ABONA Verwaltungs GmbH takes the protection of your personal data very seriously. For this reason, we would like to inform you here about the personal data we collect and how we handle it.
The person responsible within the meaning of the Basic Data Protection Regulation and other applicable data protection laws of the Member States of the European Union is
ABONA Verwaltungs GmbH
Heinrich-Blanc-Straße 30 | 76646 Bruchsal Deutschland
Tel.: +49 7251 9760-0
Data protection officer for the processing of data is
Data subjects can contact our data protection officer directly at any time with all questions and suggestions regarding data protection.
A data protection declaration must clearly indicate the handling of personal data on the website. To ensure this, we would like to explain the terms used in advance.
Personal data means any information relating to an identified or identifiable natural person (hereinafter referred to as "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. IP address or cookies) or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Processing is any operation or set of operations which is performed upon personal data, whether or not by automatic means. This basically includes any handling of personal data such as collection, storage, modification, use, transmission, dissemination, deletion or destruction, etc.
A controller is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. The controller shall ensure the permissibility of data processing by implementing technical and organisational measures which are to be regularly reviewed.
Pseudonymisation is the processing of personal data in such a way that the personal data cannot be attributed to a specific data subject without the use of additional information, provided that this additional information is kept separately and is subject to technical and organisational measures which ensure that the personal data is not attributed to an identified or identifiable natural person.
A processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
The recipient is any natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not that person is a third party. However, authorities which may receive personal data in the context of a specific investigation mandate under Union or national law shall not be considered as recipients.
A third party is a natural or legal person, public authority, agency or body other than the data subject, the controller, the processor and the persons who, under the direct authority of the controller or the processor, are authorized to process the personal data.
Consent is an expression of self-determination under data protection law. It is the voluntary, informed and unequivocal expression of will in the specific case, in the form of a declaration or any other clearly affirmative act by which the data subject indicates that he or she consents to the processing of personal data relating to him or her. Any consent given may be withdrawn at any time.
In general, we only collect data that we need to provide our services. The collection and use of your personal data is regularly only carried out with your consent or if the processing of the data is permitted by legal regulations.
Paragraph 6 of the DSGVO provides for the processing of personal data only if certain conditions are met. This means that the processing of personal data is fundamentally unlawful unless consent has been given or the processing is permitted by a legally regulated reason for consent.
Should we obtain your consent for the processing of personal data, Art. 6 para. 1 lit. a DSGVO serves as the legal basis.
In the case of processing operations which are necessary for the performance of a contract concluded between you and us or for the implementation of pre-contractual measures, Art. 6 para. 1 lit. b DSGVO serves as the legal basis.
If the processing of personal data is necessary to fulfil a legal obligation to which we are subject, such as statutory retention and storage obligations, Art. 6 para. 1 lit. c DSGVO serves as the legal basis.
In the event that vital interests of the data subject or of another natural person require the processing of personal data, Art. 6 para. 1 lit. d DSGVO is the legal basis.
If the processing is necessary to safeguard our interests or the legitimate interests of a third party and if your interests, fundamental rights and freedoms do not outweigh the first-mentioned interest, the processing of personal data is legitimised by Art. 6 para. 1 letter f DSGVO.
In principle, your data will only be passed on to third parties with your express consent, unless it is a legal obligation which we must comply with.
In order to provide our network services, we use service providers who act within the framework of order processing on the basis of Art.28 DSGVO.
This means that our order processors are carefully selected and bound by our instructions.
The DSGVO guarantees an equally high level of data protection within the European Union. Accordingly, we only permit a transfer of your personal data to a third country if the conditions of Article 44 DSGVO are met.
More precisely, this means that your data may only be processed if special guarantees are provided.
In accordance with the DSGVO, all personal data is deleted as soon as the purpose for which it was collected no longer exists. Unless there are reasons in accordance with Article 17 paragraph 3 DSGVO that prevent deletion.
We do without automatic decision making or profiling.
