Privacy Notice
As of: April 2024
The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws as well as other data protection provisions is:
UBIX GmbH
Lise-Meitner-Straße 1
DE-24941 Flensburg
Phone: +49 461 88 99 85 55
Email: info-ubix-de@samsongroup.com
You can reach our data protection officer as follows:
Data Protection Officer
Weismüllerstraße 3
60314 Frankfurt am Main
Email: privacy-ubix-de@samsongroup.com
For reasons of better readability, we have deliberately refrained from distinguishing between female and male personal designations.
1. Use of our website
1.1. Processing of personal data and its purpose
UBIX GmbH (hereinafter “UBIX” or “we”) processes users’ personal data only to the extent necessary to provide a functional website. When you use our website, the following data is processed:
- The user’s IP address
- Information about the browser used (type, version, language)
- Operating system used
- The user’s internet service provider
- Date and time of access to our website
- Files retrieved via our website
- Website or link from which the user reached our website (referrer)
- Object to be retrieved (image / page)
- Protocol (HTTPS)
- Return codes (access successful / unsuccessful)
The processing and temporary storage of the IP address is necessary to enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must be stored for the duration of the session. The log files contain IP addresses or other data that allow the user to be identified. The data is stored in log files to ensure the functionality of the website. In addition, the data serves to optimize our website and to ensure the security of our information technology systems.
Any processing of personal data takes place exclusively for the purposes stated and to the extent necessary to achieve these purposes.
We explicitly do not use cookies on our website.
1.2. Legal basis for the processing of personal data
The legal basis for the processing of the data is Art. 6 (1) (f) GDPR. The processing of the data is technically absolutely necessary in order to provide our website and to guarantee the stability and security of our systems. This also constitutes our legitimate interest. It is not possible to use our website without such data processing, i.e. you have no possibility to object.
1.3. Data erasure and storage period
We erase or block the personal data of the data subjects as soon as the purpose of storage no longer applies. In the case of data processing for the provision of the website, erasure takes place when the respective session has ended. In the case of storage of personal data in log files, erasure takes place after seven days.
2. Email contact
2.1. Processing of personal data and its purpose
You can contact us via the email addresses provided. The user’s personal data transmitted with the email is stored by us. The data is used exclusively to process the contact request and the subsequent communication. The data is not passed on to third parties in this context. If we use the data for other purposes, we obtain the user’s consent in advance.
During the transmission of an email, additional data is generated that may allow conclusions to be drawn about a specific person (IP address, host name). This data is processed to ensure error-free transmission and the security of our information technology systems.
2.2. Legal basis for the processing of personal data
If your contact relates to a contract or is a pre-contractual contact, Art. 6 (1) (b) GDPR is the legal basis. If the personal data is transmitted in the course of sending a general inquiry or another email, Art. 6 (1) (f) GDPR is the legal basis. It is our legitimate interest to process your contact requests.
2.3. Data erasure and storage period
Your data is erased after expiry of the retention periods under tax and commercial law, unless you have expressly consented to further use of your data.
3. Job applications
3.1. Processing of personal data and its purpose
We publish our current job vacancies on our website. We offer applicants the opportunity to apply for advertised vacancies by providing personal data via the email address provided. In this case, the user’s personal data contained in the email is transmitted to the human resources department of our shareholder, SAMSON AG, Weismüllerstraße 3, 60314 Frankfurt am Main, and stored there. You can find the privacy policy of SAMSON AG at https://www.samson.de/de/datenschutz/. The personal data provided in the course of an application is processed exclusively for the purpose of selecting applicants. When processing applications, we limit ourselves to the information provided directly by the applicants. This may also include information in professional online networks or job portals referred to in the application.
3.2. Legal basis for the processing of personal data
The processing of personal data is based on Art. 88 (1) GDPR in conjunction with § 26 BDSG (German Federal Data Protection Act).
3.3. Data erasure and storage period
The data is erased six months after a decision has been made on an application, unless the applicant has consented to the inclusion of their personal data in our applicant pool.
4. Place of data processing
The processing of personal data for the purposes stated above takes place exclusively within the European Union or in countries for which an adequacy decision pursuant to Art. 45 (3) GDPR exists.
5. Security
UBIX uses technical and organizational security measures to protect users’ personal data against accidental or intentional manipulation, loss, destruction or access by unauthorized persons. Our security measures are continuously improved in line with technological developments.
6. Rights of the data subject
If UBIX processes your personal data, you are a data subject within the meaning of Art. 4 No. 1 GDPR with the following rights vis-à-vis UBIX. If you wish to exercise a right, please contact our data protection officer at privacy-ubix-de@samsongroup.com.
We would like to point out that in certain cases we may request additional information from you in order to establish your identity. For example, when the right of access is exercised, this allows us to ensure that information is not disclosed to unauthorized persons.
6.1. Right of access
In accordance with Art. 15 GDPR, you can request information from us about your personal data processed by us. If possible, please specify your request in your application for access in order to make it easier for us to compile the necessary data.
6.2. Right to rectification
In accordance with Art. 16 GDPR, you have the right to request that we rectify and/or complete inaccurate personal data concerning you.
6.3. Right to erasure
In accordance with Art. 17 GDPR, you can request that your personal data be erased without undue delay. Your right to erasure depends, among other things, on whether the data concerning you is still required by us to fulfill our tasks.
6.4. Right to restriction of processing
In accordance with Art. 18 GDPR, you have the right to request that we restrict the processing of your personal data.
6.5. Right to notification
If you have asserted the right to rectification, erasure or restriction of processing against us, we are obliged under Art. 19 GDPR to notify all recipients to whom your personal data has been disclosed by us of this fact, unless this proves impossible or involves disproportionate effort. You have the right vis-à-vis us to be informed about these recipients.
6.6. Right to data portability
In accordance with Art. 20 GDPR, you have the right to receive the personal data you have provided to us in a structured, commonly used and machine-readable format in order, where applicable, to have it forwarded to another controller.
6.7. Right to object
In accordance with Art. 21 GDPR, you have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data carried out on the basis of Art. 6 (1) (e) or (f) GDPR; this also applies to profiling based on these provisions. Automated decision-making does not take place in the context of data processing for the purposes stated above.
We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds for our processing that override your interests, rights and freedoms, or the processing serves the establishment, exercise or defense of legal claims.
6.8. Right to withdraw consent under data protection law
If you have provided us with your personal data on the basis of your consent, you can withdraw this consent at any time with effect for the future, for example by email to privacy-ubix-de@samsongroup.com.
6.9. Automated individual decision-making, including profiling
In accordance with Art. 22 GDPR, you have the right not to be subject to a decision based solely on automated processing – including profiling – which produces legal effects concerning you or similarly significantly affects you. Automated decision-making does not take place in the context of data processing for the purposes stated above.
6.10. Right to lodge a complaint with a supervisory authority
If you are of the opinion that the processing of your personal data by us is not lawful, you can lodge a complaint with any data protection supervisory authority. The supervisory authority responsible for UBIX GmbH is the
State Commissioner for Data Protection Schleswig-Holstein (Landesbeauftragte für Datenschutz Schleswig-Holstein)
Holstenstraße 98
24103 Kiel
Phone: +49 431 988-1200
Fax: +49 431 988-1223
Email: mail@datenschutzzentrum.de
7. Validity of this privacy notice
Due to the further development of our website or the implementation of new technologies, it may become necessary to amend this privacy notice. We reserve the right to amend this privacy notice at any time with effect for the future. The version available at the time of your visit to the website always applies.