not pass on such information to any third parties. In order to be able to use salesforce, users must at least provide a correct email address. Pseudonymous use of the service is possible. When processing service requests, it may become necessary to ask for further information (name, address).
For users who do not agree with data collection by and data storage in salesforce’s external system, we are offering alternative ways for submitting service requests via email, telephone, telefax or paper mail.
For further information, please refer to the privacy policy of salesforce: https://www.salesforce.com/de/company/privacy/.

Use of Akkroo

This website uses Akkroo for registering for events and training courses as well as for recording contact and address data during trade fairs and congresses.
Link to Akkroo’s privacy policy: https://akkroo.com/privacy

Use of Google Analytics

This website uses Google Analytics, a web analytics service offered by Google Inc. (“Google”). Google Analytics uses so-called “cookies” – text files saved to your computer that make it possible to analyze how you are using this website.The information generated by the cookie about your activities on this website will usually be transmitted to a Google server in the United States and stored there. However, as we have enabled IP address anonymization on these web pages, your IP address will be truncated by Google within member states of the European Union or other member states of the European Economic Area (EEA) before being transmitted to the United States. Only in exceptional situations will your full IP address be transmitted to a Google server in the United States and truncated there. On behalf of the owner of this website, Google will use this information for evaluating your use of the website, for generating website activity reports and for providing other services related to website and internet usage to the website owner. The IP address transmitted by your browser as part of Google Analytics will not be combined with any other data held by Google. You can block the storage of cookies by making the appropriate settings in your browser; please bear in mind, however, that you may no longer be able to make full use of all functions provided by this website when doing so. Furthermore, you can prevent Google from collecting information about your use of websites (including your IP address) by means of cookies and from processing such information by downloading and installing the browser plug-in available under the following link: Browser add-on for disabling Google Analytics

Google Ads

Our website uses Google conversion tracking. If you reach our website via an advertisement served by Google, Google Ads will set a cookie on your computer. The conversion tracking cookie will be set as soon as a user clicks an ad served by Google. These cookies will become invalid after a period of 30 days and are not used for personal identification. If the user visits certain pages of our website and the cookie has not yet expired, we and Google are able to recognize that the user was redirected to this page after clicking the ad. Since each Google Ads customer is assigned a different cookie, cookies cannot be tracked across the websites of various Google Ads customers. The information obtained through the conversion cookie is used to generate conversion statistics for Google Ads customers who have chosen to make use of the conversion tracking feature. This way, customers learn how many users in total clicked their ad and were forwarded to a website that includes a conversion tracking tag. However, they will not receive any information enabling them to personally identify users.

If you prefer not to participate in conversion tracking, you can prevent the cookie required for this function from being set – e.g. by using a browser setting that either generally disables cookies or blocks setting of cookies from the “googleadservices.com” domain.

Please remember not to remove the opt-out cookies as long as you want to prevent data logging for statistical purposes. If you have deleted all cookies in your browser, you must set the respective opt-out cookie again.

Social Media Plug-Ins

We use social media plug-ins of the providers listed below on our web pages. You can recognize these plug-ins by their respective logotypes.

These plug-ins may possibly transmit information (which may include also personal data) to the service provider for further use by the latter. In order to prevent inadvertent and undesired data collection and transmission to the service provider, we use a 2-click solution. To activate a certain social media plug-in, visitors must enable the plug-in first by clicking the corresponding icon. Information collection and transmission to the service provider will not start until the plug-in has been activated. We ourselves do not collect any personal data through social media plug-ins or on their use.

Which data an activated plug-in is collecting and how this data is being used by the provider is beyond our control. At present, it must be assumed that a direct connection to the services of the provider will be established and that at least the IP address and some device-related information will be collected and used. Service providers might also attempt to store cookies on the computer used. For details as to exactly which data is collected and how it is used, please refer to the privacy policies of the respective service provider. Note: If you are simultaneously logged on to Facebook, Facebook will be able to identify you as visitor of a certain web page.

