Privacy Statement

We process your data in accordance with the applicable legal requirements on the protection of personal data, in particular the EU’s General Data Protection Regulation (GDPR) as well as the country-specific implementing statutes which apply to us. The purpose of this Privacy Statement is to inform you in detail about the processing of your data by VALEO IT Services International GmbH and the rights to which you are entitled. “Personal data” means any information which enables a natural person to be identified. This includes, in particular, a person’s name, date of birth, address, phone number, email address and also IP address. “Anonymous data” is data which enables no link of any nature whatsoever to be made to the user.

Irrespective of the information on data processing which follows on this website, further information on the processing of personal data and the rights to which they are entitled under data protection law

  • is available for applicants for positions at VALEO IT Services International GmbH here and
  • for customers, potential customers, suppliers and contractual partners is available here.
Controller and Data Protection Officer

VALEO IT Services International GmbH
In der Scheibe 3
92706 Luhe-Wildenau
Germany
Phone: +49 9607 2389-90
E-Mail: info@valeo-it.com
Website: www.valeo-it.com
Contact for data protection: datenschutz@valeo-it.com

Your rights as a data subject

We would first like to inform you of your rights as a data subject. Your rights are set out in Articles 15 – 22 of the GDPR. These include:

  • The right to information (Article 15 GDPR),
  • The right to erasure (Article 17 GDPR),
  • The right to rectification (Article 16 GDPR),
  • The right to data portability (Article 20 GDPR),
  • The right to the restriction of data processing (Article 18 GDPR),
  • The right to object to data processing (Article 21 GDPR).

If you wish to assert any of these rights, please contact datenschutz@valeo-it.com. Please use the same contact details if you have any questions about data processing in our company or if you wish to revoke a consent you have previously given. You also have the right to complain to a data protection supervisory authority.

Rights to object

Please note the following in connection with your rights to object:

If we process your personal data for the purpose of direct marketing, you have the right to object to this data processing at any time without giving reasons. This also applies to profiling to the extent that it is related to direct marketing. If you object to processing for the purposes of direct marketing, we will no longer use your data for these purposes. No charge is made for the objection and the objection does not require any specific form. Please send your objection if at all possible to: datenschutz@valeo-it.com. In the event that we process your data for the furtherance of legitimate interests, you can object at any time to the processing for reasons arising from your specific situation; this also applies to profiling based on these provisions. We will then cease to process your personal data unless we can demonstrate compelling legitimate reasons for the processing which override your interests, rights and freedoms, or the processing is in support of the assertion, exercise or defense of legal claims.

Purposes and legal basis of the data processing

The provisions of the GDPR and all other applicable provisions of data protection law are observed when your personal data is processed. The legal basis for data processing arises in particular from Article 6 GDPR. We use your data to meet contractual and legal obligations, for the execution of contracts, to offer products and services, to strengthen our relationship with customers. This can also include analyses for marketing purposes and direct advertising. Your agreement to data processing can also constitute consent under data protection law. Before you give your agreement, we would now like to explain to you the purposes of data processing and your right of objection.

Transfers to third parties

We will only transfer your data to third parties within the bounds set by law or with the appropriate consent. Apart from the above, data is not transferred to third parties unless we are obliged to do so by mandatory provisions of law (transfers of data to external bodies such as supervisory authorities or law enforcement agencies).

Data recipients / categories of recipients

Within our company, we ensure that the only persons who receive your data are persons who need the data to meet contractual and legal obligations. If necessary, data is also transferred within our group of companies. The contracts required by data protection law have been concluded. In specific cases, service-providers support our departments in the performance of their duties. The contracts required by data protection law have been concluded with all service-providers (e.g. advertising agencies, IT distributors).

Transmission to third countries

Data is only transferred to third countries (i.e. countries outside the European Union and the European Economic Area) to the extent that this is necessary for the performance of a contractual obligation or is required by law or you have given us your consent for this transfer. Unless otherwise specified below, we do not (at the present time) transfer your personal data to any service-provider or subsidiaries outside the European Economic Area.

