The controller pursuant to Art. 4 (7) of the General Data Protection Regulation (GDPR) is the:

notebooksbilliger.de AG, Wiedemannstraße 3, 31157 Sarstedt, Germany (hereinafter referred to as "NBB").

For questions about data protection, such as data processing in our company, or request for right of access or deletion, the following contact options are available to you:

Tel.: 030 3982021052

Fax: 03317309

Email: datenschutz@notebooksbilliger.de 

Our company data protection officer is:

Herr Andreas von Heinemann, c/o ASCON HORIZON INNNOVATION GROUP GmbH, Hamerlinweg 18, 14167 Berlin

He is responsible for the monitoring and compliance of data protection in our company and is available to you for confidential issues about data protection. You can reach him via email: e-mail: ds@ahig-group.com

The scope and type of collection and use of your data differs depending on whether you visit our website only to retrieve information or whether you send us further information as part of an application via our career’s website.

Insofar as we use contracted service providers for individual functions of our offer, we will inform you in detail below about the respective processes. We have of course selected the service providers carefully. Otherwise, your data will only be passed on to other third parties if we are legally obliged to do so.

The security of your personal data is very important to us. We therefore use technical and organizational security measures to protect your data, against manipulation, loss, destruction or misuse by unauthorized persons. Our security measures are regularly reviewed and continuously improved in line with technological developments.

In addition, this website uses TLS encryption for security reasons and to protect the transmission of personal data and other confidential content. You can recognize an encrypted connection by the character string "https://" and the lock symbol in your browser line.

Every employee who processes personal data in our company is obliged to comply with the data protection regulations. These principles also apply to our processors, i.e. companies that process and use data on our behalf and in accordance with our instructions.

When you use our website for information purposes only, we only collect the data that your browser transmits to our server (so-called "server log files"). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:

- Our visited website

- Date and time at the time of access

- Amount of data sent in bytes

- Source/reference from which you reached the page

- Browser used

- Operating system used

- IP address used (if applicable: in anonymized form)

Processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data will only be passed on or otherwise used as described below. However, we reserve the right to check the server log files retrospectively if there are concrete indications of unlawful use.

To make visiting our website attractive and to enable the use of certain functions, we and the service providers use the so-called cookies on various pages. These are small text files that are stored on your end device. Some of the cookies we use are deleted again at the end of the browser session, i.e. after you close your browser (so-called "session cookies"). Other cookies remain on your end device and enable us or our contracted service providers ("third-party cookies") to recognize your browser on your next visit ("persistent cookies"). If cookies are set, they collect and process certain user information to an individual extent, such as browser and location data and IP address values. Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie.

We store information on your end device if this is absolutely necessary in order to make our website available to you, Section 25 (2) No. 2 Telecommunications-Digital-Services-Data Protection-Law (a German Law: Telekommunikation-Digitale-Dienste-Datenschutz-Gesetz, hereinafter referred to as TDDDG). Otherwise, data will only be collected on the basis of your express consent in accordance with Section 25 (1) TDDDG. If personal data is also processed by individual cookies implemented by us, the processing is carried out in accordance with Art. 6 para. 1 lit. b GDPR for the execution of the contract, in accordance with Art. 6 para. 1 lit. f GDPR to safeguard our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the page visit or in accordance with Art. 6 para. 1 lit. a GDPR as a result of your consent.

In addition, we and some of our service providers use web storage. Here, information is stored locally in the cache of your browser, which is either automatically deleted after closing the browser window ("session storage") or continues to exist and can be read again when you visit the website again ("local storage"), unless you delete your browser cache ("browser data"). If we use service providers on our website, you will be informed individually and separately about the use of cookies and web storage, as well as about the scope of the information collected in each case within the following paragraphs.

A list of the cookies and web storage used on this website can be found under point 9 b.

Web beacons are small graphics (1x1 pixels) that are usually placed invisibly in emails or on websites. Web beacons are used for statistical analysis and are usually used in conjunction with cookies to understand how the visitor interacts with the website and the content on the website. They can also be used for email tracking, for example by registering whether the recipient of a newsletter has opened an email or clicked on the links contained in the email.

By using the deactivation page for consumers from the EU https://www.youronlinechoices.com/de/praferenzmanagement/ you can check whether and by which companies cookies are set in your browser and deactivate them.

You also have the option of setting your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or to exclude the acceptance of cookies for certain cases or in general. Each browser differs in the way it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. You can find these for the respective browsers under the following links:

• Internet Explorer: https://support.microsoft.com/de-de/windows/l%C3%B6schen-und-verwalten-von-cookies-168dab11-0753-043d-7c16-ede5947fc64d
• Microsoft Edge: https://support.microsoft.com/de-de/microsoft-edge/cookies-in-microsoft-edge-l%C3%B6schen-63947406-40ac-c3b8-57b9-2a946a29ae09
• Firefox: https://support.mozilla.org/de/kb/verbesserter-schutz-aktivitatenverfolgung-desktop
• Chrome: https://support.google.com/chrome/answer/95647?hl=de&hlrm=en
• Safari: https://support.apple.com/de-de/guide/safari/sfri35610/mac
• Opera: http://help.opera.com/Windows/10.20/de/cookies.html

Please note that if you do not accept cookies, the functionality of our website may be restricted.

Personal data is collected when you contact us (e.g. via contact form or email). Which data is collected in the case of a contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of responding to your request or for contacting you and the associated technical administration. Please note that we cannot guarantee complete data security when communicating by email, so we recommend that you send information that requires a high level of confidentiality by post. The legal basis for processing the data is our legitimate interest in responding to your request in accordance with Art. 6 para. 1 lit. f GDPR.

If you apply to us electronically, e.g. by e-mail or via our contact form, we collect and process your personal data for the purpose of establishing or initiating an employment relationship and for the implementation of pre-contractual measures, in accordance with Art. 6 para. 1 lit. b GDPR.

If you apply to us electronically, e.g. by e-mail or via our contact form, we collect and process your personal data for the purpose of establishing or initiating an employment relationship and for the implementation of pre-contractual measures. For the processing of applicant data, we use the services of personnel administration and applicant management software from Personio GmbH, Buttermelcherstraße 16, 80469 Munich, Germany (hereinafter referred to as "Personio"). The data transmitted as part of your application will be transmitted in encrypted form and stored and processed in a database operated by Personio. We have concluded an order processing contract with Personio in accordance with the GDPR, according to which Personio processes the data for us strictly in accordance with our instructions. You can find further information on Personio's data protection at: https://www.personio.com/security/. We will inform you separately about data processing as part of the application process in our data protection information for applicants.

(1) Usercentrics
We use Usercentrics, a consent management service of Usercentrics GmbH, Sendlinger Str. 7, 80331 Munich, Germany (hereinafter referred to as "Usercentrics"), on our website to manage consents and to document the data protection-compliant obtaining of consents based on our legal obligations.

On our behalf, Usercentrics processes the opt-in and opt-out data, the referrer URL, the user agent, the geographical location, your user settings, a consent ID, as well as the time of consent and the type of consent. This data is required to be able to assign the consents granted or their revocation to you. Usercentrics stores this information in the local storage of your browser so that your individual settings remain saved for further visits to our website and the consent field is not displayed to you again each time.

The data collected in this way is stored until you ask us to delete it, delete the Usercentrics local storage yourself or the purpose for storing the data no longer applies. Mandatory statutory retention obligations remain unaffected. The consent data (consent and withdrawal of consent) will be stored for three years.

Consent and device data is stored exclusively in the European Union (EU), namely in Frankfurt am Main (API server) and in Belgium (consent database). Alphabet Inc. ("Google"), based in the USA, is technically involved in supporting the hosting services used by Google. These are: Hardware maintenance, CDN and server monitoring. Alphabet Inc. does not have access to CMP information from Usercentrics for any of these services.

Data is initially collected in accordance with Section 25 (2) No. 2 TDDDG. Subsequent data processing is carried out in accordance with Art. 6 para. 1 lit. c GDPR, as obtaining consent for the use of cookies is required by law, and in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in providing a cookie consent management service for our website visitors.

For more information about Usercentrics privacy policy, please visit https://usercentrics.com/de/datenschutzerklaerung/. You can change your preferences at any time under "Cookies" at the bottom of our website.

(2) Google Tag Manager
The Google Tag Manager tool is a service of Google Ireland Limited, Gordon House, 4 Barrow Street, Dublin D04 E5W5, Ireland (hereinafter referred to as "Google"), and enables us to manage and implement website tags via an interface.

Google Tag Manager is a cookie-free domain and does not itself collect any personal data. It triggers other tags, which in turn may collect data. The Google Tag Manager itself does not access this data. If deactivation has been carried out at domain or cookie level, this remains in place for all tracking tags that are implemented with Google Tag Manager.

You can find more information about Google's privacy policy at https://policies.google.com/privacy?hl=en&gl=de.

(3) New Relic
We use New Relic, a service provided by New Relic, Inc, 188 Spear St, San Francisco, CA 94105, USA (hereinafter referred to as "New Relic"), which enables us to monitor and evaluate the performance of our website. We use the service to statistically evaluate the speed of the website, to determine whether the website can be accessed and how quickly the respective page is displayed when it is accessed. In addition, we use the service to ensure the functionality of the applications on our website and to optimize the use of our website.

On our behalf, New Relic processes the IP address and the geographical location, browser and device information (e.g. the operating system), as well as the time span of the display for the website clicked on. As a rule, the IP address is deleted immediately, in exceptional cases no later than 24 hours after collection, to exclude any personal reference.

In this context, New Relic uses so-called session cookies, which serve to recognize the browser in order to enable us to determine the statistical data more precisely.

We have agreed server locations within the EU with New Relic. Please note, however, that New Relic may transfer data to a country outside the European Union (EU) and the European Economic Area (EEA) and to a country that does not offer an adequate level of data protection, to the USA. The possible processing of your data outside the EU or the EEA is based on so-called standard contractual clauses of the EU Commission, pursuant to Art. 46 para. 2 lit. c GDPR, which you are welcome to request from us. New Relic is certified under the EU-US Data Privacy Framework, so that the usual level of protection of the GDPR applies to the transfer.

The data is initially collected in accordance with Section 25 (2) No. 2 TDDDG, the downstream data processing is carried out on the basis of our legitimate interest in accordance with Art. 6 (1) lit. f GDPR in order to ensure the availability and security of our website.

Further information on New Relic's data protection provisions can be found at https://newrelic.com/termsandconditions/services-notices.

(4) Personio
We use the services of personnel administration and applicant management software from Personio GmbH, Buttermelcherstraße 16, 80469 Munich, Germany (hereinafter referred to as "Personio") to display our job vacancies on our website. Personio uses web storage to provide the information. Personio does not contain any personal data in this context. The information is stored on the website visitor's device in accordance with Section 25 (2) No. 2 TDDDG. You can find further information on data protection at Personio at: https://www.personio.com/security/. 

(5) YouTube Video
YouTube Video is a streaming service of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter referred to as "Google"). We use the YouTube embedding function on our website, which enables us to display and play videos on our website.

When you access the page on which the YouTube video is embedded, your data will not be transmitted to Google. We use the extended data protection mode on our website, which means that the videos you watch are not used to personalize your surfing on YouTube or to personalize advertising. Only when you play the video will a connection to Google be established and personal data transmitted to Google, which this provider uses to analyze user behavior or for marketing purposes. When a video is played on our website, Google uses local storage and processes the IP address, browser and device information (e.g. the operating system), the referrer URL and information about the videos viewed.

Google itself is responsible for the data processing described above. Please note that Google transmits the above-mentioned information to Google servers in the USA (see section Data transmission to third countries).

Google is certified under the EU-US Data Privacy Framework.

The data is collected in accordance with Section 25 (1) TDDDG, the downstream data processing in accordance with Art. 6 (1) (a) GDPR on the basis of your express consent. If you wish to withdraw your consent, please delete your browser cache ("browser data")

Further information on Google's privacy policy can be found at https://policies.google.com/privacy?hl=en 

Our websites contain links to various social media with the corresponding logos. These are not social media plugins, but merely a link to our offers within these media. If you click on one of these links, your IP address will always be transmitted to the operators of the various platforms. If you use one of these services and are also logged in with your specific account, information about your surfing behaviour may also be recorded by the operators of the social media. The transmission of your IP address to the operators of the websites accessed is technically necessary and applies to all websites.

As explained in this privacy policy, we use services whose operators have their registered office or server location partly in so-called (insecure) third countries (such as the USA), i.e. countries whose level of data protection does not correspond to that of the European Union. Insofar as this is the case and the European Commission has not issued an adequacy decision for these countries within the meaning of Art. 45 GDPR and, in the case of the EU-US Data Privacy Framework, companies have not certified themselves under it (see adequacy decision at https://ec.europa.eu/commission/presscorner/detail/de/ip_23_3721), we have taken appropriate precautions to ensure an adequate level of data protection for any data transfers. These include, among others, the standard contractual clauses of the European Union or binding internal data protection regulations (so-called "Binding Corporate Rules"). Where this is not possible, we base the data transfer on exceptions under Art. 49 GDPR, in particular on your express consent. If your consent is obtained via the cookie consent tool, you will also be informed of this.

If a transfer to a third country is planned and there is no adequacy decision or suitable guarantees, there is a risk that authorities (such as intelligence services) in the respective third country may gain access to the transferred data and collect and analyse it. Likewise, the enforceability of your rights as a data subject cannot be guaranteed.

Below you will find an overview of your (data subject) rights in connection with data processing within our websites in accordance with the applicable data protection regulations. You can exercise your rights against us using the contact details provided above.

 a.  Right of Access

According to Art. 15 DSGVO, you have the right to obtain an information stored about you, their source and recipients as well as the purpose of data processing at any time. In addition, you can request a copy of your data, which are the subject of the agreement.

b. Right to rectification

According to Art. 16 DSGVO, you have the right to correct or complete your data stored by us at any time.

c. Right to erasure (“right to be forgotten”) / blocking

You have the right to have your stored data deleted or to block this data for further processing at any time if we are obliged to retain your data (e.g. invoices) due to statutory retention obligations (see also Restriction of data processing).

d.   Right to restriction of data processing

You have the right to restrict data processing if

• you dispute the accuracy of your data and cannot correct it yourself.
• the processing is unlawful, and you oppose the erasure of the personal data and requests the restriction of their use instead
• we as a controller no longer need your data for the purposes of the processing, but data is required by you for the establishment, exercise or defence of legal claims; or
• you have objected to processing pursuant to Article 21(1) pending the verification whether the legitimate grounds of the controller override those of the data subject.

e.  Right to object to the processing

If data is collected on the basis of Art. 6 para. 1 lit. f GDPR (data processing to safeguard legitimate interests), the data subject has the right to object to the processing at any time for reasons arising from their situation. We will then no longer process the personal data unless there are demonstrably compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves the establishment, exercise or defence of legal claims. You can submit your objection at datenschutz@notebooksbilliger.de.

Such an objection will affect the permissibility of the processing of your personal data after you have submitted it to us.

f. . Right to data portability

If requested by you, we will make the data you have provided to us personally available to you in a structured, commonly used and machine-readable format and/or transfer it to another controller (e.g. another webshop), the latter insofar as this is technically possible.

g.  Right to lodge a complaint with the supervisory authorities

You have the right to complain at any time about our processing of your personal data to the data protection supervisory authority responsible for us if you believe that this processing violates applicable data protection law: https://lfd.niedersachsen.de/startseite/meldeformulare/

h.  Right to withdraw consent

If you gave us your consent for a certain data processing, you can revoke it at any time with effect for the future.

The duration of the storage of personal data is determined by the respective legal basis, the purpose of processing and - if relevant - additionally by the respective statutory retention period (e.g. retention periods under commercial and tax law).

When processing personal data on the basis of express consent in accordance with Art. 6 para. 1 lit. a GDPR, this data is stored until the data subject withdraws their consent.

If there are statutory retention periods for data that is processed within the scope of legal or similar obligations on the basis of Art. 6 para. 1 lit. b GDPR, this data will be routinely deleted after the retention periods have expired, provided that it is no longer required for contract fulfilment or contract initiation and/or we no longer have a legitimate interest in further storage.

When processing personal data on the basis of Art. 6 para. 1 lit. f GDPR, this data is stored until the data subject exercises their right to object in accordance with Art. 21 para. 1 GDPR, unless we can demonstrate compelling legitimate grounds for the processing that outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.

Unless otherwise stated in the other information in this statement on specific processing situations, stored personal data will be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.