Our Privacy Statement
Here you will find information about how we handle your personal data when you visit our website. In order to provide the functions and services on our website we need to collect personal data about you. In the following, we will explain what data we collect about you, what this data is needed for, and what rights you have in relation to your data.
The controllers responsible for the processing of personal data on this website is (see Legal Information):
Management Fariborz Ehtesham
VLR Germany GmbH
If you have any questions regarding data protection and privacy, you can contact our data protection officer, Mr. Fariborz Ehtesham, at any time by sending an e-mail to info(at)vlrgermany.de.
We protect and respect your personal data.
We know that privacy statements do not make captivating reading material, but we would still like to inform you in general terms and as briefly as possible about how we handle your personal data. As we develop and update these web pages and implement new technologies, we may need to make changes to this privacy statement. We therefore recommend that you come back here from time to time to re-read our privacy statement.
The terms we use in this statement (e.g. “personal data” or “processing”) are defined in the European Union’s General Data Protection Regulation (GDPR), Art. 4.
The following statement gives you a quick and simple overview of the type of personal data we collect from you and what we do with it. Moreover, we inform you about your rights under applicable data protection and privacy law and tell you whom you can contact if you have any questions.
Who is the controller responsible for the processing of my data, and whom can I contact?
The controller takes all appropriate technical and organisational measures for protecting your personal data. Any data subject can contact the controller at any time if you have questions or suggestions related to data protection and privacy:
Contact data can found in the Legal Information
How we handle access data
As operator of this website, we have a legitimate interest (under Art. 6.1(f) GDPR) on the basis of which we collect data on website access and store such data as server log files on the web server. The following data are logged in this manner:
- Website visited
- Time of access
- Volume of data sent in byte
- Origin/link from where you came to our site
- Browser used
- Operating system used
- IP address used
The server log files will be stored for no more than 15 days and then erased. The data are saved for security reasons, for instance in order to be able to investigate cases of abuse. If data has to be stored as evidence, they are exempted from erasure until the incident has been fully investigated. We do not draw any conclusions from the stored IP address to the visitor’s identity.
Collection and processing of personal data
For technical reasons, the operator of this website does not collect any personal data beyond the aforementioned IP address. Therefore, data is neither analysed nor forwarded (except – as described – to Siwecos for your security). Therefore, you can visit this website without having to provide any further personal information. In order to enhance our website and improve its security, we do, however, store your (non-personally identifiable) website access data in server log files for the aforementioned duration.
Handling of contact data
If you contact us as the operator of this website through the contact options provided thereon, your details will be stored so that they can be used to process and answer your enquiry. This is legal pursuant to Art. 6.1(b) GDPR which allows for the processing of data in order to take steps at the request of the data subject prior to entering into a contract. This data will not be disclosed to third parties or processed for any other purpose without your consent. Should we not enter into a contract, the data will be erased after two years, at the latest.
As a user, you have a right to request information concerning the personal data we have stored about you. This information must be provided by us free of charge. You also have the right to request the rectification of inaccurate data and to have your personal data erased or its processing restricted. If applicable, you can also assert your right to data portability.
Should you suspect that your data are processed unlawfully, you can lodge a complaint with us as well as with your competent supervisory authority (https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html).
Erasure of data
Provided that your request is not in conflict with any statutory data storage obligations, you are entitled to have your data erased. Any data stored by us will be erased if they are no longer needed for their intended purpose. If we cannot erase your data because they are required for permissible legal purposes (such as during the statutory retention period for tax purposes), its processing will be restricted. In such case, the data will be blocked and not processed for other purposes.
Right to object
Users of this website can exercise their right to object at any time and object to the processing of their personal data for the future.
If you wish to rectify, block, erase or access the personal data stored about you, or if you have any questions regarding the collection, processing or use of your personal data, or if you wish to revoke any consents previously granted, please contact the e-mail address stated in the Legal Information.
Moreover, you have a general right to complain to the supervisory authority responsible for your state. Click here for a list of German data protection supervisory authorities:
Cookies are small text files stored by a visited website in the visitor’s browser, i.e. on his or her terminal device. The ECJ judgment of 1 October 2019 (Case C-673/17) makes it unmistakably clear that any cookies not needed due to technical reasons require the visitor to be informed and his or her active consent to be obtained before such cookies can be set in the visitor’s browser.
Most web browser automatically accept cookies. Stored cookies can be deleted at any time via your web browser settings. You can also adjust your web browser’s settings so that no cookies are stored. This may, however, cause our website to have limited functionalities.
