Our mission is to protect people by protecting their personal data.
1. Controller of personal data
This website is operated by Enobyte GmbH (“we”, “us”, Enobyte).
Tel.: +49 89 2154 7743 – 0
Further information can be found in our Legal Notice.
This document covers our processing of your personal data on our website www.enobyte.com.
For our other domains (ticket system, academy, online-assessments) we have separate privacy notices. This document also covers our processing of your personal data for other purposes such as recruitment or sales and services.
1.2. Questions regarding our processing or this policy
2. Legal grounds of our processing
We will only process your personal data if there is a legal basis to do so. Under GDPR, there are 3 legal bases that we use.
- Contractual obligation (Art. 6 (1) b) GDPR) – If we have a contract with you, we will need to store and use some information about you. The same is true if we take necessary steps at your request prior to entering into a contract.
- Legal obligation (Art. 6 (1) c) GDPR) – If there is a law forcing us to process your personal data, we have to comply.
- Balance of interests (Legitimate interest) (Art. 6 (1) f) GDPR) – Legitimate interest allows us to process personal data if it is necessary for our legitimate interests and your interests or fundamental rights and freedoms do not outweigh our interest. We will inform below if we do such processing and what interests we pursue.
2.1 Deletion of your personal data
We will generally delete your personal information as soon as we no longer require it for the purposes for which we collected it. If any legal obligation stops us from deleting your information for a certain time, we will stop access to this information, store it securely and delete it after our legal obligation is over.
You may contact us by the contact details above, or via the details on https://www.enobyte.com/contact.
We will use the information you have entered to respond to your message and take any actions you may have requested.
We do not use the information for other purposes and erase it as soon as we have completed your request, unless a legal obligation forces us to keep the information for longer.
Our basis for this processing is our contractual obligation if your message concerns purchasing services offered by us or is in relation to a current contract with us. If you have a general request, our legal basis is our legitimate interest to provide you with the best service we can.
When contacting us with a job application, please refer to the section “Recruitment” below.
Please be aware that e-mails to email@example.com, firstname.lastname@example.org, email@example.com and firstname.lastname@example.org will automatically be stored in our ticket system (https://support.enobyte.com). There, only employees responsible for your request will be able to see your message.
Our ticket system is based on the OpenSource solution Zammad and is hosted by Zammad GmbH, Marienstraße 18, 10117 Berlin.
Should you contact us via phone, you may be connected to our call centre. In those cases, an employee of the call centre will take your contact details and your request and forward it to us. Employees of the call centre are bound to confidentiality.
4. Informational use of this website
When using our website, certain personal information will be transferred to our servers automatically. This is necessary to provide you with the website. For example, our servers need to know your IP-Address to know where to send information.
If you simply use our website to get information, we will automatically receive and store the following information about you:
- Any text you enter or files you upload
- Websites visited
- Date and time of your request
- Your IP-Address
- Your computers time zone
- Your computers date and time
- The website you requested
- Which website you came from
- Information about your browser (version, language, fonts installed)
- Information about your operating system (version, language)
- Potentially other information your browser sends via the HTTP protocol.
This information is necessary for us to present you our website and show all our products and services. We have a legitimate interest to present our company with a modern looking website. As we only collect necessary information, there is no technical way for us to limit the kinds of information we receive.
We automatically delete all server-logs within 7 days. We store the logs for this time to see suspicious activities in our server and protect our infrastructure from outside attacks such as DDoS.
We use analytics to better understand how users find our website. No cookies are placed, and all analysis is done with the Metadata automatically provided by you when visiting the website. We host the server for these analytics ourselves.
5. Seminars and Events
On occasion we also offer seminars or events, which you can register for. For the registration, we require at least your name and e-mail-address, and optionally further information that you can enter in the forms. In case of paid seminars, we will also require your address and company affiliation for the invoice. The e-mail-address is required to send you a confirmation link, access codes or directions, updates, and reminders.
In some seminars we will also have external speakers and experts. You may send in questions for the seminars and events, that may be answered by the speakers if time allows. If you send these in, we will store your question and send it in anonymised form to the speakers in advance.
All data processing connected to organising and holding seminars and events is based on our contractual obligation with you.
When you decide to apply to open job positions or send us your information in an unsolicited application, we will store and process all information that you provide to us. This will usually include:
- Date of birth
- Contact details
- Academic history
- Curriculum vitae
We do not need any further personal data from you to initially process your application.
If we decide to invite you to an interview, further notes may be created.
The purpose for this processing is to select and recruit suitable candidates. The legal basis is Art. 88 of the GDPR in connection with the German federal data protection law (BDSG) §26 (1). We will store your information for 6 months after closing the recruitment process to defend against possible legal claims. Afterwards, your personal data will be erased.
