1. Responsible body
The responsible body for processing personal data is:
Mister Spex GmbH,
Greifswalder Straße 156,
Customer Service: +49 (0)800 472 54 57
Fax: +49 (0)30-4431230-25
Our Data Protection Officer may be contacted as follows:
Mister Spex GmbH,
– Data Protection Officer of Mister Spex GmbH –
Greifswalder Straße 156,
2. Purposes of data processing, legal bases and legitimate interests, categories of recipients
a) Accessing our website/application
When you access our website, the browser you use on your terminal device automatically sends information to the website’s hosting provider, where they are stored temporarily in a so-called log file. The following data are collected with no activity on your part and stored until they are automatically deleted:
- the IP address of the requesting internet-compatible device,
- the date and time of access,
- the name and URL of the requested file,
- the website/application from which access was made (referrer URL),
- your browser and, where applicable, the operating system of your internet-compatible computer and the name of your access provider.
The IP address is processed on the legal basis of Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest is founded in the following purposes of data collection:
- guaranteeing a smooth connection
- ensuring our website is convenient to use
- assessing system security and stability
- other administrative purposes.
The data will be stored by the hosting provider for as long as they serve the legitimate interests defined in the preceding, after which they are automatically deleted.
b) Other data collected on our website
You can find details about the data collected on our website in the following. All data are transferred securely using SSL encryption.
i. Information for applicants
If you wish to submit an online application, we require certain information in order to process your application. The only mandatory information you are required to provide are your salutation, first name and surname, email address and CV. The legal basis for the provision of data by you is Art. 6 Para. 1 lit. b) GDPR. We make use of an external service provider for e-recruiting purposes. We use the data exclusively to process your application and to take you into consideration during the recruitment process.
If the application process is positive and we take you on as an employee, your data will be stored in accordance with statutory data retention periods.
If your application is unsuccessful, your data will be blocked immediately on completion of the application process and deleted after a period of 6 months. This does not apply if you choose to be included in our talent pool at our request. In this case we will store your data in our talent pool for a period of 12 months and use it to get in touch with you in the event a vacancy potentially matching your profile arises. We will delete your data after 12 months unless you renew your consent to it being stored on our server. The legal basis for storing your data beyond the application process itself is your consent granted in accordance with Art. 6 Para. 1 lit. a) GDPR, which you may revoke at any time.
We also offer you an opportunity to subscribe to our job recommendation emails and to manage these settings in a password-protected area. We use the so-called double opt-in method to ensure no errors are made when you enter your email address: once you have entered your email address in the registration field, we will send you a confirmation link. Your email address will not be added to our distribution list until you click on the confirmation link. The processing of your electronic contact data for this purpose is based exclusively on your consent (Art. 6 Para. 1 lit. a) GDPR). Your data will be stored until you revoke your consent. You can revoke your consent granted in this manner at any time with effect for the future without having to state a reason. It is sufficient to send a brief note per email to firstname.lastname@example.org. The processing of your data to set up the password-protected area is based on Art. 6 Para. 1 lit. b) GDPR for the purpose of making your personal area accessible to you. Your email address and the data provided voluntarily by you after registration will be processed until such time as you revoke your consent.
ii. Enquiries from partner opticians
We offer opticians interested in a potential cooperation within our partner optician programme an opportunity to contact us via a corresponding online form. We use the data you send us exclusively for the purpose of evaluating potential opportunities to cooperate with you. The legal basis for the provision of data by you is Art. 6 Para. 1 lit. b) GDPR. In the event a cooperation is not concluded we will delete your data immediately after declining.
iii. Press discount
Journalists have the opportunity to apply for a discount on Mister Spex GmbH products. Simply complete the online form and attach a copy of your press accreditation. We use these data exclusively for the purpose of granting you the requested discount. The legal basis for the provision of data by you is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the ability to assess whether the requesting person is in fact a journalist eligible for a discount. You can object to your data being processed in the future by sending a message to email@example.com. Please note, however, that in this case we will not be able to grant you a press discount. We will delete your data after one year or immediately on receipt of your objection to data processing.
iv. Embedded YouTube videos
3. Online presence and website optimisation
a) General information about cookies
Our website uses so-called cookies on the basis of Art. 6 Para. 1 lit. f) GDPR in order to statistically log the use of our website and for the purpose of optimising our offering for you. Our interest in optimising our website is justified within the meaning of the aforementioned regulation.
Cookies are small files generated automatically by your browser and stored on your terminal device when you visit our website. Cookies do not do any harm to your terminal device, nor do they contain viruses, Trojans or other malware. Cookies are used to store information relating to the user’s specific terminal device. However, this does not mean that your identity is made known to us in any way. Cookies are used to make it easier for you to use our services. These cookies are automatically deleted after a defined period of time. Most browser accept cookies automatically. However, you can configure your browser to prevent cookies from being stored on your computer or to alert you every time a new cookie is about to be created. However, completely deactivating cookies can result in an inability to use every function of our website. The storage duration of cookies depends on their purpose and is not the same for every cookie.
b) Tracking and website analysis tools
We use the following tools on the basis of Art. 6 Para. 1 lit. f) GDPR for the purpose of expedient website design and optimisation. This also represents our legitimate interest in this regard.
i. Google Analytics
You can object to the collection and storage of your data at any time with effect for the future by downloading and installing the browser plug-in available under this link: http://tools.google.com/dlpage/gaoptout?hl=en. In view of the discussion on the use of analytics tools with complete IP addresses, we would like to inform you that this website uses Google Analytics with the extension “_anonymizeIp()” so that IP addresses are always shorten prior to further processing to exclude any possibility of establishing a direct link to an individual.
4. Recipients outside of the EU
The following recipients of your data are located outside of the European Union: Google Inc. (tracking technology provider), Pagely Inc. (hosting service provider). Data are transferred in compliance with the principles of the Privacy Shield.
5. User rights
a) Revoking consent
If you have granted your consent to your personal data being collected, stored and used in conjunction with your use of this website, you can revoke your consent at any time. Revocation has no impact on the lawfulness of previous data processing activities. You can send your revocation by email or regular mail to the points of contact detailed in Section 1. Your revocation will be limited to the storage and use of personal data that may not already be stored and used without your consent on the basis of statutory permissions.
b) Information, correction, deletion, restriction, data portability
We will inform you in accordance with Art. 15 GDPR of the personal data we hold on file at any time on receipt of you written request by email or regular mail. Furthermore, you are entitled to request the correction of your personal data according to Art. 16 GDPR. You have a right to have your personal data deleted insofar the provisions of Art. 17 GDPR apply. You have the right in accordance with Art. 18 GDPR to restrict the extent to which we process your personal data insofar as the provisions of Art. 18 GDPR apply. You have the right to data portability in accordance with the provisions of Art. 20 GDPR. Insofar as the processing of your personal data is based on Art. 6 Para. 1 lit. e) or (f) GDPR, you have the right in accordance with Art. 21 GDPR to object to processing. Please contact the address detailed in Section 1 in this regard. You have the right in accordance with Art. 22 GDPR not to be subject to a decision based exclusively on automated processing, including profiling, which produces legal effects concerning you or considerably impair you in any similar manner. You also have the possibility of complaining to the supervisory authority responsible for you.
6. Your obligation to provide data
As a fundamental rule, you have no contractual or legal obligation to provide us with your personal data. However, if you do not provide the personal data we request in required fields, we will not be able to provide the service you request.
7. Existence of automated decision-making
We do not use any decisions based exclusively on automated processing, including profiling, which produce legal effects concerning you or considerably impair you in any similar manner.
Status: May 2018