Data protection

General information

The present Privacy policy is intended to provide information to the user of the present website about the methods, scope and purposes of collection and usage of personal data by the website administrator ONSITES Corporation Ltd.

The website administrator treats the personal data of the users very seriously, in confidentiality and in accordance to the legislative provisions. Due to the usage of new technologies and the continuous improvement of the present website, the present Privacy policy may need to be modified, so we recommend all users to review the present Privacy policy regularly.

Please note that data transfer over the Internet is not absolutely secured. In order to increase the security level, the website administrator has installed SSL certificate capable of identifying the users in the address field of the browser by the prefix "https://" and the blocking symbol. When the SSL encoding system is enabled, by default, the data send to the website administrator cannot be read by third parties. However, you have to bear in mind that it is not possible to provide complete data protection against access by other parties.

The definitions of the terms used, such as "personal data” or "processing”, are provided in Article 4 of the General Data Protection Regulation.


Access data

Based on legitimate interest, according to Article 6, paragraph 1, letter of the General Data Protection Regulation, the administrator of the present website collects the data about the website visits and keeps them as log files at the web site server. In such a way, the following data are recorded: 

  • Site visited

  • Time of the visit

  • Quantity of sent data in bytes

  • Source or link through which the user has reached the site;

  • Browser used

  • Operation system used

  • IP address used

The log files at the server are kept for a maximum period of seven days, after which they are deleted. The storage of the data is performed due to security reasons in order to detect cases of misuse, for example. If data must be collected as proof of evidence, they are not deleted until the case is finally resolved and settled.


Measurement of user's activity and "cookies"

The present website uses "cookies” for pseudomized measurement of the users activity; these cookies are transferred to the user browser either from the server of the website administrator or from a server of third parties. "Cookies” are small files which are stored at the user’s computer. This data is used by the user browser. The usage of "cookies” contributes to the convenience of usage and security of this website.



If the user does not agree to the storage of "cookies” for measurement of the users activity at his/her device, he/she is entitled to object against the usage of cookies here:

The present website uses "cookies” for pseudomized measurement of the users activity; these cookies are transferred to the user browser either from the server of the website administrator or from a server of third parties. "Cookies” are small files which are stored at the user’s computer. This data is used by the user browser. The usage of "cookies” contributes to the convenience of usage and security of this website.

Collection and processing of personal data

The website administrator has the right to continue collecting, using and providing user personal data, if this is allowed by law or if the user has provided his/her consent for data collection.

"Personal data” is all data that serve for identification and back tracking of the user as an individual, for example name, email address or telephone number of the user.

This website can also be visited without collection of personal data. However, in order to improve online services offered by us, we collect, anonymously, access data of visitors of the website. This access data includes the file, requested by the user or the name of the Internet provider used. Since this data is pseudomized, no conclusions can be drawn about any individual.

Furthermore, we process user personal data, which the user provided on the contact form. Such data includes family name, given name, company name, email address and telephone number of the user making contact. We also process all data that is provided by the user through the newsletter form.

We also process personal data which is registered for a job application procedure on the website and sent to the website administrator. Such data includes given name, second name and family name as well as data about the country of permanent residence. We also process all data which the user sends online to the administrator such as uploaded files (letter of motivation and CV).

All personal data is processed only with the prior consent of the user, by following the personal data protection provisions in force. The personal data processing is performed mainly on the grounds of legitimate interest in order to provide the services and for optimization of the online services offered by the website administrator.

Dealing with contact information

The website administrator has the right to continue collecting, using and providing user personal data, if this is allowed by law or if the user has provided his/her consent for data collection.



Google Analytics

This website uses Google Analytics offered by Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, based on the legitimate interest of the website administrator in order to optimize and analyze the services offered, as per article 6, letter "f” of the General Data Protection Regulation. Google Analytics uses text files, e.g. "cookies”, which are stored on the user’s computer. Data, collected by the "cookies”, as a rule, is sent to a Google server in the USA, where it is stored.

Google Inc. works according to the European legislation, related to the personal data protection and is certified according to the Privacy Shield agreement: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Anonymization of IP addresses is activated on this website. Within the European Union and European Economic Area member states, as well as in the other countries, parties of the agreement, the IP address of the user is shortened. Only in specific cases, the IP address is transferred in full length to the USA to a Google server, where it is shortened. Such shortening makes the correlation of the IP address to an individual impossible. The IP address of the user sent by his/her browser is not combined with other data, stored by Google.

The website administrator enters in a data processing agreement with Google Inc., where, with the assistance of the collected information, the Company performs analysis of the website usage and the activity during its usage by providing services related to the use of the Internet.

The data collected by Google, according to the assignment of the web ]site administrator, is used for making assessment of the website usage by individual users as well as for preparation of reports for the activity during their website usage or for the improvement of the offered online services.

Through a plug-in, the user can also prevent the sending of the data collected through "cookies” (including your IP address) to Google Inc., as well as its usage by Google Inc. The following link will lead you to the relevant plug-in. https://tools.google.com/dlpage/gaoptout?hl=de

Via following links you can retrieve additional information about the data used by Google Inc.


Social networks plug-ins usage


General guidelines

The sharing plug-ins for social networks sharing usually result in the fact that every visitor of a given page is immediately registered by these services with his/her IP address and his/her subsequent behaviour in relation to the browser is recorded. This can happen even without interaction with the button.

