:pegon GmbH attaches great importance to data protection. With this data protection declaration we would like to inform you about the rights you have with regard to personal data. Furthermore, we would like to inform you about the kind, scope and purpose of the data collected and processed by us:

First of all, we would like to briefly point out the most important aspects of data protection at :pegon GmbH.

In the second part you will find more detailed explanations on data protection issues if you would like to know more about them.

1.1 Who is responsible and who is in charge of data protection?

The person responsible according to the General Data Protection Regulation (DSGVO):

Company: :pegon GmbH
Board of Directors: Dipl.-Ing. Robert M. Riegler
Anschrift: Kaiser- Wilhelm-Ring 3 - 5 - D-50672 Köln
E-mail: info@pegon.de
Phone: +49 (0) 22 36 / 3 78 59 70
Fax: +49 (0) 22 36 / 3 78 59 99

If you have any questions or suggestions regarding data protection, you can contact us directly at any time.


1.2 What rights do you have as a person concerned?

You have the right to obtain information about what we have stored about you. Should your data stored by us be incorrect, you may request correction or deletion of this data. In addition, you may request that these data be blocked and thus further processing by us may only be carried out with your consent.

You also have the right to object to the further processing of your data at any time for reasons arising from your particular situation. Furthermore, if you wish, we will make the data that you have given to us available to you for further use. At your request, we will also send the data to a recipient chosen by you.

Furthermore, you have the right to revoke your consent to the processing of your personal data at any time. This does not affect the lawfulness of the processing that took place until revocation.

You also have the right to complain to a supervisory authority. Corresponding addresses can be found on the websites of the Federal Commissioner for Data Protection and Freedom of Information (BFDI):
https://www.bfdi.bund.de/DE/Infothek/AnschriftenLinks/addresseslinks-node.html


1.3 For what purpose and on what legal basis will my data be processed?

For what purpose and on what legal basis will my data be processed?

The personal data collected by us during your visit to our website will only be processed for the performance of the contract and the processing of your enquiries. A processing or use of the data collected by us and communicated by you takes place exclusively for the fulfilment of the aforementioned purposes either by us, our affiliated companies and companies commissioned by us for data processing ("processors"), provided that these also meet the data protection requirements of the DSGVO. (For the processing of data collected on our websites not by us but by third parties, see below: "Who receives my data?")

In addition, your data will only be collected, processed and used for other purposes (market research, consulting and information/advertising, including newsletters) if you have given us your consent or if processing is required pursuant to Art. 6 §. 1 - letters b-f DSGVO - for example to protect the vital interests of individuals or in the public interest.

We do not intend to use your personal data for any purpose other than that for which they were collected for.

We do not carry out profiling within the meaning of Art. 4 DSGVO with your data.


1.4 How is my data collected and who receives it?

The use of the :pegon GmbH website is generally possible without actively providing personal data.

An exception to this are the following elements on our web pages:

Cookies

However, we have set cookies on our website in order to increase the convenience and functionality of our website for you. A typical field of application for cookies is the storage of a certain (login) status during web use, so that a user does not have to log in again for each subpage of a website. In order to be able to distinguish between different users, a unique identifier is usually stored in a text cookie. The identification stored in the cookie has no personal reference per se. It becomes relevant under data protection law as soon as personal data is stored in a cookie or a link is established between the cookie ID and personal data. Depending on function and intended use, a distinction is made between five categories of cookies:

1. Essential Cookies: This type of cookie is required to navigate the site and to provide the basic functionality of the site.
2. Functional cookies: Functional cookies enable the website to store information provided by the user during the visit (login, user name, language and selected location) in order to offer the user a simplified, extended range of functions when he visits the website again.
3. Performance Cookies: Performance cookies serve to improve the user experience by increasing user-friendliness. For this reason, performance cookies collect information about how the website is used (e.g.: Information on the operating system, the browser used, the number of visits, the pages called up in this context and the average length of stay).
4. Analysis Cookies: These cookies are used by the website operator to determine which preferences and search terms are used to access the main and sub-pages of the website.
5. Marketing cookies: Marketing cookies are used to generate added value for the user through relevant content that is tailored to his or her individual interests. This kind of cookie is also used to measure and control the effectiveness of advertising campaigns. In addition to the frequency of site visits, the marketing cookies also record the duration of use and stay with regard to the content offered. Marketing cookies are likely to be linked to page functionalities of third parties. The information collected in this way may be passed on to third parties, such as the operator of the website.

