1. Name and contact details of the controller and the company data protection officer
C.I.C. Software GmbH
Management: Gudars Ahrabian, Harald Cich, Rainer Eschbaumer
The company data protection officer of C.I.C. Software GmbH is:
Data Protection (PIMS) / IT forensics information security (ISMS) / Quality Management (QM)
2. Collection and storage of personal data as well as the nature and purpose of its use
a) When visiting our website
When visiting our website www.cic-software.de, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file for max. 24 hours and then deleted. The following information is collected without your intervention and stored until automated deletion:
The data mentioned is processed by us for the following purposes:
The legal basis for data processing is Art. 6 (1) (f) GDPR (GDPR = General Data Protection Regulation). Our legitimate interest follows from the data collection purposes listed above. In no case do we use the collected data for the purpose of drawing conclusions about your person.
b) Using our contact form
For questions of any kind, we offer you the opportunity to contact us via the contact form (under "Contact") on our website. The indication of a valid e-mail address and your name is required here so that we know who the request came from and are able to respond to that request in a timely manner and personally without delays. Further information (company, telephone, message) can be provided voluntarily.
The data processing for the purpose of contacting us is based on your voluntarily granted consent in accordance with Art. 6 (1) (a) GDPR.
The personal data collected by us for the use of the contact form will be automatically deleted after 5 days at the latest in order to ensure that all inquiries will be adequately answered, even in the case of higher inquiry quantities, inquiries outside of our business hours (e.g. weekends) or queries from you.
c) Using our e-mail contact
Alternatively, please contact us via the provided e-mail address under
"Write us" by pressing "SEND E-MAIL". In this case, the user's personal data transmitted by e-mail will be stored. The personal data collected by us in this context will be automatically deleted after 5 days at the latest, in order to ensure that all inquiries are also answered in the event of higher inquiry numbers, inquiries outside our business hours (e.g. weekends) or follow-up questions on your part. The legal basis for the processing of the data transmitted in the course of sending an e-mail is Art. 6 (1) (f) GDPR.
d) When using the Callback form
In addition to the use of our contact form and e-mail contact, we offer you the option to receive a callback for contact. In this case, the specification of a valid telephone number is required so that we can call you back and discuss the reason for your callback request with you. Further information can be provided voluntarily.
Data processing for the purpose of contacting us is based on your voluntarily granted consent in accordance with Art. 6 (1) (a) GDPR.
The personal data collected by us for the use of the callback form will be automatically deleted no later than 5 days after receipt, in order to ensure that all inquiries are answered even in the case of higher inquiry numbers, inquiries outside our business hours (eg weekends) or follow-up questions on your part.
3. Disclosure of data
A transfer of your personal data to third parties for purposes other than those listed below does not take place.
We only share your personal data with third parties if:
4. Cookies / Cookie-Bar (Cookie Settings
The cookie stores information resulting in connection with the specific terminal used. However, this does not mean that we are immediately aware of your identity.
In addition, to improve usability, we also use temporary cookies that are stored on your device for a specified period of time. If you visit our site again to use our services, it will automatically recognise that you have already been with us and what inputs and settings you have made, so you do not have to re-enter them.
The data processed by cookies is required for the purposes mentioned in order to safeguard our legitimate interests as well as third party interests pursuant to Art. 6 (1) (f) GDPR.
Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a notice always appears before a new cookie is stored. However, the complete deactivation of cookies can mean that you cannot use all the features of our website.
Cookie-Bar (cookie settings)
pop-up. The "Cookie Settings" button next to it will take you to a cookie bar. This cookie bar lists the analysis tools we use (Google Analytics). In the preferences, the cookie bar, that is Google Analytics, is enabled (blue background). To deactivate (grey background) you have to move the slider to the left. The same can be achieved by moving the “Activate / deactivate all sliders"
5. Integration of services/ content of third parties
Within our website, we use third party services / content to integrate their content and services, such as maps (collectively referred to as "content" or "services").
The prerequisite for this is that providers of this content perceive the IP address of the users, since without the IP address, the content could not be sent to their browser. This requires the IP address to display such content. We endeavour to use only content whose respective providers use the IP address only for the delivery of the content. Third-party vendors could also use so-called pixel tags (invisible graphics) for statistical or marketing purposes, which could be used to evaluate information such as visitor traffic on the pages of this website. Pseudonymous information may also be stored in cookies on the user's device, including, but not limited to, technical information about the browser and operating system, referring web pages, visit time, and other information about using our online offering, as well as such information from other sources.
