Privacy policy according to the EU General Data Protection Regulation (GDPR)
In accordance with the EU General Data Protection Regulation (GDPR) applicable from 25 May 2018, we hereby inform you about the processing of your personal data by us and about the rights to which you are entitled. These notices will be updated as necessary and published at the address https://www.bantleon.com/en/privacy. There you will also find our data protection information for visitors to our website.
Insofar as we obtain the consent of the data subject for processing operations involving personal data, Article 6(1)(a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis for the processing of personal data. When processing personal data that is necessary for the performance of a contract to which the affected person is a party, Art. 6 (1) lit. b of the GDPR serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures. Insofar as the processing of personal data is necessary for the fulfilment of a legal obligation to which our company is subject, Art. 6 (1) c of the GDPR serves as the legal basis. In the event that vital interests of the affected person or another natural person make processing of personal data necessary, Art. 6 (1) d of the GDPR serves as the legal basis. If the processing is necessary to protect a legitimate interest of our companies or a third party and the interests, fundamental rights and freedoms of the affected person do not outweigh the first-mentioned interest, Art. 6 (1) lit. f of the GDPR serves as the legal basis for the processing.
Content
Who is responsible for data processing and who can be contacted?
I. General information on data processing at Bantleon
1.1. Which sources and data do we use?
1.2. What do we process your data for (purpose of processing) and on which legal basis?
1.3. Who receives your data?
1.4. How long will your data be stored?
1.5. Is data transferred to a third country or to an international organisation?
1.6. Which privacy rights do you have?
1.7. Is there an obligation for you to provide data?
1.8. To what extent is there automated decision making in individual cases?
1.9. To what extent is your data used for profiling (scoring)?
1.10. Which rights of revocation do you have?
II. Privacy policy for visitors to our website
2.1. Description and scope of collection, processing and use of personal data
2.2. Protection of your personal data and privacy
2.3. Data transmission and data flow
2.4. Right to deletion
2.5. Links to other providers
2.6. Your consent
2.7. Use of cookies
2.8. Use of Matomo for web analysis
2.9. Use of Adobe Fonts (formerly Adobe Typekit)
2.10. Vimeo video and the ePrivacy Keeper
2.11. Contact form and e-mail contact
2.12. Privacy when using our internal URL shortener
III. Privacy policy for the application process
IV. Right to complain to a supervisory authority
Who is responsible for data processing and who can be contacted?
The responsible party for the processing of personal data is the respective company of the Bantleon Group listed below with which you have a business or contractual relationship or whose business activity initiates the respective processing action:
Bantleon GmbH
An der Börse 7
30159 Hanover
Telephone: +49 511 288 798 20
E-Mail: mail(at)bantleon.com
The company data protection officer can be reached at:
Bantleon GmbH
Data Protection Officer
An der Börse 7
30159 Hannover
Telephone: +49 511 288 798 20
E-Mail: datenschutz(at)bantleon.com
Bantleon AG
Claridenstrasse 35
CH-8002 Zurich
Telephone: +41 41 728 77 30
E-Mail: legal(at)bantleon.com
Bantleon AG has a data protection representative in the EU within the meaning of Art. 27 of the GDPR as a point of contact for supervisory authorities and affected persons for all questions relating to EU privacy law:
Bantleon GmbH
Data Protection Officer
Aegidientorplatz 2a
D-30159 Hanover
Telephone: +49 511 288 798 20
E-Mail: datenschutz(at)bantleon.com
Bantleon Invest AG
An der Börse 7
30159 Hanover
Telephone: +49 511 123 54 0
E-Mail: investment(at)bantleon-invest-ag.de
Name and address of the data protection officer:
IBS data protection services and consulting GmbH
Telephone: +49 40 540 90 97 80
E-Mail: dsb(at)ibs-data-protection.de
1.1. Which sources and data do we use?
We process personal data that we receive from you in the course of our business relationship. In addition, we process – insofar as necessary for the provision of our services – personal data which we have permissibly obtained from publicly accessible sources (e.g. debtors' registers, registers of companies and associations, press, internet) and which we are permitted to process or which has been permissibly transmitted to us by other companies of the Bantleon Group or by other third parties (e.g. for the execution of orders, for the fulfilment of contracts or on the basis of consent given by you).
