1. Basic Information
We inform you here about the processing of your personal data when using our website (https://www.modul-technik.de/) as well as when visiting our social media profiles (LinkedIn). The use of these platforms may involve the processing of personal data. To make these processes understandable for you, we would like to provide you with an overview of these processing activities with the following information. We also want to inform you about your rights under the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).
The data processing on this website is carried out by the website operator: Modul technik GmbH, Rudolf-Diesel-Straße 5, D-56410 Montabaur, E-Mail: info@modul-technik.de, Phone: +49(0)2602-9449-0
2. General Information and Mandatory Information
Data Protection
The website operator takes the protection of your personal data very seriously and treats your personal data confidentially and in accordance with legal regulations as well as this privacy policy. When you use this website, various personal data are collected. Personal data are data by which you can be personally identified. This privacy policy explains which data we collect and what we use them for. It also explains how and for what purpose this is done.
Please note that data transmission over the Internet (e.g., via email) can generally have security vulnerabilities. Full protection against access by third parties is not feasible.
Note and Contact Details of the Responsible Party
Responsible for data processing on this website is:
Modul technik GmbH
Rudolf-Diesel-Straße 5
D-56410 Montabaur
E-Mail: info@modul-technik.de
Phone: +49(0)2602-9449-0
Fax: +49(0)2602-9449-11
Legal Basis
The website operator processes personal data in compliance with the applicable data protection regulations, in particular the GDPR and BDSG. Data processing by the operator only takes place on the basis of a legal authorization. When using this website, the website operator processes personal data only with your consent (§ 25 Abs. 1 TDDDG or Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR if special categories of data under Art. 9(1) GDPR are processed), for the fulfillment of a contract to which you are a party or at your request for pre-contractual measures (Art. 6(1)(b) GDPR), to comply with a legal obligation (Art. 6(1)(c) GDPR), or if the processing is necessary to protect legitimate interests of the controller or a third party, provided that your interests, rights, and freedoms, which require the protection of personal data, do not override these interests (Art. 6(1)(f) GDPR). In the case of explicit consent for the transfer of personal data to third countries, data processing is also based on Art. 49(1)(a) GDPR.
Storage Duration
Unless a more specific duration is mentioned in this privacy policy, we store your personal data only as long as necessary to achieve the processing purpose or to fulfill our contractual or legal obligations. If you make a legitimate request for deletion or revoke consent to data processing, your data will be deleted, provided we have no other legally permissible reasons for storing your personal data (e.g., tax or commercial retention periods); in such cases, deletion occurs after these reasons no longer apply.
Recipients of Personal Data
In the course of our business activities, we work with various external parties. Sometimes, this involves transferring personal data to these external parties. We only share personal data with external parties if it is necessary to fulfill a contract, if we are legally obliged to do so (e.g., sharing data with tax authorities), if we have a legitimate interest under Art. 6(1)(f) GDPR in sharing the data, or if another legal basis allows the data transfer. When using processors, we only transfer customer personal data based on a valid contract for commissioned data processing. In the case of joint processing, a contract on joint processing is concluded. Processors do not use the data for their own purposes but process the data exclusively for the controller and are contractually obliged to ensure appropriate technical and organizational measures for data protection.
Withdrawal of Consent to Data Processing (Art. 7(3) GDPR)
Many processing activities are only possible with your explicit consent. You can withdraw consent at any time. The lawfulness of processing carried out prior to withdrawal remains unaffected.
Right to Object to Data Collection in Certain Cases and to Direct Marketing (Art. 21 GDPR)
If data processing is based on Art. 6(1)(e) or (f) GDPR, you have the right to object at any time for reasons arising from your particular situation; this also applies to profiling based on these provisions. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms or if processing serves the assertion, exercise, or defense of legal claims (Objection under Art. 21(1) GDPR). If your personal data are processed for direct marketing, you have the right to object at any time to the processing of your personal data for such advertising; this also applies to profiling to the extent that it is related to such direct marketing. If you object, your personal data will no longer be used for direct marketing purposes (Objection under Art. 21(2) GDPR).