The legal basis for the processing of the data transmitted in the course of using these services / contents is Art. 6 (1) (f) GDPR, i.e. our legitimate interest in the analysis, optimisation and economic operation of our online offer.
On our website (under "Contact") we have integrated maps of the service "Google Maps" of the provider Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. This allows us to show you interactive maps directly in the website and allows you to conveniently use the map feature.
This is done regardless of whether Google provides a user account that you are logged in to, or if there is no user account. When you are logged in to Google, your data will be assigned directly to your account. If you do not wish the data to be associated with your profile on Google, you must log out before activating the button. Google stores your data as usage profiles and uses this for purposes of advertising, market research and / or tailoring its website. Such use is carried out in particular (even for users who are not logged in) to provide appropriate advertising and to inform other users of the social network about your activities on our website. You have a right to object to the formation of these user profiles. To do so, you must contact Google.
You can make appropriate changes to modify these services / content via the following link (opt-out): https://adssettings.google.com/authenticated
6. Analysis tools
The tracking measures listed below and used by us are based on Art. 6 (1) (f) GDPR. With the tracking measures, we want to ensure the needs-based design and continuous optimisation of our website. On the other hand, we use the tracking measures to statistically record the use of our website and evaluate it for the purpose of optimising our offer for you. These interests are to be regarded as justified within the meaning of the beforementioned provision. The respective data processing purposes and data categories can be found in the corresponding tracking tools.
For the purpose of the needs-based design and continuous optimisation of our website, we use Google Analytics, a web analytics service from Google Inc. (https: //www.google.de/intl/de/about/) (1600 Amphitheater Parkway, Mountain View, CA 94043, USA, hereafter "Google"). In this context, pseudonymised usage profiles are created and cookies (see point 4) are used. The information generated by the cookie about your use of this website such as
are transferred to a Google server in the US and stored there. The information is used to evaluate the use of the website, to compile reports on website activity, and to provide other services related to website activity and internet usage for the purpose of market research and customisation of these websites. This information may also be transferred to third parties if required by law or if third parties are commissioned with the processing of this data. In no case will your IP address be merged with other data provided by Google.
This website uses Google Analytics with the extension "anonymizeIp ()". As a result, IP addresses are processed in a shortened form so personal reference can thus be excluded. As far as the data collected about you has a personal reference, it is immediately excluded and the personal data deleted immediately.
In addition, you can prevent the installation of cookies by a corresponding setting of the browser software; however, we point out that in this case not all features of this website may be fully used. In addition, you may prevent the collection of the cookie-generated data related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on: (https://tools.google.com/dlpage/gaoptout?hl=de).
For more information about privacy in connection with Google Analytics, see Google Analytics Help: https://support.google.com/analytics/answer/6004245?hl=de
7. Online job application
On our website you can apply under "Jobs" for the vacancies advertised there ("Who we are currently looking for to strengthen our Team!").
We process your applicant data only for the purpose of and in the context of the application process and on the basis of the legal regulations. The processing of the applicant data takes place in order to fulfil our (pre-) contractual obligations in the context of the application process within the meaning of Art. 6 (1) (b) GDPR, Art. 6 (1) (f) GDPR insofar as the data processing is required of us e.g. in the context of legal proceedings. The prerequisite for the implementation of this application process is that applicants provide us with the applicant data.
a) Application via application form
As part of the online application process, we will provide you with an application form. If you click on the "Jobs" link in the relevant job advertisement, you will be redirected to the respective page of this job advertisement. There you will also find the
"Apply Now” field. By clicking on this field, the application form opens. In order to send the application, form you will need your name and e-mail address so that we can contact you and address you personally.
All other information (desired position, telephone, etc.) about your application can be made on a voluntary basis, by completing the information provided in the other fields and / or using the function provided for this purpose ("Please upload your application documents ")
and uploading the appropriate files, e.g. Information on CV, certificates, earliest possible starting date and salary expectations. In addition, there is a text box ("Your message to us") available, in which you can enter further information on a voluntary basis.
b) Application via e-mail
Alternatively, you can also submit your application data / documents on the "Jobs” page by pressing the button "firstname.lastname@example.org” via your e-mail account. When applying by e-mail, however, we ask you to note that e-mails are not sent in encrypted form and therefore you must provide the encryption yourself. Therefore, we cannot take any responsibility for the transmission of the application between you as the sender and its reception on our server.