If we process personal data from you, you are affected in the sense of the DSGVO. You have the following rights towards us, as the person responsible
If the processing of personal data is based on your consent, you have the right to revoke this consent at any time. This revocation will not affect the lawfulness of the processing carried out on the basis of the consent.
You have the right to request information from us as to whether your data is being processed by us. If this is the case, you can request information about the following information:
We are tempted to provide you with a copy of the personal data being processed within one month of receiving your written request for information.
You have the right to have incorrect personal data corrected immediately.
We are obliged to delete personal data immediately if one of the following reasons applies:
If the personal data concerning you has been made public by us, we are obliged, in the event of the requested deletion, to take appropriate measures, including technical measures, to ensure the deletion of your data, taking into account the available technologies and implementation costs.
You do not have the right of cancellation ("right to be forgotten") insofar as the processing is necessary:
You have the right to ask us to limit the processing of your personal data if one of the following conditions is met:
If processing has been restricted in accordance with the above conditions, such personal data - apart from being stored - will be processed only with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for reasons of major public interest of the Union or a Member State.
If the restriction on processing is restricted in accordance with the above conditions, we will inform you before the restriction is lifted.
You have the right to obtain the personal data concerning you that you have provided to us in a structured, common and machine-readable format, and you have the right to transfer such data to another controller without hindrance from us, provided that the processing is based on consent or on a contract and is carried out using automated procedures.
You have the right to object at any time to the processing of personal data concerning you. We will then no longer process the personal data unless we can prove compelling reasons for processing that are worthy of protection and outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
If personal data are processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing, including profiling, insofar as it is related to such direct marketing. If you object to processing for the purposes of direct marketing, your personal data will no longer be processed for those purposes.
You have the right to complain to the supervisory authority if you believe that the processing or storage of personal data concerning you violates the DSGVO.
We only collect information from you that we need to provide our online offer.
As long as you use our website purely for information purposes, only personal data is collected which is necessary for technical reasons in order to display our website and to guarantee stability and security.
The provider of the site processes information that your browser automatically transmits. These are
These data log files are explicitly not saved.
The legal basis for the data processing is Art. 6 para. 1 letter f) DSGVO. Our "interest" within the meaning of Art. 6 para. 1 lit. f) is the operation of this website and the implementation of the protection goals of confidentiality, integrity and availability of data.
Our cookies are so-called "session cookies". They are automatically deleted at the end of your visit.
You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited.
Cookies, which are required for the electronic communication process or for the provision of certain functions requested by you, are stored on the basis of Art. 6 para. 1 lit. f DSGVO. We as website operator have a legitimate interest in the storage of cookies for the technically error-free and optimised provision of its services. No cookies are stored which track your surfing behaviour.
Existing customers can receive our free e-mail newsletter. We will only send these newsletters with your consent. For this purpose we store your data as long as the subscription of the newsletter is active.
This processing of your data for the purpose of sending the newsletter requires your consent. In addition, you must confirm that you have read the data protection declaration. For this purpose we use the double opt-in procedure in the registration process. After successful registration you will receive an e-mail in which you must click on a link to confirm your registration. In this way we prevent unauthorised third parties from registering using your e-mail address. We log the registration process in order to be able to prove the process in accordance with legal requirements. The IP address of the calling terminal device, date and time of registration are stored.
The data you provide will be stored as long as the subscription to the newsletter is active. You can cancel the subscription at any time. For this purpose there is a corresponding unsubscribe link in every newsletter. This also allows you to revoke your consent. The legal basis for the processing of your data when you have given your consent to receive newsletters is Art. 6 para. 1 lit. a DSGVO.
You can object to this use of your data at any time by sending a message to the above-mentioned contact options or using the unsubscribe link in the advertising mail.
Our newsletters may contain so-called "tracking pixels", these are pixel-sized files that are retrieved from our server when the newsletter is opened. These tracking pixels contain no personal data and are only used for statistical purposes to determine whether and which links contained in the newsletters are clicked. This information cannot be assigned to individual newsletter recipients.
