Documente Academic
Documente Profesional
Documente Cultură
1. COMPETENT AUTHORITY
The competent authority for the processing of your personal data within the meaning of the
German Federal Data Protection Act is OSB AG, Theresienhöhe 30, 80339 Munich (hereinafter
referred to as OSB). The external data protection officer is Mr. Jörg Hermann, jmh
datenschutzberatung, Werk 1, Atelierstraße 29, 81671 Munich, info@jmh-datenschutz.de.
If you wish to object to the processing of your data by OSB in accordance with these data privacy
provisions – either as a whole or with regard to individual measures, or if you wish to exercise
your other rights (see also Section 6), or if you have questions relating to data privacy, you can
send your objection, request or questions by email, fax or letter using the following contact
details: OSB AG, Theresienhöhe 30, 80339 Munich, Fax: +49 89 23 88 57 400, email:
datenschutz@osb-ag.de
Personal data includes, but is not limited to, general personal master data (e.g. name, address,
date of birth, telephone number, email address, etc.), resumes, bank data (account number, etc.),
and data issued by authorities (e.g. driver's license number, ID card number, passport number),
value judgements (e.g. school and job references, etc.), online data (IP address, date, time and
duration of use, location data, etc.), customer data, and supplier data, etc.
OSB is an engineering service provider operating Germany-wide. Data processing at OSB is carried
out in order to provide consulting and development services to OSB customers and affiliated
companies as well as to all related ancillary operations.
Your personal data will only be used for advertising/market research purposes if you have given us
your express consent to do so.
* Customer data: Personal identification and communication data is processed for the purpose of
communicating with the customer, conducting our relevant business with the customer and,
furthermore, for initiating business contacts and informing customers.
* Supplier data: Personal identification, communication and performance data, as well as economic
and financial information, payment and bank details are processed for the purpose of
communicating with suppliers and for conducting our relevant business with the suppliers.
* Employee data: Personal identification and performance data (certificates, etc.), contract master
data, insurance data, absence period data, payment and bank details, tax and social security data,
login data, communication data, travel booking data, and vehicle booking data are processed for
the purpose of implementing and handling the relevant employment relationship, fulfilling legal
obligations, and in our legitimate corporate interest of managing, organizing and conducting our
business activities.
* Applicant data: Personal identification data, performance data (certificates, etc.), payment and
bank details, as well as travel booking data (when booking through OSB) are processed for the
purpose of initiating employment relationships, fulfilling legal obligations, and in our legitimate
corporate interest of managing, organizing and conducting our business activities, as well as for
the further development of our internal systems.
* Website visitors: Usage data is processed for providing our services, for statistical purposes and
for improving the information on our website (pseudonymized profiles in accordance with § 15 (3)
TMG – German Telemedia Act).
* Interested parties: Personal identification data, communication data and, where applicable,
economic and financial information of parties interested in OSB are processed for the purpose of
fulfilling the business objective.
* Other personal data: The personal data of other business partners (e.g. system partners,
chambers, associations, banks and authorities) is processed within the context of the respective
collaboration and thus for fulfilling our business objective.
* Service providers who are commissioned to ensure proper business operations (e.g. service
providers for delivering website and marketing content, suppliers for supporting administrative
processes, including travel service providers for handling employee business trips, landlords for
employee apartments, the Employer’s Liability Insurance Association for the administrative sector
(VBG) and the company physician within the context of occupational healthcare and occupational
safety, insurance companies for damages within the context of the employment relationship). The
legal basis for this is either Art. 28 GDPR in the case of contracted processing services or, if
applicable, § 26 BDSG – German Federal Data Protection Act (in conjunction with Art. 88 GDPR)
for the purposes of initiating or implementing an employment relationship with you
* External bodies for fulfilling the purposes mentioned under Section 2 (e.g. customers or affiliated
companies of OSB within the meaning of §§ 15 ff. AktG – German Stock Corporation Act, where
the employee is employed, or where the employee or applicant is to be employed within the scope
of the employment relationship, customers and suppliers for handling projects, credit institutions
for salary payments, tax consultants and auditors). The legal basis is generally § 26 BDSG –
German Federal Data Protection Act (in conjunction with Art. 88 GDPR) for establishing or
implementing an employment relationship with the employees, or Art. 6 (1) (f) GDPR with regard
to general operational obligations such as tax returns, audits, etc. Furthermore, this personal data
is processed for the purpose of compliance with statutory provisions and regulations, such as labor
law, tax and social law, the Money Laundering Act and international sanctions regulations (e.g. EU
Directive on combating terrorism). The legal basis is Art. 6 (1) (c) GDPR in conjunction with the
relevant provision of national law.
