Regardless of whether you are a client, a project partner, a person interested in our programmes, a job applicant or a visitor to our website, we, sequa gGmbH (hereinafter referred to as “sequa” or “we”) take the protection of your personal data very serious, but what does that actually mean?
The information below will enable you to gain an insight into which personal data we collect from you and in which form we process them. In addition, you will gain an overview of the rights which you are entitled to under the applicable data protection legislation. We also inform you whom to contact if you have any further questions.
Who are we?
sequa is a development organisation operating worldwide. We support the development of the private sector and its business membership organisations as well as the qualification of skilled employees and managers. Our programmes and projects are financed by public and private funding and follow the principles of the social market economy.
sequa is a non-profit company whose shareholders are Germany`s top business membership organisations (BDA, BDI, DIHK, ZDH) and Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH.
sequa`s aim is to sustainably improve the living and working conditions of as many people as possible. We know that this can only be realised in collaboration with domestic and international partners. Our most important project partners are chambers, associations, educational institutions and private companies.
As the responsible party within the meaning of the applicable data protection legislation we
Tel.: +49 (0) 228 98238 - 0
Fax: +49 (0) 228 98238 - 19
take all measures required under applicable data protection legislation to ensure the protection of your personal data.
For all questions relating to this Privacy Statement we kindly ask you to contact our data protection officer:
Data Protection Officer
Tel.: +49 (0) 228 98238 - 38
2. Scope of Application of the Privacy Statement A
The legislator defines the processing of personal data as activities such as the collection, recording, organisation, ordering, storage, adjustment or alteration, reading, retrieval, usage, disclosure by transfer, distribution or any other form of provision, comparison or linking, restriction, deletion or destruction of personal data. Personal data is all information relating to an identified or identifiable natural person.
This Privacy Statement deals with the personal data of clients, project partners, interested parties, job applicants or visitors. This Privacy Statement applies to both our website www.sequa.de and our project websites, such as www.importpromotiondesk.de and www.tameb.org.
3. Which personal data do we process?
Your personal data is collected by us when you visit any of our websites or establish any contact with us as e.g. a client, project partner, interested party or job applicant. This can occur for instance if you are interested in our projects, contact us via our communication channels, or if and when you use our products or services in the course of existing business relationships.
The following types of personal data are processed by us:
- Data generated by your access of the website (“server logfiles“) and online behaviour, e.g. IP addresses, user names, data on your visits to our website(s), the actions taken on our websites, the browser used, the operating system used, the time and location of access, the link from which you accessed the website, quantity of data sent
- Details of your personal identity (if you have informed us about these), e.g. first and last name, address details, e-mail address, telephone number, fax number
- Information on your interests and wishes (if you have informed us of these), e.g. via our contact form or other communication channels
- Information on the career progression of job applicants and experts (if you have informed us of these), e.g. professional training, previous employers, other qualifications, language skills, project experience
and other information comparable with these data categories.
3.1 Sensitive data
We do not collect any sensitive data, i.e. special categories of personal information such as details of religious or trade union affiliations by this method.
3.2 Personal data of underage persons
We do not collect any personal data of/about children or underage persons (with the exception of access data in server logfiles in which we cannot verify age).
3.3 Data Processing on our Website
Cookies are files stored on your computer by our website when you call up the site. These files contain information making your use of this website more efficient.
Most of the cookies we use are so-called “session cookies” which will be deleted, automatically, at the end of your visit. Other cookies remain stored on your device until you delete them. You can adjust your browser settings so that you are informed when cookies are created and only allow cookies in individual cases, exclude acceptance of cookies in certain cases or in general, and activate the automatic deletion of cookies when you close your browser. If you deactivate the storage of cookies the functionality of this website may be impaired.
As an open source web analytics service, we use Matomo (formerly: Piwik) to analyse usage behaviour on our website. The usage information created by the cookie (including the shortened IP address of the user) will be transferred to our servers and stored there for usage analysis purposes. We use the usage analysis to optimise our own websites, and the way we address our clients and other advertising measures. The IP address of the user is shortened in this process before storage so that the identification of the user via the IP address is no longer possible.
The information created by the cookie about your use of this website will not be transferred to any third parties.
If you do not agree to the storage and analysis of this data from your visit, you can object to the storage and use at any time by a click of the mouse below. In this case, a so-called opt-out cookie will be stored on your browser which has the effect that Matomo does not collect any session data. Please note: if you delete all your cookies this has the result that the opt-out cookie will also be deleted and you will need to reactivate it.