Relevant personal data in the interested party process, in the opening of master data and in the context of fund unit transactions may include:
Name, address/other contact data (telephone, e-mail address), date/place of birth, gender, nationality, language, marital status, business capacity, occupational group code/partner type (dependent/self-employed), legitimation data (e.g. ID data), authentication data (e.g. specimen signature), tax ID, FATCA status.
1.2. What do we process your data for (purpose of processing) and on which legal basis?
We process personal data in accordance with the respective applicable legal regulations. In the field of data protection law, these are in particular the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and the Swiss Data Protection Act (DSG).
(a) For the fulfilment of contractual obligations (Art. 6 para. 1 letter b of the GDPR)
The processing of personal data is carried out for the provision of business and services in the context of the performance of our contracts with you or for the performance of pre-contractual measures which are carried out at your request.
The purposes of the data processing depend primarily on the specific product or service in question and may include, inter alia, asset management and servicing, advice and the execution of transactions. The details of the purpose of the data processing can be found in the respective contractual documents.
(b) Within the framework of the balancing of interests (Art. 6 para. 1 letter f of the GDPR)
Where necessary, we process your data beyond the actual performance of the contract to protect legitimate interests of us or third parties. Examples:
- Review and optimisation of procedures for demand analysis and direct customer approach; incl. customer segmentation and calculation of closing probabilities
- Assertion of legal claims and defence in legal disputes
- Ensuring IT security and IT operations of the entities of the Bantleon Group
- Prevention and investigation of criminal offences
- Measures for business management and further development of services and products
- Risk management in the Group
(c) Based on your consent (Art. 6 para. 1 letter a of the GDPR)
Insofar as you have given us consent to process personal data for specific purposes, the lawfulness of this processing is based on your consent. Consent given can be revoked at any time. This also applies to the revocation of declarations of consent given to us prior to the application of the GDPR, i.e. prior to 25 May 2018. The revocation of consent does not affect the lawfulness of the data processed until the revocation.
(d) Due to legal requirements (Art. 6 para. 1 letter c of the GDPR) or in the public interest (Art. 6 para. 1 letter e of the GDPR)
The entities of the Bantleon Group are subject to various legal obligations, i.e. legal requirements (e.g. financial sector laws, money laundering laws, tax laws) as well as regulatory requirements (e.g. of the German Federal Financial Supervisory Authority (BaFin), the Commission de Surveillance du Secteur Financier (CSSF) and/or the Swiss Financial Market Supervisory Authority (FINMA)). The purposes of the processing include, but are not limited to, identity verification, fraud and money laundering prevention, accounting, risk assessment and management, compliance with requests and requirements from national or foreign supervisory or law enforcement authorities, and compliance with tax control and reporting obligations.
1.3. Who receives your data?
Within the Bantleon Group, only those entities and bodies that need to access your data in order to fulfil their contractual and legal obligations or to perform their respective tasks will receive access to your data.
Service providers or vicarious agents employed by us may also receive data for these purposes if they comply with confidentiality and our instructions under privacy law. These are essentially companies from the categories listed below. With regard to the forwarding of data to recipients outside the Bantleon Group, it should be noted that Bantleon GmbH (as a capital management company) or Bantleon AG (as a manager of collective assets) are obliged to maintain confidentiality about all customer-related facts and assessments of which they become aware. Information about you may only be passed on if legal provisions require this, you have given your consent, we are authorised to provide information and/or order processors commissioned by us guarantee compliance with confidentiality and the requirements of the EU General Data Protection Regulation in the same way.
Under these conditions, recipients of personal data can be, for example:
- Public bodies and institutions (e.g. Federal Financial Supervisory Authority, Commission de Surveillance du Secteur Financier, Swiss Financial Market Supervisory Authority, other financial authorities) in the event of a legal or official obligation;
- Other credit and financial services institutions, comparable institutions and processors to whom we transfer personal data in order to carry out the business relationship with you. In detail: Support/maintenance of EDP/IT applications, archiving, compliance services, controlling, data screening for anti-money laundering purposes, data destruction, recovery, customer administration, marketing, media technology, reporting, research, risk controlling, telephony, website management, securities services, share register, fund administration, auditing services.
1.4. How long will your data be stored?
We process and store your personal data as long as it is necessary for the fulfilment of our contractual and legal obligations. In this context, it should be noted that our business relationship is a continuing obligation that is designed to last for years and also includes the initiation and settlement of a contract.
