Privacy Policy

We process your data in accordance with the applicable data protection laws, in particular the EU General Data Protection Regulation (EU GDPR) and the country-specific implementing laws applicable to us. With this privacy policy, we provide you with comprehensive information about the processing of your personal data by VALEO IT Services International GmbH and your rights. Personal data are those pieces of information that make it possible to identify a natural person. This includes, in particular, name, date of birth, address, telephone number, email address, but also your IP address. Anonymous data are available when no personal reference to the user can be established.

Regardless of the subsequent information on data processing on this website, you can

• Applicants for VALEO IT Services International GmbH here and
• Customers, suppliers, contract partners, and interested parties of VALEO IT Services International GmbH here
  

provided for additional information on the processing of your personal data and your rights under data protection law.

Responsible Party and Data Protection Officer

VALEO IT Services International GmbH
In disc 3
92706 Luhe-Wildenau
Germany
Phone: +49 9607 2389-90
E-Mail: info@valeo-it.com
Website: www.valeo-it.com
Contact Data Protection: datenschutz@valeo-it.com

Your rights as a data subject

First, we would like to inform you of your rights as a data subject at this point. These rights are regulated in Articles 15–22 of the EU GDPR. This includes:

• The right of access (Art. 15 GDPR),
• The right to erasure (Art. 17 GDPR),
• The right to rectification (Article 16 GDPR),
• The right to data portability (Art. 20 GDPR),
• The right to restriction of processing (Art. 18 GDPR),
• The right to object to data processing (Art. 21 GDPR).

To exercise these rights, please contact: datenschutz@valeo-it.com. The same applies if you have questions about data processing in our company or wish to withdraw a consent that has been given. You also have the right to lodge a complaint with a data protection supervisory authority.

Rights of objection

Please note the following regarding objection rights:

If we process your personal data for the purpose of direct marketing, you have the right to object to this data processing at any time without giving reasons. This also applies to profiling, insofar as it is related to direct marketing. If you object to the processing for direct marketing purposes, we will no longer process your personal data for these purposes. The objection is free of charge and can be made informally, preferably to: datenschutz@valeo-it.com. In the event that we process your data to safeguard legitimate interests, you can object to this processing at any time for reasons that arise from your particular situation; this also applies to profiling based on these provisions. We will then no longer process your personal data unless we can prove compelling grounds for processing that override your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend legal claims.

Purposes and legal bases of data processing

When processing your personal data, the provisions of the EU GDPR and all other applicable data protection regulations are complied with. The legal bases for data processing arise in particular from Art. 6 EU GDPR. We use your data to fulfill contractual and legal obligations, to carry out the contractual relationship, to offer products and services, and to strengthen customer relationships, which may also include analyses for marketing purposes and direct advertising. Your consent to data processing may also constitute a data protection permit. Before granting consent, we will inform you about the purpose of data processing and your right to withdraw consent.

Forwarding to third parties

We will only disclose your data to third parties within the scope of legal provisions or with your consent. Otherwise, data will not be disclosed to third parties unless we are obligated to do so due to mandatory legal regulations (disclosure to external bodies such as supervisory authorities or law enforcement agencies).

Data recipients / categories of recipients

Within our company, we ensure that only those individuals receive your data who require it for the fulfillment of contractual and legal obligations. Your data may also be passed on within our corporate group. The necessary data protection contractual framework has been concluded. In certain cases, service providers support our departments in fulfilling their tasks. The necessary data protection contractual framework has been concluded with all service providers (e.g., advertising agency, IT distributors).

Third country transfer / Intention to transfer to a third country

Data transfer to third countries (outside the European Union or the European Economic Area) will only take place to the extent necessary for the performance of the contract, is legally required, or you have given us your consent. We do not (currently) transfer your personal data to any service provider or subsidiary outside the European Economic Area, unless otherwise described below.