Right to Complain to the Competent Supervisory Authority (Art. 77(1) GDPR)
In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, particularly in the member state of their habitual residence, place of work, or the place of the alleged infringement. This right exists without prejudice to other administrative or judicial remedies. The competent supervisory authority for the website operator is the State Commissioner for Data Protection and Freedom of Information in Mainz:
Prof. Dr. Dieter Kugelmann
Hintere Bleiche 34
55116 Mainz
Phone: +49 (0) 6131 8920-0
Fax: +49 (0) 6131 8920-299
Website: https://www.datenschutz.rlp.de/
E-Mail: poststelle@datenschutz.rlp.de
Right to Data Portability (Art. 20 GDPR)
You have the right to receive data that we process automatically based on your consent or for the performance of a contract in a common, machine-readable format and to transmit it to a third party. Direct transmission to another controller is only possible to the extent technically feasible.
Access (Art. 15 GDPR, § 34 BDSG), Rectification (Art. 16 GDPR), and Deletion (Art. 17 GDPR, § 35 BDSG)
You have the right, within the applicable legal provisions, to obtain information about your stored personal data, its origin, recipients, and purpose, and, if applicable, a right to rectification or deletion. You can contact us at any time to exercise these rights.
Right to Restriction of Processing (Art. 18 GDPR)
You have the right to request the restriction of processing of your personal data. This right applies in certain cases such as:
- If you contest the accuracy of your personal data, we need time to verify it. During this period, you can request the restriction of processing.
- If the processing of your personal data is unlawful, you may request restriction instead of deletion.
- If we no longer need your data but you require it for asserting, exercising, or defending legal claims, you may request restriction instead of deletion.
- If you have lodged an objection under Art. 21(1) GDPR, a balance of interests must be carried out. Until the outcome is determined, you have the right to restrict processing.
SSL or TLS Encryption
This website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as inquiries or logins. Encrypted connections are indicated by “https://” in the browser address bar. Unencrypted pages are indicated by “http://”. When SSL or TLS encryption is enabled, data transmitted cannot be read by third parties.
3. Data Collection on This Website
Automated Data Processing by the Server (Server Log Files)
The provider of the site automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. The following data are logged:
- Visited website
- Time of server request
- Amount of data sent in bytes
- Source/Referrer from which you accessed the site
- Browser type and browser version used
- Operating system used
- IP address used
These data are not merged with other data sources.
Data collection is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free display and optimization of the website – for this purpose, server log files must be recorded. We are not able to identify you as a data subject based on the stored information. Therefore, Arts. 15 to 22 GDPR do not apply pursuant to Art. 11(2) GDPR unless you provide additional information enabling your identification to exercise the rights laid down in these articles.
Contact Form (Data Processing Based on User Input)
If you send inquiries to us via the contact form, the information you provide, including the contact details given, will be stored to process the request and in case of follow-up questions. We do not share this data without your consent. Processing of this data is based on Art. 6(1)(b) GDPR if your request is related to the fulfillment of a contract or to pre-contractual measures. In all other cases, processing is based on our legitimate interest in efficiently handling inquiries (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR), if requested; consent can be revoked at any time. The data entered in the contact form remain with us until you request deletion, revoke consent, or the purpose for storing the data ceases (e.g., after processing your inquiry). Mandatory legal provisions – in particular retention periods – remain unaffected.
Inquiries via Email, Phone, or Fax (Data Processing Based on User Input)
If you contact us via email, telephone, or fax, your inquiry, including any personal data arising (name, request), will be stored and processed to handle your concern. We do not share these data without your consent. Processing is based on Art. 6(1)(b) GDPR if your request is related to the fulfillment of a contract or pre-contractual measures. In all other cases, processing is based on our legitimate interest in effectively handling inquiries (Art. 6(1)(f) GDPR) or your consent (Art. 6(1)(a) GDPR), if applicable; consent can be revoked at any time. Data remain with us until you request deletion, revoke consent, or the purpose ceases. Mandatory legal provisions, especially retention periods, remain unaffected.
