Data protection declaration
In this data protection declaration, we, SEAK Software GmbH, inform you about the processing of personal data when using our website.
You can print out or save this data protection declaration through the usual browser functions.
1. Contact person
The contact person and responsible entity for the processing of your personal data when you visit this website as per the EU General Data Protection Regulation (GDPR) is
If you have any questions about data protection in connection with our products or the use of our website, you can also contact our data protection officer at any time. This person can be reached at the above postal address and at (keyword: “For the attention of the data protection officer”).
We expressly point out that when using this e-mail address, the content is not available exclusively to our data protection officer. If you would like to exchange confidential information, please first ask for direct contact via this e-mail address.
2. Calling up our website / access data
Every time you use our website, we collect the data that your browser automatically transmits to enable you to visit the website. These are in particular:
- IP address of the requesting device
- Date and time of the request
- Address of the website accessed and the requesting website
- Information about the browser used and the operating system of the end device
- Online IDs (e.g. device IDs, session IDs)
This data processing is necessary to technically enable you to visit the website and to ensure the long-term functionality and security of our systems. The data mentioned are also temporarily stored in internal log files for the purposes described above in order to generate statistical information about the use of our website in order to further develop our website with regard to the usage habits of our visitors (e.g. if the proportion of mobile devices increases, with which the pages are accessed) and to maintain our website administratively in general.
The legal basis for this is Art. 6 Para. 1 S. 1 lit.b GDPR, provided that the page is accessed in the course of initiating or executing a contract, and otherwise Art. 6 Para. 1 S. 1 lit.f GDPR due to our legitimate interest in the long-term functionality and security of our systems.
The information stored in the log files does not allow any direct conclusions to be drawn about your person and is deleted after a statistical analysis after 31 days at the latest.
3. Contact form
You have the option of contacting us using the contact form. In this context, we process data exclusively for the purpose of communicating with you.
The legal basis is Art. 6 Para. 1 lit. b GDPR, insofar as your details are required to answer your request or to initiate or execute a contract, and otherwise Art. 6 Para. 1 lit. f GDPR due to our legitimate interest in enabling you to contact us and for us to be able to reply to your request.
The data we collect when using the contact form will be deleted after your request has been processed.
You can apply to us for vacancies using the contact details given on the job offers page. The purpose of data collection in this case is to select applicants for the possible establishment of an employment relationship. In order to receive and process your application, we collect the following data in particular: first and last name, email address, application documents (e.g. certificates, curriculum vitae), date of the earliest possible start of the employment relationship and salary expectations. The legal basis for processing your application documents is Article 6 Paragraph 1 Sentence 1 Letter b and Article 88 Paragraph 1 GDPR in conjunction with Section 26 Paragraph 1 Sentence 1 BDSG.
A cookie is a small text file that is stored on your device by the browser. Cookies are not used to run programs or load viruses onto your computer. Most browsers are set by default to accept Cookies. However, you can adjust your browser settings so that Cookies are rejected or only saved with prior consent. If you reject Cookies, some of our offers may not properly function for you. Similar technologies include fingerprints, web beacons, tags or pixels.
In the following, the tools we use are listed by category, whereby we inform you in particular about the providers of the tools, the storage duration of the Cookies and the transfer of data to third parties. It also explains in which cases we obtain your voluntary consent to use the tools and how you can revoke it.
5.1 Legal basis and revocation
5.1.1 Legal basis
We make use both of tools that are and aren’t necessary for the operation of our website. In the case of the latter, which we explicitly identify when we employ them, the legal basis for using them is due our legitimate interest in accordance with Art. 6 Para. 1 S. 1 lit.f GDPR, to enable you to use our website more comfortably and a personalised and time-saving manner. In certain cases, these tools may also be required for the fulfillment of a contract or for the implementation of pre-contractual measures. In these cases, processing takes place in accordance with Art. 6 Para. 1 S. 1 lit. b GDPR.