YouTube with enhanced data protection mode
For the incorporation of videos our website uses the provider YouTube LLC, 901 Cherry Avenue, San Bruno, CA 94066, USA, represented by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Usually, your IP address will be sent to YouTube as soon as you call up a website with embedded videos, and cookies will be installed on your computer. This means that YouTube no longer stores any information on the visitors unless they watch the video. If you click on the video your IP address will be sent to YouTube and YouTube will be aware that you have watched the video. If you are logged in to YouTube this information will also be allocated to your user account (you can prevent this by logging out of YouTube before calling up the video).
Google Web Fonts
For the homogenous display of fonts, this website uses so-called web fonts that are provided by Google. On retrieving a website your browser downloads the necessary web fonts to your browser cache in order to correctly display texts and fonts.
For this purpose your browser has to establish a direct connection to Google servers. Google thus becomes aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and attractive presentation of our website. This constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR.
Google Maps (with consent)
Our website uses the Google Maps map service via an API. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To ensure privacy on our website, Google Maps is disabled when you first enter our site. A direct connection to Google servers will be established only when you activate Google Maps yourself (this represents your consent pursuant to Art. 6 (1) (a) GDPR). This process helps to prevent that your data is already transferred to Google when you visit our website.
After activation of Google Maps, your IP-address will be saved. This information will be transmitted to a Google server usually located in the USA and stored there. The provider of this site has after your activiation no influence on this data transfer.
Further information about handling user data, can be found in the data protection declaration of Google at https://www.google.de/intl/de/policies/privacy/.
In context with its projects, sequa offers information on so-called Facebook fanpages, using the technical platform and services of Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland.
We would like to inform you that you are using these Facebook fanpages and their functions on your own responsibility. This applies in particular for the use of interactive features (e.g., commenting, sharing, rating). When visiting our Facebook fanpages, Facebook collects (among other things) your IP address and other information that exists by cookies on your PC. This information is used to provide us as the operator of the Facebook fanpages statistical information on the use of the pages. For more information, please contact Facebook at the following link: http://en-us.facebook.com/help/pages/insights.
The personal information you provide in this context is processed by Facebook Ltd. and can be transferred to countries outside the European Union. What information Facebook receives and how it is used is described by Facebook in general terms within its data usage policies. You will also find contact information for responsible Facebook staff as well as advertisement and privacy setting options. The data usage guidelines are available at the following link: https://en-us.facebook.com/about/privacy#. The complete Facebook data policy can be found here: https://en-us.facebook.com/full_data_use_policy.
In which way Facebook uses the data from your visit of Facebook pages for its own purposes, to what extent activities on the Facebook fanpages will be assigned to individual users, how long Facebook stores these data and whether data from a visit to the Facebook page is passed on to third parties is not conclusively known and clearly spelled out by Facebook and is not known to us. When accessing a Facebook fanpage, the IP address assigned to your device will be transmitted to Facebook. According to information provided by Facebook, this IP address is anonymised (for "German" IP addresses) and deleted after 90 days. Facebook also stores information about its users' devices (e.g., as part of the "logon notification" feature). Possibly an assignment of IP addresses to individual users is therefore still feasible for Facebook.
Should you currently be logged in to Facebook as a user, you will find a cookie with your Facebook ID on your device. As a result, Facebook is able to track your visit to the fanpage and how you used it. This also applies to all other Facebook pages. Via Facebook buttons embedded in web pages, Facebook is able to record your visits to these web pages and assign them to your Facebook profile. Based on this data, content or advertising can be offered tailored to you. If you want to avoid this, you should log out of your Facebook account or deactivate the function “stay logged in”, delete the existing cookies on your device, and restart your browser. This will delete all Facebook information that can be used to identify you directly. This allows you to use our Facebook page without revealing your Facebook ID. When you access the fanpages' interactive features (like, comment, share, news, etc.), a Facebook login screen will appear. After logging in, you will be recognizable to Facebook again as a specific user. For information on how to manage or delete existing information about you, visit the following Facebook support pages: https://en-us.facebook.com/about/privacy#
The fanpages offer you the opportunity to respond to our posts, to comment on them, to make your own contribution and to send us private messages with personal concerns. The data provided by you in this context (eg. Facebook username, pictures, interests, contact details) are at times accessible for us and will be used exclusively for the purpose of communication on the basis of a predominantly legitimate interest (Article 6 (1) (f) GDPR). Our interest lies in providing you with a platform for information about our projects. Your data will, as far as we can, be deleted when the fanpage is finally taken off.
