/
Privacy policy

Privacy policy

We are pleased that you are visiting our website and interested in Bergmann Infotech GmbH. Protecting your personal data is very important to us.

In general, you can use our website without actively providing personal data. However, as with any website, certain data (e.g., IP address, technical information) is automatically processed when you visit our pages. In addition, we only process personal data if you voluntarily provide it to us – for example, via a contact form or as part of a job application.

The processing of your data is always carried out in accordance with the General Data Protection Regulation (GDPR) and applicable national data protection laws.

With this privacy policy, we inform you about:
  • the type and scope of personal data we collect
  • the purposes and legal bases of the data processing
  • your rights as a data subject
  • the security measures we take to protect your data
We have implemented comprehensive technical and organizational measures to protect your data from unauthorized access. However, please note that complete security during data transmission over the Internet cannot be guaranteed. If you prefer, you may also contact us through alternative means (e.g., by phone or postal mail) at any time.
1. Definitions
To improve the clarity of this Privacy Policy, we explain below key terms as defined in Article 4 of the General Data Protection Regulation (GDPR):
Personal Data
All information relating to an identified or identifiable natural person (e.g., name, email address, IP address).
Processing
Any operation related to personal data – such as collection, storage, use, transmission, or deletion.
Data Subject
The individual whose personal data is being processed – typically you as the visitor of this website.
Controller
The entity that determines the purposes and means of processing personal data – in this case: Bergmann Infotech GmbH.
Processor
Third parties that process data on our behalf (e.g., IT service providers or hosting companies).
Consent
Your voluntary and informed declaration of agreement to the processing of specific personal data.
2. Name and address of the controller

The responsible party within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other provisions of a data protection nature is:


Bergmann Infotech GmbH
Pretzscher Strasse 37
04880 Domiitzsch
Germany

Tel.: +49 34223 43211
E-Mail: service@bergmann-infotech.de

Website: bergmann-infotech.de

3. Cookies
The websites of Bergmann Infotech GmbH use cookies. Cookies are small text files that are stored on your device and save certain information. They help make our website more user-friendly, efficient, and secure.
We use the following categories of cookies:
  • Essential Cookies: These cookies are technically necessary for the operation of the website and cannot be disabled.
  • Statistics Cookies: These help us understand how visitors interact with our website (e.g., Google Analytics).
  • Marketing Cookies: These are used to display content from external services such as Google Maps, YouTube, or social media platforms.
The storage of non-essential cookies is based solely on your explicit consent, in accordance with Article 6(1)(a) of the GDPR, which you can provide via our cookie banner upon your first visit to the site.

3.1 Cookie Consent Management with Borlabs Cookie
To obtain and manage your cookie consent, we use the Borlabs Cookie plugin, which sets technically necessary cookies to store your preferences. You can view detailed information about the cookies used on our website at any time by clicking the "Cookie Settings" button available at the bottom of your screen.
You may change or withdraw your consent at any time by reopening the cookie settings.

3.2 Disabling Cookies in your Browser
You can configure your browser to inform you about the use of cookies, allow cookies only in individual cases, block cookies in certain cases or completely, and automatically delete cookies when closing the browser.

Please note, however, that disabling cookies may limit the functionality of this website.

4. Collection of general data and information
When you visit our website, general technical information is automatically collected by the web server. This information (so-called server log files) includes:

  • Browser type and version
  • Operating system used
  • Referrer URL (previously visited page)
  • Accessed subpages
  • Date and time of access
  • IP address (possibly anonymized)
  • Internet service provider
  • Other similar data used for security purposes
This data is technically necessary to ensure the correct delivery of website content, maintain system stability and security, and detect or prevent attacks.
The legal basis for this data processing is Article 6(1)(f) GDPR (legitimate interest). Our legitimate interest lies in the secure and functional operation of our website.
There is no merging of this data with other personal data, nor is it used for marketing purposes.

Log files are generally retained for 90 days and then automatically deleted, unless further retention is required for evidence purposes.

5. Contact Forms on the Website
Our website provides several contact forms that you can use to get in touch with us – for example, for general inquiries or to submit a job application.
Depending on the form, the following personal data may be processed:

  • Name, email address, telephone number
  • Content of your message
  • For applications: uploaded documents (e.g., résumé, certificates)
The purpose of processing is to handle your request or application. All transmissions are encrypted. Application documents are stored exclusively in a password-protected area and are not shared with third parties.

For more detailed information about how we process your data in the context of job applications, please refer to Section 8 of this privacy policy.

6. Routine Deletion and Blocking of Personal Data
We process and store personal data only for as long as necessary to fulfill the respective purpose or as required by statutory retention periods.
Once the purpose of storage no longer applies, or a legally prescribed retention period has expired, the personal data is either blocked or deleted in accordance with legal requirements, unless statutory obligations to retain the data (e.g., under commercial or tax law) prevent this.

In specific cases – such as job applications – retention periods are governed by special legal regulations (see Section 8 for details).