4. Specific Processing Activities
Cookies
We use so-called "cookies" on our website. Cookies are small data files stored by your browser when visiting a website; they do not harm your device. They are either temporary (transient cookies, e.g., session cookies) or permanent cookies stored on your device. Transient cookies are automatically deleted when you close your browser. Permanent cookies remain on your device until you delete them or automatic deletion occurs through your browser. Cookies may come from us (first-party cookies) or third parties (third-party cookies). Third-party cookies enable integration of services from third parties on websites.
Cookies serve different functions. Many cookies are technically necessary as some website functions would not work without them. Other cookies may be used to analyze user behavior or for advertising purposes. Cookies required for electronic communication, providing specific functions requested by you, or optimizing the website (necessary cookies) are stored based on Art. 6(1)(f) GDPR unless another legal basis applies. The website operator has a legitimate interest in storing necessary cookies for technically error-free and optimized service provision. If consent for cookies or comparable recognition technologies has been obtained, processing is based solely on this consent (Art. 6(1)(a) GDPR and § 25(1) TDDDG); consent can be revoked at any time. Your browser can be set to inform you about cookie usage and allow cookies only in individual cases, block them in general, or automatically delete cookies when closing the browser. Disabling cookies may limit the website’s functionality. Information about which cookies and services are used can be found in this privacy policy.
Google Maps
This site uses the Google Maps service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. This service allows us to embed maps on our website. Using Google Maps requires storing your IP address, which is usually transmitted to a Google server in the USA and stored there. We have no influence on this data transmission. If Google Maps is activated, Google may use Google Fonts to uniformly display fonts. When Google Maps is loaded, your browser loads these fonts into its cache to display text correctly.
The use of Google Maps serves the purpose of visually appealing presentation and easy location of places on our website. This represents a legitimate interest under Art. 6(1)(f) GDPR. If consent has been obtained, processing is based solely on Art. 6(1)(a) GDPR and § 25(1) TDDDG, if the consent includes cookies or device information (e.g., device fingerprinting). Consent can be revoked at any time. Data transfer to the USA is based on the EU Commission’s Standard Contractual Clauses. Details: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/ Further information on user data processing can be found in Google’s privacy policy: https://policies.google.com/privacy?hl=de
The company is certified under the “EU-US Data Privacy Framework” (DPF), an agreement ensuring compliance with European data protection standards in the USA.
Certified companies are obliged to adhere to these standards. More information: https://www.dataprivacyframework.gov/participant/5780
Matomo
This website uses the open-source web analytics service Matomo. With Matomo, we can collect and analyze data about how visitors use our website, including which pages are accessed and from which region. We also collect log files (IP address, browser, operating system) and can track whether visitors perform specific actions.
The use of this analytics tool is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in analyzing user behavior to optimize the website and advertising. If consent is obtained, processing is based solely on Art. 6(1)(a) GDPR and § 25(1) TDDDG, if consent covers cookies or device information. Consent can be revoked at any time. Matomo is hosted exclusively on our servers, so all analysis data remain with us and are not shared.
5. Social Media
Data Processing by Social Networks
We maintain a publicly accessible profile on the social network LinkedIn (https://www.linkedin.com/company/modul-technik-gmbh-medizinische-versorgungssysteme-und-ger%C3%A4te/). Details about the specific social network (LinkedIn) used by us are provided below.
Social networks can usually analyze your user behavior extensively when you visit their website or a website with integrated social media content. Visiting our social media presence triggers numerous data processing activities. Specifically:
- If you are logged into your social media account and visit our profile, the social media provider may associate this visit with your account.
- Your personal data may also be collected if you are not logged in or do not have an account with the social media provider. In this case, data collection may occur via cookies stored on your device or through your IP address.
