0. Introduction
Protecting your personal data is our highest priority. This document explains, in clear language, what data we collect, how we use it, how long we store it and which rights you have. The legal basis is, in particular, the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and the German Telecommunications‑Telemedia Data Protection Act (TTDSG).
1. Controller and contact
The controller responsible for this website is Petschow & Thiel GmbH, An der Frauenkirche 12, 01067 Dresden, Germany. You can reach us by phone at +49 351 482 89 30 or by e‑mail at dresden@ptai.eu. For all data‑protection matters, you may also contact our Data Protection Officer at datenschutz@ptai.eu.
2. Principles of our data processing
We process personal data only to the extent that is truly necessary. We strictly adhere to the purposes stated in this policy. Once the respective purpose has been achieved and no statutory retention obligations remain, we delete or anonymise the data. Modern technical and organisational security measures protect all information against loss, misuse and unauthorised access.
3. Data processing when you visit our website
3.1 Server log files
When you access our website, your browser automatically sends certain information to our hosting provider. This includes the IP address of your device, the date and time of access, the specific page requested, the amount of data transferred, the type and version of your browser, the operating system and the address of the page you visited before. We need this data to establish the connection, ensure system security and analyse possible errors. The legal basis is our legitimate interest according to Art. 6 (1) f GDPR. The log data are automatically deleted or anonymised no later than seven days after collection.
3.2 Hosting
Our website is hosted on servers operated by a German or other European service provider. A data‑processing agreement pursuant to Art. 28 GDPR ensures that the same data‑protection standards apply there as with us.
4. Cookies and similar technologies
Our website uses cookies, i.e. small text files stored on your device. Technically necessary cookies make sure that fundamental functions such as navigation or your cookie settings work reliably; they may be set without your consent because they are indispensable for operating the site (§ 25 (2) TTDSG). We use functional, analytics and marketing cookies only if you give us your explicit consent in the consent banner (§ 25 (1) TTDSG in conjunction with Art. 6 (1) a GDPR). On your first visit you can decide whether to allow only essential cookies, select individual categories or reject all optional cookies. You can change your decision at any time with effect for the future in the cookie settings. If you withdraw your consent, optional cookies will no longer be set and – where technically possible – will be deleted.
5. Embedded services and third‑party content
Certain functions of our website rely on services provided by external providers. These services become active only after you have consented to them in the consent banner.
Font Awesome provides icons that unify the design of our website. The provider is Fonticons Inc. in the USA. When a page is accessed, your IP address is transmitted to a US server. Fonticons is currently not certified under the Data Privacy Framework; therefore we use standard contractual clauses. If you do not consent, we load icons locally or use system symbols.
Should we integrate further services such as Google Analytics, YouTube or Google Maps in the future, we will inform you here about their purpose, scope of data processing, legal bases and any data transfers to third countries.
6. Contact via e‑mail or telephone
If you contact us, we store the information you provide – for example your name, e‑mail address and the content of your message – solely to process your enquiry. If the enquiry relates to an existing or future contract, the processing is based on Art. 6 (1) b GDPR. For general enquiries we rely on our legitimate interest in efficient communication pursuant to Art. 6 (1) f GDPR. Your data are deleted once the conversation is complete and no statutory retention periods apply.
7. Applications via e‑mail
If you apply for a position with us, we use your documents only to decide whether to establish an employment or internship relationship. The legal bases are § 26 BDSG and Art. 6 (1) b GDPR. If we do not hire you, we delete your data no later than six months after completion of the procedure, in order to defend possible claims under the German General Equal Treatment Act. We store data for a longer period only if you expressly consent, for example to join our talent pool. We recommend sending applications in encrypted form; on request we can provide a secure upload link.
8. International data transfers
We transfer personal data to countries outside the European Economic Area only if an adequacy decision by the EU Commission exists – for example under the EU‑US Data Privacy Framework – or if we have concluded the EU standard contractual clauses with the recipient and carried out a transfer impact assessment. In exceptional cases, your explicit consent may serve as a legal basis.
9. Your rights
You have the right to obtain information about the personal data we store about you and the purposes for which we process them at any time. If data are inaccurate or incomplete, you may request rectification. Under the conditions of Art. 17 GDPR you may also request deletion of your data. In certain situations you may have the processing restricted or request that we provide your data in a machine‑readable format. If we rely on legitimate interests, you have the right to object to this processing. You can withdraw any consent you have given with effect for the future at any time. Finally, you have the right to lodge a complaint with a data‑protection supervisory authority if you believe that we are processing your data unlawfully.
10. Data security
We protect your data using a combination of technical and organisational measures. These include end‑to‑end SSL/TLS encryption of our website, modern firewall and intrusion‑detection systems, strictly regulated access rights, regular data backups and training for our employees. Our security measures correspond to the state of the art and are continuously improved.
11. Changes to this privacy policy
Legal requirements, technical developments or new services may make it necessary to amend this privacy policy. The current version is always available on our website.