Business Visum GmbH (hereinafter: Business Visum) is pleased about your visit of our website and the linked interest in our company and our services. The protection of personal data when being processed and during the entire business process is a very important issue for us and we want to give you a secure feeling when visiting our internet pages.
Hereinafter we explain which information is collected during your visit of our website, how it is used and how Business Visum in general complies with the data protection regulations.
1. Name and contact data of the responsible processing person
This privacy information applies to the data processing executed by:
Responsible person: Business Visum GmbH (hereinafter: BV), Rheinaustraße 134, 53225 Bonn, Germany, email: info[at]business-visum.de, phone: +49 228 71 00 23-0 or fax: +49 30 26 39 30-199
The responsible data protection officer of BV is resident at dhpg IT-Services GmbH, Bunsenstr. 10a, 51647 Gummersbach, attn. Dr. Christian Lenz, resp. available at datenschutz[at]dhpg.de or +49 22 61 81 95-0.
2. Rights of data subjects
You have the right:
- pursuant to Art. 15 GDPR, to obtain information about your personal data processed by us. Insofar as we process your data you may request information especially about the processing purpose, the categories of personal data, the recepients of your disclosed personal data, especially recipients in third countries, the planned storage period or the criteria of determination, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint with a supervisory authority, the origin of your data, if it was not collected by us as well as the existence of an automated decision-making including profiling and, if applicable, meaningful detailed information.
- pursuant to Art. 16 GDPR, to obtain the immediate rectification of incorrect or incomplete of your personal data stored with us;
- pursuant to Art. 17 GDPR, to obtain the erasure of the personal data stored with us, unless the processing is required to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
- pursuant to Art. 18 GDPR, to obtain the restriction of processing of your personal data, if the correctness of data is disputable, the processing is unlawful, but you refuse its erasure and we do not need the data any more. On the other hand, you might need it to assert, exercise or defend legal claims or you have lodged an objection against the processing pursuant to art. 21 GDPR and it is not yet clear whether our legitimate reasons prevail your interests.
- Pursuant to Art. 20 GDPR, to obtain your personal data which you provided us, in a structured, common and machine-readable format or to demand the transfer to any other responsible person, insofar as the processing is based on your consent or a contract and the processing is made by means of automated procedures;
- pursuant to Art. 7 para. 3 GDPR, to revoke your uniquely given consent at any time. This entails that a continued processing of your personal data is prohibited and
- pursuant to Art. 77 GDPR, to lodge a complaint with the supervisory authority. As a rule, you can address to the supervisory authority at your usual place of residence or workplace or at our company headquarter.
3. Right of objection
If your personal data are processed on the basis of legitimate interests pursuant to Art. 6 seq. 1 sent. 1 lit. e or f GDPR, you have the right, pursuant to Art. 21 GDPR, to appeal against processing your personal data insofar as there are reasons resulting from your particular situation or which are directed against direct advertising.
In the first case, we will no longer process your data unless we can prove compelling reasons that prevail your interests, liberties and rights or our processing serves to assert, exercise or defend legal claims.
In the latter case you have a general right of objection which is realized by us without indicating a particular situation. If you want to make use of your right of revocation or objection, an email to info[at]business-visum.de will be sufficient.
4. Data transfer
Your personal data will not be transferred to third parties for purposes other than those listed below. We will only pass on your personal data to third parties if:
- you have expressly given your consent pursuant to Art. 6 seq. 1 sent. 1 lit. a GDPR
- the transfer pursuant to Art. 6 seq. 1 sent. 1 lit. f GDPR is required for the assertion, exercise or defence of legal claims and there is no reason to assume that you have a prevailing legitimate interest in not transferring your data,
- in the event that there is a legal obligation to transfer data pursuant to Art. 6 seq. 1 sent. 1 lit. c GDPR, and
- this is required by law and pursuant to Art. 6 seq. 1 sent. 1 lit. b GDPR for the execution of contractual relationships with you.
In addition, your personal data are processed by our order processors in compliance with instructions, insofar as this is necessary for the fulfilment of the order. Our contract processors do not have an own right to use your data.
