Logo
Menü

Privacy Policy

The protection of personal data is an important concern for us. Therefore, we, Hacon Ingenieurgesellschaft mbH, Lister Str. 15, 30163 Hannover, Germany (hereinafter "we" or "Hacon") process personal data in accordance with applicable laws on the protection of personal data and data security, including the European Data Protection Regulation (GDPR). In the following, we would like to inform you, as a user of our website, in particular about when we process which data in the context of the use of our website www.hacon.de. 

I. Controller 

Controller in the sense of the GDPR and other national data protection laws of the EU member states as well as other data protection regulations is: 

Hacon Ingenieurgesellschaft mbH 
Lister Str. 15 
30163 Hanover 
Tel: +49 / 511 / 336 99 - 0 
Fax: +49 / 511 / 336 99 - 99 
Email: info(at)hacon.de 

You can find the complete imprint here: https://www.hacon.de/en/imprint/

II. Contact Information of the Data Protection Organization 

The Hacon data protection organization provides support in all matters relating to data protection. Complaints can also be made to the Hacon data protection organization and the rights stated in this Privacy Policy can be asserted. The Hacon data protection organization can be contacted at privacy@hacon.de. 

III. Contact Information of the Supervisory Authority 

The contact information of the data protection supervisory authority responsible for our company's registered office are: 

The State Commissioner for Data Protection of Lower Saxony 
Prinzenstr. 5 
30159 Hanover 
Tel: +49 / 511 / 120-4500 
Email: poststelle(at)lfd.niedersachsen.de 
Website: https://lfd.niedersachsen.de 

IV. General 

1. Lawfulness of Data Processing 

The collection and use of personal data of users on our website only takes place if the processing of the data is permitted by statutory provisions or where the user has granted his/her consent. We list the specific legal bases for the processing of personal data below as part of the description of the individual data processing operations. 

2. Lengths of Storage 
The users' personal data will be deleted or made unavailable as soon as the purpose of storage no longer exists. In addition, storage may take place if this has been provided for by the European or national legislator in EU regulations, acts or other regulations applicable to our company. Data will also be made unavailable or deleted when storage deadline expires in one of the provisions named except where the continued storage is necessary for the execution of a contract or for contractual performance. 

3. Transfer of Personal Data 

When we transfer personal data, we do so primarily to service providers that support us with the fulfillment of the data processing described below. As so-called processors, these companies may only use your personal data for the fulfillment of their tasks within the scope of our assignment and are obliged to comply with the relevant data protection provisions. The processors with whom we work and with whom we have concluded a data processing agreement, are: 

Hosting of the website: 
Digit.ly GmbH, Jordanstraße 26a, 30173 Hannover 

Otherwise, personal data will only be passed on to third parties if this is specified below as part of the description of the individual data processing operations or if we are legally obliged to do so in individual cases. 

4. Place of Data Processing 

The processing of your personal data by us takes place in countries of the European Union (EU) or the European Economic Area (EEA). With regard to any processing of personal data by service providers or other third parties based outside the EU/EEA, please refer to the descriptions of the individual data processing operations below. 

V. Processing of Personal Data 

1. Provision of the Website and Creation of Log Files 

a) Description of Data Processing 

Each time our website is accessed, our system automatically records data and information from the computer system of the computer accessing the site. The following data is collected: 

• Browser type and version 
• Operating system used 
• IP address of the user (anonymized, e.g. 192.168.xxx.xxx) 
• Referrer URL 
• Host name of the accessing computer 
• Time of the server request 

The data is also stored in the log files of our system. A storage of this data together with other personal data of the user does not take place. 

b) Legal Basis for Data Processing 

The legal basis for the temporary storage of the data and the log files is Art. 6 para. 1 lit. f GDPR. 

c) Purpose of the Data Processing 

The storage of log files takes place in order to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our IT-systems. These purposes are also our legitimate interest in data processing according to Art. 6 para. 1 lit. f GDPR. 

d) Length of Storage 

The anonymized and aggregated data is deleted after 6 months. 

e) Possibility to Object to Processing and Rectify 

The user has a right to object. The objection can be made by sending a message to the contact information in section II. of the Privacy Policy. The provision of personal data is neither legally nor contractually required and is not necessary for the conclusion of a contract. The user is also not obliged to provide the personal data. However, failure to provide such data could result in the user not being able to use our website or not being able to use it to its full extent. 

2. Contact Form, Email Contact 

a) Description of Data Processing 

Our website contains a contact form that can be used for electronic contact. If a user makes use of this option, the data entered in the input mask (mandatory and optional data) will be sent to us and stored. 

Alternatively, it is possible to contact us via the email address provided by us. In this case, the personal data of the user sent with the email will be stored. 

No transfer of this data to third parties takes place in this context. The data are used exclusively for the processing of the conversation. 

b) Legal Basis for Data Processing 

The legal basis for the processing of the data is Art. 6 para. 1 lit. f GDPR. Where the goal of the contact is to conclude a contract or a similar obligation, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR. 

c) Purpose of the Data Processing 

The processing of personal data serves us solely to process the contact request. In the case of a contact request, this is also the necessary legitimate interest for the processing of the data. 

d) Length of Storage 

The data will be deleted as soon as they are no longer necessary for the fulfillment of the purpose for which they were collected. This is usually the case when the matter in question has been conclusively clarified and the respective conversation with the user has therefore ended. 

e) Possibility to Object and Rectify 

If the user contacts us by email, he/she can object to the storage of his/her personal data at any time. The objection can be made by sending a message to the contact information in section II. of the Privacy Policy. In case of an objection, the conversation with the user cannot be continued and all personal data stored in the course of the contact request will be deleted by us. 

