privacy policy

Thank you for visiting the website of dosmatix GmbH (hereinafter “dosmatix” or “we”) and your interest in our company and products. Data protection is especially important to dosmatix’s management. This Privacy Policy is intended for visitors of our website and users of our career portal if you submitted an application to us.

You may use our website without disclosing personal data. However, special services of our company’s website may require personal data to be processed.

Personal data, e.g., a data subject’s name, address, email address or telephone number, will only be processed in compliance with the EU General Data Protection Regulation and national data protection laws applicable to dosmatix. This Privacy Policy will inform the public about the type, scope and purpose of personal data collected, used and processed by us and explain the rights of data subjects.

As the controller, we implemented various technical and organizational measures to ensure seamless protection of personal data processed via this website. Nonetheless, Internet-based data transmissions may be subject to vulnerabilities and absolute protection cannot be guaranteed. Data subjects may therefore also transmit personal data to us through alternative means, e.g., by telephone.

1. Definitions

The Privacy Policy of dosmatix uses the definitions of EU legislators in the General Data Protection Regulation (GDPR).

2. Name and Address of Controller

The controller within the meaning of the General Data Protection Regulation, other data protection laws of EU member states and other data protection-related provisions is:

dosmatix GmbH
Abensberger Straße 9
D – 93352 Rohr i. NB

The company is represented by its CEO, Mr. Thiemo Karl.

3. Data Protection Officer

If you have questions about the processing of your personal data, please do not hesitate to contact our data protection officer, Ms. Elina Erbes.
Our data protection officer may be contacted at dosmatix GmbH, Abensberger Straße 9, D – 93352 Rohr i. NB, Germany, datenschutz@dosmatix.com.

4. Cookies

Our website uses cookies. Cookies are text files placed and stored on a computer by a browser.

Many websites and servers use cookies. Many cookies include a so-called cookie ID. A cookie ID is a unique identifier of the cookie and consists of a string of characters that enables websites and servers to be assigned to the browser on which the cookie is stored. This allows visited websites and servers to distinguish the browser of the data subject from other browsers with different cookies. A browser may be recognized by the unique cookie ID. Cookies enable us to provide users with more user-friendly services that would not be possible without cookies on our website.

Cookies help us optimize information and offers on our website for the user and, as stated, enable visitors to be recognized. This recognition makes it easier for users to use our website. For example, users of a website with cookies do not have to enter their access data during every visit because this will be done by the website and the cookie on the user’s computer. Another example are cookies of an online shop’s shopping cart which allow the online shop to remember which items a customer placed into the virtual shopping cart.

Through their browser settings, data subjects may prevent and permanently disable the placement of cookies by our website. Placed cookies may also be deleted at any time by using a browser or other software program. This is possible on all common browsers. However, disabling cookies may prevent the data subject from using every function of our website.

We use the following categories of cookies:

Technically Necessary Cookies 

Technically necessary cookies are cookies that are required for our website to function properly. The legal basis for such processing is Article 6 (1) (f) of the GDPR. We have a legitimate interest in the proper functioning of our websites.

5. Collection of General Data and Information

Every time it is accessed by a data subject or automated system, our website collects general data and information. This general data and information will be stored in our server’s log files. Collected data may include the (1) browser type and versions, (2) operating system of the accessing system, (3) website from which an accessing system reaches our website (so-called referrer URL), (4) sub-pages of our website opened by the accessing system, (5) time and date of access to our website, (6) Internet protocol address (IP address), (7) Internet service provider of the accessing system and (8) similar data and information for protection against attacks on our IT systems.

When using this general data and information, we do not identify the data subject. This information is only needed to (1) properly display the content of our website, (2) optimize the content of our website and advertisements, (3) ensure functioning IT systems and technology of our website and (4) provide necessary information to law enforcement authorities in case of cyberattacks. We will therefore also assess this anonymously collected data and information statistically to increase data protection and data security at our company and ensure an optimal level of protection of processed personal data. Anonymous data of server log files will be stored separately from any personal data disclosed by a data subject. This data will only be collected for our legitimate interests (e.g., secure website operation) on the basis of Article 6 (1) of the GDPR. Server Log data will be automatically erased after 28 days.