Data retention period

We store your data for the time needed for the relevant processing purpose. Please note that many retention obligations require data to be stored for a longer period. This relates in particular to retention obligations under commercial or tax law (e.g. the German Commercial Code (Handelsgesetzbuch) or the German Fiscal Code (Abgabenordnung) etc.). In the absence of further retention obligations to the contrary, the data is routinely deleted after the purpose of the processing has been achieved. We can retain data if you have granted your permission for us to do so or in the event of litigation, and we use the evidence in the context of legal limitation periods that can extend for up to thirty years; the normal limitation period is three years.

Secure transfer of your data

We employ the relevant technical and organizational security measures to provide the best possible protection of the data we save against accidental or intentional manipulation, loss, destruction or access by unauthorized persons. The security level is continually reviewed in collaboration with security experts and is amended in line with new security standards. Data transferred from and to our website is encrypted on each occasion. We use HTTPS as the transfer protocol for our website and always apply the latest encryption protocols. Alternative methods of communication are also possible (e.g. post).

Obligation to provide data

A variety of items of personal data is needed for the establishment, performance and termination of the obligations and the performance of the associated contractual and legal obligations. The same applies to the use of our website and the various functions which this provides. We have summarized details of this for you in the above-mentioned point. In certain cases data must also be collected and/or provided by reason of the provisions of law. Please note that your inquiry cannot be processed or the underlying obligation performed if this data is not provided.

Categories, sources and origin of the data

The specific context determines the data we process: this depends, for example, on whether you are submitting an inquiry via our contact form, or sending a job application to us. Please note that we sometimes also make information for specific processing situations available at the appropriate location, for example when uploading job application documents or if you ask us to contact you.

We collect and process the following data when you visit our website:

  • The name of the Internet service-provider
  • Information on the website from which you visit us
  • The web browser and operating system you use
  • The IP address allocated by your Internet service-provider
  • Information about the web-pages you visit, including the date and time 

For reasons relating to technical security (in particular to protect our web-server against attempted attacks) this data is saved as permitted by Article 6(1), Letter f GDPR. The data is anonymized by abbreviating the IP address not later than 7 days after collection so that no reference can be traced to the user.

We collect and process the following data when you request that we contact you:

  • Name
  • Email
  • Subject
  • Phone number (optional)
  • Information on your requests and interests (free-form field)

If you contact us on-line to apply for a job we collect and process the following information:

  • Name
  • Email
  • Subject
  • Phone number (optional)
  • Information relating to the application (free-form field)

Automated case-by-case decision-making

We do not use any automatic processing procedures to come to a decision.

Cookies (Article 6 (1) Letters a and f GDPR and § 25 (1 and 2) of the German Telecommunication and Telemedia Data Protection Act (Telekommunikation-Telemedien-Datenschutzgesetz (TTDSG))

Our website uses what are called “cookies” in a number of locations. The purpose of these is to make our website more user-friendly, effective and safe. Cookies are small text files which are placed in your terminal and saved. By reason of our legitimate interest (Article 6 (1), Sentence 1, Letter f GDPR) and § 25 (2) TTDSG we place technically necessary cookies which are essential for the operation of the website and are needed to ensure its functionality. If we receive your consent we also place additional cookies. The cookies enable us to analyze the use of our website by users. In this way we are able to configure the content of the website to suit visitors’ needs. The cookies also enable us to measure the effectiveness of a particular advertisement and to position it, for instance, to correspond with the subjects that interest the user. The legal foundation for this is your consent (Article 6 (1), Sentence 1, Letter a GDPR and § 25 (1) TTDSG).

We use the following cookies. Our own cookies:

This type of cookie is directly controlled by VALEO IT Services International GmbH. Depending on their purpose, these are saved in your device even after the end of the session (so-called “persistent cookies”, for instance for the implementation of opt-out facilities) or are deleted when the browser is closed (so-called “session cookies” which are only active for one browser session).