As far as Bantleon GmbH and Bantleon Invest AG are concerned, the latter is subject to various retention and documentation obligations, which result, among others, from the German Commercial Code (HGB), the German Fiscal Code (AO), the German Banking Act (KWG), the German Money Laundering Act (GwG) and the German Securities Trading Act (WpHG). The retention and documentation periods specified there are two to ten years. Finally, the storage period also depends on the statutory limitation periods, which according to §§ 195 et seq. of the German Civil Code (BGB) are generally three years, but in certain cases can be up to thirty years.
As far as Bantleon AG is concerned, it is subject to various retention and documentation obligations arising, among other things, from the Swiss Obligation Law, the VAT Act, the Federal Direct Tax Act, the Federal Act on the Harmonisation of Direct Taxes of the Cantons and Municipalities, the Federal Stamp Duty Act and the Withholding Tax Act. As a rule, the time limits specified there for retention or documentation are ten years. In addition, statutes of limitation must be observed, which may be longer than the actual (minimum) retention periods.
1.5. Is data transferred to a third country or to an international organisation?
Personal data processed by Bantleon GmbH is transferred to the parent company (Bantleon AG) in Switzerland for the purpose of data protection. The EU Commission has confirmed that Switzerland has an adequate level of data protection (adequacy decision 2000/518/EC).
1.6. Which privacy rights do you have?
Every affected person has the right to information according to Article 15 of the GDPR, the right to rectification according to Article 16 of the GDPR, the right to erasure according to Article 17 of the GDPR, the right to restriction of processing according to Article 18 of the GDPR and the right to data portability according to Article 20 of the GDPR. With regard to the right to information and the right to erasure, the restrictions according to §§ 34 and 35 BDSG apply; in addition, there is a right of complaint to a data protection supervisory authority (Art. 77 GDPR in conjunction with § 19 BDSG).
You may revoke your consent to the processing of personal data at any time. This also applies to the revocation of declarations of consent given to us before the EU General Data Protection Regulation came into force, i.e. before 25 May 2018. Please note that the revocation only takes effect for the future. Processing that took place before the revocation is not affected.
1.7. Is there an obligation for you to provide data?
Within the scope of our business relationship, you only have to provide those personal data that are necessary for the establishment, implementation and termination of a business relationship or that we are legally obliged to collect. Without this data, we will usually have to refuse to conclude the contract or execute the order or will no longer be able to perform an existing contract and may have to terminate it.
In particular, we are obliged under money laundering regulations to identify you before the establishment of the business relationship, for example on the basis of your identity card, and to collect your name, place of birth, date of birth, nationality and residential address. In order for us to be able to comply with this legal obligation, you must provide us with the necessary information and documents in accordance with the Money Laundering Act and notify us immediately of any changes that occur in the course of the business relationship. If you do not provide us with the necessary information and documents, we may not enter into the business relationship requested by you.
1.8. To what extent is there automated decision making in individual cases?
We generally do not use automated decision making pursuant to Art. 22 GDPR for the establishment and implementation of the business relationship. Should we use these procedures in individual cases, we will inform you about this separately if this is required by law.
1.9. To what extent is your data used for profiling (scoring)?
We partly process your data automatically with the aim of evaluating certain personal aspects (so-called »profiling« according to Art. 4 No. 4 GDPR). We use profiling in the following cases, for example:
- Due to legal and regulatory requirements, we are obliged to combat money laundering, terrorist financing and crimes that endanger assets. In the process, data evaluations (including of your transactions) are also carried out. These measures also serve to protect you.
- We may also analyse your data to determine your potential interest in our products and services. This evaluation is carried out using statistical methods based on current and past customer data. We use the results to address you in a more demand- and target-oriented manner.
1.10. Which rights of revocation do you have?
a) Right to revoke on a case-by-case basis
You have the right to revoke at any time, on reasons relating to your particular situation, the processing of personal data concerning you which is carried out on the basis of Article 6(1)(e) GDPR (data processing in the public interest) and Article 6(1)(f) GDPR (data processing on the basis of a balance of interests). This also applies to profiling based on this provision within the meaning of Article 4 No. 4 GDPR.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate reasons for the processing which override your interests, rights and freedoms, or the processing serves the assertion, exercise or defence of legal claims.
b) Right to revoke to processing of data for direct marketing purposes
We may also process your data for direct marketing purposes within the framework of the legal provisions. You have the right to revoke at any time to the processing of personal data concerning you for the purpose of such advertising. This also applies to profiling, insofar as it is connected with such direct advertising.
