Logo
 

Privacy Policy

The following privacy policy text can serve as a template to help you create your own privacy policy in the career portal. The content, form, and design of the privacy policy within the career portal are the sole responsibility of the customer. rexx systems GmbH assumes no liability for potential violations of the Federal Data Protection Act (BDSG), the General Data Protection Regulation (GDPR), or any other applicable regulations and laws. rexx systems GmbH is not authorized to provide legal advice on any legal matters.

rexx systems GmbH welcomes your visit to our career site and your interest in our company. We take the protection of your private data very seriously and want you to feel comfortable when visiting our website. Protecting your privacy in the processing of personal data is an important concern for us, which we take into account in our business processes. We process data collected during your visit to our site in accordance with the GDPR. If you have any further questions regarding the handling of your personal data, please feel free to contact our data protection officer.

   

1. Responsible Authority

The responsible entity for the collection, processing, and use of your personal data is:
rexx systems GmbH
Süderstraße 75-79
20097 Hamburg
(hereinafter referred to as “rexx systems”).
For questions regarding data protection, you may contact our external data protection officer:
Personal/Confidential to the Data Protection Officer
rexx systems GmbH
Süderstraße 75-79
20097 Hamburg
Email: datenschutz@rexx-systems.com
   

2. Provision of the Website

When you use the website for informational purposes only, meaning if you do not register or otherwise provide us with information (e.g., via a contact form), we collect the following technical information (log file data):
  • Operating system of the device used to visit our website
  • Browser (type, version & language settings)
  • The amount of data retrieved
  • The current IP address of the device used to visit our website
  • Date and time of access
  • The URL of the previously visited website (referrer)
  • The URL of the (sub)page accessed on the website
  • The Internet service provider of the accessing system
The collection of this data is technically necessary to display our website to you and to ensure stability and security. We (and our service provider) do not usually know who is behind an IP address. We do not combine the above-listed data with other data.

The legal basis for storing data/log files is Article 6(1) sentence 1 lit. f) GDPR. Storing log files ensures the proper functioning of the website and also serves to improve and secure our systems. No further analysis of this data (e.g., for marketing purposes) is carried out.

The data stored by rexx systems GmbH will be deleted as soon as they are no longer required for the purpose for which they were collected. This is the case after a maximum of six weeks. Extended storage is possible, in which case user IP addresses are deleted or anonymized so that the accessing client can no longer be identified.
   

3. Cookies

This website uses so-called "cookies" to make the website more user-friendly, efficient, and secure overall. Cookies are small text files that are stored on your computer system. We would like to point out that some of these cookies are transferred from our server to your computer system, usually as so-called "session cookies." "Session cookies" are automatically deleted from your hard drive at the end of your browser session. Other cookies remain on your computer system and allow us to recognize your system during your next visit (so-called persistent cookies). When accessing the website, the user is informed about the use of cookies and their consent to the processing of personal data used in this context is obtained. No personal data is stored in the cookies we use. Based on the cookies, we only receive anonymized information. Of course, you can reject cookies at any time if your browser allows it. Please note that some features of this website may not function fully or may be limited if your browser is set to reject cookies from our website.

The legal basis for the possible processing of personal data through cookies and their storage period may vary. If you have given us your consent, the legal basis is Article 6(1) sentence 1 lit. a) GDPR. If data processing is based on our overriding legitimate interests, the legal basis is Article 6(1) sentence 1 lit. f) GDPR. The stated purpose then corresponds to our legitimate interest.

Technically necessary cookies serve to simplify the use of websites. The data collected through technically necessary cookies is not used to create user profiles. The use of analytics cookies is to improve the quality of websites and their content. Through analytics cookies, we learn how the website is used and can continuously optimize our offering.

Cookies are stored on the user’s computer and transmitted to our website. Therefore, users also have full control over the use of cookies. By changing the settings in your Internet browser, you can disable or restrict the transmission of cookies. Already stored cookies can be deleted at any time. This can also be done automatically. If cookies are disabled for our website, not all functions of the website may be fully usable.
   

4. Newsletter

On some of our websites, you can subscribe to various newsletters through which we inform you about our company's activities, current service-related news, special offers, promotions, events, and competitions. The content of each newsletter is briefly described during the registration process. The legal basis for sending the respective newsletter is your consent under Article 6(1) sentence 1 lit. a GDPR in conjunction with Section 7(2) No. 3 UWG or the statutory permission under Section 7(3) UWG.

To register for our newsletters, we use the so-called double opt-in procedure. This means that after registering, we will send you an email to the provided email address asking you to confirm that you wish to receive the newsletter. If you do not confirm your registration, your information will be automatically deleted after 3 days.

The only mandatory information for sending the newsletter is your email address. Providing additional data is voluntary: This data is used to address you personally. After your confirmation, we store your email address for the purpose of sending the newsletter and until revoked. We also store your current IP address, the time of registration, and the confirmation time for up to three years after registration (statute of limitations). The purpose of this procedure is to prove your registration in case of doubt and, if necessary, to clarify any misuse of your personal data. The legal basis for logging the registration is our legitimate interest according to Article 6(1) sentence 1 lit. f GDPR in proving a previously given consent, see also Article 7(1) GDPR.

You can revoke your consent to receive the newsletter at any time and unsubscribe. You can declare your revocation by clicking on the link provided in each newsletter email or by emailing xyz@unternehmen.de.
   

5. Contact Form and Email

We provide a contact form on our website to facilitate easy communication with us. The data entered into the input fields is transmitted to and stored by rexx systems GmbH. Additionally, at the time of submission, the user''s IP address, as well as the date and time of transmission, are recorded. Alternatively, you can contact us via the provided email address. In this case, the personal data transmitted with the email will be stored. The data will not be shared with third parties and will only be used to process the inquiry.

