Regardless of whether you are a client, a project partner, a person interested in our programmes, a job applicant or a visitor to our website, we, sequa gGmbH (hereinafter referred to as “sequa” or “we”) take the protection of your personal data very serious, but what does that actually mean?
The information below will enable you to gain an insight into which personal data we collect from you and in which form we process them. In addition, you will gain an overview of the rights which you are entitled to under the applicable data protection legislation. We also inform you whom to contact if you have any further questions.
Who are we?
sequa is a development organisation operating worldwide. We support the development of the private sector and its business membership organisations as well as the qualification of skilled employees and managers. Our programmes and projects are financed by public and private funding and follow the principles of the social market economy.
sequa is a non-profit company whose shareholders are Germany`s top business membership organisations (BDA, BDI, DIHK, ZDH) and Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH.
sequa`s aim is to sustainably improve the living and working conditions of as many people as possible. We know that this can only be realised in collaboration with domestic and international partners. Our most important project partners are chambers, associations, educational institutions and private companies.
As the responsible party within the meaning of the applicable data protection legislation we
Tel.: +49 (0) 228 98238 - 0
Fax: +49 (0) 228 98238 - 19
take all measures required under applicable data protection legislation to ensure the protection of your personal data.
For all questions relating to this Privacy Statement we kindly ask you to contact our data protection officer:
Data Protection Officer
Tel.: +49 (0) 228 98238 - 38
2. Scope of Application of the Privacy Statement A
The legislator defines the processing of personal data as activities such as the collection, recording, organisation, ordering, storage, adjustment or alteration, reading, retrieval, usage, disclosure by transfer, distribution or any other form of provision, comparison or linking, restriction, deletion or destruction of personal data. Personal data is all information relating to an identified or identifiable natural person.
This Privacy Statement deals with the personal data of clients, project partners, interested parties, job applicants or visitors. This Privacy Statement applies to both our website www.sequa.de and our project websites, such as www.importpromotiondesk.de and www.tameb.org.
3. Which personal data do we process?
Your personal data is collected by us when you visit any of our websites or establish any contact with us as e.g. a client, project partner, interested party or job applicant. This can occur for instance if you are interested in our projects, contact us via our communication channels, or if and when you use our products or services in the course of existing business relationships.
The following types of personal data are processed by us:
- Data generated by your access of the website (“server logfiles“) and online behaviour, e.g. IP addresses, user names, data on your visits to our website(s), the actions taken on our websites, the browser used, the operating system used, the time and location of access, the link from which you accessed the website, quantity of data sent
- Details of your personal identity (if you have informed us about these), e.g. first and last name, address details, e-mail address, telephone number, fax number
- Information on your interests and wishes (if you have informed us of these), e.g. via our contact form or other communication channels
- Information on the career progression of job applicants and experts (if you have informed us of these), e.g. professional training, previous employers, other qualifications, language skills, project experience
and other information comparable with these data categories.
3.1 Sensitive data
We do not collect any sensitive data, i.e. special categories of personal information such as details of religious or trade union affiliations by this method.
3.2 Personal data of underage persons
We do not collect any personal data of/about children or underage persons (with the exception of access data in server logfiles in which we cannot verify age).
3.3 Data Processing on our Website
Cookies are files stored on your computer by our website when you call up the site. These files contain information making your use of this website more efficient.
Most of the cookies we use are so-called “session cookies” which will be deleted, automatically, at the end of your visit. Other cookies remain stored on your device until you delete them. You can adjust your browser settings so that you are informed when cookies are created and only allow cookies in individual cases, exclude acceptance of cookies in certain cases or in general, and activate the automatic deletion of cookies when you close your browser. If you deactivate the storage of cookies the functionality of this website may be impaired.