6. Contact Options on Our Website

In compliance with legal requirements, our website provides fast electronic options to contact our company and communicate directly with us, including via a general so-called electronic mail (email) address. If a data subject contacts our controller by email or via a contact form, the personal data transmitted by the personal data will be stored automatically. Such personal data transmitted to our controller voluntarily by the data subject will be stored to process the inquiry and contact the data subject. Personal data will not be transferred to third parties. The legal basis for such processing is Article 6 (1) (b) of the GDPR.

7. Routine Erasure and Blocking of Personal Data

The controller only processes and stores personal data of data subjects for the period necessary for the purpose of storage or required by EU or national laws or regulations applicable to the controller.

If the storage purpose no longer applies or storage period required by EU or national law expires, personal data will be routinely blocked or erased as required by the law.

8. Data Subject Rights

As the data subject, you have various rights, especially under Article 15 et seq. of the GDPR.

  • Right of access: You have the right to obtain confirmation as to whether personal data concerning you is being processed and access to and a copy of this data in accordance with the law.
  • Right to rectification: You have the right to obtain rectification of personal data concerning you and to have incomplete personal data completed.
  • Right of erasure (right to be forgotten): Under Article 17 of the GDPR, you have the right to obtain erasure of personal data concerning you without undue delay.
  • Right to restriction of processing: You have the right to obtain restriction of processing in accordance with the law.
  • Right to data portability: Under Article 20 of the GDPR, you have the right to receive in a structured, commonly used and machine-readable format the personal data concerning you that you provided to us and to have this data transmitted to another controller.
  • Right to withdraw consent: You have the right to withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
  • Right to object: Under Article 21 of the GDPR, you have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Article 6 (1) (e) or (f) of the GDPR, including profiling based on these provisions. Where personal data is processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, including profiling to the extent that it is related to such direct marketing.
  • Right to lodge a complaint with a supervisory authority: If you consider the processing of your personal data to infringe the GDPR, you have the right to lodge a complaint with a supervisory authority.

9. Data Protection of Applications and During the Application Process

Personal data from applicants is collected and processed by the controller to complete the application process. Personal data may also be processed electronically, especially if application documents (e.g., application letters, CVs or reports) are submitted to the controller electronically, e.g., by email or via the webform on our website. The legal basis for such processing is Article 6 (1) (b) of the GDPR and Section 26 of the German Federal Data Protection Act [Bundesdatenschutzgesetz (BDSG)]. Processing personal data is necessary to decide whether to establish an employment relationship with the applicant.

If the controller concludes an employment contract with an applicant, the transmitted data will be stored and processed in compliance with legal requirements to establish the employment relationship. The legal basis for such processing is Article 6(1) (b) of the GDPR and Section 26 of the German Federal Data Protection Act [Bundesdatenschutzgesetz (BDSG)]. If the controller does not conclude an employment contract with the applicant, the application documents will be automatically deleted 6 months after announcing the rejection, unless deletion is prevented by legitimate interests of the controller in further processing. Other legitimate interests within this meaning include, e.g., proceedings under the German Act on Equal Treatment [Allgemeines Gleichbehandlungsgesetz (AGG)].

To process applications, we use the service of Personio GmbH, Rundfunkplatz 4, D – 80335 Munich, Germany (hereinafter “Personio”). Personio is a human resource and application management software. We concluded a processing agreement with Personio GmbH in which Personio GmbH agreed to comply with the GDPR and other data protection laws.

For further information about Personio, please see www.personio.de, For the Privacy Policy of Personio GmbH, please see www.personio.de/privacy-policy/.

10. Use of Google Analytics

With your consent, this website uses Google Analytics 4, a web analysis service of Google LLC. The controller for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).

Scope of Processing
Google Analytics uses cookies that enable your use of our website to be analyzed. The information collected by these cookies about your use of our website will normally be transmitted to and stored on a Google server in the US.