Data retention period

We store your data for as long as it is needed for the respective purpose of processing. Please note that numerous retention periods require that data continue to be stored (or must be stored). This particularly affects commercial or tax law retention obligations. If there are no further retention obligations, the data will be routinely deleted after the purpose has been achieved. Additionally, we may retain data if you have given us your permission to do so or if legal disputes arise and we use evidence within the scope of statutory limitation periods, which can be up to thirty years; the regular limitation period is three years.

Secure transfer of your data

To best protect the data stored with us against accidental or intentional manipulation, loss, destruction, or access by unauthorized persons, we implement appropriate technical and organizational security measures. The security levels are continuously reviewed in cooperation with security experts and adapted to new security standards. Data exchange to and from our website is always encrypted. As a transmission protocol for our website, we offer HTTPS, using the current encryption protocols. In addition, there is the option to use alternative communication channels (e.g., postal mail).

Obligation to provide the data

Diverse personal data are necessary for the establishment, execution, and termination of the contractual relationship and for the performance of the associated contractual and legal obligations. The same applies to the use of our website and the various functions it provides. We have summarized this for you in the point mentioned above. In certain cases, data must also be collected or provided due to legal provisions. Please note that processing your request or carrying out the underlying contractual relationship is not possible without providing this data.

Categories, Sources, and Origin of Data

The type of data we process is determined by the respective context. This depends on whether you, for example, enter a request into our contact form or if you send us an application. Please note that we may also provide information separately in an appropriate place for special processing situations, e.g., when uploading application documents or when making a contact request.

When you visit our website, we collect and process the following data:

• Name of Internet Service Provider
• Information about the website you are visiting us from
• Web browser and operating system used
• The IP address assigned by your Internet Service Provider
• Information about the websites you visit on our site, including date and time 

For reasons of technical security (especially to defend against attacks on our web server), this data is stored in accordance with Art. 6 Paragraph 1 lit. f GDPR. After a maximum of 7 days, anonymization takes place by shortening the IP address, so that no connection to the user can be made.

As part of a contact request, we collect and process the following data:

• Name
• Email
• Subject
• Phone number (optional)
• Details about wishes and interests (free text field)

Chat and telephony function

On our website, we offer a chat and phone function to enable quick and direct contact.
When using the chat function, we process the following personal data:

• Name
• Email address
• and other information that you voluntarily transmit in the chat

When using the telephony function, no personal data is stored, except for data that is technically necessary for establishing the connection (e.g., IP address, connection data).
Processing is done to handle your request and for further communication. In the event of a sales intention or if you have any questions, your data may be transferred to our CRM system.

Processing is carried out on the basis of Art. 6(1)(b), (f) GDPR.
The recipient of the data is our communication service provider 3CX, who is acting as a data processor in accordance with Art. 28 GDPR. A corresponding data protection agreement has been concluded.

The data collected within the scope of the chat function will be stored until your request has been fully processed. If the data is transferred to our CRM system (e.g., for quote creation or customer service), the statutory retention periods applicable there will apply. No personal data is permanently stored in the telephony function.

When applying online through the application portal, we collect and process the following data:

• Name
• Email
• Subject
• Phone number (optional)
• Application details (free text field)

Automated individual decisions

We do not use purely automated processes to reach a decision.

Cookies (Art. 6(1)(a), (f) GDPR, § 25(1), (2) TTDSG)

Our website uses so-called cookies in several places. They serve to make our offering more user-friendly, effective, and secure. Cookies are small text files that are placed and stored on your terminal device. Based on our legitimate interest (Art. 6(1)(f) GDPR, § 25(2) TTDSG), we use technically necessary cookies that are essential for the operation of the website and to ensure its functionality. Furthermore, with your consent, we also use additional cookies. These cookies allow us to analyze how users use our websites. This enables us to tailor website content to visitor needs. We also use cookies to measure the effectiveness of a particular advertisement and to place it, for example, based on users' thematic interests. The legal basis for this is your consent (Art. 6(1)(a) GDPR, § 25(1) TTDSG).