Third party cookies:

This type of cookie is controlled by third party providers. Third party providers are service-providers that display banner ads on other websites in particular for VALEO IT Services International GmbH. These providers use cookies for example to convey information that a banner ad they have displayed has resulted in a purchase (e.g. conversion tracking). In this process, what are called “temporary/permanent” cookies are used which are automatically deleted after a specific period (normally 6 months). These temporary and permanent cookies are saved on your device and delete themselves at the end of the specified period. In addition, the cookies of our partner companies contain only pseudonymized data and in most cases also anonymous data. If you have an account with the third party providers we use (Google) and are logged into these providers, your data can be linked with the relevant account. You can avoid this type of combination by not consenting to the relevant cookies or by revoking your consent, or by logging out of the relevant service-providers in advance. In this connection please also note the information we provide in the section on Google Analytics. Before we place and activate these cookies we always use our cookie banner to request your consent. If you have given your consent to these cookies you can, of course, use the privacy settings to withdraw your consent at any time without giving reasons. Please note that this setting must be changed separately on each terminal. Most browsers accept cookies automatically. You can, of course, also manually deactivate, restrict or even delete cookies on your terminal by means of your browser settings or with the aid of software. Please note that if you deactivate the setting of cookies, it may not be possible to use all functions of our website to their full extent.

YouTube (Article 6 (1) Letter a GDPR and § 25 (1) of the German Telecommunication and Telemedia Data Protection Act

We include videos from the YouTube platform of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, in our web-site. The legal basis for this is Article 6 (1) Letter a GDPR and § 25 (1) of the German Telecommunication and Telemedia Data Protection Act. As we embed the videos in the extended data protection mode, no cookies requiring consent are placed which capture the user’s behavior to personalize the video playback. However, the extended data protection mode relates only to the capture of the user’s behavior and not to the provision of advertisements and the downloading of further third party content. Transmission of fonts and potential links with your YouTube user account. Starting the video prompts additional processes involving data processing. We have no influence over this.

By accessing our website a device ID is created in the local storage of your browser and is saved beyond the end of that specific session. Embedding cookies in this way is necessary for the technical operation of the website. The legal basis for this is Article 6 (1), Sentence 1, Letter f GDPR. Third party content is downloaded by the embedding of YouTube videos; these can be fonts (Google webfonts), thumbnails, etc. This procedure results in data being transmitted to third parties and can also activate processing procedures outside the European Union or European Economic Area. Consequently, the IP address, referrer and browser data can, for example, be transferred and ultimately used for tracking and analytical purposes. YouTube and the associated Google services use the data for the purposes of advertising, market research and / or configuration of their websites to suit user requirements. In addition, the cookies of third party providers can be placed that may enable tracking. If you have a user account at YouTube / Google and are logged in, a link to your account can be created and a user profile developed by classification of the data relating to your account.

If you do not want to be classified in this way, you must log out from content on YouTube / Google before accessing our web-pages. Please note that your data is analyzed even if you have logged out. This is done to provide advertising matching your needs and to inform other users about your activities on our website. We have no influence whatsoever on all these data processing procedures. These processing procedures are undertaken on the basis of your consent in accordance with Article 6 (1), Sentence 1. Letter a GDPR. As a result of your consent given via the consent banner, all YouTube videos included in our website are rendered visible to you and the content loaded at the time the site is accessed. You can revoke your consent at any time with effect for the future.

If you have not consented to the use of embedded YouTube content, the content is blocked on our web-pages or an overlay is applied. We use this two-click solution (as it is called) to protect your data. All YouTube content is routinely deactivated and is only uploaded from the YouTube servers and presented to you after you have clicked on the “Activate content” button. By clicking on this button you consent, for instance, to the transmission of your IP address, referring information and browser data to YouTube and to the placing of cookies in your browser. As set out in Article 6 (1) Sentence 1, Letter a GDPR, you may consent to individual videos being accessed. The setting is saved for 30 days. You can revoke your consent at any time with effect for the future by re-accessing the website. You can find further information on the purpose and extent of the collection and processing of data in Google’s Privacy Policy where you can also obtain additional information on your rights and on possible settings to protect your privacy: https://www.google.de/intl/de/policies/privacy.

