Privacy Notice
Version 1.8
We take protecting your personal data very seriously and consequently strive to inform you comprehensively on the processing of your personal data. The following data privacy policy is designed to inform you about the type and scope and purposes of the processing of your personal data when using our website www.bildungscampus.hn or contacting us in any other form.
As a rule, we only collect your personal data directly from you. The statutory basis is, in particular, the EU General Data Protection Regulation (GDPR).
1. Controller within the meaning of Article 4 (7) GDPR
Controller for the following processing of personal data within the meaning of Article 4 (7) GDPR is the:
Schwarz Campus Service GmbH & Co. KG
Stiftsbergstraße 1
74172 Neckarsulm
Phone: +49 7131 154 8 154
E-mail: scs-marketing @mail.schwarz
2. Communication by e-mail/phone/mail/contact form
2.1 Purposes of data processing / legal bases
We treat all personal data which we receive from you by e-mail/phone/mail/contact form confidentially. We use your data solely for the purpose of processing your inquiry.
The legal basis for data processing is Article 6 (1) (f) GDPR. Our legitimate interest in the data processing arises from the objective of answering any of your inquiries, quickly rectifying damage and malfunction and thus ensuring and improving your level of satisfaction.
When you contact us and provide us with personal data as part of initiating a contract, then Art. 6 (1) l(b) GDPR constitutes the legal basis for the data processing.
If you have given us your consent, we will also process your personal data for the purpose of contacting you in order to send you personally tailored information and advertising.
The legal basis for data processing in the context of such contact is your consent pursuant to Art. 6 (1) a) GDPR. Your consent is voluntary and refusal to give it will have no effect on current or future contractual negotiations with us.
2.2 Recipients / categories of recipient
As a rule, we do not transfer the data to third parties outside Schwarz Campus Service GmbH & Co. KG. We may, where necessary for the processing of your inquiry, transfer your data to the necessary extent to other companies within the Schwarz Group.
In exceptional cases, we will have a processor process the data on our behalf. Such processors are carefully selected and bound by contract pursuant to Article 28 GDPR.
2.3 Obligation to provide your data
You are under no statutory or contractual obligation to provide personal data to us. If you however chose not to provide us with the data required for the processing of your inquiry, we may not be able to process your inquiry or respond to your concerns.
2.4 Storage time / criteria for determining storage time
We delete or securely anonymize all personal data we receive from you when you make inquiries no later than 90 days after the final response is sent to you. The information is retained for 90 days in case you contact us again after receiving a response from us on the same matter and we need to refer to our previous correspondence. Based on experience, we generally do not receive any questions concerning our responses after 90 days. If you assert your rights as a data subject, your personal data will be stored for three years after the final response in order to document the fact that we provided you with comprehensive information and that the legal requirements have been met. We keep your declaration of consent for 3 years to comply with our accountability obligations as defined in Art. 5 (2) GDPR.
Personal data that you provide to us using the "Damage & Malfunctions" contact form will be stored for 1 year in order to ensure that your report can be processed in full.
Personal data that you transfer to us as part of initiating or performing a contract is stored for a period of twelve years owing to preservation of evidence and storage obligations.
3. Data that we process when you visit our website
3.1 Purposes and legal basis of processing
When you visit our website, log files including the following content are created:
- The website from which the access occurred;
- the IP address;
- the date and time of access;
- file request of the client;
- the http response code;
- the transferred data volume;
- the information on browser type and version and operating system of the requesting computer.
The legal basis for data processing is Article 6 (1) (f) GDPR. Our legitimate interest in the data processing arises from the objective of protecting our systems and preventing misuse and fraudulent behavior for each access to this website.
We may process your personal data where necessary for the preparation and / or performance of a contractual relationship on the basis of Article 6 (1) (f) GDPR.
3.2 Recipients / categories of recipient
In exceptional cases, we will transfer your personal data to Schwarz IT KG, Stiftsbergstraße 1, 74172 Neckarsulm, Germany for support and maintenance reasons, as the website is hosted on servers provided by the Schwarz IT KG on our behalf.