Options for job applications
You can apply on our website or via e-mail. When you apply, we collect and store the data entered by you into the online form or sent to use by e-mail. We process your data solely for the purpose of dealing with our application. No data will be disclosed to any third parties. This type of processing is legal under Art. 6.1 (b) GDPR. If we are unable to offer you a position, we will store your data for a maximum of up to 6 months after the end of the application process.
You can enter personal data via a contact form on our website. If you use the contact form, we collect and store the data entered by you (e.g. last name, first name, e-mail address). No data will be disclosed to any third parties.
Provided that you have given consent, this type of processing is legal under Art. 6.1 (a) GDPR. If your inquiry relates to steps required prior to entering into a contract, Art. 6.1 (b) GDPR provides an additional legal basis.
We use the data solely to process and answer your inquiry.
We use Google Analytics in order to be able to analyse and improve the use of our website.
Google Analytics is a web analytics service provided by Google Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States. In the event of IP anonymisation being activated on this website, your IP address will, however, be truncated beforehand by Google within Member States of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address first be transferred to a Google server in the US and then truncated there. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The legal basis for the processing of data with the help of Google Analytics is Art. 6.1 (f) GDPR. Google will in no event associate the IP address transmitted by your browser through Google Analytics with any other data held by Google.
We use Google Analytics with the “_anonymizeIp()” extension. This causes IP addresses to be truncated (IP masking), so that any direct personal identification can be ruled out. Google participates in the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. This means that even in the exceptional cases in which Google does transfer personal data to the US, an adequate level of data protection is provided.
IInformation about Google: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001
Further information on Google’s Terms of Service:
This website uses Google Analytics for analytics across multiple devices. For this purpose each user receives a user ID. You can deactivate the analysis of your usage across multiple devices in your customer account under “my data”, “personal data”.
We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our websites. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).
reCAPTCHA is intended to check whether the data input on our websites (e.g. in a contact form) is made by a person or by an automated program. For this purpose, reCAPTCHA analyses the website visitor’s behaviour on the basis of various metrics. This analysis begins automatically as soon as the visitor enters the website. For analysis purposes, reCAPTCHA evaluates various information (e.g. IP address, time spent on the website or mouse movements made by the user). The data collected during the analysis is forwarded to Google.
The reCAPTCHA analyses run completely in the background. Visitors to the website are not informed that an analysis is taking place.
The data is processed on the basis of Art. 6.1 (f) GDPR. The website operator has a legitimate interest in protecting its content from abusive automated spying and SPAM.
We use Google Maps on our website. This allows us to display interactive maps directly on our website and enables you to conveniently use the map function. By using Google Maps, data – including your IP address – is transmitted to Google in the US.
The legal basis for the processing of your data is Art. 6.1 (f) GDPR. Google participates in the EU-US Privacy Shield, www.privacyshield.gov/EU-US-Framework.www.privacyshield.gov/EU-US-Framework
Information about Google:
Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA
Further information on Google’s Terms of Service:
Further information on the Google Maps Terms of Service:
Duration of storage
We process and store your data only for as long as necessary for the processing or for compliance with legal obligations. Once the purpose of the processing no longer exists, your data will be blocked or erased. If there are any further legal obligations to store data, we will block or erase your data once the statutory storage periods have expired.
You have the following rights against us regarding any personal data concerning you:
- Right of access
You have the right to obtain confirmation as to whether or not we process personal data concerning you. Where that is the case, you have the right to access such personal data as well as certain additional information, such as the purposes of the processing, the recipients and the envisaged period for which the personal data will be stored, or the criteria used to determine that period.
- Right to rectification and completion
You have the right to obtain without undue delay the rectification of inaccurate data. Taking into account the purposes of the processing, you have the right to have incomplete data completed.
- Right to erasure (“right to be forgotten”)
You have a right to obtain the erasure of your personal data where a processing is not required. This is the case, for example, if your data are no longer necessary in relation to the original purposes, if you have withdrawn your consent to the processing of your data under data protection and privacy regulations, or if the data have been processed unlawfully.
- Right to restriction of processing
You have the right to obtain a restriction of processing, for instance if you believe the personal data to be inaccurate.
- Right to data portability
You have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format.
- Right to object
SYou have the right to object, on grounds relating to your particular situation, at any time to the processing of certain personal data concerning you.
In the case of direct marketing, you as the data subject have the right to object at any time to the processing of personal data concerning you for such marketing purposes, which includes profiling to the extent that it is related to such direct marketing.
- 7. Right to withdraw your consent under data protection and privacy regulations
You can withdraw your consent to the processing of your personal data at any time with effect for the future. However, this does not affect the lawfulness of any processing done prior to the withdrawal.
Moreover, you can lodge a complaint with a data protection supervisory authority at any time, for example if you believe that the data processing is not in compliance with data protection and privacy regulations.