We use the following cookies – First-party cookies:

This type of cookie is managed directly by VALEO IT Services International GmbH. Depending on their purpose, these cookies are either stored permanently—even after the session ends—(so-called persistent cookies, e.g., to implement an opt-out) or are deleted when the browser is closed (so-called session cookies; they are valid only for a single browser session).

Third-party cookies:

This type of cookie is managed by third-party providers. Third-party providers are companies that display advertising banners on other websites, particularly on behalf of VALEO IT Services International GmbH. They use cookies, for example, to report that an advertising banner displayed to you has led to a purchase (e.g., conversion tracking). So-called temporary/permanent cookies are used for this purpose, which are automatically deleted after a specified period (usually 6 months). These temporary or permanent cookies are stored on your device and delete themselves automatically after the specified period. The cookies from our partner companies also contain only pseudonymous, and in most cases even anonymous, data. If you maintain accounts with the third-party providers we use (Google) and are logged into those accounts, your data may be linked to the respective account. You can prevent such a link by not granting or by revoking your consent to the relevant cookies, or by logging out of the respective third-party providers beforehand. Please also refer to our notes in the section on Google Analytics. Before setting these cookies and activating the tool, we will always ask for your consent in advance via our cookie banner. If you have given your consent, you can of course revoke it at any time without giving a reason via the privacy settings. Please note that this setting must be made separately for each device. Most web browsers automatically accept cookies. Of course, you can also manually disable, restrict, or delete cookies on your device via your browser settings or using software tools. Please note: If you disable cookies, you may not be able to use all features of our website to their full extent.

YouTube (Art. 6(1)(a) of the EU GDPR, § 25(1) of the TTDSG)

We embed videos from the “YouTube” platform, provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, into our website. The legal basis is Art. 6(1)(a) of the EU GDPR and § 25(1) of the TTDSG. By embedding the video in enhanced privacy mode, no cookies requiring consent are set to track user behavior for the purpose of personalizing video playback. However, the enhanced privacy mode applies only to the tracking of user behavior, not to the display of ads or the reloading of additional third-party content. Font transmission and possible links to your YouTube user account. When you start the video, this triggers further data processing operations. We have no influence over this.

By accessing our site, a device ID is generated in your web browser's local storage and saved beyond the session. The cookies set through this integration are technically necessary for the operation of the website, with the legal basis being Article 6(1)(f) GDPR. By embedding YouTube videos, third-party content is reloaded, which can include fonts (Google Webfonts), preview images, etc. This results in data being transferred to third parties, which may also trigger processing activities outside the European Union or the European Economic Area. For example, IP addresses, referrer information, and browser data may be transmitted and ultimately used for tracking and analysis purposes. YouTube and associated Google services use the data for advertising, market research, and/or needs-based design of their websites. Furthermore, third-party cookies may be set, which may enable tracking. If you have a user account with YouTube/Google and are logged in, a link to your account may also be established, and user profiling may occur through the association of data with your account.

If you do not wish for this to happen, you must log out of YouTube/Google before accessing our pages with YouTube content. Please note that your data will be analyzed even if you are logged out. This is done to provide you with needs-based advertising and to inform other users about your activities on our website. We have no influence over any of these data processing operations. These processing operations are carried out based on your consent according to Art. 6 para. 1 sentence 1 lit. a GDPR. By giving your consent via the consent banner, all YouTube videos embedded on our website will be made visible to you, and the content will be loaded when the page is accessed. You can revoke your consent at any time with future effect.

Unless you have given your consent for the use of embedded YouTube content, the content on our pages will be blocked or provided with an overlay. We use this so-called two-click solution to protect your data. All YouTube content is deactivated by default and will only be loaded and displayed by YouTube servers after you click the „Activate Content“ button. By clicking this, you consent to the transfer of your IP address, referrer information, and browser data to YouTube, and to the setting of cookies in your browser. You have the option to give your consent for the retrieval of individual videos in accordance with Art. 6(1)(a) of the GDPR. The setting will be saved for 30 days. You can revoke your consent at any time with future effect by reloading the website. You can find more information about the purpose and scope of data collection and processing by YouTube in Google's privacy policy. There you will also find further information on your rights and settings for the protection of your privacy: https://www.google.de/intl/de/policies/privacy.