However, you can prevent the setting of cookies at any time by means of the corresponding settings of your Internet browser and thus permanently object to this. You can use your browser settings to delete individual cookies that have already been saved or the entire cookie inventory. In the following we have compiled links to information and instructions that describe the browser settings to be made in detail and for different providers respectively:

Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
Safari: https://support.apple.com/kb/PH17191?locale=deDE&viewlocale=deDE
Google Chrome: https://support.google.com/accounts/answer/61416?hl=de
Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-loeschen-daten-von-websites-entfernen
Opera: http://www.opera.com/de/help

You can also individually manage the cookies of many companies and features used for advertising. Use the corresponding user tools, available at https://www.aboutads.info/choices/ or http://www.youronlinechoices.com/uk/your-ad-choices.

In addition, a large number of browsers have already implemented a "Do-Not-Track function" with which you can specify that you do not want to be "tracked" by websites. By enabling this feature, your browser tells advertising networks, websites and applications that you do not want to be tracked for behaviour-based advertising and the like. Information and instructions on how to edit this function are available from the links below, depending on the provider of your browser:

Internet Explorer: https://support.microsoft.com/de-de/help/17288/windows-internet-explorer-11-use-do-not-track
Google Chrome: https://support.google.com/chrome/answer/2790761?co=GENIE.Platform%3DDesktop&hl=de
Safari: https://support.apple.com/kb/PH21416?locale=de_DE
Mozilla Firefox: https://www.mozilla.org/de/firefox/dnt/
Opera: http://help.opera.com/Windows/12.10/de/notrack.html

You can also prevent scripts from being loaded by default. NoScript allows JavaScript, Java and other plugins to be executed only on trusted domains of your choice. For information and instructions on how to edit this feature, please contact the provider of your browser.

The following cookies are used on the website:
Cookie name: - pkref.3.3472 (Mamoto -Analysis Cookie)

-	pkid.3.3472 (Mamoto -Analysis Cookie)
-	pkses.3.3472 (Mamoto -Analysis Cookie)

Google Maps

We have integrated an API (application programming interface) from Google Maps on individual pages of our website to make it easier for you to find our location in Wesseling. Data is transferred from your device to Google. As Google is classified as EU-US Privacy Shield-certified, the data is transmitted to the USA on the basis of a suitability resolution in accordance with Art. 45 DSGVO. For more information, please refer to Google's privacy policy, which you can access here: https://policies.google.com/privacy?hl=de

Piwik

On our website we use the Piwik analysis tool to carry out a statistical access evaluation. Piwik uses cookies on our website to collect information about usage. Your IP address, from which you access our pages, is stored in anonymous form on a server of the provider in Germany. You can prevent the setting of cookies at any time by means of an appropriate setting of your Internet browser and thus permanently object to this. Cookies that have already been set can be deleted at any time via your Internet browser.

Job applications

Online applications for job advertisements at :pegon GmbH or unsolicited applications can be sent to us by e-mail. We place the highest value on an appropriate record of compliance with the DSGVO. For this reason, your application data will be deleted after six months, unless you have agreed to your data being processed for a longer period of time. Your data will not be passed on to third parties unless there is a legal obligation to pass them on or the passing on serves the purpose of criminal prosecution.


1.5 How long will my data be stored?

The data collected from you will be stored by us for the duration of the business relationship, taking into account existing retention periods.


1.6 Is the collection and storage of my data mandatory or necessary?

We collect and store the data provided by you for the fulfilment of the contract to be concluded and implemented with you. In all other respects, we are obliged to do so in accordance with tax regulations.

etracker

The provider of this website uses the services of etracker GmbH, Hamburg, Germany (www.etracker.com) to analyse usage data. We do not use cookies for web analysis by default. If we use analysis and optimisation cookies, we will obtain your explicit consent separately in advance. If this is the case and you agree, cookies are used to enable a statistical range analysis of this website, a measurement of the success of our online marketing measures and test procedures, e.g. to test and optimise different versions of our online offer or its components. Cookies are small text files that are stored by the Internet browser on the user's device. etracker cookies do not contain any information that could identify a user.