* Public bodies in the case of overriding legal provisions (e.g. social insurance institutions, financial
authorities). The legal basis for this is Art. 6 (1) (c) GDPR in conjunction with the relevant legal
provisions, in particular labor and social law.
* When processing data for the purposes named in Section 2.5, we partly draw on the services of
companies acting on our behalf (contracted processing services according to Art. 28 GDPR), which
have headquarters within or beyond the EU, for providing IT services, outsourcing data processing,
etc. The data is forwarded on the basis of appropriate safeguards by way of the standard
contractual clauses approved by the EU Commission (according to Art. 46 (2) (c) GDPR). However,
in this case, too, the data is processed according to our high data privacy standards, and is stored
and processed only on servers in Germany.
• Personal identification and contract master data (e.g. name, postal address, email,
telephone number)
• (Work) preferences (e.g. occupational field, type of employment)
• Education, professional experience, skills
• Application documents (e.g. certificates, references, resume, photo)
• Usage or inventory data (e.g. IP address, name of the retrieved file, date and time of
retrieval, data volume transferred, notification of successful retrieval, web browser,
originating domain)
Furthermore, we use your email address to contact you in case we conduct internal company
surveys to the improve the quality of OSB. Participation in the surveys is voluntary and the results
are used purely anonymously.
Details:
• Personal identification and contract master data (e.g. name, postal address, email,
telephone number) of business partners and their contact persons
• Order and billing data
• Payment and bank details
• Communication
• Information for and about advertising and direct marketing
Furthermore, the processing of data serves the purposes of invoicing, financial reporting, project
management, and maintaining the ongoing business relationship. This includes advertising and
direct marketing. The legal basis for this is, in each case, Art. 6 (1) (b) GDPR with regard to the
conclusion, execution and processing of contracts, insofar as you yourself are a contractual
partner, and otherwise also Art. 6 (1) (f) GDPR with regard to the processing of contracts as well
as to our other legitimate interests, such as accounting or direct marketing.
To ensure that data blocking can be taken into account at any time, this data must be kept in a
blocking file for monitoring purposes. You can make changes or revoke consent with effect for the
future by notifying us accordingly.
Purely automated decision-making within the meaning of Art. 22 GDPR does not take place.
Please contact us using the contact details listed in Section 1 if you wish to exercise these rights. If
you would like to request detailed information on all the personal data that OSB has stored about
you, you must provide proof of identity that includes a photo.
Like many other websites, we also use what are referred to as “cookies”. Cookies are small text
files that are transferred from a website server to your hard drive. Through this, we automatically
obtain certain data via your computer and your connection to the Internet, such as the IP address,
the browser used and the operating system.
Cookies cannot be used to run programs or transmit viruses to a computer. Based on the
information contained in cookies, we can simplify the navigation of our website and enable the
correct display of our web pages.
Under no circumstances will the data we collect be passed on to third parties or linked to personal
data without your consent.
Of course, you can also view our website without cookies. Internet browsers are regularly set to
accept cookies. You can disable the use of cookies at any time via your browser settings. Please
use the help function of your Internet browser to find out how you can change these settings.
Please note that individual functions of our website may not work if you have disabled the use of
cookies.
On this website we use various categories of cookies: technically necessary cookies, without which
the functionality of our website would be limited, as well as optional analysis, functional and
marketing cookies that come from third-party providers:
These cookies are essential to enable you to navigate our web pages, use their features and view
designs. They also store, for example, whether you agree to the use of cookies as well as your
selected cookie settings. These cookies do not collect any information about you for marketing
purposes nor do they store where you have been on the Internet. These cookies are usually
session-specific and expire after your visit to the website (session), unless the relevant functions
require storage beyond this (e.g. saving the cookie setting). The legal basis for the use of
technically necessary cookies and the processing of your data via these cookies is our legitimate
interest in displaying the functions of our website and making them available for use, Art. 6 (1) (f)
GDPR.