5. Data security
We use the common SSL (Secure Socket Layer) method in connection with the highest level of encryption supported by your browser. As a rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can see whether an individual page of our website is transmitted in encrypted form by the representation of the closed bowl or lock symbol or by the use of "https" in front of the address of our (sub)website. We also use suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in accordance with technological development.
6. Third countries
Data will be transmitted by us to third countries exclusively in accordance with the statutory regulations.
Insofar as we fulfil our contract with you, data are made available to third parties. Appropriate safeguards pursuant to Art. 46 GDPR or an adequacy decision pursuant to Art. 45 GDPR are not necessary.
If you have not consented to the data transfer, if the data transfer does not serve the fulfilment of the contract or if the transfer is necessary for the assertion, exercise or defence of legal claims, the data are only transferred by us if there are suitable safeguards or an adequacy decision.
A suitable safeguard exists, for example, if the EU standard contractual clauses issued by the EU Commission have been concluded or if certification by means of a "Privacy Shield" has been obtained.
The legal basis is Art. 45 and 46 GDPR.
Specific privacy information for data processing operations on the website
1. When visiting the website
When visiting our website, the browser used on your terminal device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until it is automatically deleted:
- IP address of the requesting computer,
- date and time of access,
- name and URL of the retrieved file
- website allowing the access (referrer-URL),
- used browser and the operating system of the computer as well as the name of your access provider.
The mentioned data are processed by us for the following purposes:
- to ensure a smooth connection to our website,
- to ensure a comfortable use of our website,
- assessment of the system security and stability as well as
- for further administrative purposes.
The legal basis for data processing is laid down in Art. 6 seq. 1 sent. 1 lit. f GDPR. Our legitimate interest lies in the operation of our website and the related presentation of our company.
Your data will be erased as soon as they are not needed any more for the indicated purposes, but after 6 months at the latest.
2. When using our contact form
You can pose questions of any kind through our contact form which is available on our website. The indication of your valid email address is required enabling us to trace the sender of the enquiry and to respond to it. Further information can be given voluntarily.
Data processing for the purpose of entering into contact with us is made pursuant to Art. 6 seq. 1 sent. 1 lit. a GDPR and is based on your voluntarily given consent. The personal data collected by us for the use of the contact form will be automatically erased after you have completed your request.
If your request is directed to the conclusion of a contract, Art. 6 seq. 1 sent. 1 lit. b) GDPR serves as the legal basis. In this case, we store your data for the duration of the statutory retention periods.
3. When registering for our newsletter
If you have expressly consented in accordance with Art. 6 seq. 1 sent. 1 lit. a GDPR, we will use your email address to send you our newsletter regularly. To receive the newsletter, it is sufficient to provide an email address. Cancellation is possible at any time, for example via a link at the end of each newsletter. Alternatively, you can also send your cancellation to info[at]business-visum.deby email at any time.
We store your data until revocation of your data.
For the distribution and analysis of our newsletter we use the service provider Newsletter2Go GmbH, Nürnberger Straße 8, 10787 Berlin, Germany. Newsletter2Go processes the data only according to our instructions and has no right to use them.
Analysis of the newsletter
In our newsletters we use analysis tools to see whether a newsletter has been opened and which links have been clicked in the newsletter. This allows us to optimize the design of the newsletter for the future. Further information can be found at:
Tracking will only take place with your consent in accordance with Art. 6 seq. 1 sent. 1 lit. a GDPR, which you give us by registering for the newsletter. You can revoke this consent at any time, for example by unsubscribing from the newsletter via a link at the end of each newsletter. Alternatively, you can also send your cancellation to info[at]business-visum.de by email at any time.
When cancelling our newsletter your data will be erased.
4. When sending an application
For BV it is particularly important to ensure the highest possible protection of your personal data. All personal data collected and processed by BV within the scope of an application are protected against unauthorized access and manipulation by technical and organizational measures.
We need your personal data in the application documents to be able to regard you as an applicant in the application process and to check whether you qualify as an employee of our company. If you provide information that goes beyond this required information, you voluntarily provide it to us and consent to its processing.
Thus, the legal basis for the processing is Art. 6 seq. 1 sent. 1 lit. a and b GDPR. Withdrawal of consent is possible at any time. You can send your withdrawal at any time to info[at]business-visum.de by email.