4. For which purpose do we process your persona data – and on what legal basis?
4.1 Contractual performance (Article 6 (1) (b) GDPR)
We process your personal data to be able to execute our contracts. This also applies to details you provide to us in the course of pre-contractual correspondence. The actual purposes of the data processing depend upon the relevant circumstances of the specific undertaking.
Initiation or implementation of contractual relations
For the initiation or implementation of contractual relations we need your name, your address, your telephone number or your e-mail address so that we can contact you.
If you send us an enquiry via a contact form your details from this enquiry form, including the contact details given by you on this form, are used to deal with the enquiry and stored by us in case of follow-up queries. We do transfer this data to any third parties without your consent.
Through the initiation or implementation of mobility programmes we need your name, your address, your telephone number and your e-mail address in order to be able to contact you. In the case of a positive funding decision we need additional information from you about your person (e.g. date and place of birth), your bank details and details of your schedule abroad. The data you provide to us will be stored by us for the purposes of implementing the mobility funding programme and only transferred to our partners in the mobility programme (e.g. chambers for crafts and vocational colleges) with your permission. We will not use your applicant information for any other purposes than for implementing the mobility programmes.
4.2 According to balancing of interests: to ensure your security and improve the reliability of our web applications (Article 6 (1) (f) GDPR)
Measures that serve your security
We use your personal data for cases including the following:
- In order to protect you or your enterprise from fraudulent activities, we analyse your data. This can occur, for instance if you are the victim of identity theft or if unauthorised persons gain access to your user account in some other way;
- In order to improve the reliability of our web applications, our IT support sector will closely collaborate with you in the case of technical problems. In this connection, we also analyse reports of website accesses, actions carried out, etc.;
- In order to be able to ensure IT security;
- In the case of possible legal disputes, to record facts and provide proof.
4.3 On the basis of your consent (Article 6 (1) (a) GDPR)
If you have agreed to the processing of your personal data for one or more specified reasons, then the processing of your personal data by us is permissible. You can withdraw this consent with effect for the future at any time without incurring any costs other than the transmission costs in line with basic tariffs (costs of your Internet connection). The withdrawal of your consent does not however affect the legality of processing carried out up until the withdrawal of consent.
4.4 On the basis of statutory provisions or in the public interest (Article 6 (1) (c) GDPR)
As a company, we are subject to various statutory requirements (e.g. under taxation legislation). In order to comply with our statutory obligations, we process your personal data to the extent legally required and permitted and may be required to retain this data.
5. Where we transfer your Data to and Why
5.1 Data utilisation within sequa
Within sequa only those employees who need access to your personal data to fulfil our contractual or legal duties or to protect our legitimate interests have access to your data.
5.2 Data utilisation outside sequa
We respect the protection of your personal data and only transfer information about you when this is required by any legal provisions, if you have given your consent, or for the fulfilment of our contractual obligations.
For instance in the case of the following recipients there may be a legal obligation to transfer your personal details:
- Public offices or supervisory authorities, e.g. tax authorities, customs authorities, external audit offices of ministries or public authorities;
- Judicial or criminal investigation authorities, e.g. police, courts, office of the public prosecutor;
- Lawyers or notaries, e.g. in legal disputes;
In order to be able to fulfil our contractual obligations we cooperate with other companies. These include:
- Postal and transport service providers;
- Event organisers and training providers if you have registered through us for certain exhibitions or events;
- Banks and financial service providers for the settlement of all financial matters;
- Partners in mobility programmes (e.g. chambers for crafts or vocational colleges) which implement projects
Own service providers
In order to enable us to organise our business efficiently we use the services of external service providers who may receive personal data relating to you to fulfil the described purposes, including IT service providers, printing and telecommunications services, collection and consultation firms and file deletion and archiving service providers.
Important: We look after your personal data carefully!
In order to ensure that the same legal data protection standards apply to our service providers as in our own enterprise we have concluded corresponding contracts for order processing. Among other things, these contracts provide
- that third parties only gain access to data which they need to complete the tasks assigned to them;
- that at the service providers only employees who are explicitly obliged to comply with data protection law provisions have access to your data;
- that at the service providers technical and organisational measures are maintained which ensure data security and data protection;
- for what happens to your data when the contractual relationship between the service provider and us ends.
In the case of service providers who have their registered headquarters outside the European Economic Area (EEA), we take specific security measures (e.g. through use of specific contractual clauses) to ensure that the data is/are handled with the same level of care as within the EEA. We check all our service providers regularly for compliance with these provisions.
Very important: Under no circumstances do we sell/lease your personal data to third parties!