7. Products and services
We process personal data of contact persons of our customers and business partners to the extent necessary for the establishment of the contract, for the fulfilment of all necessary steps and to provide a high level of service and support which includes the following:
- For guidance on products, services, and campaigns offered by Enobyte
- To provide our products or services
The personal data collected from contact persons of customers and partners is the following:
- Place of employment
- Contact details such as telephone number and e-mail address
- Further information as printed on business cards or otherwise provided to us
Generally, the basis for the processing of personal data is our legitimate interest to conduct business with the contracting company, to fulfil the contract, develop better products and services and provide a high level of support.
The processing is based on our contractual obligation if you are in contract with us directly or if the processing is necessary to carry out pre-contractual measures to this effect. The data shall be deleted upon termination of the business relationship or when the contact person changes unless legal retention periods exist.
We may contact you for marketing and survey analysis on the company’s products and services. This processing is based on our legitimate interest to develop better products and understand our customers better, as well as our legitimate interest to provide relevant marketing for similar products. You may object to this processing for marketing purposes at any time.
8. Social Media
We operate social media pages for the purpose of self-marketing and promotion of our products.
We are present on the following platforms:
When you visit our sites, the platforms will collect data about your behaviour and interests and might provide us with an anonymized analysis of our user groups and interactions. We have no influence over the creation and display of these analyses and cannot stop the collection or processing of your data for this matter.
We might receive the following data, separated into categories of users:
- Total number of visits,
- Interactions with our posts,
- Proportion of male and female visitors,
- Origin of the visit,
- Clicks on certain contents such as maps or contact information,
- Reach of our posts
If you directly interact with our content (such as “Liking” or “Retweeting” it), we will be able to directly identify you. Should you wish to restrict this linking of your account and our social media page, please use the functionality offered on each platform to unfollow us.
We use these data and our presence on social media to present ourselves in a modern way to a large audience. The usage of this data, as well as the operation of the page is based on our legitimate interest for efficient, effective and interactive promotion.
Furthermore, the platforms might use your data for their own purposes for market research and advertisement. Cookies might be stored on your computer, which are used to analyse our usage behaviour. Other information on your devices, internet connection and more can be collected and connected to your account. The platforms might create a profile on you, even if you are not logged in or have no account. These profiles can be used to show you targeted advertisement on different platforms.
In some cases, your data will be processed outside of the European Union. Specifically a data transfer to the US cannot be ruled out. For these cases, we have concluded Standard Contractual Clauses (SCCs) approved by the European Commission with the platform operators.
You have the right to enforce your rights regarding our social media pages and the Page-Insights at any time against us or the platform. However, we advise you that in any case, the platform will deal with the request. Should you have any questions, you may contact us via the contact details mentioned above.
Further information on the platforms:
- LinkedIn is a business platform, offered by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland with the parent company LinkedIn Corporation, 1000 W. Maude Ave., Sunnyvale, California 94085.
We have concluded a joint controllership-agreement with LinkedIn which you may reference here: https://legal.linkedin.com/pages-joint-controller-addendum
In summary, LinkedIn is competent for all processing activities regarding your personal data on their platform. They also are competent to fulfil the data subject rights. You have the right to enforce your rights regarding our LinkedIn page and the page-insights at any time against us or the platform. If you contact us, we will forward your request to LinkedIn.
Should you have an account with LinkedIn, you can adjust your privacy settings here: https://www.linkedin.com/psettings/
- YouTube is a video platform, provided by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland with the parent company Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043.
To change your setting for ads and turning of personalized ads, please follow this link: https://adssettings.google.com/authenticated
- Twitter is a social media platform, provided by Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland with the parent company Twitter, Inc., 1355 Market Street #900, San Francisco, California 94103.
You can find information on the privacy settings offered by Twitter here: https://help.twitter.com/en/safety-and-security/twitter-privacy-settings
To adjust your privacy options regarding ads, follow the information here: https://help.twitter.com/en/safety-and-security/privacy-controls-for-tailored-ads
9. Your Rights
At any time you can exercise your rights by contacting us directly or our data protection officer whom you can contact via email@example.com.
Please be aware that we might ask for some sort of verification of identity in order to safeguard other data subjects. These verifications will be made as non-intrusive as possible.
- Right of access
- Right to rectification
- Right to erasure
- Right to restriction of processing
- Right to data portability
- Right to revoke your consent
Statutory limits may apply that can restrict your rights. For example if your request interferes with the rights and freedoms of a third person, your right to access may be limited.
In any case, we will answer your request within 30 days and in case we deny your request fully or in part, we will explain the reasons for this.
9.1. Right to lodge a complaint with a supervisory authority
At any time, you may lodge a complaint about our data processing activities with a supervisory authority, for example:
Bayerisches Landesamt für Datenschutzaufsicht
9.2. Right to object
You have the right to object to any processing we do on grounds of our legitimate interest, if your particular situation challenges our balance of interests.
Unless we can demonstrate legitimate grounds for the processing which overrides your interests, rights, and freedoms, and if we do not need your personal data for the establishment, exercise of defence of legal claims, we will no longer process your personal data.