The data generated by etracker on behalf of the provider of this website is processed and stored by etracker solely in Germany by commission of the provider of this website and is thus subject to the strict German and European data protection laws and standards. In this regard, etracker was independently checked, certified and awarded with the ePrivacyseal data protection seal of approval.

The data processing is based on Art. 6 Section 1 lit f (legitimate interest) of the General Data Protection Regulation (GDPR). Our legitimate interest is the optimisation of our online offer and our website. As the privacy of our visitors is very important to us, the data that may possibly allow a reference to an individual person, such as IP address, registration or device IDs, will be anonymised or pseudonymised as soon as possible. etracker does not use the data for any other purpose, combine it with other data or pass it on to third parties.

You can object to the outlined data processing at any time by clicking on the slider. The objection has no disadvantageous consequences. If no slider is displayed, the data collection is already prevented by other blocking means.



Further information on data protection with etracker can be found here.

2.1 Data processing

2.1.1 General information on the use of the homepage

The :pegon GmbH website can generally be used without actively providing personal data. If a person concerned wishes to make use of special services of our company via our website (e.g. the use of the contact form), the processing of personal data may become necessary. If the processing of personal data is necessary and there is no legal basis for such processing, we obtain the consent of the data subject.

The processing of personal data, such as the name, address, e-mail address or telephone number of a person concerned, always takes place in accordance with legal requirements.

:pegon GmbH – being responsible for data processing - has implemented numerous technical and organizational measures in order to ensure the most complete possible protection of personal data processed via this website. Nevertheless, Internet-based data transmissions can have security gaps, so that absolute protection cannot be guaranteed. For this reason, every person concerned is free to transmit personal data to us by alternative means, for example by telephone, post or in person.

2.1.2 Contact via the website

Due to legal regulations, :pegon GmbH's website contains information that enables rapid electronic contact with our company and direct communication with us. If a data subject contacts the person for the data processing via e-mail or a contact form, the personal data transmitted by the data subject will be stored automatically.

Such personal data voluntarily transmitted to us by a data subject will be stored for the purpose of processing or contacting the data subject. This personal data is not passed on to third parties. This data will be deleted once the purpose has been achieved, unless legal or official storage obligations apply.

2.1.3 Routine deletion and blocking of personal data

We process and store personal data of the data subject only for the period necessary to achieve the processing purpose or if laid down in the DSGVO or laws or

If the processing purpose no longer applies or if a statutory storage period expires, the personal data is erased by routine deletion and in accordance with the statutory provisions.

2.1.4 Legal basis for processing

Art. 6 I a DSGVO serves our company as a legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, the processing is based on Art. 6 I b DSGVO. The same applies to such processing operations that are necessary to carry out pre-contractual measures, for example in cases of enquiries about our products or services.

If our company is subject to a legal obligation requiring the processing of personal data, for example to fulfil tax obligations, the processing is based on Art. 6 I c DSGVO. In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or another natural person, for example in the event of an accident on the premises.

In addition, processing operations could be based on Article 6 I f DSGVO if the processing is necessary to safeguard a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject do not prevail. Efficient, customer-friendly and high-quality service provision is one of the most justified interests.

2.1.5 Data protection for applications and in the application process

We collect or process the personal data of applicants for the purpose of handling the application procedure. Processing may also be carried out electronically. This is particularly the case if an applicant sends appropriate application documents electronically, for example by e-mail, to the person responsible for the processing. If this responsible person concludes an employment contract with an applicant, the data transmitted will be stored for the purpose of processing the employment in compliance with the statutory provisions. If this person does not conclude an employment contract with the applicant, the application documents shall be deleted after six months at the latest.

2.2 Rights of the data subject

According to the DSGVO, data subjects are entitled to the following rights. If you, as a data subject, wish to exercise one or more of these rights, you can contact our data protection officer or another employee of the person responsible at any time.