The legal basis for processing the data is, if the user has given their consent, Article 6(1) sentence 1 lit. a) GDPR. The legal basis for processing data transmitted in the course of sending an email is Article 6(1) sentence 1 lit. f) GDPR. If the email contact is aimed at concluding a contract, the legal basis for processing is Article 6(1) sentence 1 lit. b) GDPR.

The processing of personal data is solely for handling the contact request. In the case of contact via email, this also constitutes the necessary legitimate interest in processing the data. The additional personal data processed during the submission process is used to prevent misuse of the contact form and to ensure the security of our IT systems.

The data will be deleted once they are no longer necessary for achieving the purpose for which they were collected. For personal data from the input fields of the contact form and those sent via email, this is the case when the respective conversation with the user has ended. The conversation is considered terminated when it can be inferred from the circumstances that the matter in question has been conclusively resolved.
   

6. Disclosure of Personal Data/Recipients

Your personal data will generally not be disclosed to third parties unless we are legally required to do so, the data transfer is necessary for the fulfillment of a contractual relationship, or you have explicitly consented to the transfer of your data.

Your data will only be shared with affiliated companies and service partners if they act on our behalf and support rexx systems GmbH in providing its services. The processing of your personal data by contracted service providers occurs within the framework of data processing agreements pursuant to Article 28 GDPR. These service providers only receive access to the personal information necessary for fulfilling their specific tasks. They are prohibited from sharing your personal information or using it for any other purposes, particularly for their own marketing purposes. If external service providers come into contact with your personal data, we have ensured, through legal, technical, and organizational measures as well as regular controls, that they comply with applicable data protection regulations. Specifically, this applies to the following recipients: A commercial transfer of your personal data to other companies does not take place.

We prioritize processing your data within the EU/EEA. However, there may be cases where we use service providers who process data outside the EU/EEA. In such cases, we ensure that, before your personal data is transferred, an adequate level of data protection is established at the recipient, comparable to the standards within the EU. This can be achieved through EU standard contractual clauses, binding corporate rules, or special agreements to which the company commits.
   

7. Matomo

This website collects and stores data for marketing and optimization purposes using the web analytics software Matomo (www.matomo.org). Usage profiles are created from this data under a pseudonym, and cookies are used for this purpose. Cookies are small text files that are stored locally in the browser''s cache of the site visitor. Cookies allow the recognition of the web browser. The data collected through Matomo technology (including your anonymized IP address) is transferred to our server and stored for usage analysis purposes, which helps us optimize the website. The information generated by the cookie in the pseudonymous user profile is not used to identify visitors to this website personally and is not merged with personal data about the bearer of the pseudonym. You can prevent the use of cookies and thus participation in tracking by adjusting your browser settings. However, please note that in this case, you may not be able to use all the functions of this website to their full extent.

The legal basis for processing personal data of users is Article 6(1) sentence 1 lit. a) GDPR.

The processing of users'' personal data allows us to analyze user behavior on our website. By evaluating the collected data, we can gather information on the usage of individual components of the website. This helps us continuously improve the website and its user-friendliness. Data collection and storage only occur with explicit consent pursuant to Article 6(1) sentence 1 lit. a) GDPR.

The data storage period is 4 years.

Cookies are stored on the user''s computer and transmitted to our website. Therefore, users have full control over the use of cookies. You can disable or restrict the transmission of cookies by changing the settings in your internet browser. Stored cookies can be deleted at any time. This can also be done automatically. If cookies for our website are disabled, some functions of the website may not be fully usable. More information about Matomo software’s privacy settings can be found at: https://matomo.org/docs/privacy/.
   

8. Data Subject Rights

Every data subject has the right to information under Article 15 GDPR, the right to rectification under Article 16 GDPR, the right to erasure under Article 17 GDPR, the right to restriction of processing under Article 18 GDPR, the right to object under Article 21 GDPR, and the right to data portability under Article 20 GDPR. The rights to information and erasure are subject to the restrictions outlined in Sections 34 and 35 BDSG.

a) Right to File a Complaint

You also have the right to file a complaint with the relevant data protection supervisory authority regarding the processing of your personal data by rexx systems GmbH.

b) Obligation to Provide Personal Data

There is no obligation to provide your personal data. The provision of your personal data is voluntary and has no impact on your application process.

c) Automated Decision-Making and Profiling

Automated decision-making, including profiling, does not take place.

d) Right to Withdraw Consent

You can withdraw your consent to the processing of personal data at any time with effect for the future by contacting rexx systems GmbH. Please note that withdrawal does not affect the legality of processing carried out before the withdrawal.

e) Right to Object to Direct Marketing

You have the right, under Article 21(2) GDPR, to object at any time to the processing of your personal data for direct marketing purposes. If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes. Please note that the objection is only effective for the future. Processing that occurred before the objection is not affected.

f) Right to Object in Case of Balancing of Interests

If we base the processing of your personal data on a balancing of interests, you can object to the processing under Article 21(1) GDPR. If you exercise such an objection, we ask that you explain the reasons why we should not process your personal data as we do. If your objection is justified, we will review the matter and either stop or adjust data processing or provide compelling legitimate grounds for continuing the processing.
   

9. Data Security

We have implemented extensive technical and operational security measures to protect your data from accidental or intentional manipulation, loss, destruction, or unauthorized access. Our security measures are regularly reviewed and adjusted to technological advancements.
   

10. Changes to the Privacy Policy

We reserve the right to modify or update this privacy policy at any time in compliance with applicable data protection regulations.

Current version: April 12, 2024.