If you do not wish such a transfer, you can use the postal delivery form as an alternative to the e-mail application. The address can be found on the "Jobs" website as well as the websites of the respective job offer.
In the case of a successful application, the application data you have sent for employment purposes can be processed by us. If your application for a job offer is unsuccessful, your data will be deleted. Your application data will also be deleted if you have withdrawn your application. You are entitled to such deletion at any time.
Subject to a legitimate cancellation of the applicant, the deletion of the application data also takes place when follow-up questions on the application are raised by the applicant. Invoices for possible travel reimbursements will be archived in accordance with tax regulations.
8. Incorporation of redirect links: Facebook, XING, LinkedIn, Twitter, Instagram
On our website, we have integrated links to the social networks Facebook, XING, LinkedIn, Twitter and Instagram in the form of icons.
The icons are identified by the typefaces for the social networks (Facebook: white "f" against a blue background, XING: white "X" against a blue background, LinkedIn: white "in" against a blue background, Twitter: white (chirping) bird against a blue background; Instagram: circle with dot inside rounded square against blue background).
By clicking the corresponding icon, you will be forwarded directly to our corporate website on the social network (forwarding links).
By incorporating these redirect links on our website, we want to make our company better known. The underlying commercial purpose is to be regarded as a legitimate interest within the meaning of the GDPR, so that the legal basis for the related processing of your data is Art. 6 (1) (f) GDPR.
The respective providers are responsible for operation compliant with data protection.
By clicking on the "f" icon (redirect link) on our website, your browser will establish a direct connection to the servers of the social network Facebook (1601 South California Avenue, Palo Alto, CA 94304, USA). As a result, data (e.g. in the form of cookies - see also no. 4 Cookies) from Facebook can be transmitted directly to your browser and stored on your device. The controller therefore has no influence on the extent of the data, which Facebook collects with the help of the data sent to your browser and informs the users of the following to the best of its knowledge:
Through the sending data from Facebook to your browser, Facebook receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook account or are currently not logged in to Facebook. This information (including your IP address) is transmitted from your browser directly to a Facebook server in the US and stored there.
The use of Facebook specific features such as the "Like" button / "Share" button or communicating with us via Facebook can only be done as a registered / logged in user of Facebook. In these cases, Facebook can assign the visit to our website directly to your Facebook account and the information can also be published on Facebook and displayed to your Facebook friends.
Facebook may also use this information for the purpose of advertising, market research and tailor-made Facebook pages. For this purpose, Facebook uses user, interest and relationship profiles, e.g. for example, to evaluate your use of our website in relation to the advertisements displayed on Facebook, to inform other Facebook users about your activities on our website, and to provide other services related to the use of Facebook.
By pressing the "X" icon (redirect link) on our website, your browser establishes a direct connection to the XING servers (XING SE, Dammtorstrasse 30, 20354 Hamburg, Germany ("XING")).
This allows data (e.g. in the form of cookies - see also No. 4 Cookies) from XING to be transmitted directly to your browser and stored on your device. The controller therefore has no influence on the extent of the data, which XING collects with the help of the data sent to your browser and informs the users of the following to the best of its knowledge:
By pressing the "X" icon and following the described connection setup / procedure, XING receives the information that your browser has called up the corresponding page of our website, even if you do not have a XING profile or are currently not logged in to XING.
If you are logged in to XING, XING can immediately assign the visit to our website to your XING account. If you do not want XING to immediately assign the data collected via our website to your XING account, you must log out of XING before visiting our website.
More information on the can be found in the Data Protection Policy https://privacy.xing.com/de/datenschutzerklaerung.
By clicking the "in" link on our website, your browser connects directly to the LinkedIn servers (Linkedin Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA). LinkedIn is a social network and an online platform for professionals and executives.
