Data Security

Data Protection Declaration

We take the protection of your personal data seriously and for this reason, we process the personal data collected whenever you visit our website in accordance with the requirements of the EU General Data Protection Regulation (GDPR) and the data protection provisions of the Federal Republic of Germany.
If, via the linked e-mail address on one of our Internet pages, you provide us with personal data such as your name, e-mail address, telephone number or address, we will process this data in accordance with the requirements of data protection provisions. Your data will not be used for any other purpose or otherwise transferred to third parties outside the oraise Group.

Collection and processing of personal data

In general, you can visit oraise Group websites without our needing to obtain extensive personal data from you. We collect, process and use your data only to the extent permitted by law; in particular, to enable you to use our website and the services offered there or insofar as you have consented to the use of your data.

Whenever you visit our websites, our web servers store the IP address assigned to you by your Internet service provider, the website from which you visit us, the websites you visit, and the date and duration of your visit. The processing of this data is for the purposes of optimizing and technical administration of our websites, i.e. based on a legitimate interest in accordance with Art. 6 para. 1 lit. f) GDPR. The transfer of personal data initiated by you, for example, via a contact form on our website or in an e-mail, constitutes your consent to the processing of your personal data pursuant to Art. 6 para. 1 lit. a) GDPR. You may revoke your consent to the processing of personal data at any time by sending an e-mail to datenschutz@oraise.com. This also applies to revocation of any declarations of consent issued to us prior to the entry into force of the Basic Data Protection Regulation, i.e. before 25 May 2018. Please note that this revocation is only operative for the future. The lawfulness of the processing carried out prior to the revocation would not be affected. For the purposes of technical administration and optimization of our websites, we store the following data obtained from access / FTP logs:

  • IP address
  • Date
  • Time of day
  • Time zone
  • Command
  • Destination (file)

Personal data is processed on the basis of a legitimate interest pursuant to Art. 6 para. 1 lit. f) GDPR.
This data is stored for up to 30 days from the date of data collection. The IP addresses contained in it are anonymized after seven days, however.

Use and disclosure of personal data and earmarking

The oraise Group uses your personal data only for the purpose of technical administration of the website and to the extent required. All other personal data transmitted to or collected by the oraise Group will be collected, processed and used in accordance with the applicable laws and regulations only for the purposes of processing your request and for safeguarding our own legitimate interests with regard to the provision of advice and support to our customers and to other interested parties. Insofar as there are no statutory provisions to the contrary, such as those imposing data retention requirements, your data will only be processed for as long as it takes to process the relevant request. Your personal data will only be transferred to the departments that have need of it in order to process your request, which this may also necessitate your data being transmitted to our group company in Switzerland. Switzerland has an adequate level of data protection, as has been confirmed in a formal decision of the European Commission (2000/518/EC). Your personal data may also be disclosed if mandatory national legislation requires it to be transferred to a government institution or agency.

Data security

The oraise Group takes technical and organizational security measures to protect data from accidental or intentional manipulation, loss, destruction or access by unauthorised persons. Our security measures are continuously improved in line with technological developments. Incidentally, our employees are subject to an obligation to maintain the confidentiality of all personal data.

Facebook link

This website contains links to the oraise page on the social media platform Facebook.com (for Europe: Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland; for the USA: Facebook Inc., 1601 Willow Road, Menlo Park, CA 94025, USA).

By clicking on the Facebook links, you can access the oraise page on Facebook and will be prompted by Facebook to log in. Users already logged into Facebook will already have logged-in status at the oraise page on Facebook. Due to the use of this browser mechanism, Facebook will be able to associate your visit to our website with your personal user account. We would expressly point out that, as the provider of this website, we have no knowledge of the functioning or content of the data transmitted or its use by Facebook. For more information on Facebook data protection, please visit: https://de-de.facebook.com/policy.php.

User data or IP addresses are not transmitted to this website through Facebook, but rather through a user-side web browser mechanism. Please take note of the options available in your web browser.

In order to prevent a data allocation being carried out by Facebook between the visit by you to our website and your user account, you must log out of your Facebook account before using a corresponding link.

LinkedIN links

This website contains links to the oraise page or to the pages of oraise employees on the platform of the social media provider LinkedIN (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland).