3.3 Obligation to provide your data
You are under no statutory or contractual obligation to provide personal data to us. For technical reasons, the aforementioned data is however processed upon accessing our website. If you chose to no longer provide us with your data, this can only be ensured if you no longer use our website.
3.4 Storage time
We store the aforementioned data for a period of 30 days.
4. Use of cookies and tracking technologies
We, Schwarz Campus Service GmbH & Co. KG, Stiftsbergstraße 1, 74172 Neckarsulm, Germany, are the controller with respect to data processing in connection with the use of "cookies" and other similar technologies to process usage data on our website and the associated sub-domains and sub-pages.
Cookies are small text files that are stored on your end device (laptop, tablet, smartphone, etc.) when you visit our websites. Cookies do not cause any damage to your end device, nor do they contain any viruses, trojans or other malware. The cookie stores certain information that results in connection with the specific end device deployed. However, this does not mean that we receive immediate knowledge about your identity.
You may also configure your browser to ensure that a warning appears every time a new cookie is placed. This makes the use of cookies more transparent for you. You may also configure your browser to refuse acceptance of all or some cookies from certain sources. Please be advised, however, that disabling cookies may limit the functionality of this website.
4.1 Purposes and legal basis of data processing
Cookies and the other technologies used to process usage data are deployed for the following purposes, depending on the categories of the cookie / other technologies:
- Technically necessary: These are cookies and similar methods without which you cannot use our services (for example, to correctly display our website / functions you have requested, to save your login in the login area, etc.).
- Preferences: using these methods, we can take into account your actual or perceived preferences to enhance the user experience. For example, we can use your settings to display our website in a language relevant to you. They also mean we can avoid displaying products that may not be available in your region.
- Statistics: These methods enable us to tailor the design of our services by producing pseudonymized statistics about how they are used. For example, we can use them to determine how better to adapt our websites to user habits.
- Marketing: These enable us and other authorized persons to display relevant advertising content based on an analysis of your pseudonymized usage behavior. Your usage behavior can also be tracked over various websites, browsers or devices via a user ID (unique identifier).
Depending on the purpose, the use of cookies and similar technologies to process usage data involves processing the following types of personal data in particular:
Technically necessary:
- Security-related events;
- Required data.
Preferences:
This category of cookies is not used on our website.
Statistics:
- Anonymized usage profiles containing information on the use of our website. These contain in particular:
- browser type / browser version;
- operating system used;
- referrer URL (i.e. the previously visited page);
- host name of the accessing computer (IP address);
- time of the server request;
- individual user ID; and
- events triggered on the website (web browsing behavior).
- The IP address is routinely anonymized, which in principle means it is no longer possible to identify you.
Marketing:
- Anonymized usage profiles containing information on the use of our website. These contain in particular:
- individual user ID;
- events triggered on the website (web browsing behavior).
The legal basis for using preference, statistics and marketing cookies and similar technologies is your consent given pursuant to Article 6(1)(a) GDPR and section 25 (1) sentence 1 of the German Telecommunications Digital Service Data Protection Act (Telekommunikation-Digitale-Dienste-Gesetz – TDDDG). The legal basis for using technically necessary cookies and similar technologies is Article 6(1)(f) GDPR and section 25 (2) no. 2 TDDDG. We have a legitimate interest in ensuring the technical stability and security of website operation.
You may revoke/modify your consent at any time with effect for the future without this affecting the lawfulness of the previous processing based on consent before its withdrawal. Click here to make your selection.
You can find an overview of the cookies and other technologies used, together with the respective processing purposes, the storage periods and any integrated third party providers, in our cookie policy.
4.2 Recipients/Categories of recipients
When using cookies and similar technologies to process usage data, we may on occasion retain specialized service providers, particularly from the field of online marketing, to process data. These service providers process data on our behalf.
If you have consented to processing for marketing purposes, we may potentially share your user ID and the associated user profiles with third parties via the providers of advertising networks.
For information about other recipients in connection with using cookies to process data, see our cookie policy under the heading "Providers".