If you revoke to processing for the purposes of direct advertising, we will no longer process your personal data for these purposes.
The revocation can be made informally. You will find our contact details at the beginning of this privacy policy.
2.1. Description and scope of collection, processing and use of personal data
As a rule, you can visit our website without us requiring any personal data from you. To ensure the functionality and system security and to enable the use of the website (connection establishment), our web servers temporarily store every access and the data automatically transmitted by your internet browser to our web server in a log file (log files on the legal basis for the temporary storage of data is Art. 6 para. 1 lit. f GDPR.), which is stored until it is automatically deleted.
(a) The following data is collected:
(1) Information about the browser type and version used
(2) The user's operating system
(3) The user's Internet service provider
(4) The IP address of the user
(5) Date and time of access
(6) Websites from which the user's system accesses our website
(7) Websites accessed by the user's system via our website
(8) Name and URL of a retrieved file
(9) Amount of data transferred
(10) Message as to whether the retrieval was successful
Bantleon does not collect any personal data through this website. Personal data is only collected if you expressly and knowingly provide it to us. In some areas of our website you will be asked to enter your personal data. We need this information to be able to provide you with the service you have requested. You will be asked to enter your personal data in particular if you ask us to send you documents about the Bantleon mutual funds or if you contact us via our contact form. We will only collect, process and use your personal data to process your orders or enquiries. We expressly point out that all legal provisions will be observed. Any use of your personal data will only be for the purposes stated and to the extent necessary to achieve these purposes.
(b) Possibility of revocation and elimination
The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility for the user to refuse.
2.2. Protection of your personal data and privacy
Bantleon is committed to complying with the general provisions of privacy and data security. The data you enter will be treated as strictly confidential. Companies within the Bantleon Group and service providers employed by us will only receive your data if it is required for the fulfilment of contractual and legal obligations or their respective tasks. Personal data is only transferred to state institutions and authorities within the framework of mandatory national legal provisions or if the transfer is necessary for legal and criminal prosecution in the event of attacks on our network infrastructure. The Bantleon Group uses appropriate technical and organisational security measures to protect the personal data we have under our control against accidental or intentional manipulation, destruction or against access by unauthorised persons.
2.3. Data transmission and data flow
Please note that the internet is generally not considered a secure environment and data transmitted via the internet may be accessible to unauthorised third parties, which may lead to disclosure of this data, modification of the information content or technical malfunctions. Data transmitted via the internet can be sent across national borders even if the sender and recipient are in the same country. It is therefore possible that your data may be forwarded to a country where the level of data protection is lower than in your country of domicile. The Bantleon Group accepts no responsibility or liability whatsoever for the security of your data during transmission to us via the internet. We would like to draw your attention to the fact that you can communicate with us by other means for privacy reasons in cases where you consider this to be appropriate.
2.4. Right to deletion
(a) Obligation to delete
You may request the responsible person to delete the personal data concerning you without delay and the responsible person is obliged to delete this data without delay if one of the following reasons applies:
(1) The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
(2) You withdraw your consent on which the processing was based pursuant to Art. 6(1)(a) or Art. 9(2)(a) of the GDPR and there is no other legal basis for the processing.
(3) You object to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21(2) of the GDPR.
(4) The personal data concerning you have been processed unlawfully.
(5) The deletion of the personal data concerning you is necessary for compliance with a legal obligation under Union or Member State law to which the responsible person is subject.
(6) The personal data concerning you have been collected in relation to information society services offered pursuant to Article 8(1) of the GDPR.
(b) Information to third parties
If the responsible person has made the personal data concerning you public and is obliged to delete it pursuant to Article 17(1) of the GDPR, he or she shall take reasonable measures, including technical measures, having regard to the available technology and the cost of implementation, to inform data processors which process the personal data that you, as the affected person, have requested that they delete all links to or copies or replications of that personal data.