7. Rights of the Data Subject
As a data subject, you have the following rights under the General Data Protection Regulation (GDPR):

  • Right of access (Art. 15 GDPR): You have the right to obtain information about the personal data we process about you.
  • Right to rectification (Art. 16 GDPR): You may request the correction of inaccurate or the completion of incomplete personal data.
  • Right to erasure (Art. 17 GDPR): You may request the deletion of your personal data, provided that no legal obligations to retain such data exist.
  • Right to restriction of processing (Art. 18 GDPR): In certain cases, you may request that the processing of your data be restricted.
  • Right to data portability (Art. 20 GDPR): You have the right to receive your personal data in a structured, commonly used, and machine-readable format, or to request its transfer to another controller.
  • Right to object (Art. 21 GDPR): You may object to the processing of your personal data, particularly where the processing is based on legitimate interests or for direct marketing purposes.
  • Right to withdraw consent (Art. 7(3) GDPR): If you have given consent to data processing, you may withdraw it at any time with future effect.
  • Right to lodge a complaint: You have the right to lodge a complaint with a supervisory authority, particularly in the EU member state of your habitual residence or the location of the alleged violation.
Exercising Your Rights
To exercise your rights, please contact us using the address provided in the legal notice (Impressum).

We reserve the right to verify your identity before disclosing any personal data.

8. Data protection in applications and the recruitment process
We process personal data of applicants who submit their application via our website, by email, or by post exclusively for the purpose of carrying out the application procedure.

Legal basis:
  • § 26 (1) of the German Federal Data Protection Act (BDSG) – for the establishment of an employment relationship
  • Supplementary: Art. 6 (1)(b) GDPR – for the performance of pre-contractual measures
The following categories of data may be processed:
  • Basic personal data (e.g., name, address, contact details)
  • Application documents (e.g., cover letter, résumé, certificates, references)
  • Communication during the course of the application process
If your application is successful, the data you have provided will be further processed for the purpose of managing the employment relationship.

Rejection:
If your application is not successful, we will delete your application documents no later than six months after the rejection decision, unless a statutory retention obligation or legitimate interest (e.g., documentation required under the German Equal Treatment Act [AGG]) prevents deletion.
Note:

Please refrain from submitting sensitive data (e.g., information on health, religion, or similar) unless it is strictly necessary for the application.

9. Use of Google Analytics (with IP Anonymization)
This website uses Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics enables us to analyze visitor behavior on our website and improve our content accordingly.
We use Google Analytics only with your explicit consent, which you can provide via our cookie banner (Borlabs Cookie) in accordance with Art. 6(1)(a) GDPR.

9.1 IP Anonymization
We have activated the “anonymizeIP” function. This ensures that your IP address is shortened by Google within the EU or EEA before further processing.

9.2 Data Transfers to Third Countries
It is possible that personal data may be transferred to the United States. Google has committed to complying with the EU Standard Contractual Clauses (SCCs) to ensure an adequate level of data protection.

9.3 Retention Period
The data collected through Google Analytics is stored for a period of 14 months.

9.4 Objection / Opt-out
You can withdraw your consent at any time by reopening the cookie settings at the bottom of the website.

Additionally, Google offers a browser add-on to deactivate Google Analytics:
🔗 https://tools.google.com/dlpage/gaoptout
Further information on data protection at Google:
🔗 https://policies.google.com/privacy

🔗 https://support.google.com/analytics/answer/6004245

10. Use of Google Ads (Conversion Tracking)
We use Google Ads, including conversion tracking, on our website. This service is provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
When you access our website via a Google advertisement, a conversion cookie is stored on your device by Google. These cookies enable us to track how many users arrived on our site through a Google ad and whether specific actions were taken (e.g., submitting a contact form).

10.1 Legal Basis
Google Ads is only activated with your explicit consent, which you can provide via our cookie banner (Borlabs Cookie), in accordance with Art. 6(1)(a) GDPR.

10.2 Purpose
Processing is carried out for the purpose of statistical evaluation and optimization of our advertising campaigns. Google does not transmit any personal data that would allow us to identify you.

10.3 Data Transfers to Third Countries
In connection with the use of Google Ads, it is possible that data will be transferred to the United States. Google has committed to compliance with the EU Standard Contractual Clauses (SCCs) to ensure an adequate level of data protection.

10.4 Storage and Opt-out
Conversion cookies generally expire after 30 days. You can revoke your consent at any time via our cookie settings, or prevent cookie storage altogether by adjusting your browser settings.

Further information on data protection at Google is available at:
🔗 https://policies.google.com/privacy

🔗 https://adssettings.google.com

11. Legal Bases for Data Processing
We process your personal data on the basis of the following legal grounds pursuant to Article 6(1) GDPR:
  • a) Consent (lit. a)
If you have given us explicit consent for specific purposes (e.g., the use of cookies, newsletter registration, or submitting a job application), processing is based on that consent.

  • b) Contract performance / pre-contractual measures (lit. b)
If processing is necessary for the performance of a contract or to carry out pre-contractual measures, e.g., in response to a request for an offer or order.

  • c) Legal obligation (lit. c)
If we are subject to legal obligations, such as commercial or tax law retention requirements.