We use all other tools, especially those for marketing purposes, on the basis of your consent in accordance with Art. 6 Paragraph 1 Sentence 1 Letter a GDPR and Section 15 Paragraph 3 Sentence 1 TMG, provided that usage profiles are created for the purposes of advertising or market research. Data processing using these tools only takes place if we have obtained your consent for this.
5.1.2 Obtaining your consent
To obtain and manage your consent, we use the “Borlabs Cookie” tool, a tool from Borlabs – Benjamin A. Bornschein, Rübenkamp 32, 22305 Hamburg, Germany (“Borlabs”).
This generates a banner that informs you about the data processing on our website and gives you the opportunity to consent to all, individual or none of the data processing that would use additional, optional tools. This banner appears the first time you visit our website and when you select your settings again to change them or to revoke your consent. The banner will also appear the next time you visit our website, provided you have deactivated the storage of cookies or the Borlabs cookie has been deleted or has expired.
The Borlabs Cookie does not process any personal data. The Borlabs Cookie uses a necessary Cookie (borlabs cookie). Your consent, which you gave when entering the website, is stored in it. If you delete your Cookies, you will be asked for your consent again when you access the page later.
Borlabs’ data processing is necessary to provide you with the legally required consent management and to comply with our documentation obligations. The legal basis for using Borlabs is Article 6 Paragraph 1 Sentence 1 Letter f GDPR, based on our interest in meeting the legal requirements for Cookie consent management.
5.1.3. Revocation of your consent or change in selection
You can revoke your consent for certain tools at any time. To do this, click on the following button:
There you can also change the selection of tools that you would like to use. Alternatively, you can assert your revocation for certain tools directly with the provider.
5.2 Essential tools
We use certain tools to enable the basic functions of our website (“essential tools”). Without these tools we would not be able to provide our service. Therefore, essential tools are used without consent based on our legitimate interests in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR or to fulfill a contract or to carry out pre-contractual measures in accordance with Art. 6 Para. 1 S. 1 lit. b GDPR. This includes the information given in section 5.1.2. related to the use of Borlabs Cookies.
5.3 Functional tools
We also use tools to improve the user experience on our website and to be able to offer you more functions (“functional tools”). Although these are not absolutely necessary for the basic functionality of the website, they can provide users with considerable advantages, in particular with regard to user-friendliness and the provision of additional communication, display or payment channels.
5.3.1 Google Fonts
Our website uses the Google Fonts service, which is provided to users from the European Economic Area and Switzerland by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland and to all other users by Google LLC 1600 Amphitheater Parkway Mountain View, CA 94043 , USA (collectively “Google”).
When you call up a page, your browser loads the required fonts to display texts correctly and attractively. For this purpose, your browser must establish a connection to the Google servers. This tells Google that our website has been accessed via your IP address. According to Google, such calls run separately from other Google services that require user authentication. There is no merging with other data. No Cookies are saved.
The legal basis for data processing in this context is your voluntary consent in accordance with Art. 6 Para. 1 S. 1 lit. Google Fonts provides a uniform and appealing presentation of our online presence through maintenance-free and efficient use of fonts, also taking into account any licensing restrictions for their local integration.
The server to which a connection is established can be located in the USA. In the event that personal data is transferred to the USA, we will use the Cookie banner to obtain your express consent for this data transfer in accordance with Article 49 (1) (a) GDPR. The associated risks can be found in section 8 (“Data transfer to third countries”).
Further information can be found in the frequently asked questions and in the data protection declaration by Google.
5.4 Statistics tools
In order to improve our website, we use tools for statistical recording and analysis of general usage behavior based on access data (“analysis tools”). We also use analysis services to evaluate the use of our various marketing channels.
