1. Data Protection Notices
TRIACOS Consulting & Engineering GmbH (hereinafter known as “TRIACOS”, or “We” or “Us”) welcomes you to our web pages and mobile applications (also jointly referred to as “Online Offering”). Thank you for your interest in our company and our products.
Protecting your privacy when processing personal data and ensuring the security of all business data is very important to Us, and We take it into account in our business processes. We handle processing of the personal data collected when you visit our Online Offering with confi-dentiality and only in accordance with the legal provisions.
Data protection and information security are our company policy.
The controller that processes your data is TRIACOS.
Our contact data is as follows:
TRIACOS Consulting & Engineering GmbH
An den Gaerten 9
92665 Altenstadt a. d. Waldnaab, Germany
Phone: +49 9602 94455-0
Fax: +49 9602 94455-299
E-mail: info(at) triacos.de
Managing Director: Christian Gradt
Registered office of the company: Altenstadt a. d. Waldnaab
Commercial Registration Court: Weiden i.d.OPf., HRB 3394
Our data protection supervisor can be contacted as follows: email@example.com
3. Processing personal data
Personal data means any information relating to an identified or identifiable natural person, for example, names, addresses, phone numbers, e-mail addresses, contract data, posting data, and billing data that are specific identifiers of a person.
We process personal data (including IP addresses) only if there is a legal basis for this or if you, for example when you register for something, have granted your consent.
3.2. Categories of data processed
The following categories of data are processed:
- Communications data (for example, name, phone number, e-mail, address, IP address)
- Data that you enter into our forms on the homepage
- Contract master data (contractual relationship, interest in a product or contract)
- Customer history
- Contract billing and payment data
- Planning and control data
- Movement data
- Credit information (from third parties, for example credit agencies or from public directories)
3.3. Purpose of processing and legal bases
We and the service providers we appointed process your personal data for the following purposes of processing and on the following legal bases:
3.3.1. Contractual basis (preparation, performance, termination):
- Respond to requests
- Process your orders
- Prepare, negotiate and fulfill a contract with you
- Provide access to certain information and offerings
- Preparation and implementation of face-to-face meetings and virtual events
3.3.2. Legal obligation
- Administrative or judicial decision
- Tax and commercial legislation
3.3.3. Legitimate interest of Triacos
- Direct marketing
- Pseudonymized web tracking
- Improve products and services
- Online surveys (note: if we involve a market research institute for survey, it will only become active on our behalf and subject to our instructions)
- Establishment or protection of legal claims or defence of court actions
- Image and sound recordings of the events we organise for press and public relations
- Prevention of abuse or other unlawful activities
- Guarantee of data security
- Product or customer surveys via e-mail and/or phone
- Sending newsletters
3.4. Log files
Each time you use our website, certain information from your web browser is transmitted and We save it in what are known as log files (e.g. the web browser in use, operating system, domain name of the website from which you came to Us; number of visits, average time spent, web pages called). This information is not associated with a specific person
We save these log files for a short period of time before deleting them, and use the information to detect faults and for security reasons (e.g. to investigate attempted attacks). Log files for which retention is required as evidence are excluded from this deletion until the respective incident has been clarified and may, in individual cases, be transmitted to investigative authorities.
Log files are (without any or without a complete IP address) also used for analysis purposes, see also the section entitled “Web analysis”.
4. Obligation to provide personal data
To the extent that there is a contract between you and Us, you must provide the personal data which is required to begin, perform, and terminate the contractual relationship and to fulfill the associated contractual obligations or which We are obligated by law to collect. If this data is not provided, we will not typically be capable of entering into a contract with you, performing it, or terminating it.
To the extent that data processing in the context of using this website is not required to begin to begin, perform, and terminate the contractual relationship or to fulfill contractual obligations, and is also not required by law, providing your data is optional. Please take into consideration that certain functions of the website or services cannot be provided if the data required to provide it is not provided.
5. Application procedure
Appropriation of data processing
We will use your personal information and data (e.g. your name, address, contact data, application documents) exclusively for the purposes of processing your application and for recruitment in the application procedure.
Disclosure to third parties
We will not disclose your personal data to third parties, except to
- Hotel: if you require overnight accommodation - your last name and first name
- Travel agency: e.g. if you require a flight reservation – your last name, first name and date of birth
§ 26 Para. 1 BDSG is regarded as the legal basis for the processing of your applicant data. Provided you explicitly consent to the further processing of your data, Art. 6 Para. 1 lit. a EU General Data Protection Regulation (DSGVO) is regarded as the legal basis.
We will retain your personal information and data for up to six months on completion of the application procedure.
When the retention period has elapsed, your data record will be reduced to such an extent that the system will only recognise you if you make a renewed application. This is required to be able to create a unique assignment for a renewed application.
The data record for recognition purposes can no longer be used to analyse personal information and will be permanently deleted after twelve months.
Triacos does not knowingly process the personal data of children without expressly indicating that such data should be transmitted only with the consent of the person entitled to custody of the child or if applicable legal provisions intend this. Triacos uses or transmits the personal data of children as a rule only if this is allowed by law, to obtain the consent of the parents by law, or to protect the children.