Clicking on the LinkedIN links will take you to an oraise page or the page of an oraise employee on LinkedIN and you will then be asked to login by LinkedIN. Users already logged into LinkedIN will already have logged-in status on oraise pages on LinkedIN. Due to the use of this browser mechanism, LinkedIN will be able to create a data allocation between your visit to our website and your personal user account. We would expressly point out that, as the provider of this website, we have no knowledge of the functioning or content of the data transmitted or its use by LinkedIN. For more information on LinkedIN data protection, please visit: https://www.linkedin.com/legal/privacy-policy.

User data or IP addresses are not transmitted to this website through LinkedIN, but rather through a user-side web browser mechanism. Please take note of the options available in your web browser.

In order to prevent a data allocation being carried out by LinkedIN between the visit by you to our website and your user account, you must log out of your LinkedIN account before using a corresponding link.

XING Links

This website contains links to the oraise page or to the pages of oraise employees on the platform of the social media provider XING (XING SE, Dammtorstrasse 30, 20354 Hamburg).

Clicking on the XING links will take you to an oraise page or the page of an oraise employee on XING and you will then be asked to login by XING. Users already logged into XING will already have logged-in status on oraise pages on XING. Due to the use of this browser mechanism, XING will be able to associate your visit to our website with your personal user account. We would expressly point out that as the provider of this website, we have received no knowledge of the functioning or content of the data transmitted or its use by XING. For more information on XING data protection, please visit: https://privacy.xing.com/de/datenschutzerklaerung.

User data or IP addresses are not transmitted to this website through XING, but rather through a user-side web browser mechanism. Please take note of the options available in your web browser.

In order to prevent a data allocation being carried out by XING between the visit by you to our website and your user account, you must log out of your XING account before using a corresponding link.

Cookies

The website uses so-called “cookies”. These are text files saved on the website visitor’s computer. They are used to optimize the website and also to make it more user-friendly and effective.
For this purpose, we use session cookies, for example. These store what is known as a session ID, which is used to assign requests from your browser to the common session. This enables your browser to be recognized whenever you return to the site. Session cookies are deleted as soon as you close the browser. In addition, we use cookies that store specific preferences so that they will be available to you next time you visit the site.

Right to object to the use of cookies

You can prevent the installation of cookies by preventing cookies from being set in your browser by configuring your browser software accordingly. Please refer to the relevant programme help functionality to find out how to set this up in your browser. We point out, however, that you may not be able to use all the features of this website in this case.

The protection of your personal data is very important to us. We process your personal data exclusively on the basis of legal provisions. In the following passages, we will inform you in accordance with Art.13 and 14 of the GDPR about the processing of your personal data by oraise GmbH, oraise GmbH & Co. KG and oraise Schweiz AG, and the rights and claims granted to you under data protection law.

Who is responsible for data processing and who is your data protection officer?

The responsible party for data processing is your business or contractual partner or, in the context of a contractual negotiation, your potential business or contractual partner:

oraise GmbH
Mary-Somerville-Straße 10
28359 Bremen

oraise Beteiligungs- und Verwaltungs GmbH & Co. KG
Mary-Somerville-Straße 10
28359 Bremen

oraise Schweiz AG
Chaltenbodenstraße 16
CH-8834 Schindellegi SWITZERLAND

Our Data Protection Officers can be reached via the contact details below.

Data protection officers
c/o oraise GmbH
Mary-Somerville-Straße 10
28359 Bremen
E-Mail: datenschutz@oraise.com

Which data categories do we use as a (potential) contractual partner and where do they come from?

Processed personal data categories include in particular your master data (such as first name, last name, titles and suffixes), contact details (such as business address, business (mobile) telephone number, business e-mail address), data related to your work within your company or associated with your capacity as a potential contractual partner (such as position and division), the log data resulting from the use of IT systems, as well as other data from the contractual relationship or negotiation. As a rule, your personal data is collected directly from you within the framework of the contractual negotiation or during the execution of the contractual relationship. We may also have received data from third parties (such as distributors). In addition, we process personal information that we have legitimately gained from publicly available sources (such as corporate web pages).

For what purposes and on what legal basis is data processed?