2.2.1 Right to revoke consent under data protection law

As a person affected by the processing of personal data, you have the right to revoke your consent to the processing of personal data at any time with effect for the future. An email or other written declaration to us is sufficient to do so. You can send your revocation to: info@lucobit.de

2.2.2 Right to information

As a person affected by the processing of personal data, you have the right at any time to receive free information from the person responsible for data processing about the personal data stored about you and a copy of the personal data. The right to information concerns the following information:

• the processing purposes
• the categories of personal data to be processed
• the recipients or categories of recipients to whom the personal data have been or are still being disclosed, in particular recipients in third countries or international organisations
• if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration
• the existence of a right of rectification or deletion of personal data concerning him or her or the right of a restriction on processing by the processing person or a right of opposition to such processing
• the existence of a right of appeal to a supervisory authority
• if the personal data is not collected from the data subject: All available information about the origin of the data
• the existence of automated decision-making, including profiling in accordance with Articles 22 I and IV DSGVO and - at least in these cases - meaningful information on the logic involved and the scope and intended effects of such processing for the data subject

Furthermore, data subjects have a right of access to information as to whether personal data have been transferred to a third country or to an international organisation. If this is the case, you also have the right to obtain information about the appropriate guarantees in connection with the transmission.

2.2.3 Right to correction

As a person affected by the processing of personal data, you have the right to request the immediate correction of incorrect personal data concerning you. You also have the right, taking into account the purposes of the processing, to request the completion of incomplete personal data, including by means of a supplementary declaration.
 
2.2.4 Right to deletion ("Right to be forgotten")

As a person affected by the processing of personal data, you have the right to request that the personal data concerning you be deleted immediately, provided that one of the following reasons applies and insofar as the processing is not necessary:

• The personal data have been collected or otherwise processed for such purposes for which they are no longer necessary (i.e. the data are no longer required).
• The data subject withdraws his/her consent on which the processing was based pursuant to Article 6 Ia DSGVO or Article 9 IIa DSGVO and there is no other legal basis for the processing.
• The data subject opposes processing under Article 21 I DSGVO and there are no overriding legitimate reasons for processing or the data subject opposes processing under Article 21 II DSGVO.
• The personal data have been processed unlawfully.
• The deletion of personal data is necessary to fulfil a legal obligation under Union law or the law of the Member States to which the data controller is subject.
• The personal data have been collected in relation services offered by the information society provided in accordance with Article 8 I DSGVO

If the personal data of :pegon GmbH has been made public our company, as the responsible processor, is obliged to delete the personal data in accordance with Art. 17 I DSGVO, and therefore we will take appropriate measures, taking into account the available technology and the implementation costs, to inform other persons responsible for data processing who process the published personal data, in particular to delete all links to this personal data or copies or replications of this personal data, insofar as processing is not necessary. The data protection officer of :pegon GmbH or another employee will take the necessary steps in individual cases.

2.2.5 Right to limitation of processing

As a person concerned by the processing of personal data, you have the right to request the restriction of the processing if one of the following conditions is met:

• You dispute the accuracy of the personal data for a period of time that enables the person responsible to verify the accuracy of the personal data.
• The processing is unlawful, you refuse to delete the personal data and instead request the restriction on the use of the personal data.
• The person responsible for the data processing no longer needs the personal data for the purposes of processing, but you do need them to assert, exercise or defend legal
• You have filed an objection against the processing pursuant to Art. 21 I DSGVO and it has not yet been determined whether the legitimate reasons of the person responsible outweigh yours.

2.2.6 Right to Data Transferability

As a person affected by the processing of personal data, you have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format. You also have the right to have this data communicated to another responsible person without hindrance by the person responsible for processing, provided that the processing is based on the consent as laid down in Article 6 Ia DSGVO or Article 9 IIa DSGVO or on a contract pursuant to Article 6 Ib DSGVO and that the processing is carried out using automated procedures or provided that the processing is not necessary for the performance of a task in the public interest or in the exercise of public authority conferred to the responsible processor.

Furthermore, when exercising your right to data transferability pursuant to Art. 20 I DSGVO, you have the right to obtain that the personal data be transferred directly by us to another person responsible, insofar as this is technically feasible and provided that this does not impair the rights and freedoms of other persons.