This allows data (e.g. in the form of cookies - see also no. 4 Cookies) from LinkedIn to be transmitted directly to your browser and stored on your device. The controller therefore has no influence on the extent of the data, which LinkedIn collects with the help of the data sent to your browser and informs the users of the following to the best of its knowledge:
By pressing the "in" icon and following the described connection setup / procedure, LinkedIn receives the information that your browser has called up the corresponding page of our website, even if you do not have a LinkedIn profile or are currently not logged in to LinkedIn.
If you are logged in to LinkedIn, LinkedIn can instantly associate your visit to our website and / or interactions with third-party services with your LinkedIn account. If you do not want LinkedIn to directly associate the data collected through our website with your LinkedIn account,
you must log out of LinkedIn before visiting our website.
LinkedIn has submitted to the EU-US Privacy Shield: https://www.privacyshield.gov/EU-US-Framework
By clicking on the "white (chirping) bird" icon (redirect link) on our website, your browser will connect directly to the Twitter servers (Twitter, Inc., 1355 Market St, Suite 900 San Francisco, California94103, USA).
This allows data (e.g. in the form of cookies - see also no. 4 Cookies) from Twitter to be transmitted directly to your browser and stored on your device. The controller therefore has no influence on the extent of the data, which Twitter collects with the help of the data sent to your browser and informs the users of the following to the best of its knowledge:
By pressing the "white (chirping) bird" icon and the described connection establishment / procedure, Twitter receives the information that your browser has accessed the corresponding page of our website, even if you do not have a profile on Twitter or are currently not logged in to Twitter.
If you are logged in to Twitter, Twitter can immediately assign the visit to our website to your XING account. If you do not want Twitter to immediately assign the data collected via our website to your Twitter account, you must log out of Twitter before visiting our website.
More information on the can be found in the Twitter Data Protection Policy https://twitter.com/de/privacy.
Twitter has submitted to the EU-US Privacy Shield: https://www.privacyshield.gov/EU-US-Framework
By clicking on the corresponding "in" icon (redirect link) on our website, your browser establishes a direct connection to the Instagram servers (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA). This allows data (e.g. in the form of cookies - see also no. 4 Cookies) from Instagram to be transmitted directly to your browserand stored on your device. The controller therefore has no influence on the extent of the data, which Instagram collects with the help of the data sent to your browser and informs the users of the following to the best of its knowledge:
If you are logged into your Instagram account, you can link the contents of our pages to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate the visit of our pages with your user account.
9. Video surveillance in the entrance area to our business premises (access system)
In the entrance areas to our business premises, a bell with a camera is installed next to the front door. When the bell is activated, a window will appear on the screen to individual, authorized employees showing the person (head / torso area) requesting access to our business premises. The employee can open the door to this area after appropriate examination by pressing a corresponding button and grant access to the person. A recording of the person by the camera is only made when the bell is pressed.
The recordings recorded when the access system is triggered (= operation of the bell) are stored for a maximum of 48 hours and then automatically deleted by the system.
The above data is processed by us for the following purposes:
The legal basis for data processing is Art. 6 (1) (f) GDPR. Our legitimate interest follows from above-listed video surveillance purposes.
10. Data subject rights
You have the right:
11. Right to objection
If your personal data is processed based on legitimate interests in accordance with Art. 6 (1) (f) GDPR, you have the right to file an objection against the processing of your personal data in accordance with Art. 21 GDPR, provided that there are reasons for this arising from your particular situation or if the objection is directed against direct advertising. In the latter case, you have a general right to objection, which is implemented by us without you stating your particular situation.
If you would like to exercise your right to revocation or objection, please send an e-mail to email@example.com
12. Data security
We use the widely used Secure Socket Layer (SSL) method in conjunction with the highest level of encryption supported by your browser. Whether a single page of our website is transmitted in encrypted form is indicated by the closed representation of the key or lock symbol in the lower status bar of your browser.
We also take appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction or against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.
We are also certified under ISO 27001 (Information Security Management System). For further data processing in the company, we therefore use the technical and organisational security measures associated with this certification to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties. Our safety measures are continuously improved in accordance with the requirements of ISO 27001.
C.I.C. Software GmbH belongs to one of the leading software and services providers for leasing and financial services institutions.
Our software solutions are implemented and operated in all German-speaking countries (DACH) as well as other European countries. Our respective customers are companies of different sizes and direction each of them using and operating their central IT and Business Processes with our software solution.