YouTube (Article 6 (1) Letter a GDPR and § 25 (1) of the German Telecommunication and Telemedia Data Protection Act

Based on your consent in accordance with Article 6 (1) Sentence 1, Letter a GDPR and § 25 (1) of the German Telecommunication and Telemedia Data Protection Act we use the web analysis service of Google LLC, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google Analytics employs what are called “cookies”; these are text files which are saved on your computer and which enable your use of the website to be analyzed. The information about your use of this website generated by the cookie is normally transmitted to a server belonging to Google in the USA where it is saved. As a result of the anonymization of the IP addresses in these web-pages your IP address is, however, previously abbreviated by Google within the member states of the European Union or in other signatory states of the agreement on the European Economic Area. The complete IP address is only transmitted in exceptional cases to a Google server in the United States where it is abbreviated. Acting on behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on the activity on the website and to perform additional services for the website operator associated with the use of the website and the Internet. The IP address transmitted by your browser to Google Analytics is not linked with other data by Google.

You will find more detailed information on the Terms and Conditions of Use and data protection at https://www.google.com/analytics/terms/de.html and https://policies.google.com/?hl=de. Alternatively, you can prevent cookies from being saved by the appropriate setting in your browser software; however, we wish to point out that in this case you may be unable to use all the functions of this website to their full extent. You can also prevent the collection of the data relating to your use of the website created by the cookie (including your IP address) by Google as well as the processing of this data by Google by downloading and installing the browser plug-in available at the following link: [https://tools.google.com/dlpage/gaoptout?hl=de].

You may revoke your consent with effect for the future at any time. To do so, just call up our consent banner and select the relevant consent. Please note that the consent banner settings must be changed in each individual terminal. Please be aware that in this website Google Analytics was extended by the code “gat._anonymizeIp()” to ensure that IP addresses are collected in an anonymized form (sometimes called “IP masking”). At this time opt-out cookie is placed in your device. If you delete these cookies, you must click on this link again. Please be aware that in this website Google Analytics was extended by the code “gat._anonymizeIp()” to ensure that IP addresses are collected in an anonymized form (sometimes called “IP masking”).

Google Fonts (Article 6 (1) Letter f GDPR and § 25 (2) of the German Telecommunication and Telemedia Data Protection Act)

External fonts, Google Fonts, are used on this website. Google Fonts is a service of Google Inc. (“Google”). These web fonts are incorporated by accessing a Google server that is normally located in the USA. This tells the server which of our web-pages you have visited. The IP address of the browser used by the visitor’s terminal to visit these web-pages is also saved by Google.

You can find more detailed information in Google’s privacy statements which you can download here:

www.google.com/fonts#AboutPlace:about

www.google.com/policies/privacy/

Google Fonts is used to achieve a uniform and attractive presentation of our on-line presence. This constitutes a legitimate interest within the meaning of Article 6 (1), Sentence 1, Letter f and § 25 (2) of the German Telecommunication and Telemedia Data Protection Act.

Social media links

You will find links to the social media services of Facebook, LinkedIn, YouTube and Instagram on our website. You can recognize the links to social media platforms by the relevant corporate logo. If you follow these links you will reach the corporate pages of VALEO IT Services International GmbH on the social media platform in question. A connection to the servers of the social media platform is made when you click on a link to a social media platform. This tells the social media platform’s servers that you have visited our website. Further data is also transmitted to the social media platform’s provider. Examples of these are:

  • The address of the website on which the link that was activated is located
  • The date and time at which the website was accessed and the link activated
  • Information on the browser and operating system used
  • The IP address

If you are already logged into the corresponding social media platform at the time the link is activated, the provider of the social media platform is able to determine your user name from the data that is transmitted and perhaps even your real name; the provider of the platform is also able to correlate this information with your personal user account on the social media platform. You can prevent this ability to correlate this information with your personal user account if you first log out of your user account. Please note that we have no influence on the extent, nature and purpose of data processing by the provider of the social media platform. You can find more detailed information on the use of your data by the social media platforms linked to our website in the data protection guideline of the relevant social media platform.

Our presence in social media

Die VALEO IT Services International GmbH maintains various presences in social media, currently in Facebook, Instagram, YouTube and LinkedIn. Where we control the processing of your data, we ensure that applicable data protection rules are observed.

(LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland)

You use these platforms and their functions on your own responsibility, however. This specifically applies to the use of interactive functions (such as commenting, sharing and assessing). We also draw your attention to the fact that your data can be processed outside the area of the European Union if these functions are used. We maintain our own fan pages to communicate with visitors and inform them in this way about our offers. In addition, we collect data for statistical purposes to enable us to develop and optimize the contents and increase the attractiveness of our offer. The data required for this (such as total page views, page activities and data provided by visitors and interactions) are processed and made available to us by the social networks. We have no influence on their creation or presentation.

In addition, your personal data is processed by the social media providers and also by VALEO IT Services International GmbH for market research and promotional purposes. Thus it is possible for a user profile to be created, for example, based on your user behavior and the interests it reveals. In this way, ad impressions and other advertising can be activated within and outside the platforms that correspond to your interests. Cookies are generally placed in your computer for this purpose. Regardless of this, data not directly collected at your terminals can also be stored in your user profiles. Data is also saved and analyzed from various devices, especially but not exclusively if you are registered as a member and logged into the relevant platforms. We collect and process no personal data beyond what is described here. The processing of your personal data by VALEO IT Services International GmbH is based on our legitimate interests in effective information and communication in accordance with Article 6 (1) Sentence 1, Letter f GDPR. Should you be asked for your consent to data processing, that is to say if you give your approval by confirming a button or similar (opting in), the legal basis for this processing is Article 6 (1) Sentence 1, Letter a and Article 7 GDPR.

Your rights / right to object

If you are a member of a social network and do not want the network to collect information about you via our website and to link it with the information it holds on you as a member, you must log out of the network in question before visiting our fan site so that the cookies in your device are deleted, and then close your browser and reboot it. Please note that this setting must be changed separately on each terminal. Following a new log-in, however, you once again become identifiable to the network as a specific user. For a detailed presentation of the processing in each case and how to opt out of processing, we refer you to the following linked information:

Overall, you have the following rights regarding the processing of your personal data:

  • The right to information (Article 15 GDPR),
  • The right to erasure (Article 17 GDPR),
  • The right to rectification (Article 16 GDPR),
  • The right to data portability (Article 20 GDPR),
  • The right to the restriction of data processing (Article 18 GDPR),
  • The right to object to data processing (Article 21 GDPR).

You also have the right to complain to a data protection supervisory authority. However, as VALEO IT Services International GmbH does not have full access to your personal data, you should address any claims directly to the social media providers as they have access to the personal data of their users and can take appropriate action and provide relevant information. Should you still require assistance, we will of course attempt to support you.

Contact form / email contact (Article 6 (1), Letters a and b GDPR)

Our website contains a contact form which can be used to contact us electronically. If you write to us via the contact form, we process the data provided in the contact form to make contact with you and to respond to your questions and requests. In this method of communication we observe the principles of data economy and data avoidance as you only have to provide the information which is essential for us to be able to contact you. This data consists of your email address, your full name and the message field itself. Your IP address is also processed for reasons associated with technical needs and legal safeguards. All other data is in voluntary fields and can be provided at your option (e.g. to obtain specific answers to your questions). We adopt appropriate security measures to protect the security and confidentiality of your data in the best possible way. Your inquiry is sent to us in encrypted form. If you email us we will only process the personal information disclosed in the email for the purpose of dealing with your inquiry.

Job applications (Article 6 (1) Letters a and b GDPR and § 26 (1) of the German Telecommunication and Telemedia Data Protection Act)

In addition to the possibility of presenting yourself to us via the application form, you can also apply for jobs with us by ordinary mail or email, for example. We set out below the extent, purpose and use of your personal data we collect as part of the application process. We guarantee that your data is processed in accordance with the applicable data protection legislation and all other provisions of law, and that your data is treated in strict confidence.