We use the User ID function which allows us to assign one or several sessions (and the activities during these sessions) to a unique permanent ID and analyze user behavior across devices.

We use Google signals which collect additional information from Google Analytics about users who activated personalized ads (interests and demographic data) to display remarketing campaigns to these users across their devices.

Google Analytics 4 automatically anonymizes IP addresses. Due to this IP anonymization, Google will shorten your IP address in a member state of the EU or in another state party to the Agreement on the European Economic Area. Only in exceptions will your full IP address be transmitted to a Google server in the US and shortened there. According to Google, the IP address transmitted by your browser via Google Analytics will not be merged with other Google data.
When you visit our website, your user behavior will be documented in form of “events.” These may include:

  • Page views
  • First visit to our website
  • Start of the session
  • Your “click path,” interaction with our website
  • Scrolling (whenever a user scrolls to the end (90%) of a page)
  • Clicks on external links
  • Internal search requests
  • Interaction with videos
  • Downloads
  • Viewed / clicked ads
  • Language settings

The following may also be collected:

  • Your approximate location (region)
  • Your (shortened) IP address
  • Technical information about your browser and devices (e.g., language settings, screen resolution)
  • Your Internet service provider
  • Referrer URL (the website/ad from which you reached our website)

Purposes of Processing
The reports provided by Google Analytics allow us to analyze the performance of our website and the success of our marketing campaigns.

Recipients
Data recipients are/may include:

  • Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (as the processor within the meaning of Article 28 of the GDPR)
  • Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA
  • Alphabet Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA

It cannot be excluded that data stored by Google may be accessed by US authorities.

Transfers to Third Countries
In case data is processed outside of the EU/EEA with no level of protection equivalent to EU standards, we concluded EU standard contractual clauses with our service provider to ensure an adequate level of data protection. The parent company of Google Ireland, Google LLC, is based in California, USA. Data transfers to the US and access by US authorities of data stored by Google cannot be excluded. he US is currently considered a third country under data protection law and does not provide the same rights as the EU/EEA. You may have no legal remedies against access by US authorities.

Storage Period
Data that we send and is linked to cookies will be automatically erased after 2 month. Data whose storage period expired is automatically erased each month.

Legal Basis
The legal basis for processing such data is your consent under Article 6 (1) (a) of the GDPR [IF APPLICABLE: Article 49(1)(a) of the GDPR].

Withdrawal
You may withdraw your consent with future effect at any time by changing the configuration of your cookie settings. The withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.

You may also disable cookies through your browser settings. However, configuring your browser to block all cookies may limit functions of our and other websites. Furthermore, you may prevent Google from collecting and processing data collected by cookies about the use of our website (including your IP address) by:

a. Not consenting to cookies or
b. Downloading and installing the browser add-on to disable cookies of Google Analytics 
HERE.

For further information about Google Analytics’ Terms of Service and Google’s Privacy Policy, please see https://marketingplatform.google.com/about/analytics/terms/us/ and https://policies.google.com/.

11. Google Tag Manager

We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The Google Tag Manager is a tool that allows us to embed tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create user profiles, does not store cookies and does not perform any independent analyses. It only serves to manage and play out the tools integrated via it. However, the Google Tag Manager records your IP address, which may also be transferred to Google’s parent company in the United States.

The use of the Google Tag Manager is based on Art. 6 (1) lit. f DSGVO. The website operator has a legitimate interest in a quick and uncomplicated integration and management of various tools on his website. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) as defined by the TTDSG. The consent can be revoked at any time.

12. Google Ads

The website operator uses Google Ads. Google Ads is an online advertising program of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ads enables us to play advertisements in the Google search engine or on third-party websites when the user enters certain search terms on Google (keyword targeting). Furthermore, targeted advertisements can be played on the basis of user data available at Google (e.g. location data and interests) (target group targeting). As the website operator, we can evaluate this data quantitatively by analyzing, for example, which search terms led to the display of our ads and how many ads resulted in corresponding clicks.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG. The consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://policies.google.com/privacy/frameworks and https://privacy.google.com/businesses/controllerterms/mccs/.

