The protection of your data is important to us

We appreciate your interest in our company and in our products and services, and we want you to feel safe with regard to the protection of your personal data when you visit our web pages. We take the protection of your personal data very seriously. For us, compliance with the provisions of the General Data Protection Regulation and the new German Federal Data Protection Act (BDSG neu) is a matter of course.
We would like you to know when we collect which data and how we use it. We have implemented technical and organisational measures to ensure that data protection regulations are observed both by us and by external service providers commissioned by us.

Personal data

Personal data are details about your identity. For example, this includes details such as your name, address, telephone number or e-mail address. This information is always processed in accordance with the General Data Protection Regulation and other data protection laws and regulations that our company is subject to.
As a matter of principle, you do not need to disclose personal data in order to use our website. In some cases, however, the processing of personal data might be necessary, e.g. to perform services requested by you.
The same applies e.g. to the delivery of information material and ordered goods or the answering of individual questions. Where necessary, we will duly inform you of this.
If no statutory basis exists for the processing of these personal data, we will ask you to grant us the needed consent.
Apart from this, we only store and process data that you voluntarily make available to us as well as any data that we automatically collect when you visit our web pages (e.g. your IP address and the names of the pages you accessed, your browser and your operating system, the date and time of the access, the search engines used and the names of downloaded files).
When you request services, we usually only collect the data that we need in order to perform the services. Any additional data that we might ask for are voluntary information. Personal data is processed exclusively for the performance of the requested services and to protect our own legitimate business interests.
Data that may be processed in the event of a visit to our website:

  • Master data (names, addresses etc.)
  • Content data (texts, photographs, videos etc.)
  • Contact details (e-mail, telephone numbers etc.)
  • Metadata (IP addresses, device information etc.)
  • Usage data (contents visited, access times etc.)

Data subjects are in this case users of our website.

Name and address of the controller

Controller in the meaning of the General Data Protection Regulation, other data protection laws and other privacy provisions:

Fondsdepot Bank GmbH
Windmühlenweg 12, 9503 Hof, Germany
Tel: +49 9281 7258 0
E-mail: datenschutz@fondsdepotbank.de

Contact details of the Data Protection Officer

The contact details of our Data Protection Officer are as follows:
Mr. Mario Arndt,
DEUDAT GmbH, Zehntenhofstr. 5b, 65201 Wiesbaden, Germany
Tel: +49 611 950008-32
Fax: +49 611 950008-5932
E-mail:  kontakt@deudat.de
Please feel free to contact our Data Protection Officer for all questions and ideas concerning data protection.

Purpose of the personal data
We use the personal data provided by you for the purpose of answering your enquiries, processing your orders or granting you access to certain information or offerings. To maintain customer relationships, we or a service provider engaged by us may also use these personal data for the purpose of informing you about product offers or conducting online surveys in order to address the tasks and requirements of our customers more effectively.
Of course we will respect your decision if you do not want to allow us to use your personal data to support our customer relationship (especially for direct marketing or market research purposes). We will not sell your personal data to any third parties or market them otherwise.

Earmarked use

We will only collect, process and use the personal data that you make available online for the purposes you specified. As a matter of principle, your personal data will not be forwarded to any third parties without your express consent.
The collection of personal data and their transmission to government institutions and authorities that have a right of access will only take place in the context of relevant laws or in case of a court order that requires us to do so. We impose an obligation to maintain confidentiality and to comply with the provisions of the General Data Protection Regulation on our employees and the service providers we commission.

Data that we automatically collect when you visit our web pages

For organisational and technical reasons, the following data is stored when you use our web pages: The names of the pages you accessed, your browser and your operating system, the date and time of the access, the search engines used, the names of downloaded files and your IP address.
The collected information is necessary to deliver our website content correctly. Furthermore, we analyse this technical data anonymously and only for statistical purposes in order to continually further optimise our website, to make our web offerings even more attractive and to be able to provide criminal prosecution authorities with the information needed for the prosecution in the event of a cyberattack. This data are stored separately from other personal information on protected systems. No conclusions are derived concerning individual persons. Information from logfiles is stored for a period of seven days and erased without delay after the end of the storage period. If the retention needs to be extended, e.g. to secure evidence, these data will be excluded from the erasure until the respective matter is clarified. The processing takes place on the basis of our legitimate interest in efficient, secure provision of our website according to point (f) of Art. 6 (1) in conjunction with Art. 28 GDPR.

Contact

In line with statutory regulations, our website contains details that enable the user to contact us electronically and to communicate directly with us. This comprises the provision of an e-mail address and, if applicable, a contact form. In this connection, the processing of the user's details takes place according to point (b) of Art. Art. 6 (1) GDPR.
If you contact us by e-mail or via a contact form, the personal data you send will automatically be stored. These data that you send us voluntarily will be stored for the purpose of processing your request or to contact you and will then be erased without undue delay. We will not forward your data to any third parties.