After completion of the application process, we will store your documents for further 6 months for evidence purposes.
For a possible conclusion of a contract it is necessary to provide us with your personal data in the application documents. Otherwise we will not be able to consider you in the application process.
5. When registering on our website
On our website, we offer users the opportunity to register by providing personal data. The data are entered into a form and transmitted to us and stored. The data will not be passed on to third parties. The following data is collected in the course of the registration process:
- type of customer
- salutation, title, first name, surname
- phone number
- email address
- User name and password
The following data will also be stored at the time of registration:
- the IP address of the user
- date and time of registration
The legal basis for the processing of the data is Art. 6 seq. 1 sent. 1 lit. b GDPR.
A registration of the user is necessary for the fulfilment of a contract with the user or for the implementation of pre-contractual measures.
The data will be erased as soon as they are no longer necessary to achieve the purpose for which they were collected. This applies to the data collected during the registration process if the registration on our website is cancelled or modified. As a user you have the possibility to cancel the registration at any time. The stored personal data can be changed at any time. In this case please contact info[at]business-visum.de.
You voluntarily can enter further data in the portal, what might facilitate our assignment for you. We only store these data with your consent, which you give us by filling in these fields. You can change the data at any time in the portal or through our customer service at info[at]business-visum.de. The legal basis for the processing of this data is laid down in Art. 6 seq. 1 sent. 1 lit. a GDPR.
6. For the assignment of a service
When you place an order for one of our services, various data will be requested in addition to the registration data (see 5.) for the conclusion of the contract, in accordance with the requirements of the country of destination, so that we can process your order. This information is stored until the order is completed. For the conclusion of the contract it is necessary that you provide us with the data required for the respective service.
Depending on the destination country, it may also be necessary for you to provide personal data of third parties (e.g. spouse, parents, children, travel companions). In this case, you may only transmit the data to us if you have previously obtained the consent of this person.
The legal basis for data processing is Art. 6 seq. 1 sent. 1 lit. a, b GDPR.
We store your data as long as this is necessary for the fulfilment of the contractual obligations. Subsequently, we store the data for the duration of the statutory retention periods.
7. Cookies, analysis tools, plugins and other elements of third parties
The analysis tools used by us evaluate the user behaviour of the website visitors and enable us to optimize the website and adapt marketing measures.
We use plugins and other elements from third parties to integrate the content of these providers into our website.
a) Required first-party cookies
The use of our necessary first-party cookies serves on the one hand to make the use of our range more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages on our website. These are automatically erased after leaving our site.
In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your terminal device for a certain period of time. If you visit our site again in order to use our services, it automatically recognizes that you have already visited us and which entries and settings you have made so that you do not have to enter them again.
These data will be deleted after 6 months at the latest.
We process your data on the basis of our justified interest in the external presentation of our company via the website you have called up and to promote user friendliness. The legal basis for the processing is Art. 6 seq. 1 sent. 1 lit. f GDPR.
Most browsers automatically accept these cookies. However, you can configure your browser so that no cookies are stored on your computer or a message always appears before such a cookie is generated. However, if cookies are completely deactivated, the website may not be displayed correctly, or you may not be able to use all the functions of our website.
We use the open source software Matomo for the analysis and statistical evaluation of the use of the website. Cookies are used for this purpose. The information generated by the cookies about the website use is transferred exclusively to our servers and summarized in pseudonymous user profiles. The information is used to evaluate the use of the website and to enable a needs-based design of our website. The information will not be passed on to third parties.
In no case will the IP address be associated with other data relating to the user. The IP addresses are anonymized so that an assignment is not possible (IP masking).
The legal basis for the processing is Art. 6 seq. 1 sent. 1 lit. f GDPR. We thus exercise our legitimate interest in optimising our website for our external presentation.
8. Currency and changes of the privacy statement
This privacy statement is currently valid as of December 2019. Due to the further development of our website and offers on it or due to changed legal or official requirements, it may be necessary to amend this data protection declaration. You can retrieve and print out the current data protection declaration at any time on the website https://www.business-visum.de/en/privacy-terms/