2.2.7 Right of objection

As a person concerned by the processing of personal data, you have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you, which is carried out in order to safeguard a legitimate interest of the data processor.

This also applies to profiling based on these provisions, whereby :pegon GmbH points out that no profiling should be carried out.

:pegon GmbH will no longer process personal data in the event of an objection, unless we can prove compelling reasons worthy of protection for the processing, which outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.
If :pegon GmbH processes personal data in order to conduct direct advertising, you have the right to object at any time to the processing of personal data for the purpose of such advertising. This also applies to profiling insofar as it is connected with such direct advertising. If you object to :pegon GmbH processing for direct advertising purposes, we will no longer process your personal data for these purposes.

2.2.8 Automated decisions in individual cases including profiling

As a data subject, you have the right not to be subject to a decision based exclusively on automated processing, including profiling, which has legal effect against you or significantly affects you in a similar manner, provided that the decision
(1) is not necessary for the conclusion or performance of a contract between you and the person responsible, or
(2) is admissible by law of the Union or of the Member States to which the person responsible is subject and that law contains appropriate measures to safeguard your rights, freedoms and legitimate interests; or
(3) with your express consent.

:pegon GmbH does not use any purely automated decision systems with regard to the processing of personal data that have a legal effect on you or significantly impair you in a similar manner.

2.2.9 Right of appeal to a supervisory authority

As a person concerned by the processing of personal data, you have the right of appeal to a supervisory authority, in particular in the Member State where you are staying, working or where the suspected infringement took place, if you consider that the processing of personal data concerning you is contrary to data protection law. Corresponding addresses can be found on the websites of the Federal Commissioner for Data Protection and Freedom of Information (BFDI): https://www.bfdi.bund.de/DE/Infothek/AnschriftenLinks/anschriftenlinks-node.html

2.3 Definitions

With the development of data protection law, terms have become established that are not always self-explanatory. The explanations in Art. 4 DSGVO are quoted in extracts below: :

1. “personal data” means any information relating to an identified or identifiable natural person (hereinafter referred to as "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by assignment to an identifier such as a name, an identification number, location data, an online identifier or to one or more special characteristics which express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person;

2. "processing" means any operation carried out with or without the aid of automated procedures or any such series of operations relating to personal data, such as the identification, collection, organisation, arrangement, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or any other form of provision, matching/comparison or linking, restriction, erasure or destruction;

3. "restriction of processing" means the marking of stored personal data with the aim of restricting their future processing;

4. "profiling" means any automated processing of personal data consisting in the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to the work performance, economic situation, health, personal preferences, interests, reliability, behaviour, location or relocation of that natural person;

5. "pseudonymisation" means the processing of personal data in such a way that the personal data cannot be attributed to a specific data subject without the use of additional information, provided that this additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person; [...]..

7. "person responsible for data processing" means the natural or legal person, authority, body or other body which, alone or in association with others, decides on the purposes and means of processing personal data; where the purposes and means of such processing are specified by Union law or by the law of the Member States, the person responsible for data processing may be provided under Union law or the law of the Member States as well as the specific criteria for his appointment may also be provided under Union law or the law of the Member States;

8. "processor" means any natural or legal person, authority, institution or other body processing personal data on behalf of the responsible person;

9. 9) "recipient" means any natural or legal person, authority, institution or other body to which personal data is disclosed, whether or not it is a third party. However, authorities which may receive personal data under Union law or the law of the Member States under a particular investigation mandate shall not be considered recipients; the processing of such data by the said authorities shall be carried out in compliance with the applicable data protection rules in accordance with the purposes of the processing;

10. "third party" means any natural or legal person, authority, institution or other body other than the data subject, the person responsible for the data processing, the processor and the persons authorised to process the personal data under the direct responsibility of the person responsible for the data processing or the processor;

11. "consent" of the data subject means any voluntary declaration of intent, in an informed and unequivocal manner, in the form of a declaration or other clear affirmative act, in which the data subject indicates his or her consent to the processing of personal data concerning him or her;

12. "breach of the protection of personal data" means a breach of security which, whether unintentional or unlawful, leads to the destruction, loss, alteration or unauthorised disclosure or access to personal data transmitted, stored or otherwise processed;