When you submit an application to us we process your personal data associated with the application to the extent necessary for a decision on the establishment of an employment relationship. The legal basis for this is Article 6 (1) Letter b GDPR in conjunction with § 26 (1) of the German Federal Data Protection Act (Bundesdatenschutzgesetz). The processing of special categories of personal data (e.g. health-related data) is based on your consent in accordance with Article 9 (2), Letter a GDPR insofar as statutory consents such as in Article 9 (2), Letter b GDPR are not relevant. Data relevant to your application is always treated as confidential. We will inform you in advance if we want to process data relevant to your application for a purpose other than a purpose specified above. If your application is successful we will save the data you already submitted as an applicant in our data processing systems so that we can activate the employment relationship. The categories of personal data that are processed include, in particular, your master data (given name, family name, name affixes, nationality), contact data (private address, cell and landline phone number(s), email address) as well as other data relevant to the application process (covering letter, references, questionnaires, interviews, qualifications and previous employment). If you have also voluntarily informed us of particular categories of personal data (e.g. health-related data, religious affiliation and degree of disability) in your application letter or in the course of the application process, this data will only be processed if you have given your consent to the processing or a statutory consent justifies this. General speaking, your personal data will be collected directly from you as part of the appointment process.

In addition, we can have received information from third parties (e.g. employment agencies) to which you have made your data available for onward transmission to other parties. We also process personal data we have lawfully obtained from publicly accessible sources (e.g. professional social networks). In this regard, your data is processed based on Article 6 (1), Letter b GDPR. It goes without saying that you can also communicate with us by encrypted emails when sending sensitive data. Please contact us if you wish to do so. A decision whether or not we can employ you can only be taken if you provide us with certain personal data, for example your CV. In this connection we, of course, observe the principles of data economy and data avoidance, meaning that you are only obliged to send us the information we need to thoroughly review the documents you send with your application or the information which the law obliges us to collect.

Unfortunately without this information we are unable to review the documents you send with your application. If you wish, you may, of course voluntarily present additional information in the data you submit with your application.

  • Only the persons and departments (senior management, HR Department and additional departments) in the company receive your personal information they need to make a decision on your appointment and to perform our pre-contractual, contractual and legal obligations.
  • External bodies for the purposes specified above in so far as the data subject has given his/her consent in writing, or this is necessary for the performance of the contract, or if transmission is lawful because of an overriding legitimate interest: Credit institutions (for example for the reimbursement of traveling expenses), tax consultants

If we are unable to offer you a position, or if you decline the offer of a job or withdraw your application, we reserve the right to retain the information you provided for a period of up to 6 months from the end of the application process (rejection or withdrawal of the application). This retention is based on our legitimate interests (Article 6 (1), Letter f GDPR). At the end of this period the data is deleted and physical application documents destroyed. The documents are retained in particular for the purpose of evidence in the event of litigation. If it is apparent that the data will be needed after the end of the 6 month period, (e.g. because of imminent or pending litigation), the data is only destroyed if there is no further purpose for continued retention. The data may also be retained for a longer period if you have given your consent for continued retention (Article 6 (1), Letter a GDPR) or if statutory retention periods forbid deletion.

Links to other providers

As can be clearly seen, our website also contains links to the websites of other companies. We have no influence on the content of the websites to which these links lead. We are therefore unable to accept any guarantee or liability for their content. The relevant provider or operator is always responsible for the content of these sites. The linked sites were investigated for possible infringements of the law and identifiable breaches of rights at the time the links were created. No unlawful content was discernible at this time. However, on-going checks of the linked sites are impractical without specific indications of wrong-doing. Links of this nature are removed immediately if we become aware of any infringements of the law.

Promotional purposes established customers (Article 6 (1) Letter f GDPR)

VALEO IT Services International GmbH is interested in cultivating the supplier/customer relationship with you and will arrange for information and offers about our products and services (specify the promotional purposes) to be sent to you. We therefore process your data so that we are able to send you corresponding information and offers by email. If you do not wish to receive such material, you may object to the use of your personal data for the purpose of direct advertising at any time; this also applies to profiling to the extent that it is related to direct marketing. If you inform us of your objection we will cease to process your data for this purpose. You may file the objection in any form and without giving reasons. No charge is made for the objection. If possible, send your objection to [+49 (9607) 82 19 4 0], or by email to datenschutz@valeo-it.com or by post to [In der Scheibe 3, 92706 Luhe-Wildenau].