We have embedded the social media icons of the following companies on our website:

Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA);  privacy policy: https://twitter.com/de/privacy; opt-out: https://twitter.com/personalization; Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active.

LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland); privacy policy: https://www.linkedin.com/legal/privacy-policy; opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out; Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active.

Xing (XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany); privacy policy / opt-out: https://privacy.xing.com/de/datenschutzerklaerung.

YouTube

We have embedded videos from the “YouTube” platform operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, on our website; privacy policy: https://www.google.com/policies/privacy/; opt-out: https://adssettings.google.com/authenticated.

Google Maps

We have embedded maps from the “Google Maps” service operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The data processed may include in particular users’ IP addresses and geographical locations, which are, however, not collected without the users’ consent (usually given by making the corresponding settings on their mobile devices). The data may be processed in the United States of America. Privacy policy: https://www.google.com/policies/privacy/; opt-out: https://adssettings.google.com/authenticated.

Landing Pages and Event Registration Provider – WIX

We are using the services of the website provider Wix.com Ltd., Namal 40, 6350671 Tel Aviv, Israel, with European offices at: Wix.com Luxembourg S.a.r.l., 5 Rue Guillaume Kroll, L-1882 Luxembourg, hereinafter shortly referred to as “wix.com”. If you have any questions regarding the EU General Data Protection Regulation, you may also contact privacy@wix.com. Hence we are users of wix.com, and if you use our landing pages or the registration tools contained in them, you will be “user of user” according to the definition of wix.com. In the following we have summarized the most important information regarding wix.com’s privacy policy. The full version can be found here: https://de.wix.com/about/privacy.

​Which data is collected by wix.com?
wix.com will collect two types of data: personal data (which may be used to unambiguously identify a person) and non-personal data (which does not serve for identification purposes). wix.com will collect such data from its users and visitors, users of users and any other individuals who might make such data available to it. If necessary, wix.com will also collect similar data in connection with visitors and users of the websites or services of its users (“users of users”), yet solely for and in the interest of its users.

Why does wix.com collect such data?
wix.com will collect and use data to provide its services, to make its services better and safer and to contact its visitors, users and job applicants, and to comply with any legal provisions applicable to wix.com.

Where is the information stored?
Personal data may be stored and processed either by wix.com itself or by its affiliates and service providers in the United States of America, Europe, Israel or under other jurisdictions. Each data storage provider with whom wix.com cooperates has made a contractual commitment to protect the privacy of your data. In order to protect the data of its users even better, wix.com complies with the data privacy principles of the EU-U.S. and the Swiss-U.S. Privacy Shield Framework, among others. Some jurisdictions require that their residents’ information be administered and stored locally. wix.com may also collect, process and store such information elsewhere, including in the United States of America.

Users-of-users’ information:
wix.com may collect and process information about the users of its users. wix.com will do so solely on behalf and upon instruction of its users. wix.com’s users are entirely responsible for their own users’ information, including its legality, security and integrity. wix.com has no direct relationship with any of its users’ users.

Disclosure of personal information to third parties:
wix.com may share information about its visitors, users and users of users with various third parties, including certain service providers, law enforcement authorities and application developers. Information sharing is subject to the policies outlined herein.

Cookies

Like many other websites, we are using also so-called “cookies”. Cookies are small text files that are transferred from a web server to your hard disk. By means of cookies, we automatically obtain certain information about your computer and your internet connection, such as e. g. the IP address, browser and operating system used by you.

Cookies cannot be used for executing programs or for sending viruses to a computer. The information contained in cookies enables us to make navigation easier for you and to ensure correct display of our web pages.

The data obtained by us in this way will never be disclosed to any third parties nor combined with any personal data without your consent.

Of course you can view our website also without cookies. Web browsers are set by default to accept cookies. You may, however, disable the use of cookies at any time by changing your browser’s settings. Please refer to the help section of your web browser to learn how to change these settings. You should be aware, though, that certain functions of our website may no longer work once you have blocked the use cookies.