To present our content across different browsers correctly and in a visually attractive way, we use
script libraries and font libraries, such as Google Web Fonts, on this website
(https://www.google.com/webfonts/). Google Web Fonts are transferred into your browser cache
to avoid multiple loading. If the browser does not support Google Web Fonts or prevents access,
the contents will be shown in a standard font. When script libraries or font libraries are called up, a
connection is automatically triggered to the operator of the library. To do this, the browser used by
you must take up contact to the servers of Google. In this way, Google is informed that our
website has been called up by your IP address. We use Google Web Fonts to ensure that our online
presence has a consistent and attractive appearance. This represents a legitimate interest within
the meaning of Art. 6 (1) (f) GDPR.
If your browser does not support Web Fonts, a standard font will be used by your computer.
Further information on Google Web Fonts may be found at developers.google.com/fonts/faq and in
the privacy policy of Google: https://www.google.com/policies/privacy/.
Analysis cookies collect information on how visitors use a website overall, for instance which pages
they visit most often and if they receive error messages from our web pages. All the information
collected using these cookies is used solely to understand and improve the functionality and
service of the website.
The legal basis for the use of analysis cookies and the processing of your data by the provider of
these cookies is your prior consent (Art. 6 (1) (a) GDPR).
We use functional cookies to improve and simplify the use and performance of our website.
The legal basis for the use of functional cookies and the processing of your data by the provider of
these cookies is your prior consent (Art. 6 (1) (a) GDPR).
Marketing cookies are used to better target advertising to you and your interests. They are also
used to limit how often you see the same advertisement, to gauge the effectiveness of an
advertising campaign, and to understand people’s behavior after viewing an advertisement. These
cookies are typically placed by advertising networks on the pages of the website operator with the
consent of the website operator (i.e. in this case, us). They recognize that a user has visited a
website and pass this information on to others, e.g. advertising companies, or adapt
advertisements themselves accordingly. Often they are linked to a website functionality provided
by that company. We thus use these cookies to link to social networks, which can then further use
the information about your visit to target advertising to you on other websites, and to provide
information about your visit to the advertising networks we use, so that you can later be presented
with exactly the advertising that you are potentially really interested in, based on your browsing
behavior. Again, we do not merge the data collected via these cookies with other information
about our visitors.
The legal basis for the use of marketing cookies and the processing of your data by the provider of
these cookies is your prior consent (Art. 6 (1) (a) GDPR).
8.6.1 YOUTUBE
We use the YouTube.com platform to post our own videos and make them publicly available.
YouTube is offered by a third party not affiliated with us, namely YouTube LLC.
We also directly integrate videos stored on YouTube on some of our Internet pages. This
integration allows content from the YouTube website to be displayed in parts of a browser window.
However, the YouTube videos are only called up by clicking on them separately. This technology is
also referred to as “framing”.
When calling up YouTube videos, the IP address as well as other data relating to your browser are
transmitted, thereby providing certain information – in particular about which of our web pages
you have visited. For more information on data processing carried out via YouTube, please refer to
the data privacy policy of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland,
at: https://policies.google.com/privacy.
If you visit our website for the first time, you will be shown the data privacy notice on the start
page, with the consent text for optional cookies. By clicking on the individual categories and then
confirming this selection by clicking on “Accept all”, you agree to these cookie settings. You can
adjust and change these cookie settings at any time by clicking on the blue cookie logo at the
bottom right of the website pages.
The social media plugins on our website are disabled by default. To use the social media plugins,
you must activate them by clicking on the corresponding button. As long as the social media plugin
is not activated, no data will be transmitted to the social network. After activation, the social
media plugin generates a connection to the servers of the social network and remains active until
you deactivate it again or delete your corresponding cookies. Activation establishes a direct
connection with the server of the relevant social network. The content of the social media plugin is
transmitted by the social network directly to your browser, which embeds it in the website visited.
We therefore have no influence on the scope of the data collected by the social media plugin.
Please refer to the data privacy policies of the social networks for more information on the purpose
and scope of data collection, as well as on the further processing and use of the data by the
respective social networks, your rights in this regard, and the setting options for protecting your
privacy.
Facebook: https://www.facebook.com/policy.php
XING: https://www.xing.com/privacy
LinkedIn: https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-join-privacy-policy
twitter: https://twitter.com/de/privacy