5.4.1 Google Analytics
Our website uses Google Analytics, a web analysis service provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”). According to Google, the contact person for all data protection issues is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
We use the following data protection settings for Google Analytics:
- IP anonymisation (shortening of the IP address before evaluation so that no conclusions can be drawn about your identity)
- Automatic deletion of old logs / limitation of storage period
- Deactivated advertising function (e.g. remarketing by Google Audiences)
- Disabled personalised ads
- Disabled cross-page tracking (Google signals)
The following data are processed by Google Analytics:
- Anonymous IP address
- Referrer URL (previously visited page)
- Pages accessed (date, time, URL, title, length of stay)
- Downloaded files
- Clicked links to other websites
- possibly achievement of specific goals (conversions)
- Technical information: operating system; browser type, version and language; device type, brand, model and resolution
- Approximate location (country and possibly city, based on anonymous IP address)
Google Analytics sets the following Cookies for the specified purpose with the respective storage period:
- “_ga” for 2 years and “_gid” for 24 hours (both to identify and differentiate between website visitors by means of a user ID)
- “_gat_gtag_XXX” for 1 minute (to reduce requests to the Google server)
The legal basis for this is your consent in accordance with Art. 6 Para. 1 S. 1 lit. To withdraw your consent, see 4.1.3: “Withdrawing your consent or changing your selection”.
We have concluded an order processing agreement with Google for the use of Google Analytics.
The data arising in this context can be transmitted by Google to a server in the USA for evaluation and stored there. In the event that personal data is transferred to the USA, we have concluded standard contractual clauses with Google and we will obtain your express consent for this data transfer via the Cookie banner in accordance with Art. 49 Para. 1 S. 1 lit. a GDPR. The associated risks can be found in section 8 (“Data transfer to third countries”). You can find more information on this in Google’s data protection declaration.
5.5 Marketing tools
We do not use any tools for interest-based advertising purposes (“marketing tools”).
6. Various online presences in social networks
We maintain an online presence in social networks, among other things, to communicate with customers and interested parties and to provide information about our products and services.
User data is usually processed by the relevant social networks for market research and advertising purposes. In this way, usage profiles can be created based on the interests of the users. For this purpose, Cookies and other identifiers are stored on the users’ computers. On the basis of these usage profiles, e. g. advertisements are placed within the social networks but also on third party websites.
The legal basis for data processing is Article 6 Paragraph 1 Sentence 1 Letter f GDPR, based on our legitimate interest in effectively informing users and communicating with users. The legal basis of the data processing carried out by the social networks on their own responsibility can be found in the data protection information of the respective social network. The links below also provide you with further information on the respective data processing and the options for objection.
We would like to point out that data protection requests can most efficiently be submitted to the respective provider of the social network, as only these providers have access to the data and can take appropriate measures directly:
- LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland)
- Data protection declaration https://www.linkedin.com/legal/privacy-policy
- Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
- XING / Kununu (XING SE, Dammtorstrasse 30, 20354 Hamburg)
- Data protection declaration / opt-out: https://privacy.xing.com/de/datenschutzerklaerung
7. Data recipient
The data we collect will only be passed on if:
- you have given your express consent to this in accordance with Art. 6 Paragraph 1 Clause 1 lit. a GDPR,
- the transfer according to Art. 6 Para. 1 S. 1 lit.f GDPR is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,
- we are legally obliged to pass them on according to Art. 6 Para. 1 S. 1 lit. c GDPR or
- this is legally permissible and required according to Art. 6 Para. 1 S. 1 lit. b GDPR for the processing of contractual relationships with you or for the implementation of pre-contractual measures that are carried out at your request.
Part of the data processing may be done by our service providers. In addition to the service providers mentioned in this data protection declaration, this may include, in particular, data centers that store our website and databases, IT service providers who maintain our systems, and consulting companies. If we pass on data to service providers, they may only use the data to fulfill their tasks. The service providers have been carefully selected and commissioned by us. They are contractually bound by our instructions, have suitable technical and organisational measures to protect the rights of the persons concerned and are regularly checked by us.
In addition, data may be passed on in connection with official inquiries, court decisions and legal proceedings if this is necessary for legal prosecution or enforcement.