4.3 Adobe Analytics
This website uses the Adobe Analytics web analytics service to analyze user access to the website. Data is processed solely on the basis of your consent (Article 6(1)(a) GDPR and section 25 (1) sentence 1 of the German Telecommunications Digital Service Data Protection Act (Telekommunikation-Digitale-Dienste-Gesetz – TDDDG)), in other words if you do not give your consent, no data is processed. We use information generated during your use of our web pages (namely, the page from which the file was requested, the name of the file, the date and time of the request, the volume of data transferred, the access status such as "file transferred", "file not found", etc., a description of the type of web browser used and an anonymized IP address – truncated by the last three digits) for purposes of user navigation, statistical analyses and adapting our web pages to your needs. For this purpose, we use cookies that control your connection to our web pages during the session. A permanent cookie is set in your web browser by our provider Adobe Systems Software Ireland Limited, 4–6 Riverwalk, City West Business Campus, Saggart D24, Dublin, Ireland, to create an anonymized user profile. This permanent cookie makes it possible to recognize your browser the next time you visit our website. That serves to recognize your anonymized user profile and tailor our website to your needs.
The information stored on the Adobe servers cannot be used to directly identify you because Adobe Analytics is used with the settings "Before Geo-Lookup: Replace visitor's last IP octet with 0" and "Obfuscate IP-Removed". The setting "Before Geo-Lookup: Replace visitor's last IP octet with 0" ensures that the IP address is anonymized before geolocation by replacing the last octet of the IP address with zeros. The user's approximate location is added to the tracking packet, which still contains the full IP address, for purposes of statistical analysis. Before the tracking packet is stored, the IP address is then replaced with a single fixed IP address referred to as a generic IP address if the "Obfuscate IP-Removed" setting is configured. This means that the original full-length IP address is no longer included in a stored data record.
The data collected using Adobe Analytics technology is not used to personally identify visitors to this website. Nor is the usage data stored in the cookie merged with personal data. To prevent general tracking by Adobe, simply click on this link and confirm your objection on the page it redirects you to. In this case, Adobe will place a permanent "Do not track" cookie in your browser so that the Adobe technology is no longer used.
4.4 Obligation to provide your data
You are under no statutory or contractual obligation to provide personal data to us. You may prevent cookies from being stored by adjusting the aforementioned settings, selecting the categories of cookies accordingly or by withdrawing or modifying any consent you may have given.
4.5 Storage time
For information on the duration of storage for cookies, see our cookie policy. If "persistent" is entered in the "expiration" column, the cookie will be stored permanently until the corresponding consent is withdrawn.
5. Reservations and booking of AULA/locations on the Bildungscampus Heilbronn
5.1 Purpose of data processing and legal basis ;
We treat all personal data which we receive from you as part of the reservation and/or booking of locations confidentially. We use your data solely for the limited purpose of processing your reservation and/or booking and, where necessary, to draft the corresponding contracts. The legal basis for data processing to conclude an event agreement is Article 6 (1) l(b) GDPR.
The legal basis for data processing beyond conclusion of a contract is Article 6 (1) l(f) GDPR. Our legitimate interest in the data processing as Schwarz Campus Service GmbH & Co. KG arises from the objective of enabling and processing reservations and/or bookings of our locations by customers/business partners. This also includes that we collect data of our existing customers/business partners upon entering into an agreement with us as well as for resource planning for keeping internal statistics.
5.2 Recipients / categories of recipient
As a rule, we do not transfer the data to third parties outside Schwarz Campus Service GmbH & Co. KG. We may, where necessary for the processing of your inquiry, transfer your data to the necessary extent to other companies within the Schwarz Group.
In exceptional cases, we will have a processor process the data on our behalf. Such processors are carefully selected and bound by contract pursuant to Article 28 GDPR.
5.3 Storage time / criteria for determining storage time
The personal data that you provide us with as part of the reservation/booking of locations are stored for as long as it is required for the performance of the contractual relationship or within the above mentioned legitimate interest. You may have your data erased at any time, if and insofar as the erasure of such data does not preclude compliance with a legal obligation (e.g., statutory evidence and storage obligations covered by the German Commercial Code and the Fiscal Code of Germany).