13. Google Conversion-Tracking

This website uses Google Conversion Tracking. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

With the help of Google conversion tracking, Google and we can recognize whether the user has performed certain actions. For example, we can evaluate which buttons on our website were clicked how often and which products were viewed or purchased particularly frequently. This information is used to create conversion statistics. We learn the total number of users who clicked on our ads and what actions they took. We do not receive any information with which we can personally identify the user. Google itself uses cookies or comparable recognition technologies for identification.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG. The consent can be revoked at any time.

You can find more information about Google conversion tracking in Google’s privacy policy: https://policies.google.com/privacy?hl=de.

14. Use of Google Fonts

To display fonts uniformly, this website uses so-called web fonts provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. These fonts are integrated locally. No connection to Google’s servers is established when opening our website. We use Google Fonts in the interest of a uniform and appealing display of our online offers. This represents a legitimate interest within the meaning of Article 6(1)(f) of the GDPR. If your browser does not support Google Fonts, a standard font of your computer will be displayed. For further information about Google Fonts, please see https://developers.google.com/fonts/faq and Google’s Privacy Policy https://www.google.com/policies/privacy/.

15. Use of Google Maps

This website—with your consent—uses Google Maps to display interactive maps and provide directions. Google Maps is a map service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. By using Google Maps, information about your use of this website, including your IP address and the (starting point) address entered into the directions function, may be transmitted to Google in the US.

When you open a page of our website with and consent to use of Google Maps, your browser will establish a direct connection to Google’s servers. The content of the map will be transmitted directly to your browser by Google and integrated on our website. We therefore have no influence over the scope of data collected by Google in this manner.

Based on our current knowledge, Google collects at least the following data:

Time and date of your visit to our website, the URL of the accessed website, your IP address and the (starting point) address used for the directions function.

We have no influence over and are not responsible for further processing or use of your data by Google. If you do not want Google to collect or use data about you via our website, you may disable JavaScript in your browser settings. However, this will prevent you from using the map function.

We concluded a processing agreement with Google in which we fully implemented the strict German data protection requirements when using Google Analytics. To ensure compliance with the GDPR when transferring data to third countries, Google uses so-called standard contractual clauses approved by the European Commission. For further information, please see https://privacy.google.com/businesses/compliance/#!?modal_active=none

For the purpose and scope of data collection and for further processing and use of data by Google and your corresponding rights and configuration options for the protection of your privacy, please see Google’s Privacy Policy (https://policies.google.com/privacy).

By using our website, you consent to the processing of the data collected when using the directions function of Google Maps in the above-stated manner and for the above-stated purpose. The legal basis for such processing is Article 6 (1) (a) of the GDPR.

16. SSL and TLS Encryption

For security reasons and to protect transmissions of confidential content, such as orders or inquiries you submit to us, the website operator, our website uses SSL and TLS encryption. You may recognize an encrypted connection by the URL of your browser changing from “http://” to “https://” and by the lock symbol on the address bar.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Please note that data transfers via the Internet (e.g., when communicating by email) may be subject to vulnerabilities. Complete protection of data against third-party access is not possible.

17. Personal Data Disclosure Requirements

We inform you that personal data may have to be disclosed by law (e.g., tax law) or contractually (e.g., information about the contracting party).

Concluding a contract may require the data subject to provide us with personal data which we must process. For example, the data subject must provide personal data when concluding a contract with our company. If the data subject does not disclose this personal data, a contract cannot be concluded.

Before providing personal data, the data subject must contact one of our employees. The employee will inform the data subject whether personal data must be disclosed by law or contractually or to conclude a contract and if there is an obligation to provide this personal data and will explain the consequences of non-disclosure.

18. Automated Decision-Making

As a responsible company, we do not use automated decision-making or profiling.

19. Privacy Policy Updates

This Privacy Policy may be updated at any time, is valid in its respectively current version and governed by applicable laws. This Privacy Policy was last updated on 9 January 2023.