  • d) Vital interests (lit. d)
In rare cases, processing may be necessary to protect vital interests, such as in a medical emergency on our premises.

  • e) Legitimate interests (lit. f)
When processing is required to safeguard our legitimate interests or those of a third party, provided that your interests or fundamental rights do not override them. This may include:

  • IT security
  • Direct marketing to existing customers
  • The establishment, exercise, or defense of legal claims
You can find more information about the specific legal basis in the relevant sections of this Privacy Policy (e.g., regarding the use of Google services or online forms).
12. Legitimate Interests in Data Processing
Where the processing of personal data is based on Article 6(1)(f) GDPR, our legitimate interests include:

  • the technically error-free and secure provision of our website,
  • communication with customers and interested parties,
  • protection against misuse,
  • direct marketing to existing customers,
  • safeguarding our legal interests, e.g., in defending against claims.
These processing purposes support the efficient operation of our business processes and the economic performance of our online services.
13. Duration of Storage of Personal Data
We store personal data only for as long as it is necessary to fulfill the respective purposes or as required by statutory retention periods (e.g., under commercial or tax law).
Once the respective purpose no longer applies or a legal retention period has expired, the data is routinely deleted, unless:
  • longer storage is necessary to fulfill contractual or legal obligations,
  • consent has been given for longer storage, or
  • legitimate interests (e.g., for documentation or legal defense purposes) require extended retention.
Examples of typical retention periods:
  • Contact inquiries: up to 6 months after the request has been processed
  • Application documents: no later than 6 months after the end of the application process (unless consent for extended retention has been granted)
  • Contract and billing data: 6 to 10 years in accordance with commercial and tax law requirements
  • Consents (e.g., cookie consent): until revoked or until the technical storage duration expires
14. Obligation to Provide Personal Data
In certain cases, the provision of personal data is required by law (e.g., tax regulations) or necessary for the conclusion or performance of a contract (e.g., contact details for preparing an offer or issuing an invoice).

If you do not provide this data, we may:
  • be unable to fulfill legal obligations,
  • be unable to enter into or perform a contract with you,
  • be unable to process your inquiry.
A legal obligation to provide data exists in particular in the following cases:
  • Tax and record-keeping requirements under the German Commercial Code (HGB) and Fiscal Code (AO)
  • Application processes in accordance with § 26 of the Federal Data Protection Act (BDSG)
  • Data processing based on legitimate interests (Art. 6(1)(f) GDPR)
Examples of data required by contract include:
  • Name, email address, and postal address for inquiries or orders
  • Payment details for contractual transactions

If there is no legal or contractual requirement, you are not obliged to provide your data. In such cases, providing data is entirely voluntary – for example, when simply visiting our website without using any contact forms.

15. Use of Slack for Communication and Contact Forms
Our website uses contact forms that are integrated with Slack, a communication service provided and hosted by Slack Technologies, LLC (https://slack.com).

When you contact us via a form, the data you submit is transmitted through Slack’s platform and stored securely within Slack’s databases and general application environment. These servers are protected by technical safeguards including firewalls.

You may choose to share your identity and contact details with us by filling out a form or by corresponding with us via post, telephone, email, or other means – all of which may be processed through Slack. We receive the data directly in our closed, secure internal Slack channels to respond to your inquiry as efficiently as possible.

This may include personal data that you provide when you:
  • apply for our services or request a product demo,
  • request materials or documentation,
  • participate in a campaign, contest, or survey,
  • provide feedback.
We use the collected data for the following purposes:
  • to deliver and maintain our services,
  • to provide customer support.
Slack processes data in accordance with its own privacy policies. For more information, please refer to Slack’s privacy policy:

🔗 https://slack.com/privacy-policy

16. Use of Tilda Publishing (Hosting)
Our website is hosted via the service Tilda Publishing (Create a Website for Free. Tilda Website Builder ). Tilda provides the technical platform that enables us to publish our content, products, and services online.

As part of the hosting process, Tilda may process the following personal data:
  • IP addresses
  • Technical access data (e.g., time of access, browser type)
  • Information submitted via forms (e.g., name, email address)
This data is stored on Tilda’s servers and protected by technical safeguards such as firewalls. The processing of this data is based on Article 6(1)(f) GDPR (legitimate interest in the secure and efficient operation of our website).
Please note that Tilda is a provider based outside the EU. Therefore, data may be transferred to third countries. Tilda commits to complying with internationally recognized data protection standards.

For more information, please refer to Tilda’s privacy policy and terms of use:
🔗 Privacy Policy — Tilda CC

🔗 Terms of Service — Tilda Publishing

17. External Links
Our website may contain links to external third-party websites. Such websites are subject solely to the privacy policies and terms of use of their respective operators.
We have no control over the content of these external websites and assume no responsibility or liability for their availability, accuracy, content, products, services, or any other materials provided on or through these sites.

The inclusion of a link does not imply endorsement or approval of the content by us. We are not liable for any direct or indirect damages or losses arising from the use of, or reliance on, such external content.