User profiles / Web tracking procedures (Art. 6 para. 1 lit. a GDPR, § 25 para. 1 TTDSG)

Based on your consent pursuant to Art. 6(1)(a) GDPR, § 25(1) TTDSG, we use Google Analytics, a web analytics service provided by Google LLC, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google Analytics uses so-called “cookies”, which are text files stored on your computer and which enable an analysis of your use of the website. The information generated by the cookie regarding your use of this website is typically transmitted to a Google server in the USA and stored there. However, by activating IP anonymization on this website, your IP address will be shortened by Google within member states of the European Union or other contracting states to the Agreement on the European Economic Area beforehand. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity, and to provide other services related to website and internet usage to the website operator. The IP address transmitted by your browser within the scope of Google Analytics will not be combined with other Google data. 

Further information on terms of use and data protection can be found at https://www.google.com/analytics/terms/de.html and https://policies.google.com/?hl=de. Alternatively, you can prevent the storage of cookies by adjusting your browser software settings. However, we would like to point out that in this case, you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address) and from processing this data by Google, by downloading and installing the browser plugin available at the following link: [https://tools.google.com/dlpage/gaoptout?hl=de].

You can also prevent cookies from being stored by adjusting your browser software settings. However, we would like to point out that in this case, you may not be able to fully use all functions of this website. Furthermore, you can prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address), as well as Google's processing of this data, by downloading and installing the browser plugin available at the following link: [https://tools.google.com/dlpage/gaoptout?hl=de]. You can revoke your consent at any time for the future. To do so, simply access our consent banner and deselect the relevant consent. Please note that changes in the consent banner settings must be made individually for each end device. Please be advised that Google Analytics on this website has been extended with the code “gat._anonymizeIp()” to ensure anonymized collection of IP addresses (so-called IP masking). This places an opt-out cookie on your device. If you delete your cookies, you will need to click this link again. Please be advised that Google Analytics on this website has been extended with the code “gat._anonymizeIp()” to ensure anonymized collection of IP addresses (so-called IP masking). 

Google Fonts (Art. 6(1)(f) GDPR, § 25(2) TTDSG)

This website uses external fonts, Google Fonts. Google Fonts is a service of Google Inc. (“Google”). These web fonts are embedded via a server call, typically to a Google server in the USA. This transmits which of our website pages you have visited to the server. Google also stores the IP address of the browser of the visitor's end device on these website pages.

You can find more information in Google's privacy policy, which you can access here:

www.google.com/fonts#AboutPlace:about

www.google.com/policies/privacy/

The use of Google Fonts is in the interest of a uniform and appealing presentation of our online services. This represents a legitimate interest within the meaning of Art. 6 (1) sentence 1 lit. f GDPR, § 25 (2) TTDSG.

Social media links

On our website, you will find links to the social media services of Facebook, LinkedIn, YouTube, and Instagram. You can recognize the links to the social media services' websites by their respective company logos. If you follow these links, you will reach the company profile of VALEO IT Services International GmbH on the respective social media service. When you click on a link to a social media service, a connection is established to the servers of the social media service. This transmits to the social media service's servers that you have visited our website. Additionally, further data will be transferred to the provider of the social media service. This includes, for example:

• Website address where the activated link is located
• Date and time of the website call or link activation
• Information about the browser and operating system used
• IP address

If you are already logged in to the relevant social media service when you click the link, the social media service provider may be able to determine your username and, in some cases, even your real name from the transmitted data, and associate this information with your personal user account on the social media service. You can prevent this association with your personal user account by logging out of your account beforehand. Please note that we have no influence over the scope, nature, or purpose of data processing by the social media service provider. For more information on how your data is used by the social media services integrated into our website, please refer to the privacy policy of the respective social media service.