6. Your rights as a data subject
You have the right to obtain information, free of charge, about the personal data stored about you , pursuant to Article 15 (1) GDPR.
Provided that statutory requirements are met, you have the additional right to rectification (Article 16 GDPR), erasure (Article 17 GDPR) and restriction of processing (Article 18 GDPR) of your personal data.
Provided that the data processing is based on Article 6 (1) (e) or (f) GDPR, you have a right to object under Article 21 GDPR. If you object to data processing, the controller shall cease future processing unless the controller can provide compelling and legitimate grounds for a further processing which override the data subject's interests in the objection.
If and insofar as you yourself provided the processed data, you have the right to data portability pursuant to Article 20 GDPR.
If the data processing is carried out on the basis of consent granted pursuant to Article 6 (1) (a) or Article 9 (2) (a) GDPR, you may revoke that consent at any time with effect for the future without this affecting the lawfulness of the previous processing. Please address your revocation to scs-marketing. @mail.schwarz
In the aforementioned cases, please contact our data protection officer in writing or by e-mail if questions or complaints arise. You also have the right to lodge a complaint with the data protection supervisory authority. The data protection supervisory authority located in the state in which you live or where the controller is headquartered.
7. Contact Data Protection Officer
Should you have further questions regarding the processing of your data or the exercise of your rights, you can contact the data protection officer of the controller:
Schwarz Campus Service GmbH & Co. KG
- Data protection officer -
Stiftsbergstraße 1
74172 Neckarsulm Germany
E-mail: datenschutz @mail.schwarz
Compliance
Compliance today is more complex than ever. In a global environment, we are facing growing legal challenges. That’s why we are constantly adapting our processes and systems to the legal framework. To emphasize the significance of compliance for us, we have anchored it as a corporate principle: 'We comply with applicable law and internal guidelines.' Compliance is thus an established part of our corporate culture. We have a compliance management system in place that allows you as a customer, business partner or company employee to act in accordance with uniform and binding structures.
It is important to identify potential misconduct at an early stage to ensure that we can live up to our corporate principle. One way of how we achieve this, is by having potential compliance violations reported to us. A compliance violation exists if applicable law or internal policies are violated in Germany or abroad by our employees or vis-a-vis our employees in the performance of their duties. Such violations include corruption, competition and antitrust offenses, data privacy violations, as well as accounting, financial and tax offenses. To detect compliance violations and be able to prevent them, we rely not only on our employees, but also on our customers and business partners. Should you notice any sign of a compliance violation, you can make a report through various channels. Regardless of the method you choose to raise your concern, we assure you that every report will be handled in strict confidentiality – even anonymously if you so desire.
Compliance Officer
Please contact our Compliance Officer to raise serious concerns regarding compliance violations, or if you have questions on the topic of compliance in general.
Schwarz Campus Service GmbH & Co. KG
Compliance
Stiftsbergstraße 1
74172 Neckarsulm Germany
E-mail: compliance @mail.schwarz
Online reporting system
As an additional reporting option to provide information on potential compliance violations, we have established an online reporting system. All incoming information is processed by our Compliance Officer.
Our online reporting system is an Internet-based application and can be accessed from any Internet-enabled device via the following link: Online reporting system
Compliance Counsel
We invite you to direct your concerns to our external compliance counsel, Dr. Margarete von Galen. You may contact her at any time and report information on potential company-related or employment-related criminal acts and offenses. We assure you that Dr. von Galen will carefully review the details of your report and forward your report to our compliance officer if there is concrete evidence indicating a compliance violation. As our external compliance counsel, Dr. van Galen is bound to professional secrecy. She will only forward your personal information to us with your express consent.
Contact
Dr. Margarete Gräfin von Galen
Certified criminal law specialist
Mommsenstraße 45 Germany - 10629 Berlin
Phone: +49 30 31 01 82 0
Fax +49 30 31 01 82 20
E-mail: galen @galen.de
It is of great importance to us to carefully and confidentially review all indications of compliance violations, and to counteract attested misconduct in a firm and appropriate manner. Please note that matters without connection to non-compliance cannot be dealt with via this process.
February 2024