3. Career Site 

We would like to make your job search easier. For this reason, we provide you with an online application option in the Siemens Group's job market and application portal. Further information and a separate privacy policy on the processing of personal data in the job market and application portal can be found here. 

VI. Use of Cookies

VII. Use of Analysis Tools and External Media 

1. Matomo 

Our website uses the Matomo tool to analyze the surfing behavior of users (https://matomo.org/). We also use cookies in this context, which help us to avoid errors in the analysis of user data. If individual pages of our website are called up, in particular the following information is stored (in aggregated form): Frequency of visits, bounce rate, duration of the visit, actions during the visit. 

The processing of the aforementioned information enables us to analyze the surfing behavior of our users. By evaluating the data obtained, we are able to compile information about the use of the individual components of our website. This helps us to continuously improve our website and its user-friendliness. 

The analysis tool is set so that the IP addresses (including IPv6 addresses) are not stored in full, but 2 bytes of the IP address are masked (e.g.: 192.168.xxx.xxx). In this way, an assignment of the shortened IP address to the calling computer is no longer possible. 

The legal basis for the use of Matomo is Art. 6 para. 1 lit. a GDPR, § 25 para. 1 TDDDG if the user has given his/her consent in this regard. 

The above aggregated information on visitor statistics will be deleted after 6 months. 

You can revoke your consent to web analytics in your personal cookie settings.  

2. Social Media 

Our website contains links to our official presences on the following social media platforms: 

• Instagram 
• YouTube 
• Xing 
• LinkedIn 

The references (links) are identified by the respective logo of the social media platform. No social plugins are used in this context that trigger actions on your behalf (such as automatic posting, liking our products, etc.); this also applies if you are logged into a social media platform with your user account in parallel. Rather, by clicking on the links, users are merely directed to the pages of the respective social media platform. 

If you follow the references/links, please note that the processing and use of personal data is the responsibility of the respective platform provider and that we do not have or receive any knowledge of the actual scope of use of your data by the providers. For information on the scope of the processing of your personal data by the platform provider as well as setting options to protect your privacy, please refer to the privacy policy of the respective platform. 

VIII. Data Subject Rights 

If personal data is processed by you, you are a data subject within the meaning of the GDPR and have the following rights vis-à-vis the controller: 

1. Right of Access 

You have the right to request information as to whether personal data concerning you is being processed; if this is the case, you have the right to information about this personal data and to the information listed in detail in Art. 15 GDPR. 

2. Right to Rectification 

You have a right to rectification and/or completion if the personal data processed concerning you is inaccurate or incomplete (Art. 16 GDPR). 

3. Right to Restriction of Processing 

You have the right to request the restriction of processing if one of the conditions listed in Art. 18 GDPR is met, e.g. if you have objected to the processing, for the duration of the examination whether the objection can be met. 

4. Right to Erasure 

You have the right to request that personal data concerning you be deleted without delay, provided that one of the reasons listed in detail in Art. 17 GDPR applies, e.g. if the data is no longer required for the intended purposes and the statutory retention provisions do not prevent deletion. 

5. Right to Data Portability 

Pursuant to Art. 20 GDPR, you have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format in order to be able to transmit it either yourself or - if technically feasible - through us to a third party. 

6. Right to Withdraw Consent 

You have the right to withdraw a declaration of consent given to us under data protection law at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the withdrawal. 

7. Automated Decision in Individual Cases / Profiling 

No automated decisions in individual cases or profiling are carried out on our part. Otherwise, we are required by law to take precautions so that you can influence the decision (Art. 22 GDPR). 

8. Right to Complain to a Data Protection Supervisory Authority 

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a data protection supervisory authority, in particular in the Member State of your residence, place of work or the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes data protection law. 

The contact details of the data protection supervisory authority responsible for us can be found in section III. of the Privacy Policy. 

9. Right to Object 

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Art. 6 para. 1 lit. e GDPR (data processing in the public interest) and Art. 6 para. 1 lit. f GDPR (data processing on the basis of a balance of interests) (Art. 21 GDPR); this also applies to profiling based on this provision (according to Art. 4 no. 4 GDPR). If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims. 

10. Miscellaneous 

We draw your attention to the fact that the above data subject rights may be limited by EU law or applicable national law. 

To assert the aforementioned rights, please use the contact information in Section II. of the Privacy Policy. Inquiries submitted to us electronically will generally be answered electronically, unless you have specified otherwise in your inquiry. 

IX. Data Security 

All data transmitted by you via our website is encrypted using the generally accepted and secure standard TLS (Transport Layer Security). You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" or by the lock symbol in the lower area of your browser. We also implement appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments. 

X. External Links 

Our website may contain links that refer to pages of third parties. Insofar as this is not obviously recognizable, we point out that it is an external link. We have no influence on the content and design of websites of external providers. This Privacy Policy does not apply there. 

XI. Updating of the Privacy Policy 

This Privacy Policy is regularly checked to ensure that it is up to date and is further developed if necessary. The current data protection information can be accessed and printed out by you at any time on the website at www.hacon.de/datenschutz/. 

 
Status: November 2023