6. Are you obliged to provide us personal data?
In the context of the business relationship between you and sequa we require from you the following categories of personal data:
- all necessary information for the commencement, implementation and ending of a business relationship;
- data which is required to fulfil contractual obligations;
- data which we are legally obliged to collect.
Without this data, it is not possible for us to enter into or implement contracts with you.
7. Deletion Periods
In accordance with the applicable data protection regulations we store your personal data for no longer than we need to fulfil the purposes of the relevant processing. When data is required no longer for the fulfilment of contractual or statutory duties, we will delete such data, unless it has to be retained for a continuing retention period. Continued retention may be required for the following reasons:
- Retention duties according to the commercial an/or taxation law: the overriding retention periods under the provisions of the German Commercial Code (HGB) and the German Tax Code (AO) are up to 10 years.
- For the preservation of evidence in the case of legal disputes within the scope of statutory provisions on the expiry of claims: expiry periods can be up to 30 years in civil law, although claims generally expire after three years after perusal.
- For the proof of proper use of subsidies within the scope of the Federal Budget Code (BHO) and the General Ancillary Provisions for Subsidies for Project Sponsorship (ANBestP) the retention duties are generally five years after submission of the proof of usage, provided a longer retention period is not required under taxation law or any other legal provisions.
8. Your Rights
Within the context of the processing of your personal data you have certain rights. For more detailed information please refer to the relevant provisions of the EU General Data Protection Regulation (Articles 15 to 21).
8.1 Right to notification and rectification
You have the right to receive notification from us about which of your personal data we are processing. Should this information not be correct (any longer), you have the right to demand us to rectify the relevant data, in the case of incomplete details to delete such data. If we have transferred data to any third parties we will inform the third parties concerned if so required by legal provisions.
8.2 Right to deletion
You have the right to demand the immediate deletion of your personal data under the following circumstances:
- If your data is no longer needed for the purpose for which it was collected;
- If you have withdrawn your consent to the processing and there is no other legal basis for processing the data;
- If you object to the processing and there are no overriding legitimate reasons for the data processing;
- If your data is being processed unlawfully;
- If your data must be deleted to fulfil statutory duties.
Please note that we must check before deleting your data whether there is any legitimate reason for continuing to process your personal data.
8.3 Right to restriction of processing (“Right to have data blocked”)
For any of the following reasons you have the right demand us to restrict the processing of your personal data:
- If you challenge the accuracy of the data, until we have had the opportunity to check the accuracy of the data;
- If the data is being unlawfully processed, but instead of deletion you demand only restriction on the use of the personal data;
- If we no longer require the personal data for the purposes of processing, but you still require this for the assertion, exercise or defence of legal claims;
- If you have filed an objection to the processing and it is not yet established whether your legitimate interests outweigh ours.
8.4 Right to object
Right to object on a case-by-case basis
If the processing is in the public interest or is done as a result after balancing the mutual interests you have the right, for reasons deriving from your specific situation, to lodge an objection against the processing. Upon the successful lodging of an objection we will no longer process your personal data unless we can prove urgent grounds worthy of protection for processing your data which outweigh your interests, rights and freedoms, or because your personal data serves the assertion, exercise or defence of legal claims. The objection does not affect the legality of the processing done up to the lodging of the objection.
In case your personal data is used for advertising purposes, you have the right to lodge an objection against this form of processing, at any time. We will then no longer process your personal data for these purposes.
The objection can be made without form restrictions and should be addressed to:
Data Protection Officer
Tel.: +49 (0) 228 98238 - 38
8.5 Right to transferability of data
Upon request, you have the right to receive such personal data you have submitted to us for processing in a transferable and machine-readable format.
8.6 Right to lodge a complaint with a supervisory authority (Article 77 GDPR)
We always try to process your enquiries and requests as quickly as possible in order to respect your rights appropriately, however, depending on the frequency of requests it may be that up to 30 days elapse before we are in the position to give you further information on your enquiry. Should it take longer than this we will notify you quickly about the reasons for the delay and discuss the further proceedings with you.
In some cases, we do not have the permission to or we may be prevented from giving you any information. If legally permissible, we will inform you about the rationale for refusing information.
If you are still not satisfied with our responses and reactions or you are of the opinion that we are in violation of applicable data protection legislation, then you are free to lodge a complaint with both our data protection officer and the responsible supervisory authority. The supervisory authority having jurisdiction in our case is the Data Protection Commissioner for North Rhine-Westphalia: Landesbeauftragter für Datenschutz und Informationsfreiheit Nordrhein-Westphalen (LDI NRW).