As an open source web analytics service, we use Matomo (formerly: Piwik) to analyse usage behaviour on our website. The usage information created by the cookie (including the shortened IP address of the user) will be transferred to our servers and stored there for usage analysis purposes. We use the usage analysis to optimise our own websites, and the way we address our clients and other advertising measures. The IP address of the user is shortened in this process before storage so that the identification of the user via the IP address is no longer possible.
The information created by the cookie about your use of this website will not be transferred to any third parties.
Google Web Fonts
For the homogenous display of fonts, this website uses so-called web fonts that are provided by Google. On retrieving a website your browser downloads the necessary web fonts to your browser cache in order to correctly display texts and fonts.
For this purpose your browser has to establish a direct connection to Google servers. Google thus becomes aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and attractive presentation of our website. This constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR.
Facebook plug-ins (Like & Share button)
We have integrated plug-ins of the social network Facebook, provided by Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA, on our website. You will be able to recognise Facebook plug-ins by the Facebook logo or the „Like“ button on our website. An overview of the Facebook plug-ins is available under the following link: https://developers.facebook.com/docs/plugins/.
Whenever you visit our website and its pages, the plug-in will establish a direct connection between your browser and the Facebook server. As a result, Facebook will receive the information that you have visited our website with your plug-in. However, if you click the Facebook „Like“ button while you are logged into your Facebook account, you can link the content of our website and its pages with your Facebook profile. As a result, Facebook will be able to allocate the visit to our website and its pages to your Facebook user account. We have to point out, that we as the provider of the website do not have any knowledge of the transferred data and its use by Facebook. For more detailed information, please consult the Data Privacy Declaration of Facebook at: https://www.facebook.com/privacy/explanation.
If you do not want Facebook to be able to allocate your visit to our website and its pages to your Facebook user account, please log out of your Facebook account while you are on our website.
The use of the Facebook plug-in is based on Art. 6 Sect. 1 lit. f GDPR. The operator of the website has a legitimate interest in being as visible as possible on social media.
We have integrated functions of the social media platform Twitter into our website. These functions are provided by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. While you use Twitter and the „Re-Tweet“ function, websites you visit are linked to your Twitter account and disclosed to other users. During this process, data are transferred to Twitter as well. We must point out, that we, the providers of the website and its pages do not know anything about the content of the data transferred and the use of this information by Twitter. For more details, please consult Twitter’s Data Privacy Declaration at: https://twitter.com/en/privacy.
The use of Twitter plug-ins is based on Art. 6 Sect. 1 lit. f GDPR. The operator of the website has a legitimate interest in being as visible as possible on social media.
You have the option to reset your data protection settings on Twitter under the account settings at https://twitter.com/account/settings.
4. For which purpose do we process your persona data – and on what legal basis?
4.1 Contractual performance (Article 6 (1) (b) GDPR)
We process your personal data to be able to execute our contracts. This also applies to details you provide to us in the course of pre-contractual correspondence. The actual purposes of the data processing depend upon the relevant circumstances of the specific undertaking.
Initiation or implementation of contractual relations
For the initiation or implementation of contractual relations we need your name, your address, your telephone number or your e-mail address so that we can contact you.
If you send us an enquiry via a contact form your details from this enquiry form, including the contact details given by you on this form, are used to deal with the enquiry and stored by us in case of follow-up queries. We do transfer this data to any third parties without your consent.
Through the initiation or implementation of mobility programmes we need your name, your address, your telephone number and your e-mail address in order to be able to contact you. In the case of a positive funding decision we need additional information from you about your person (e.g. date and place of birth), your bank details and details of your schedule abroad. The data you provide to us will be stored by us for the purposes of implementing the mobility funding programme and only transferred to our partners in the mobility programme (e.g. chambers for crafts and vocational colleges) with your permission. We will not use your applicant information for any other purposes than for implementing the mobility programmes.