(c) Exceptions
The right to deletion does not exist insofar as the processing is necessary
(1) for the exercise of the right to freedom of expression and information;
(2) for compliance with a legal obligation which requires processing under Union or Member State law to which the responsible person is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the responsible person;
(3) for reasons of public interest in the area of public health pursuant to Article 9(2)(h) and (i) and Article 9(3) of the GDPR;
(4) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes pursuant to Article 89(1) of the GDPR, insofar as the right referred to in section (a) is likely to render impossible or seriously prejudice the achievement of the purposes of such processing; or
(5) for the assertion, exercise or defence of legal claims.
2.5. Links to other providers
The Bantleon Group website may contain links to websites of other providers to which this privacy statement does not extend. When we provide links to other sites, we try to ensure that they represent our values. However, we have no influence on the content and compliance with privacy regulations by their operators. If you visit another website, please inform yourself there about the applicable policies.
2.6. Your consent
By using our website, you consent to the use of your data by the Bantleon Group in the manner described. Upon request, you will receive information about your personal data that we have stored at any time. You can revoke your consent to the collection, processing and use of your personal data at any time with effect for the future. Due to the technical, content-related or structural further development of our website, it may become necessary to adapt this privacy policy. If the Bantleon Group decides to adapt this privacy and data protection notice with effect for the future, the adaptations will be published on this page.
2.7. Use of cookies
The Bantleon website uses cookies to provide you with an optimal user experience. Cookies are small text files that are stored on your terminal device when you visit our website. They are used to collect and store information about your interactions on our website in order to take your preferences into account and to provide you with personalised content and an improved user experience.
(a) Types of cookies we use:
(1) Necessary cookies: These cookies are essential to provide you with basic functions of our website, such as access to protected areas. Without these cookies, the website would not function properly.
(2) Functional cookies: These cookies allow us to remember your preferences in order to provide you with advanced features and personalised content.
(3) Analytics cookies: We use these cookies to collect information about how visitors use our website. This allows us to measure and improve the performance of our website. The data collected is anonymous and is used for statistical purposes only.
(b) Cookie settings:
You have the option to adjust your cookie settings. In most web browsers, you can block or delete cookies as well as revoke your consent to the use of cookies. Please note that disabling cookies may affect certain functions of our website. You can also open the Consent Manager in the footer and adjust settings.
2.8. Use of Matomo for web analysis
We use Matomo, an open-source software for statistical analysis of visitor access to our website. Matomo uses cookies that are stored on your computer to enable the analysis of website usage. The information generated by the cookies about your use of this website is stored on our own server and is not transferred to third parties.
(a) Data collected:
Matomo collects a range of data to enable us to gain insight into user behaviour. This includes:
- Your IP address (anonymised)
- Date and time of access
- The pages visited
- Time spent on the pages
- Country and region of origin
- Browser and operating system used
This data helps us to analyse the performance of our website, optimise the content and continuously improve the user experience.
(b) Objection:
You can open the Consent Manager in the Footer and make settings.
2.9. Use of Adobe Fonts (formerly Adobe Typekit)
We use Adobe Fonts, a service provided by Adobe Systems Incorporated, to ensure an aesthetically pleasing display of fonts on our website. Adobe Fonts allows us to display a variety of fonts in high quality to enhance the visual appearance of our website.
(a) Data processing and use:
When you visit our website, fonts from Adobe Fonts are loaded via external Adobe servers. In the process, Adobe may collect information about your visit, such as your IP address, the page accessed, the browser used and the operating system. This data is used by Adobe to monitor licence compliance, optimise the performance of Adobe Fonts and identify potential security issues.
(b) Opt-out and privacy:
To protect your privacy, Adobe Fonts offers the possibility to deactivate the collection and processing of your data. You can do this via the Adobe Fonts Opt-Out function. You can find information about this on the Adobe website under Adobe Fonts Opt-Out. Please note that disabling cookies may affect certain functions of our website. You can also open the content manager in the footer and make settings.
(c) Legal basis:
The use of Adobe Fonts is based on our legitimate interest in ensuring an appealing visual presentation of our website. Data processing by Adobe Fonts is subject to Adobe's privacy policy.