Appearance on our Social Media

VALEO IT GmbH maintains various presences in „social media,“ currently on Facebook, Instagram, YouTube, and LinkedIn. To the extent we have control over the processing of your data, we ensure that applicable data protection regulations are complied with.

LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland)

However, you use these platforms and their functions at your own risk. This applies in particular to the use of interactive functions (e.g., commenting, sharing, rating). We also point out that your data may be processed outside the European Union. We maintain the fan pages ourselves in order to communicate with visitors to these pages and to inform them about our offers. In addition, we collect data for statistical purposes in order to further develop and optimize the content and to make our offer more attractive. The data required for this (e.g., total number of page views, page activities, and data provided by visitors, interactions) are processed by the social networks and made available to us. We have no influence on their generation and presentation.

In addition, your personal data is processed by social media providers, as well as by VALEO IT Services International GmbH, for market research and advertising purposes. This makes it possible, for example, to create user profiles based on your usage behavior and the resulting interests. This allows, among other things, for advertisements that match your interests to be displayed both within and outside the platforms. Cookies are typically stored on your computer for this purpose. Regardless of this, your usage profiles may also store data that is not directly collected on your end devices. Storage and analysis also occur across devices; this applies in particular, but not exclusively, when you are registered as a member and logged in to the respective platforms. Beyond this, we do not collect or process any personal data. The processing of your personal data by VALEO IT Services International GmbH is based on our legitimate interests in effective information and communication pursuant to Art. 6(1)(f) of the EU GDPR. If you are asked to consent to data processing, i.e., if you give your consent by clicking a button or similar (opt-in), the legal basis for the processing is Article 6(1)(a) and Article 7 of the EU GDPR.

Your Rights / Right to Object

If you are a member of a social network and do not want the network to collect data about you through our presence and link it to your stored member data with the respective network, you must log out of the respective network before visiting our fan page, delete the cookies stored on your device, and close and restart your browser. Please note that this process must be performed separately for each end device. However, after logging in again, you will once again be recognizable to the network as a specific user. For a detailed description of the respective processing and the options to object (opt-out), please refer to the information linked below:

In total, you have the following rights regarding the processing of your personal data:

• The right of access (Art. 15 GDPR),
• The right to erasure (Art. 17 GDPR),
• The right to rectification (Article 16 GDPR),
• The right to data portability (Art. 20 GDPR),
• The right to restriction of processing (Art. 18 GDPR),
• The right to object to data processing (Art. 21 GDPR).

You also have the right to lodge a complaint with a data protection supervisory authority. However, since VALEO IT Services International GmbH does not have full access to your personal data, you should contact the social media providers directly when asserting your rights, as they have access to their users' personal data and can take appropriate measures and provide information. If you still need help, we will of course try to assist you.

Contact Form / Contact by Email (Art. 6(1)(a), (b) GDPR)

Our website features a contact form that can be used for electronic communication. If you write to us via the contact form, we will process the data you provide through the contact form to get in touch and respond to your questions and requests. In doing so, we observe the principles of data minimization and data avoidance by requiring you to provide only the data that we absolutely need to contact you. This includes your email address, your full name, and the message field itself. In addition, your IP address will be processed for technical necessity and for legal protection. All other data are voluntary fields and can be provided optionally (e.g., for a more personalized response to your questions). To best protect the security and confidentiality of your data, we implement appropriate security measures. Your request will be transmitted to us encrypted. If you contact us via email, we will process the personal data communicated in the email solely for the purpose of processing your request.

Applications (Art. 6(1)(a), (b) GDPR, § 26(1) BDSG)

In addition to the option of introducing yourself through our application form, we also offer you the possibility to apply via email or postal mail, for example. Below, we inform you about the scope, purpose, and use of your personal data collected during the application process. We assure you that your data will be processed in accordance with applicable data protection laws and all other legal provisions, and that your data will be treated with strict confidentiality.