We process your personal data in compliance with the provisions of the EU General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and all other applicable legislation. Data processing primarily serves to initiate a business or contractual relationship. The primary legal basis for this is Art. 6 (1b) GDPR. In addition, your express consent pursuant to Art. 6 (1a) 7 GDPR can be used as a data protection permission requirement. We also process your data in order to fulfil the obligations to which we are legally bound (such as reporting obligations vis-à-vis tax authorities). This is carried out on the basis of Art. 6 (1c) GDPR. In addition, we process your personal data for the purpose of advertising our product and service offerings in order to protect our legitimate interests. This includes, for example, targeted contact with you to address new services and products or invitations to various events at which we would like to inform you about our range of services. The legal basis for this is Art. 6 (1f) GDPR. If necessary, we also process your data to protect the legitimate interests of ourselves or third parties (such as government agencies). Processing is carried out on the basis of Art. 6 (1f) GDPR. This applies in particular to the investigation of criminal offences (legal basis § 24 1 (1), 2nd alternative BDSG), the assertion, exercise or defence of civil law claims (legal basis § 24 1 (2) BDSG) or internal communication and other administrative purposes. If we wish to process your personal data for a purpose not mentioned above, we will inform you in advance.

Who has access to your data?

Within our corporate group, your personal data will only be accessed by individuals and entities (such as departments) who require it in order to fulfil our contractual and regulatory obligations.

Which data protection rights can you assert as a data subject?

You can request information concerning the data stored about you at the above-mentioned address. Under certain circumstances, you may also request for your data to be rectified or deleted. You may continue to have the right to restrict the processing of your data and to disclose the data you provide in a structured, conventional and machine-readable format.

Right of objection

You have the right to object to the processing of your personal data for direct marketing purposes without giving reasons. If we process your data in order to protect legitimate interests, you can object to this processing for reasons relating to your particular situation. We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is intended to assert, exercise or defend legal claims.

Where can complaints be addressed to?

You have the option of submitting a complaint to the above-mentioned data protection officers or to a data protection authority. The data protection supervisory authority responsible for us is:

State Commissioner for Data Protection and Freedom of Information
Arndtstraße 1
27570 Bremerhaven

How long will your data be stored for?

We will delete your personal data as soon as it is no longer necessary for the above-mentioned purposes. After termination of the pre-contractual measures or after the performance of the contract, your personal data will be stored for as long as we are legally obliged to do so. This is usually the result of legal requirements of providing evidence and retention, which are laid down inter alia in the Commercial Code. Retention periods are thereafter up to ten years. In addition, personal data may be retained for the period in which claims can be asserted against us (statutory limitation period of three or up to thirty years).

Is your data transmitted to a third country?

Transmissions from us to recipients in so-called third countries, i.e. countries outside the European Union (EU), are only made by us to our affiliate based in Switzerland. The basis for data transmission to Switzerland (Article 45 (1), 9, Article 46 (1) GDPR) is a formal arrangement by the European Commission (200/518/EC).

Are you required to provide your data?

You are not legally required to provide your personal data as part of the pre-contractual relationship or contractual performance.

Information about your personal data and right of access

The following companies are responsible for the data processing carried out on this web site:

oraise GmbH
Mary-Somerville-Straße 10
28359 Bremen

oraise Beteiligungs- und Verwaltungs GmbH & Co. KG
Mary-Somerville-Straße 10
28359 Bremen

oraise Schweiz AG
Chaltenbodenstraße 16
CH-8834 Schindellegi SZ

In accordance with data protection provisions, oraise GmbH has appointed a Data Protection Officer. If you have any questions about the processing of your personal data, you can contact them directly by e-mail: datenschutz@oraise.com or

Data Protection Officer
c/o oraise GmbH
Mary-Somerville-Straße 10
28359 Bremen

On request, in accordance with the applicable data protection law, we will inform you whether any of your personal data has been stored with us. In addition, you have a right to rectification, deletion, restriction of the data processing and also the right to data portability.
If you believe that your data will not be processed properly, you have a right of appeal to the relevant regulatory authority. Please direct your complaint to:

The State Commissioner for Data Protection and Freedom of Information (Landesbeauftragte für Datenschutz und Informationsfreiheit)
Arndtstrasse 1
27570 Bremerhaven

Right to object

You also have the right at any time, for reasons that arise from your particular situation, to submit an objection to the processing of personal data relating to you, as carried out pursuant to Article 6 para. 1 lit. g) GDPR (data processing in the public interest) or Art. 6 para. 1 lit. f) GDPR (data processing to safeguard the legitimate interests of the person in charge).
This objection need not be in any particular form and should be directed as far as possible to:

The Data Protection Officer
c/o oraise GmbH
Mary-Somerville-Straße 10
28359 Bremen

If you have submitted an objection, we will stop processing your personal data unless we can demonstrate compelling legitimate grounds for processing it that outweigh your interests, rights and freedoms, or if the processing is for the purpose of enforcing, pursuing or defending legal claims.