The collected data allows social media providers to create user profiles reflecting your preferences and interests. This enables targeted advertising on and off the respective social media platform. If you have an account with the social network, such advertising can be displayed on all devices where you are or have been logged in. Please note that we cannot fully track all processing by social media platforms. Additional processing may occur by the social network provider, as detailed in their terms of use and privacy policies.
Legal Basis
Our social media presence aims to make our company better known and present it online, which constitutes a legitimate interest under Art. 6(1)(f) GDPR. The analytics processes initiated by the social network may be based on different legal grounds, which the social network operators must specify (e.g., consent under Art. 6(1)(a) GDPR). The provider is responsible for data protection compliance.
Responsible Party and Exercising Rights
When you visit our LinkedIn profile, we are jointly responsible with the social media platform operator for the data processing triggered by that visit. You may exercise your rights (access, rectification, deletion, restriction of processing, data portability, and complaint) against both us and the social media platform operator. Please note that despite joint responsibility with the social media provider, we do not have full control over the processing activities of the platform. Our influence is largely determined by LinkedIn’s corporate policies.
Storage Duration
Data directly collected by us via the social media profile are deleted from our systems once you request deletion, revoke consent, or the purpose for storing the data ceases. Stored cookies remain on your device until you delete them. Mandatory legal provisions – especially retention periods – remain unaffected. We have no control over the storage duration of data stored by social network operators for their own purposes. For details, please refer directly to the social network provider’s privacy policies.
Your Rights
You have the right to obtain, free of charge, information about the origin, recipients, and purpose of your stored personal data at any time. You also have the right to object, request data portability, and file a complaint with the competent supervisory authority. Furthermore, you can request correction, blocking, deletion, and in certain circumstances, restriction of the processing of your personal data.
We maintain a LinkedIn profile. The provider is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies. If you wish to disable LinkedIn advertising cookies, use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out Data transfer to the USA is based on the EU Commission’s Standard Contractual Clauses. Details: https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs Further details about how LinkedIn handles your personal data can be found in their privacy policy: https://www.linkedin.com/legal/privacy-policy The company is certified under the “EU-US Data Privacy Framework” (DPF). More information: https://www.dataprivacyframework.gov/participant/5448
6. Job Applications
Handling Applicant Data
We provide you the opportunity to apply to us (e.g., via email or post). We assure you that collection, processing, and use of data obtained during the application process comply with applicable data protection law and other legal requirements, and your data are treated strictly confidentially.
Scope and Purpose of Data Collection
When you submit an application, we process the personal data contained therein (e.g., contact and communication data, application documents, notes from interviews) as far as necessary to decide on establishing an employment relationship. Legal basis: § 26 BDSG (German law – initiation of an employment relationship), Art. 6(1)(b) GDPR (general contract initiation), and, if you have consented, Art. 6(1)(a) GDPR. Consent can be revoked at any time. Your personal data are only shared within our company with persons involved in processing your application.
If the application is successful, the submitted data are stored on the basis of § 26 BDSG and Art. 6(1)(b) GDPR for the purpose of carrying out the employment relationship in our data processing systems.
Retention Period of Data
If we cannot make you a job offer, you decline an offer, or you withdraw your application, we reserve the right, based on our legitimate interests (Art. 6(1)(f) GDPR), to store your submitted data for up to 6 months after the end of the application process (rejection or withdrawal). Afterwards, data are deleted and physical application documents are destroyed. Retention serves, in particular, as evidence in case of legal disputes.
If it becomes apparent that data will be needed beyond the 6-month period (e.g., due to a pending or impending legal dispute), deletion occurs only when the purpose for further retention ceases. Longer retention may also occur if you have given consent (Art. 6(1)(a) GDPR) or if legal retention obligations prevent deletion.
7. Updates
This privacy policy is currently valid and dated June 2025. Due to further development of our website and offerings or due to changed legal or regulatory requirements, it may become necessary to amend this privacy policy. The current privacy policy can be accessed and printed at any time on the website: https://www.modul-technik.de/privacy-policy