Website privacy statement and at the same time information of data subjects pursuant to Article 13 and Article 14 of the EU General Data Protection Regulation.

We take the protection of your personal data very seriously and strictly adhere to the legal and official data protection regulations. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.

Responsible

The responsible person within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:
Baan Sukhothai Ltd.
Mr. Sarunyu Suansrakaew
Friedrich Ebert St. 5 1/2
86199 Augsburg
Tel. +49 (0) 821 / 99886314
info@baansukhothai.de

Legal basis of the processing
Art. 6 par. 1 p. 1 lit. a DSGVO serves as the legal basis for our company for processing operations in which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, as is the case, for example, with processing operations that are necessary for the delivery of goods or the provision of another service or consideration, the processing is based on Art. 6 par. p. 1 lit. b DSGVO. The same applies to such processing operations that are necessary for the implementation of pre-contractual measures, for example in cases of enquiries about our products or services. If our company is subject to a legal obligation by which the processing of personal data becomes necessary, such as for the fulfilment of tax obligations, the processing is based on Art. 6 para. p. 1 lit. c DSGVO. In rare cases, the processing of personal data might become necessary in order to protect the vital interests of the data subject or another natural person, Article 6(1)(d) of the GDPR. Finally, processing operations could also be based on Article 6(1)(f) of the GDPR. Processing operations that are not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary to protect a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject are not overridden.

Disclosure of data
We do not transfer your personal data to third parties for purposes other than those listed below. We only pass on your personal data to third parties if:

• you have given your express consent to this in accordance with Art. 6 para. 1 p. 1 lit. a DSGVO,
• the disclosure is necessary in accordance with Art. 6 (1) p. 1 lit. f DSGVO for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data,
• in the event that there is a legal obligation for the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. c DSGVO, as well as
• this is legally permissible and in accordance with Art. 6 para. 1 p. 1 lit. b DSGVO is necessary for the processing of contractual relationships with you.

Data subjects’ rights
You have the right:

• to request information about your personal data processed by us in accordance with Art. 15 DSGVO. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information about its details;
• in accordance with Art. 16 DSGVO to immediately demand the correction of incorrect or completion of your personal data stored by us;
• pursuant to Art. 17 DSGVO to request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defense of legal claims;
• to request the restriction of the processing of your personal data in accordance with Art. 18 DSGVO, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defence of legal claims or you have objected to the processing in accordance with Art. 21 DSGVO;
• pursuant to Art. 20 DSGVO to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another controller;
• not to be subject to a decision based solely on automated processing – including profiling – which produces legal effects concerning you or similarly significantly affects you, in accordance with Art. 22 DSGVO;
• gemäß Art. 7 Abs. 3 DSGVO to revoke your consent once given to us at any time. Dies hat zur Folge, dass wir die Datenverarbeitung, die auf dieser Einwilligung beruhte, für die Zukunft nicht mehr fortführen dürfen und
• pursuant to Art. 77 DSGVO, you have the right to complain to a supervisory authority, without prejudice to any other administrative or judicial remedy. In der Regel können Sie sich hierfür an die Aufsichtsbehörde Ihres üblichen Aufenthaltsortes oder Arbeitsplatzes oder den Ort des Orts des mutmaßlichen Verstoßes wenden, wenn die betroffene Person der Ansicht ist, dass die Verarbeitung der sie betreffenden personenbezogenen Daten gegen die Datenschutzgrundverordnung der EU (DS-GVO) verstößt.

The locally competent supervisory authority:
State Office for Data Protection Supervision
Postfach 1349, 91504 Ansbach
Promenade 18, 91522 Ansbach
Tel.: 0981/ 180093-0
Fax: 0981/ 180093-800
E-Mail: poststelle@lda.bayern.de

Cookies
Our website uses cookies. A cookie is a data record that is created when a website is visited and is temporarily stored on the website user’s system. If the server of our website is called up again by the user of the website, the browser of the user of the website sends the previously received cookie back to the server. The server can evaluate the information obtained through this process. Cookies can be used, for example, to control the display of advertisements or to make it easier to navigate a website. Cookies are partly necessary to enable the functionality of our website operation (as legal basis is mentioned Art. 6 para. 1 lit f DSGVO, the protection of the legitimate interests of the operator of this website – we use cookies only in agreement with Art. 5 para. 1 lit a DSGVO, i.e. according to the principles of “lawfulness, processing in good faith, transparency”).
If you want to generally prevent the use of cookies, you can do this through local settings in your Internet browser, (e.g. Internet Explorer, Mozilla Firefox, Opera or Safari).
If the cookies are not technically necessary, you will find further information on cookies used by tools and plugins in this privacy policy.

Server log files (general collection of data)
Every time this website is accessed, data and information is collected by an automated system. These are stored in the server’s log files for a period of 14 days. The following data may be collected:

• Browser type and version
• Operating system used
• Internet Service Provider
• IP address
• Date and time of the server request
• Websites from which your system accesses our website
• Websites that are accessed by your system via our website

The processing of the data is used to deliver the content of our website, to ensure the functionality of our information technology systems and to optimize our website. The data of the log files are always stored separately from other personal data of the users.
We reserve the right to check this data retrospectively if we become aware of specific indications of unlawful use.

Hosting und Content Delivery Networks (CDN)
External hosting (1&1 / MyIonos)
This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster’s servers. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contractual data, contact details, names, website accesses and other data generated via a website.
The hoster is used for the purpose of fulfilling contracts with our potential and existing customers (Art. 6 para. 1 lit. b DSGVO) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f DSGVO).
Our hoster will only process your data insofar as this is necessary for the fulfilment of its service obligations and will follow our instructions with regard to this data. To ensure data protection-compliant processing, we have concluded a contract on commissioned processing with our hoster.