If you send us an application, we will process your personal data associated with it to the extent necessary to decide on the establishment of an employment relationship. The legal basis for this is Art. 6 para. 1 lit. b EU General Data Protection Regulation (GDPR) in conjunction with Section 26 para. 1 German Federal Data Protection Act (BDSG). The processing of special categories of personal data (e.g., health data) is based on your consent according to Art. 9 para. 2 lit. a GDPR, unless statutory permission criteria such as Art. 9 para. 2 lit. b GDPR apply. Your applicant data will be treated confidentially at all times. Should we wish to process your applicant data for a purpose not mentioned above, we will inform you in advance. If the application is successful, the data you submit will be stored in our data processing systems for the purpose of carrying out the employment relationship. The categories of personal data processed include, in particular, your master data (first name, last name, name suffixes, nationality), contact details (private address, (mobile) phone number, email address), as well as other data from the application process (cover letter, references, questionnaires, interviews, qualifications, and previous employment). If you have also voluntarily provided special categories of personal data in your cover letter or during the application process (e.g., health data, religious affiliation, degree of disability), processing will only take place if you have consented to it or if a statutory permission criterion justifies it. Your personal data is usually collected directly from you as part of the hiring process.

In addition, we may have received data from third parties (e.g., recruitment agencies) to whom you have made your data available for onward transmission. Furthermore, we process personal data that we have lawfully obtained from publicly accessible sources (e.g., professional social networks). The processing of your data is based on Article 6(1)(b) of the EU GDPR.

The decision on whether or not to establish an employment relationship with you can only be made if you provide us with certain personal data, such as your resume. In doing so, we naturally observe the principles of data economy and data avoidance by only requiring you to provide data that we need for a complete review of your application documents or that we are legally obliged to collect.

Unfortunately, we cannot process your application documents without this data. Of course, you have the option to voluntarily provide us with additional information in your application documents.

• Within the company, only those individuals and departments (management, HR, the relevant department) will receive your personal data who require it for the hiring decision and to fulfill our contractual and legal obligations.
• External entities for the fulfillment of the aforementioned purposes, provided the data subject has given their written consent, this is necessary for contract fulfillment, or transmission is permissible due to overriding legitimate interests: Credit institutions (e.g., for reimbursing travel expenses), tax advisors

If we cannot offer you a position, you decline a job offer, or withdraw your application, we reserve the right to store the data you have submitted with us for up to 6 months after the end of the application process (rejection or withdrawal of the application) based on our legitimate interests (Art. 6 para. 1 lit. f GDPR). Afterwards, the data will be deleted and physical application documents will be destroyed. The storage serves in particular for evidence purposes in the event of legal disputes. If it is apparent that the data will be required after the 6-month period has expired (e.g., due to a threatened or pending legal dispute), deletion will only take place when the purpose for further storage ceases to apply. Longer storage may also take place if you have given your corresponding consent (Art. 6 para. 1 lit. a EU GDPR) or if statutory retention obligations conflict with deletion.

Links to other providers

Our website also clearly contains links to the websites of other companies. Where links to websites of other providers exist, we have no influence on their content. Therefore, we cannot assume any warranty or liability for this content. The respective provider or operator of the linked pages is always responsible for the content of these pages. The linked pages were checked for possible legal violations and discernible infringements at the time of linking. No illegal content was apparent at the time of linking. However, permanent content monitoring of the linked pages is not reasonable without concrete indications of a legal violation. Should we become aware of any legal infringements, such links will be removed immediately.

Advertising purposes existing customers (Art. 6(1)(f) GDPR)

VALEO IT Services International GmbH is interested in maintaining its customer relationship with you and sending you information and offers about our products/services (specify advertising purposes). Therefore, we process your data to send you relevant information and offers via email. If you do not wish to receive these, you can object to the use of your personal data for direct marketing purposes at any time; this also applies to profiling if it is related to direct marketing. If you object, we will no longer process your data for this purpose. The objection can be made at any time, without stating reasons, free of charge, and in any form. It should preferably be sent to [+49 (9607) 82 19 4 0], by email to datenschutz@valeo-it.com, or by postal mail to [In der Scheibe 3, 92706 Luhe-Wildenau].