4.2 According to balancing of interests: to ensure your security and improve the reliability of our web applications (Article 6 (1) (f) GDPR)
Measures that serve your security
We use your personal data for cases including the following:
- In order to protect you or your enterprise from fraudulent activities, we analyse your data. This can occur, for instance if you are the victim of identity theft or if unauthorised persons gain access to your user account in some other way;
- In order to improve the reliability of our web applications, our IT support sector will closely collaborate with you in the case of technical problems. In this connection, we also analyse reports of website accesses, actions carried out, etc.;
- In order to be able to ensure IT security;
- In the case of possible legal disputes, to record facts and provide proof.
4.3 On the basis of your consent (Article 6 (1) (a) GDPR)
If you have agreed to the processing of your personal data for one or more specified reasons, then the processing of your personal data by us is permissible. You can withdraw this consent with effect for the future at any time without incurring any costs other than the transmission costs in line with basic tariffs (costs of your Internet connection). The withdrawal of your consent does not however affect the legality of processing carried out up until the withdrawal of consent.
4.4 On the basis of statutory provisions or in the public interest (Article 6 (1) (c) GDPR)
As a company, we are subject to various statutory requirements (e.g. under taxation legislation). In order to comply with our statutory obligations, we process your personal data to the extent legally required and permitted and may be required to retain this data.
5. Where we transfer your Data to and Why
5.1 Data utilisation within sequa
Within sequa only those employees who need access to your personal data to fulfil our contractual or legal duties or to protect our legitimate interests have access to your data.
5.2 Data utilisation outside sequa
We respect the protection of your personal data and only transfer information about you when this is required by any legal provisions, if you have given your consent, or for the fulfilment of our contractual obligations.
For instance in the case of the following recipients there may be a legal obligation to transfer your personal details:
- Public offices or supervisory authorities, e.g. tax authorities, customs authorities, external audit offices of ministries or public authorities;
- Judicial or criminal investigation authorities, e.g. police, courts, office of the public prosecutor;
- Lawyers or notaries, e.g. in legal disputes;
In order to be able to fulfil our contractual obligations we cooperate with other companies. These include:
- Postal and transport service providers;
- Event organisers and training providers if you have registered through us for certain exhibitions or events;
- Banks and financial service providers for the settlement of all financial matters;
- Partners in mobility programmes (e.g. chambers for crafts or vocational colleges) which implement projects
Own service providers
In order to enable us to organise our business efficiently we use the services of external service providers who may receive personal data relating to you to fulfil the described purposes, including IT service providers, printing and telecommunications services, collection and consultation firms and file deletion and archiving service providers.
Important: We look after your personal data carefully!
In order to ensure that the same legal data protection standards apply to our service providers as in our own enterprise we have concluded corresponding contracts for order processing. Among other things, these contracts provide
- that third parties only gain access to data which they need to complete the tasks assigned to them;
- that at the service providers only employees who are explicitly obliged to comply with data protection law provisions have access to your data;
- that at the service providers technical and organisational measures are maintained which ensure data security and data protection;
- for what happens to your data when the contractual relationship between the service provider and us ends.
In the case of service providers who have their registered headquarters outside the European Economic Area (EEA), we take specific security measures (e.g. through use of specific contractual clauses) to ensure that the data is/are handled with the same level of care as within the EEA. We check all our service providers regularly for compliance with these provisions.
Very important: Under no circumstances do we sell/lease your personal data to third parties!
6. Are you obliged to provide us personal data?
In the context of the business relationship between you and sequa we require from you the following categories of personal data:
- all necessary information for the commencement, implementation and ending of a business relationship;
- data which is required to fulfil contractual obligations;
- data which we are legally obliged to collect.
Without this data, it is not possible for us to enter into or implement contracts with you.
7. Deletion Periods
In accordance with the applicable data protection regulations we store your personal data for no longer than we need to fulfil the purposes of the relevant processing. When data is required no longer for the fulfilment of contractual or statutory duties, we will delete such data, unless it has to be retained for a continuing retention period. Continued retention may be required for the following reasons:
- Retention duties according to the commercial an/or taxation law: the overriding retention periods under the provisions of the German Commercial Code (HGB) and the German Tax Code (AO) are up to 10 years.
- For the preservation of evidence in the case of legal disputes within the scope of statutory provisions on the expiry of claims: expiry periods can be up to 30 years in civil law, although claims generally expire after three years after perusal.
- For the proof of proper use of subsidies within the scope of the Federal Budget Code (BHO) and the General Ancillary Provisions for Subsidies for Project Sponsorship (ANBestP) the retention duties are generally five years after submission of the proof of usage, provided a longer retention period is not required under taxation law or any other legal provisions.
8. Your Rights
Within the context of the processing of your personal data you have certain rights. For more detailed information please refer to the relevant provisions of the EU General Data Protection Regulation (Articles 15 to 21).
8.1 Right to notification and rectification
You have the right to receive notification from us about which of your personal data we are processing. Should this information not be correct (any longer), you have the right to demand us to rectify the relevant data, in the case of incomplete details to delete such data. If we have transferred data to any third parties we will inform the third parties concerned if so required by legal provisions.
8.2 Right to deletion
You have the right to demand the immediate deletion of your personal data under the following circumstances:
- If your data is no longer needed for the purpose for which it was collected;
- If you have withdrawn your consent to the processing and there is no other legal basis for processing the data;
- If you object to the processing and there are no overriding legitimate reasons for the data processing;
- If your data is being processed unlawfully;
- If your data must be deleted to fulfil statutory duties.
Please note that we must check before deleting your data whether there is any legitimate reason for continuing to process your personal data.
8.3 Right to restriction of processing (“Right to have data blocked”)
For any of the following reasons you have the right demand us to restrict the processing of your personal data:
- If you challenge the accuracy of the data, until we have had the opportunity to check the accuracy of the data;
- If the data is being unlawfully processed, but instead of deletion you demand only restriction on the use of the personal data;
- If we no longer require the personal data for the purposes of processing, but you still require this for the assertion, exercise or defence of legal claims;
- If you have filed an objection to the processing and it is not yet established whether your legitimate interests outweigh ours.
8.4 Right to object
Right to object on a case-by-case basis
If the processing is in the public interest or is done as a result after balancing the mutual interests you have the right, for reasons deriving from your specific situation, to lodge an objection against the processing. Upon the successful lodging of an objection we will no longer process your personal data unless we can prove urgent grounds worthy of protection for processing your data which outweigh your interests, rights and freedoms, or because your personal data serves the assertion, exercise or defence of legal claims. The objection does not affect the legality of the processing done up to the lodging of the objection.
In case your personal data is used for advertising purposes, you have the right to lodge an objection against this form of processing, at any time. We will then no longer process your personal data for these purposes.
The objection can be made without form restrictions and should be addressed to:
Data Protection Officer
Tel.: +49 (0) 228 98238 - 38
8.5 Right to transferability of data
Upon request, you have the right to receive such personal data you have submitted to us for processing in a transferable and machine-readable format.
8.6 Right to lodge a complaint with a supervisory authority (Article 77 GDPR)
We always try to process your enquiries and requests as quickly as possible in order to respect your rights appropriately, however, depending on the frequency of requests it may be that up to 30 days elapse before we are in the position to give you further information on your enquiry. Should it take longer than this we will notify you quickly about the reasons for the delay and discuss the further proceedings with you.
In some cases, we do not have the permission to or we may be prevented from giving you any information. If legally permissible, we will inform you about the rationale for refusing information.
If you are still not satisfied with our responses and reactions or you are of the opinion that we are in violation of applicable data protection legislation, then you are free to lodge a complaint with both our data protection officer and the responsible supervisory authority. The supervisory authority having jurisdiction in our case is the Data Protection Commissioner for North Rhine-Westphalia: Landesbeauftragter für Datenschutz und Informationsfreiheit Nordrhein-Westphalen (LDI NRW).