Erasure and restriction of processing of personal data

In accordance with Art. 17 and 18 GDPR, we only process personal data of data subjects as long as this is necessary for the achievement of the underlying purpose or as long as this is provided for by statutory regulations that our company is subject to. As soon as the purpose of the storage no longer applies or in the case of a statutory storage period, e.g. due to the requirements under the German Tax Code (AO) or the German Commercial Code (HGB), personal data will be erased in accordance with statutory regulations, unless we are required by law to retain this data. In these cases, the processing of the personal data will be restricted.

Rights of data subjects

Right of access

According to Art. 15 GDPR, you can at any time request information about the data we have stored concerning you and a copy of these data.
This right of access comprises information about the purposes of the processing, the categories of personal data concerned, the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations, where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period, the existence of the right to request from us rectification or erasure of personal data or restriction of processing of personal data concerning you or to object to such processing, the right to lodge a complaint with a supervisory authority, where the personal data are not collected from you, any available information as to their source, the existence of automated decision-making, including profiling, referred to in Art. Art. 22 (1) and (4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing.
Furthermore, you have the right to be informed whether your personal data has been transferred to a third country or to an international organisation and which appropriate safeguards are in place relating to the transfer.

Right to rectification

According to Art. 16 GDPR, you also have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you. Moreover, taking into account the purposes of the processing, you also have the right to have incomplete personal data completed.

Right to erasure

According to Art. 17 GDPR, you also have right to obtain the erasure of personal data concerning you without undue delay where one of the following grounds applies: The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; You withdraw your consent on which the processing is based according to point (a) of Art. Art. 6 (1) or point (a) of Art. 9 (2), and where there is no other legal ground for the processing; You object to the processing pursuant to Art. Art. 21 (1) and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. Art. 21 (2) GDPR, the personal data has been unlawfully processed, the personal data has to be erased for compliance with a legal obligation in Union or Member State law to which we are subject, the personal data has been collected in relation to the offer of information society services referred to in Art. 8 (1) GDPR.
Where we have made the personal data public and are obliged pursuant to Art. Art. 17 (1) GDPR to erase the personal data, we will take reasonable steps to inform other controllers which are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.

Right to restriction of processing

According to Art. 18 GDPR you have the right to obtain from us restriction of processing of the personal data concerning you if one of the following conditions is on hand: The accuracy of the personal data is contested by you, for a period enabling us to verify the accuracy of the personal data,
the processing is unlawful and you oppose the erasure of the personal data and request the restriction of its use instead, we no longer need the personal data for the purposes of the processing, but it is required by you for the establishment, exercise or defence of legal claims or you have objected to processing pursuant to Art. 21 (1) GDPR pending the verification whether the legitimate grounds of our company override yours.

Right to data portability

According to Art. 20 GDPR, you can at any time demand the surrender of the data concerning you, which you have made available to us, in a common, machine-readable format. Furthermore, you have the right to transmit this data to another controller without hindrance from us, provided that the processing is based on consent pursuant to point (a) of Art. Art. 6 (1) or point (a) of Art. 9 (2) GDPR or on a contract pursuant to point (b) of Art. Art. 6 (1) GDPR and the processing is carried out by automated means, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.
Moreover, you can request us to transmit stored personal data concerning you to another controller, provided this is technically feasible and does not adversely affect the rights and freedoms of others.

Right to object

According to Art. 20 GDPR, you have the right to object to the processing of personal data concerning you on the basis of point (e) or (f) of Art. 6 (1) GDPR at any time on grounds relating to your particular situation. This also applies to profiling that is based on these provisions.
If you object, we will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
Where we process your personal data for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. If you object to the processing for direct marketing purposes vis-à-vis us, we will no longer process your personal data for such purposes.
Where personal data are processed for scientific or historical research purposes or statistical purposes according to Art. Art. 89 (1), you have the right to object to processing of personal data concerning you on grounds relating to your particular situation, unless the processing is necessary for reasons of public interests.
In the context of the use of information society services and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications.

Right of withdrawal

According to Art. 7 (3) GDPR, you can at any time withdraw the consent you granted to the processing of your personal data with effect for the future.

Right to confirmation

You have the right to obtain from us confirmation as to whether or not personal data concerning you is being processed by us.
To exercise each of the said rights, you can directly contact our Data Protection Officer at datenschutz@fondsdepotbank.de.

Right to lodge a complaint

Furthermore, according to Art. Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority. Usually, you can lodge your complaint with the supervisory authority at your habitual place of residence or place of work or our company's domicile.