IONOS SE
Elgendorfer Str. 57
56410 Montabaur
Phone: +49 (0) 721 170 5522

Commercial register: Montabaur Local Court / HRB 24498
Sales tax identification number: IONOS SE: DE815563912

Links to other websites
Our website/app may from time to time contain links to third party websites or to other websites of ours. If you follow a link to one of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please review this privacy policy before submitting any personal information to these websites.

Contact forms
If you send us enquiries via the contact form, the information you provide in the enquiry form, including the contact details you provide there, will be stored and processed by us for the purpose of processing the enquiry and in the event of follow-up questions. Your data will be used exclusively for the purpose of answering and processing your question. The data processing is carried out here in accordance with Art. 6 Para. 1 S. 1 lit. a DSGVO on the basis of your voluntarily given consent. You can object to this at any time (right of revocation).

Links to third party websites
On this website, references to third-party websites are offered in the form of so-called links. Links to third party websites are marked with . Only when you click on such a link will data be transmitted to the link destination. This is technically necessary. The transmitted data are in particular: Your IP address, the time at which you clicked on the link, the page on which you clicked on the link, details of your internet browser. If you do not want this data to be transmitted to the link destination, do not click on the link.

Handling of applicant data
We offer you the opportunity to apply to us (e.g. by e-mail, post or via online application form). In the following, we inform you about the scope, purpose and use of your personal data collected as part of the application process. We assure you that the collection, processing and use of your data will be carried out in accordance with applicable data protection law and all other legal provisions and that your data will be treated in strict confidence.

Scope and purpose of data collection
If you send us an application, we process your associated personal data (e.g. contact and communication data, application documents, notes in the context of job interviews, etc.) to the extent that this is necessary to decide on the establishment of an employment relationship. The legal basis for this is § 26 BDSG-neu under German law (initiation of an employment relationship), Art. 6 para. 1 lit. b DSGVO (general contract initiation) and – if you have given your consent – Art_ 6 para. 1 lit. a DSGVO. The consent can be revoked at any time. Your personal data will only be passed on within our company to persons who are involved in processing your application. If the application is successful, the data submitted by you will be processed on the basis of§ 26 BDSG-neu and Art. 6 para. 1 lit. b DSGVO for the purpose of implementing the employment relationship stored in our data processing systems.

Retention period of the data
If we are unable to make you a job offer, if you reject a job offer or withdraw your application, we reserve the right to retain the data you have provided on the basis of our legitimate interests (Art. 6 para. 1 lit. f DSGVO) for up to 6 months from the end of the application process (rejection or withdrawal of the application). Subsequently, the data is deleted and the physical application documents are destroyed. This retention serves in particular as evidence in the event of a legal dispute. If it is evident that the data will be required after the 6-month period has expired (e.g. due to an impending or pending legal dispute), the data will only be deleted when the purpose for further storage no longer applies. Longer storage may also take place if you have given your consent (Art. 6 para. 1 lit. a DSGVO) or if legal storage obligations prevent deletion.

Inclusion in the applicant pool
If we do not make you a job offer, we may be able to include you in our applicant pool. In the event of inclusion, all documents and details from the application will be transferred to the applicant pool in order to contact you in the event of suitable vacancies. Inclusion in the applicant pool is based exclusively on your express consent (Art_ 6 para_ 1 lit_ a DSGVO). The provision of consent is voluntary and is not related to the current application process. The person concerned can revoke his/her consent at any time. In this case, the data from the applicant pool will be irrevocably deleted, provided there are no legal reasons for retention. The data from the applicant pool will be irrevocably deleted no later than two years after consent has been given.

Objection to advertising e-mails
We hereby object to the use of contact data published within the scope of the imprint obligation to send advertising and information material that has not been expressly requested. We expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.

Enquiry by e-mail, telephone or fax
If you contact us by e-mail, telephone or fax, your enquiry including all personal data resulting from it (name, enquiry) will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.

WordPress
We use WordPress as the editorial system for our website. WordPress uses functional (necessary) cookies to ensure the login process for editors and administrators.
In particular, when attempting to log in to the WordPress administration interface, a cookie called wordpress_test_cookie is set. This cookie is used exclusively for the active session and is deleted as soon as you close the browser.
The cookie is not used to evaluate users.

SSL encryption
This website uses SSL encryption (Secure Socket Layer) for the transmission of data from your browser to our server and to servers that provide files that we embed on our website.
SSL is used to transmit data in an encrypted form. The data cannot be changed and the sender can be identified.
You can recognise the presence of SSL encryption by the preceding text “https” in front of the address of the website you are calling up in your browser.

Security notice
We secure our website and other IT systems against loss, destruction, unauthorised access, unauthorised modification or unauthorised disclosure of your data by means of appropriate technical and organisational measures. However, despite all due care, complete protection against all dangers is not possible in every case. Because we cannot guarantee complete data security when communicating by e-mail, we recommend sending confidential information by post.

Changes to this data protection declaration
We reserve the right to change this data protection declaration if the legal situation or this online offer or the type of data collection changes. However, this only applies to declarations regarding data processing. If the user’s consent is required or components of the data protection declaration contain a regulation of the contractual relationship with users, the data protection declaration will only be amended with the user’s consent.

Changing the cookie settings
Please click on this link: [borlabs-cookie type=”btn-cookie-preference” title=”Änderung Einstellung Cookies” element=”link” /]