In order to prevent that the websites administrator uses the Shariff method. Thus, the social networks sharing buttons establish direct connection between the user and the social network only when the user clicks on the relevant Share button. If the user is already registered on a given social network logging in on Facebook and Google+ is done without the opening of a new window. During the logging in on Twitter a pop-up window appears where the text of the twit can be edited. This is how the user can publish our content on social networks, without being able to create full surfing profiles. The Shariff method is widely used by many websites in order to protect their users.

Facebook

On the website the administrator uses a Facebook social network plug-in, owned by Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. However, the Shariff method allows Facebook to identify the IP address of the user and each visit to the website of the administrator only when the user interacts with the Facebook button. If the user enables the plug in, while logged in on his/her Facebook profile, Facebook can connect the used content with the user’s profile. In such case, the website administrator does not have access, respectively any control, over the possible collection and processing of the user's data by Facebook. The user can prevent the collection and processing of user data by immediately logging out from his/her user profile.

More detailed information can be found in the Privacy policy of Facebook on the following address: http://de-de.facebook.com/policy.php Furthermore, in relation to the general use of "cookies” and their deactivation the website administrator refers to the general description of the present Privacy policy.

Instagram

On the website the administrator uses an Instagram social network plug-in, owned by Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. However, the Shariff method allows Instagram to identify the IP address of the user and each visit to the website of the administrator only when the user interacts with the Instagram button. If the user enables the plug in, while logged in on his/her Instagram profile, Instagram can connect the used content with the user’s profile. In such case, the website administrator does not have access, respectively any control, over the possible collection and processing of the user's data by Instagram. The user can prevent the collection and processing of user data by immediately logging out from his/her user profile.

More detailed information can be found in the Privacy policy of Instagram on the following address: http://de-de.facebook.com/policy.php Furthermore, in relation to the general use of "cookies” and their deactivation the website administrator refers to the general description of the present Privacy policy.

Twitter

On his web site, the administrator uses a Twitter social network plug-in, owned by the company Twitter Inc., 795 Folsom Street, Suite 600, San Francisco, CA 94107, USA. However, the Shariff method allows Twitter to identify the IP address of the user and each visit to the web site of the administrator only when the user interacts with the Twitter button. If the user enables the plug in, while logged on his/her Twitter profile, Twitter can connect the content with the user’s profile. In such case, the web site administrator does not have access, respectively any control, over the possible collection and processing of the user's data by Twitter. The user can prevent the collection and processing of users’ data by immediately logging out from his/her user profile.

More detailed information can be found in the Privacy policy of Twitter on the following address: https://twitter.com/privacy?lang=en Furthermore, in relation to the general use of "cookies” and their deactivation, the website administrator refers to the general description of the present Privacy policy.

LinkedIn

On his web site, the administrator uses a LinkedIn social network plug-in, owned by the company LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA. However, the Shariff method allows LinkedIn to identify the IP address of the user and each visit to the web site of the administrator only when the user interacts with the LinkedIn button. If the user enables the plug in, while logged on his/her LinkedIn profile, LinkedIn can connect the used content with the user’s profile. In such case, the web site administrator does not have access, respectively any control, over the possible collection and processing of the user's data by LinkedIn. The user can prevent the collection and processing of users’ data by immediately logging out from his/her user profile.

More detailed information can be found in the Privacy policy of LinkedIn on the following address: https://www.linkedin.com/company/33229335/admin/updates/ Furthermore, in relation to the general use of "cookies” and their deactivation, the website administrator refers to the general description of the present Privacy policy.

YouTube

On his web site, the administrator uses a YouTube social network plug-in, owned by the company YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. However, the Shariff method allows YouTube to identify the IP address of the user and each visit to the web site of the administrator only when the user interacts with the YouTube button. If the user enables the plug in, while logged on in his/her YouTube profile, YouTube can connect the used content with the user’s profile. In such case, the web site administrator does not have access, respectively any control, over the possible collection and processing of the user's data by YouTube. The user can prevent the collection and processing of users’ data by immediately logging out from his/her user profile.

More detailed information can be found in the Privacy policy of YouTube on the following address: https://www.google.de/intl/de/policies/privacy. Furthermore, in relation to the general use of "cookies” and their deactivation, the website administrator refers to the general description of the present Privacy policy.


Rights of the user

Each user has the right, upon request, to receive, free of charge, information about his/her personal data being stored. Each user has the right of correction of wrong personal data as well as of limitation of the processing or deletion of his/her personal data. If applicable, users are also entitled to data portability. If a user believes that his/her personal data is processed unlawfully, he/she has the right to file a complaint with the competent supervisory authority.

Data deletion

As far as the wish of the users does not contradict to a given legislative requirement for data retention, they have the right of deletion of their personal data. The data stored by the website administrator is deleted when it is no more required for the intended purposes and when it is does not have to meet the requirements of the time-frames for data retention determined by law. If the deletion cannot be performed, because the data is required for legal purposes, the limitation for data processing is applied. In such case, the data is blocked and is not processed for any other purposes.

Right for objection

The users of this web site can exercise their right for objection and can object, at any time, against the processing of their personal data.

If the users require correction, blocking, deletion or information about the storage of their personal data or they have questions about the collection or processing of their personal data, or wish to withdraw consents they gave, they can use the following email address for contact: dataprotection@onsites.com

Institution responsible for personal data protection

The Institution responsible for personal data protection of this website is
ONSITES Group LTD
Business Center
“Bee Garden”, 3. Etage, Office 30
9000 Varna
Bulgaria
Telefon: +359 89 622 86 20
E-Mail: gdpr(at)onsites.com
CEO: Dr. Mathias Kunze