Automated decision-making

As a responsible company, we do not engage in automated decision-making or profiling.

Duration of the storage

Personal data will be erased after the end of the statutory retention period, provided they are no longer necessary to achieve the underlying purpose.

Legal basis of the processing

If you have given us your consent to the processing of your personal data for a particular basis, the processing will take place on the basis of point (a) of Art. 6 (1) GDPR. If such processing is necessary in order to perform or initiate a contract with you, the processing is based on point (b) of Art. 6 (1) GDPR. In some cases, e.g. to fulfil obligations under tax law, we may be under a statutory obligation to process personal data. In such cases, the legal basis is point (c) of Art. 6 (1) GDPR. In rare cases, the processing may also take place for the purpose of protecting vital interests of you or another natural person. In this exceptional case, the processing takes place on the basis of point (d) of Art. 6 (1) GDPR. Moreover, processing can also be based on point (f) of Art. 6 (1) GDPR. This is the case if the processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms. Such a legitimate interest can be assumed if you are our customer. Where the processing of the personal data is based on point (f) of Art. 6 (1) GDPR, our legitimate interest is to perform our business activity.

Provision of personal data

In some cases, the provision of personal data is required by law or contract. For example, to conclude a contract, you may need to give us personal data that we need to process. For example, you are under the obligation to provide us with personal data if you want to conclude a contract. Failure to do so would mean that the contract cannot be concluded.
Before providing personal data, you can contact our Data Protection Officer. The Data Protection Officer will explain whether the provision of personal data is required by law or under the contract in the specific case and what the consequences of non-provision of these data would be.

Security

As the controller responsible for the processing, we have implemented technical and organisational security measures pursuant to Art. 32 GDPR. This especially includes measures to ensure the confidentiality, integrity and availability of the data. Furthermore, we have established processes to ensure the exercise of the rights of the data subjects, erasure of personal data and due reaction to threats to such data. Moreover, we already ensure the protection of personal data in the development and selection of hardware and software according to the principles of Art. 25 GDPR. All our employees and all persons involved in the data processing are under the obligation to comply with the General Data Protection Regulation and other privacy-relevant laws and to treat personal data as confidential.
When personal data are collected and processed, the transmission is encrypted in order to prevent abuse of the data by third parties. Our security measures are subject to ongoing improvement according to the state of the art.
Nevertheless, as the data transmission over the Internet is vulnerable, absolute protection cannot be guaranteed.

Amendments to our privacy policy

We reserve the right to change our security and privacy measures if necessary due to technical developments. In such cases, we will duly amend our privacy policy. Therefore, please note the latest version of our privacy policy.

Links

When you use external links that are offered on our web pages, this privacy policy does not apply to such links. Where we offer links, we assure that no breaches of applicable law were noticeable when the links were set. However, we do not have any influence on other providers' compliance with data protection and security provisions. Therefore, please refer to the privacy policies provided on the web pages of the respective providers.

Cookies

When you visit one of our websites, we may store information in the form of a cookie on your computer. Cookies are small text files that are sent by a web server to your browser and stored on your computer's hard disk.
Apart from the IP address, no personal user data are stored. This information allows you to be recognised automatically the next time you visit our websites, making it easier for you to navigate. For example, cookies enable us to adapt a website to your interests or to store your password so that you do not need to enter it anew each time.
Of course you can also view our websites without cookies. If you do not want us to recognise your computer, you can prevent the storage of cookies on your hard disk by blocking cookies in your browser settings. Previously set cookies can be deleted via your browser. To learn how to do so, please refer to the instructions of your browser's manufacturer. However, if you do not accept cookies, the functionality of our services may be limited.

Children and youths

Persons under the age of 16 should not send us any personal data without the permission of their parents or guardian. We do not ask for personal data of children and youths, we do not collect such data and we do not forward such data to any third parties.

Applications

You can send us your data via contact form, if such a form is available on the website. This takes place in collaboration with softgarden e-recruiting GmbH using state-of-the-art encryption. If you send us your application data by e-mail, please remember that e-mails are sent without encryption and you as the applicant need to provide encryption, if you wish to do so. For this reason, we cannot accept any responsibility for the transmission of your data by e-mail. Instead of sending us documents by e-mail or online form, we recommend sending us any documents by regular mail.
If the application for one of our job ads is not successful, your data will be erased after six months unless you have a legitimate reason to withdraw your consent before the end of this period or you gave us your consent to store the data for a longer period. This is necessary in order to be able to comply with our obligation to furnish evidence under the German General Treatment Act (AGG) if necessary. If you submit invoices for the refund of travel expenses to us, these will be stored according to the statutory provisions and be deleted after the end of the statutory storage periods.
We will process the data made available by you exclusively for the purpose of processing the application procedure. This takes place on the basis of point (b) of Art. 6 (1) GDPR or, in case the processing in legal proceedings is necessary, on the basis of point (f) of Art. 6 (1) GDPR and Section 26 of the German Federal Data Protection Act (BDSG). If you voluntarily send us special personal data, such as health data, we will process these data on the basis of point (a) of Art. 9 (2) GDPR. If this is necessary for the intended job, we will request special categories of personal data on the basis of point (b) of Art. 9 (2) GDPR.