Our online offer contains links to other websites. We have no influence on whether their operators comply with the data protection regulations.
We offer online services on various social media platforms in order to provide information there and to be able to contact you.
We have no influence on the processing of personal data by the respective platform operator. As a rule, when you visit our social media offers, the platform operator will store cookies in your browser, in which your usage behaviour or interests are stored for market research and advertising purposes. The user profiles obtained in this way - usually across different devices - are used by the platform operators to display personalised advertising to you. Persons who are not registered as users on the respective social media platform may also be affected by the data processing. Under certain circumstances, your data may be processed outside the area of the European Union, which may make it difficult to enforce your rights. However, when selecting such social media platforms, we make sure that the operators are committed to comply with the data protection standards of the EU.
The processing of your personal data when you visit one of our social media offers is based on our legitimate interest in a diverse external presentation of our company and the use of an effective information opportunity and communication with you. The legal basis for this is Art. 6 para. 1 lit. f DSGVO. Under certain circumstances, you may also have given your consent to a platform operator for data processing, in which case the legal basis is Art. 6 Para. 1 lit. a DSGVO.
Detailed information on data processing in connection with the use of our social media offers, opt-out options and the assertion of information rights can be obtained via the data protection declaration of the respective platform operator.
Provider: Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
Provider: LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Irland
Our offer is basically directed at adults. Persons under 16 years of age may not transmit personal data to us without the consent of their parents or legal guardians.
If you contact us by e-mail, telephone or fax, your inquiry including all personal data (name, inquiry) will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.
The processing of this data is carried out on the basis of Art. 6 para. 1 lit. b DSGVO, if your request is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures.
In all other cases the processing is based on your consent (Art. 6 para. 1 lit. a DSGVO) and/or on our legitimate interests (Art. 6 para. 1 lit. f DSGVO), as we have a legitimate interest in the effective processing of the requests addressed to us.
The data you send to us via contact requests will remain with us until you request us to delete it, revoke your consent for storage or the purpose for which the data was stored no longer applies (e.g. after your request has been processed. Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.
We offer you the opportunity to apply for a job with us (e.g. by e-mail, by post or via online application form). In the following we will inform you about the scope, purpose and use of your personal data collected during the application process.
We assure you that the collection, processing and use of your data will be in accordance with the applicable data protection law and all other legal provisions and that your data will be treated in strict confidence.
If you send us an application, we process your associated personal data (e.g. contact and communication data, application documents, notes taken during job interviews, etc.) to the extent that this is necessary to decide on the establishment of an employment relationship. The legal basis for this is § 26 BDSG-neu under German law (initiation of an employment relationship), Art. 6 para. 1 lit. b DSGVO (general contract initiation) and - if you have given your consent - Art. 6 para. 1 lit. a DSGVO. Consent may be revoked at any time. Within our company, your personal data will only be passed on to persons involved in the processing of your application.
If the application is successful, the data submitted by you will be stored in our data processing systems on the basis of § 26 BDSG and Art. 6 para. 1 lit. b DSGVO for the purpose of carrying out the employment relationship.
If we are unable to make you a job offer, you reject a job offer, withdraw your application, revoke your consent to data processing or request us to delete the data, the data you have submitted, including any remaining physical application documents, will be stored or retained (retention period) for a maximum of 6 months after completion of the application process in order to be able to trace the details of the application process in the event of discrepancies (Art. 6 para. 1 lit. f DSGVO).
You can object to this storage if you have legitimate interests that outweigh our interests.
After expiry of the retention period, the data will be deleted, unless there is a legal obligation to retain the data or another legal reason for further storage.
If it is evident that the storage of your data will be necessary after the retention period has expired (e.g. due to an imminent or pending legal dispute), the data will only be deleted when it has become irrelevant. Other statutory retention obligations remain unaffected.