8. Data transfer to third countries
As explained in this data protection declaration, we use services whose providers are partially located in ‘third’ countries (such as the USA), i.e. countries whose data protection level does not correspond to that of the European Union. If this is the case and the European Commission has not issued an adequacy decision (Art. 45 GDPR) for these countries, we have taken appropriate precautions to ensure an adequate level of data protection for any data transfers. These include the standard contractual clauses of the European Union or binding internal data protection regulations.
Where this is not possible, we base the data transfer on the exceptions of Art. 49 GDPR, in particular your express consent or the need for transfer to fulfill the contract.
If a third country transfer is planned and there is no adequacy decision or suitable guarantees, it is possible and there is a risk that authorities in the respective third country (e.g. secret services) can gain access to the transmitted data in order to record and analyse them, and that the enforceability of your rights as a data subject cannot be guaranteed. If we obtain your consent via the Cookie banner, you will be informed of this at that point, too.
9. Storage duration
In principle, we only store personal data for as long as necessary to fulfill contractual or legal obligations for which we have collected the data. We then delete the data immediately, unless we still need the data within the timeframe of the statutory limitation period for evidence purposes for claims under civil law or due to statutory retention requirements.
For evidence purposes, we have to keep contract data for three years from the end of the year in which the business relationship with you ends. Any claims become statute-barred at the earliest at this point in time, in accordance with the statutory limitation period.
Even after that, we still have to save some of your data for accounting reasons. We are obliged to do so because of statutory documentation obligations that may result from the Commercial Code, the Tax Code, the Banking Act, the Money Laundering Act and the Securities Trading Act. The periods specified there for the retention of documents are two to ten years.
10. Your rights
You have the right to information about the processing of your personal data by us at any time. In this context, we will explain the data processing to you and provide an overview of the data stored about you. If the data stored by us is incorrect or no longer up-to-date, you have the right to have this data corrected. You can also request the deletion of your data. Your data can only be deleted if certain conditions are met / if data are no longer required, processing is not lawful or if other circumstances as described by Art. 17 GDPR are relevant. If, in exceptional cases, deletion is not possible due to other legal provisions, the data will be blocked so that they are only available for this specific legal purpose. You can also have the processing of your personal data restricted if, for example, the accuracy of the data is doubted on your part. You also have the right to data portability, that is, that we will send you a digital copy of the personal data you have provided on request.
To assert your rights described here, you can contact SEAK GmbH at any time using the contact details given above. This also applies if you would like to receive copies of guarantees to prove an adequate level of data protection.
Your inquiries about the assertion of data protection rights and our responses to them will be stored for documentation purposes for a period of three years and in individual cases for the assertion, exercise or defense of legal claims. The legal basis for this is Art. 6 Para. 1 lit.
You have the right to revoke your consent to us at any time. As a result, we will no longer continue the data processing which was based on this consent in the future. Withdrawing your consent does not affect the legality of the processing carried out on the basis of your consent up to the point of withdrawal.
Insofar as we process your data on the basis of legitimate interests, you have the right to object to the processing of your data at any time for reasons that arise from your particular situation. If you object to data processing for direct marketing purposes, you have a general right of objection based on your circumstances, which we will implement accordingly. If you would like to exercise your right of revocation or objection, an informal message to the above contact details is sufficient.
Finally, you have the right to complain to the data protection supervisory authority responsible for us. You can assert this right with a supervisory authority in the member state of your place of residence, your place of work or the place of the alleged violation. In Reinbek, where SEAK GmbH is headquartered, this is: Independent State Center for Data Protection Schleswig Holstein, Holsteinstrasse 98, 24103 Kiel.
11. Data security
We maintain current technical measures to ensure data security, in particular to protect your personal data from the dangers of data transfers and from third parties gaining knowledge. These are adapted to the current state of the art. To secure the personal data you provide on our website, we use Transport Layer Security (TLS), which encrypts the information you have entered.
12. Changes in the data protection declaration
We update this data protection declaration from time to time, for example when we adapt our website or when the legal requirements change.
Up to date as of: September 2020