7. Forwarding data
7.1. Forwarding data to other controllers
As a rule, We transmit your data to other controllers only if this data is required for fulfilling the contract, if We or a third party have a legitimate interest in forwarding the data, or if We have your consent to forward the data. Third parties may also include subsidiaries of Triacos. To the extent that data is transmitted to a third party based on a legitimate interest, this is explained in these data protection notices.
In addition, data may be transmitted to other controllers to the extent that We are obligated to do so based on legal provisions or as a result of an enforceable administrative or judicial decision.
7.2. Service providers
We engage external service providers with tasks such as sales and marketing services, con-tract management, payment processing, programming, data hosting, hotline services and implementation of virtual events. We have carefully selected these service providers and regularly monitor them and in particular the care they take in handling and securing the data that they save. We obligate all our service providers to confidentiality and to compliance with legal requirements.
8. Forwarding to recipients outside the EEA
We may also send personal data to recipients with a registered office outside the EEA in non-EU countries. In this case, We verify before transmitting data that the recipient either has an appropriate data security level (e.g. based on an adequacy decision by the EU Commission for the respective country or the agreement of what are known as EU standard contractual clauses between the European Union and the recipient) or you have granted your consent to forwarding your data.
9. Duration of saving; retention periods
As a rule, We save your data for as long as We require it in order to provide our Online Offering and the associated services or as long as We have a legitimate interest to retain your data (e.g. if We have a legitimate interest to send marketing materials to you by postal mail even after the contract has been fulfilled). In all other cases, We delete your personal data within the exception of any data that We are obligated to retain in order to fulfill legal obligations (e.g. tax law or trade law).
10. Virtual Events
To register for our virtual events, we use either a form on our website or the software service provider Microsoft Skype for Business/Teams. We process the data you provide for the purpose of processing your registration for our event, sending you a registration confirmation including a participation link, and providing you with the information shown during the event and, if applicable, the video for the recorded event. In principle, our virtual events can be recorded in image and sound. In this case, we expressly point out the recording at the beginning of the event. Our speakers, their presentations as well as contributions and questions, which can be asked by you either as word or chat contribution in anonymous form, are recorded in picture and sound.
11. External links
Our Online Offering may contain links to third-party websites – providers to which We have no affiliation. Once you click the link, We no longer hold any influence over the collection, processing or use of any personal data transmitted to third parties by clicking the link (for example, the IP address or the URL of the page on which the link is found), as the behavior of third parties is, of course, beyond our control. We cannot be held responsible for the processing of this kind of personal data by third parties.
Our employees and the service providers mandated by Us are obligated to maintain secrecy and compliance with the provisions of applicable data protection laws.
We take all technical and organization measures necessary to maintain the appropriate level of protection and to protect your personal data that We process, in particular against the risk of unintentional or unlawful deletion, manipulation, loss, change, or unauthorized publication or unauthorized access. Our security measures are continually being improved in line with technological developments.
13. Your rights as a user
To exercise your rights, please use the information provided in the section entitled “Controller”. Please first check whether you can be uniquely identified from the data.
You have the right to request information from Us about how your data is processed. In this context, you are entitled to exercise the right of access with respect to your personal information that We process. In addition, you are entitled to request that We rectify incorrect data and, to the extent that the legal prerequisites are met, to request that We complete incomplete data or delete your data. However, this does not apply for data that is required for billing or accounting purposes or that is subject to statutory retention obligations. To the extent that access to such data is not required, the processing of it will be restricted. You are also entitled to request – to the extent that the legal prerequisites are met – that We restrict the processing of your data.
Objection to data processing:
You also have the right to, at any time, object to Us processing your data. We will then stop processing your data unless We can demonstrate – in accordance with legal requirements – compelling legitimate grounds for continued processing to override your rights.
Objection to direct marketing:
Furthermore, you are entitled to object, at any time, to the processing of your personal data for advertising purposes (“advertising objection”). Please take into consideration that your with-drawal and the use of your data in the context of a campaign that has already started may overlap for organizational reasons.
Objection to data processing in the case of a legal basis for “legitimate interest”:
In addition, you are entitled to object, at any time, to Us processing your data if this is legal based on a legitimate interest. We will then stop processing your data unless We can demon-strate – in accordance with legal requirements – compelling legitimate grounds for continued processing to override your rights.
Withdrawal of consent:
To the extent that you have granted Us consent to process your data, you are entitled to with-draw consent with effect in the future. The lawfulness of processing your data until you withdraw your consent is not affected by this.
13.1. Data portability
Furthermore, you have the right to obtain data that you provided to Us in a structured, common and machine-readable format be provided to you or – where technically possible – to request that the data be transmitted to a third party.
13.2. Right to lodge a complaint with the supervisory authority:
You have the right to lodge a complaint with a data protection authority. You may contact the competent data protection authority for your place of residence or your state, or our competent data protection authority. Specifically:
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
91522 Ansbach, Germany
14. Amendments to the data protection notice
We reserve the right to change our security and data protection measures to the extent that this is required by technical developments. In these cases, We will also make corresponding adjustments to our data protection. For this reason, please always refer to the most recent ver-sion of our data protection notice.
Version dated: 01.09.2020