Login area

You can log in to a protected area on our website. If you do so, your access number as well as the PIN you received from your advisor or your user name and the associated password will be processed. The processing of these data takes place for the purpose of the use of the user account and its purpose on the basis of point (b) of Art. 6 (1) GDPR.
If you use the login function and the user account, we will also store the time of your login and other user actions as well as your IP address. This IP address is anonymised or erased after seven days, at the latest. We store these data on the basis of our legitimate interests in the protection of the users from abuse and unauthorised use according to point (f) of Art. Art. 6 (1) GDPR. As a matter of principle, the stored data are not forwarded to any third parties unless this is necessary for compliance with a legal obligation according to point (c) of Art. Art. 6 (1) GDPR or this is necessary to pursue our claims.

Google Analytics

If you have declared your consent, Google Analytics, a web analysis service of Google LLC (Google) will be used on this website. The use comprises the Universal Analytics operating mode, which enables the allocation of data, sessions and interactions across multiple devices to a pseudonymous user ID for the purpose of the cross-device analysis of a user's activities.

Google Analytics uses so-called cookies. These are text files that are stored on your computer and that enable an analysis of your use of the website. The information about your use of this website, which is generated by the cookie, is usually sent to a Google server in the USA and stored there. If IP anonymisation is activated on this website, Google will first abbreviate your IP address in Member States of the European Union or other Contracting States to the Agreement on the European Economic Area. A full IP address will be transmitted to a Google server in the USA and shortened there only in exceptional cases. Please note that on this website, IP anonymisation code has been added to Google Analytics in order to guarantee anonymised logging of IP addresses (so-called IP masking). The IP address transmitted by your browser through Google Analytics will not be combined with other Google data. Detailed information on the terms of use and privacy is available at https://www.google.com/analytics/terms/gb.html and at https://policies.google.com/?hl=en.

On our behalf, Google will use this information to analyse your use of the website, to compile reports on the website activities and to render other services related to the use of the website and of the Internet in general for us, the website operator.

According to point (a) of Art. Art. 6 (1) sentence 1 GDPR, the processing takes place on the basis of your consent.

The recipient of the processed data is Google.

The personal data are transmitted to the USA under the EU-US Privacy Shield on the basis of the adequacy decision of the European Commission. You can retrieve the certificate from https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI.

The data that we send, which is associated with cookies, user IDs or advertising IDs are automatically erased after 38 months. The erasure of data whose retention period has ended automatically takes place once a month.

You can withdraw your consent at any time with effect for the future by preventing the setting of cookies by configuring your browser software accordingly; in this case, however, please note that you may not be able to use all functions of this website in full.

Moreover, you can prevent the collection of data concerning your use of the website (including your IP address), which is generated by the cookie, and the processing of this data by Google by downloading and installing the browser plug-in that is available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en.

By means of opt-out cookies, you can also prevent the future collection of your data when visiting this website. To prevent the collection by Universal Analytics across various devices, you need to opt out on all systems used.

Click here to set the opt-out cookie: 

 

    Company presence on social media platforms

    Based on our legitimate interests in communication with and information of users and prospective customers of our services according to point (f) of Art. Art. 6 (1) GDPR, we are active in various social networks. Where the providers of the respective platform obtain the users' consent to the processing of personal data, this takes place on the basis of point (a) of Art. 6 (1) and Art. 7 GDPR.

    In this context, personal data of the user may be processed outside the European Union or outside the European Economic Area. This may make it more difficult for data subjects to carry out their services. A number of social media platform providers are certified under EU US Privacy Shield, which requires them to comply with European data protection standards.

    Personal user data is usually processed for market research and advertising purposes. Profiles are created on the basis of the user data. These profiles enable e.g. the display of advertising that suits the respective user's alleged interests. This is done by setting cookies on the user's device.

    For enquiries and to assert your rights, please direct contact the providers listed below, as only they have access to personal data of the users and are able to take suitable measures and provide information.

    If you still need help to exercise your rights, you can of course also contact us.

    We may be active on the following social media platforms:

    • LinkedIn
    • XING
    • Kununu
    • Google My Business
    • Facebook