2.10. Vimeo video and the ePrivacy Keeper
Plugins and embed codes from Vimeo are used on our pages. You can usually recognise the plugins by the respective logos. To ensure privacy on our website, we only use these plugins together with the so-called »ePrivacy Keeper solution«. This application prevents the plugins integrated on our website from transmitting data to the respective provider when you first enter the page. Only when you activate the respective plugin by clicking the associated button, a direct connection to the provider's server is established (consent). As soon as you activate the plugin, the respective provider receives the information that you have visited our site with your IP address. If you are logged into your respective social media account at the same time, the respective provider can assign the visit to our pages to your user account. Activating the plugin constitutes consent within the meaning of Art. 6 para. 1 lit. a GDPR. You can revoke this consent at any time with effect for the future. The content on our pages can also be shared in social networks such as Facebook, Twitter or Google+ in accordance with privacy regulations. This page uses the sharing function of ePrivacy Keeper for this purpose. This tool only establishes direct contact between the networks and users when the user actively clicks on one of these buttons. Clicking on the button constitutes consent within the meaning of Art. 6 para. 1 lit. a GDPR. This consent can be revoked at any time with effect for the future. An automatic transfer of user data to the operators of these platforms does not take place through this tool. If the user is logged in to one of the social networks, an information window appears when using the social buttons of Facebook, Google+1, Twitter & Co. in which the user can confirm the text before sending it.
By accepting the consent manager, the consent may already have been given.
2.11. Contact form and e-mail contact
Description and scope of data processing
Our website contains a contact form that can be used to contact us electronically. If a user accepts this option, the data entered in the input mask will be transmitted to us and stored.
These data are:
- Name, First name
- Title
- E-mail address
- Telephone
- Postcode, City
- Message
- Gender, if applicable
The following data is also stored at the time the message is sent:
(1) The IP address of the user
(2) Date and time of registration
For the processing of the data, your consent is obtained during the submission process and reference is made to this privacy policy. Alternatively, it is possible to contact us via the e-mail address provided. In this case, the user's personal data transmitted with the e-mail will be stored. In this context, the data will not be passed on to third parties. The data is used exclusively for processing the conversation.
2.12. Privacy when using our internal URL shortener
Our company uses its own internal URL shortener service to improve the usability of links and reduce their length. The protection of the data we process is our highest priority. All information listed under »II. Privacy information for visitors to our website« applies. The service of the internal URL shortener is recognisable under the URL b-i.ag or w-i.ag.
III. Privacy policy for the application process
The responsible party for the processing of personal data is the respective company of the Bantleon Group listed below with which you have a relationship or whose business activity initiates the respective processing measure.
You can find the contact details and the respective data protection officer at the beginning of the privacy policy.
General information
Any personal data, including all attachments (hereinafter referred to as »data«), that you provide to us will be collected, processed and used by the Bantleon Group and all its nationally and internationally affiliated companies for the purpose of reviewing and deciding on your application.
In the event of your employment, data already collected may be further processed and used for the purpose of implementing the employment relationship. Your data will be collected, processed and used exclusively on the basis of your consent and in compliance with the applicable data protection regulations.
In accordance with the statutory provisions, we treat your data as strictly confidential.
Data collection and data processing, right of objection
Special types of personal data (e.g. information about racial and ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health or sexual orientation) are not intentionally collected unless required by law in the country where you are applying. You may omit names of organisations that would indicate racial or ethnic origin, colour, religion, creed, age, national origin, sex, disability, sexual orientation or citizenship.
You have the right to have any personal data blocked or deleted, to object to the processing of the data or to have inaccurate data corrected at any time, unless expressly stated otherwise below. If you do not arrange for your data to be deleted, your data will generally be stored for the duration of the application process and deleted after six months.
Exclusion of liability
In all other respects, the liability of the Bantleon Group is excluded, unless there is a mandatory legal liability, such as for intent, gross negligence, injury to life, body or health of a person.
Cookies (small text files)
Further information can be found under II. Privacy policy for visitors to our website.
Rights
Pursuant to Art. 15 GDPR, you have the right to receive information about the personal data stored about you free of charge upon your request. In addition, according to Art. 16 ff. GDPR, you have the right to have incorrect data corrected, to have your personal data blocked and deleted, and to have the processing of your personal data restricted. Furthermore, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, insofar as there are reasons for doing so. If you have any questions in this regard or wish to exercise your rights, please contact the respective data protection officer of the company concerned.
IV. Right to complain to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or the place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR.
The supervisory authority to which the complaint has been submitted shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR.