TAKE 10 to

enjoy biometrics with JENETRIC!

We enable enrolment and verification services for mobile banking and e-commerce applications.

TAKE 10 to

enjoy biometrics with JENETRIC!

We enable enrolment and verification services for mobile banking and e-commerce applications.

Privacy declaration

Privacy Declaration

Thank you for your interest in our company and products and for visiting our website. Protecting your personal data is important to us. As a result, we would like to provide you with information below on the type, scope and purpose of the personal data processed by us. You will also find information on your rights. Should you have any further questions regarding the handling of your personal data, please do not hesitate to contact our Data Protection Officer.
 

Name and address of the Data Protection Officer

Should you have any questions concerning the processing of your personal data, you are welcome to contact our Data Protection Officer directly. The Data Protection Officer is also responsible for all requests for information, other requests or complaints. The company eOctoPi.Consulting provides us with the following external company Data Protection Officer:

Jens Kubieziel
OctoPi.Consulting
Zitzmannstr. 15
07743 Jena


E-Mail: datenschutz@octopi.consulting

If you have any questions regarding data privacy, please send an e-mail to: datenschutz@jenetric.de 
 

Getting in touch

If you contact our company, we will collect personal data (e.g. using the contact form, e-mail or telephone). Naturally, the personal data voluntarily transmitted to us in such cases will only be used for the purpose for which you made it available when you contacted us. It goes without saying that you can revoke your declarations of consent at any time with effect for the future. Please contact our Data Protection Officer if you wish to do so. 
 

Definitions

Our data privacy statement is based on the terms set out in Article 4 of the EU General Data Protection Regulation (hereinafter referred to as the “GDPR”). Our data privacy statement is designed to be straightforward, easy to read and easy to understand for everyone. With this in mind, we would like to explain the terms used in advance. If certain terms nevertheless remain unclear, you are welcome to contact our Data Protection Officer.
 

What is personal data?

Personal data is defined in Article 4 of the GDPR. It describes personal data as all information relating to an identified or identifiable natural person (hereinafter referred to as the “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
This includes, for example, your name, your address, your telephone number or your date of birth.
 

What does the term “processing” mean?

“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
 

Who is responsible for processing?

The party responsible (the “controller”) is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

The controller within the meaning of the GDPR, i.e. the party responsible for processing the data on this website, is:

JENETRIC GmbH
Wiesenstraße 2
07749 Jena
Germany

Telefon: +49 3641 3219950
Telefax: +49 3641 3219951
Webseite: www.jenetric.de

E-Mail: info@jenetric.de
 

Who is a processor?

A “processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
 

What does “profiling” mean?

“Profiling” means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements. 

Use of personal data

Job applications

The controller collects and processes personal data concerning applicants for the purpose of executing the job application procedure. The data may also be processed electronically. This is the case in particular if an applicant sends corresponding application documents electronically, for example by e-mail, to the controller. If the controller concludes an employment contract with an applicant, the data transmitted will be stored for the purpose of processing the employment relationship in accordance with the statutory provisions. If the controller does not conclude an employment contract with the applicant, the application documents will be automatically erased six months after the applicant receives the rejection notification, provided that no other legitimate interests of the controller stand in the way of such erasure. “Other legitimate interests” in this sense include, for example, a burden of proof in proceedings under the German General Equal Treatment Act (AGG).
 

Log files

In general, this website can be used without supplying any personal data. If, however, a data subject wishes to make use of special services offered by our company via our website, it may be necessary to process personal data. If the processing of personal data is necessary and there is no statutory basis for such processing, we generally obtain the consent of the data subject.
Every time you access one of our websites (www.jenetric.de / www.jenetric.com ) and each time you access a file, corresponding access data is stored in a log file on the server of our hosting service provider. The following data can be recorded:

  • the browser types and versions used,
  • the operating system used by the accessing system,
  • the website from which an accessing system reaches our website (known as the “referrer”),
  • the sub-websites which are accessed via an accessing system on our website,
  • the date and time of access to the website,
  • an Internet protocol (IP) address,
  • the Internet service provider of the accessing system and
  • other similar data and information used to defend against attacks on our information technology Systems. 

We do not use this data and information to identify the data subject. This information is required:

  • to display the contents of our website correctly,
  • to optimize the contents of our website, as well as advertising for the website,
  • to ensure the long-term functionality of our information technology systems and the technology behind our website, and
  • to provide law enforcement agencies with the information necessary for law enforcement in the event of a cyber-attack.

This data, which is collected anonymously, is evaluated for statistical and also for data security reasons. Your data is stored by our hosting service provider. It will not be disseminated to third parties for commercial purposes. The anonymous data is stored separately from all personal data provided by a data subject.

If the website allows for the input of personal or business data (e-mail addresses, names and addresses), the user will provide this information on an explicitly voluntary basis. Once again, your data will be treated as confidential and will not be disseminated to third parties.
 

Cookies and tracking

Our websites use cookies. Cookies are text files that are stored in or by the Internet browser on the user's computer system. If a user accesses a website, a cookie may be stored on his/her operating system. This cookie contains a character string which enables unique identification of the browser when the website is accessed again. We analyze user behavior in order to measure the success and coverage of our website (“web analyses”). “Tracking tools” are often used for this purpose.
A distinction is made between:

  • technically necessary cookies
  • cookies to measure coverage
  • tracking tools for user-analysis

These different types are described in greater detail in the following chapters. Your data is passed on to our hosting service provider. 
 

Technically necessary cookies

We use cookies in order to make our website more user-friendly. Some elements of our website require the accessing browser to be identified, even following a change of page. Technically necessary cookies are not absolutely necessary to display the website. Some website functions, however, such as the contact form, cannot be used properly without these cookies. As a result, there is no option for the user to object; these cookies can be deactivated by changing the settings of the browser being used. 
 

Cookies to measure coverage

Cookies to measure coverage collect information about the way the website is used, e.g. website visits or error messages. These cookies do not store any information that allows the user to be identified. The information collected is only analyzed after having been aggregated, i.e. anonymously.
 

Tracking for user analysis

For our user analysis, we collect information about the user behaviour navigating on our website, for ex. visiting our website or error reports. We do not store any information that allows the user to be identified. The information collected is only analyzed after having been aggregated, i.e. anonymously. For this analysis we use google analytics, as described in the following chapter.
 

Use of Google Analytics

This website uses Google Analytics, a web-analysis service of Google Inc. („Google“). Google Analytics uses "cookies", which are text files placed on your computer system and that enable the analysis of your use of our website. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence over this data transmission.

Please find more information on how Google Analytics handles user date can be found in Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=en
 

IP- Anonymization

We use the function „activation of IP Anonymization in Analytics“ on this website. This will shorten your IP address from Google beforehand. Only in exceptional cases, the full IP address will be transmitted to a google server in the U.S. and only shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website and Internet use. The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data.

Read more about IP Anonymization in Google Analytics in the Google’s data privacy and security statement here: https://support.google.com/analytics/answer/2763052.

You may refuse the use of cookies by selecting the appropriate settings on your browser. In addition, you can prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en
 

Objection to data collection

You can prevent Google Analytics from collecting your data by clicking on the following link: Disable Google Analytics
 

Use of Google Maps

This page uses the Google Maps map service via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. To use the functions of Google Maps, your IP address has to be saved. This information is generally transmitted to, and saved on a Google server in the US. The provider of this site has no influence over this data transmission.

Google Maps is used in the interests of presenting our online offering in an appealing manner, and to make it easy to find the places indicated by us on the website. This represents a legitimate interest within the meaning of Article 6 (1f) GDPR.

You can find more information on the handling of user data in Google's data privacy statement: https://www.google.de/intl/de/policies/privacy/
 

Deletion and blocking of data

We only store personal data of the data subject for the period necessary to achieve the storage purpose. An extension of the storage period is only necessary if required by applicable laws and regulations.

After storage, the personal data is routinely blocked or deleted in accordance with legal regulations.
 

Dissemination of data to third parties

Your data will not be passed on to third parties outside of the Jenetric GmbH, unless we are legally obliged to do so. Where external service providers come into contact with your personal data, we have taken legal, technical and organisational measures and carried out regular checks to ensure that they comply with the provisions of the data protection laws. 

Rights of the data subject (your rights)

Right to information

Any person affected by the processing of personal data has the right to obtain, at any time and free of charge, information from the controller on the personal data concerning him/her that the controller has stored, as well as a copy of this information. The data subject also has the right to obtain the following information:

  • the purposes of the processing
  • the categories of personal data concerned
  • the recipients or categories of recipient to whom the personal data has been or will be disclosed, in particular recipients in third countries or international organizations
  • where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period
  • the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing
  • the right to lodge a complaint with a supervisory authority
  • information to be provided where personal data has not been obtained from the data subject: all available information on the origin of the data
  • the existence of automated decision-making, including profiling, referred to in Article 22 (1) and (4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject

Furthermore, the data subject has a right to information as to whether personal data has been transferred to a third country or to an international organization. If this is the case, the data subject has the right to obtain information on the appropriate safeguards relating to the transfer.

If you would like to make use of this right to information, you can contact our Data Protection Officer at any time.
 

Right to rectification

Any person affected by the processing of personal data has the right to request the immediate rectification of inaccurate personal data concerning him/her. Furthermore, taking into account the purposes of the processing, the data subject has the right to have incomplete personal data completed, including by means of providing a supplementary statement.

If you would like to make use of this right to rectification, you can contact our Data Protection Officer at any time.
 

Right to erasure (‘right to be forgotten’)

Any person affected by the processing of personal data has the right to obtain from the controller the erasure of personal data concerning him or her without undue delay where one of the following grounds applies:

  • the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed.
  • the data subject withdraws consent on which the processing is based according to Article 6 (1a) GDPR or Article 9 (2a) GDPR, and where there is no other legal ground for the processing.
  • the data subject objects to the processing pursuant to Article 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21 (2) GDPR.
  • the personal data has been unlawfully processed.
  • the personal data has to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.
  • the personal data was collected in connection with the offer of information society services pursuant to Art. 8 (1) GDPR. 

If you would like to make use of this right to erasure, you can contact our Data Protection Officer at any time.
 

Right to restriction of processing

Any person affected by the processing of personal data has the right to obtain from the controller restriction of processing where one of the following applies:

  • The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.
  • The processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of its use instead.
  • The controller no longer needs the personal data for the purposes of the processing, but it is required by the data subject for the establishment, exercise or defense of legal claims.
  • The data subject has objected to processing pursuant to Article 21 (1) GDPR pending the verification whether the legitimate grounds of the controller override those of the data subject.

If one of the above conditions is met and a data subject requests the restriction of personal data, he/she can contact our Data Protection Officer at any time.
 

Right to data portability

Any person affected by the processing of personal data has the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format. In addition, he/she has the right to transmit this data to another controller without hindrance from the controller to which the personal data has been provided, where:

  • the processing is based on consent pursuant to Article 6 (1a) GDPR or Article 9 (2a) GDPR or on a contract pursuant to Article 6 (1b) GDPR; and
  • the processing is carried out by automated means.

That right shall not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller. In exercising his or her right to data portability pursuant to Article 20 (1) GDPR, the data subject shall also have the right to have the personal data transmitted directly from one controller to another, where technically feasible and provided that this does not adversely affect the rights and freedoms of others. To assert the right to data portability, the data subject can contact our Data Protection Officer at any time.

 

Right to object

Any person affected by the processing of personal data has the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on Article 6 (1e) or (1f) GDPR.

If objections are raised, our company shall no longer process the personal data unless we demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims. If our company processes personal data for direct marketing purposes, the data subject has the right to object at any time to the processing of personal data for the purpose of such marketing. This also applies to profiling insofar as it is connected with such direct marketing. To assert the right to object, the data subject can contact our Data Protection Officer directly at any time.

 

Automated individual decision-making, including profiling

Any person affected by the processing of personal data has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her insofar as the decision:

  1. is not necessary for entering into, or performance of, a contract between the data subject and a data controller, or
  2. is authorized by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject's rights and freedoms and legitimate interests; or
  3. is based on the data subject's explicit consent.

If the decision

  1. is necessary for entering into, or performance of, a contract between the data subject and a data controller or
  2. is based on the data subject's explicit consent, our company shall take appropriate measures to safeguard the rights and freedoms, as well as the legitimate interests of the data subject. If the data subject wishes to assert rights with regard to automated decisions, he/she can contact our Data Protection Officer at any time.
     

Right to revoke a declaration of consent

Any person affected by the processing of personal data has the right to revoke consent he/she has granted to the processing of personal data at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent prior to its withdrawal. If the data subject wishes to assert his/her right of revocation, he or she can contact our Data Protection Officer at any time. 
 

Right to lodge a complaint with a supervisory authority

Notwithstanding any other administrative law or judicial legal remedies, you have the right to complain to a regulatory authority, in particular in the Member State where you are resident, your place of work or the place of the alleged breach, if you consider that the processing of your personal data breaches the GDPR. The regulatory authority which has received the complaint will notify the complainant about the position and outcomes of the complaint including the possibility of a judicial legal remedy pursuant to Article 78 GDPR.
 

Security

We have taken extensive technical and organizational measures to protect your data. Among other things, these measures have taken into account, and continue to take into account, state-of-the-art technology, implementation costs, the type and scope of processing as well as the different probabilities of occurrence and the respective severity of the risk to the rights and freedoms of a natural person. Our security procedures are reviewed and adapted to reflect technological progress on a regular basis.

Contact