Data Protection

Data Privacy Controller:

The controller within the meaning of the General Data Protection Regulation (GDPR), other data protection laws applicable in the EU member states and other provisions related to data protection is:

IMSTec GmbH 
Auf dem Langloos 10
55270 Klein-Winternheim, Germany

Phone:   +49 6136 99441-10
Telefax: +49 6136 99441-11
E-Mail: info(at)

Authorized managing director: Edgar Mähringer-Kunz

Data Protection Officer:

The data protection officer of the controller may be contacted as follows:

Datenschutzbeauftragter IMSTec GmbH

Email: datenschutz(at)
Phone: +49 6136 99441-10
Telefax: +49 6136 99441-11
Mail: provided address of company headquarters, for the attention of "Datenschutzbeauftragter"

Privacy Policy:

1.  Scope and Purpose of the Processing of Personal data related to use of our website

We only process our users‘ personal data as necessary to provide a functioning website as well as our services and content. Our users‘ personal data is regularly only processed after the user’s consent (voluntary use / submittal). Exception applies in cases, in which a prior consent cannot be obtained due to actual reasons and the processing is permitted by legal regulations.

On our website, we provide a contact web form for contacting us in electronic form. If a user makes use of this offer, all information added to the web form will be sent to us and stored. This includes: surname, last name, e-mail address, phone number, subject of the message and text.

Alternatively, we may be contacted via the provided e-mail address. In this case, all personal data delivered with the E-Mail will be stored.

In this context, no information will be passed on to third parties. The information will only be used for processing the conversation.

In case of a contact via e-mail, there is a required legitimate interest in processing the data. All additionally processed personal data during the sending procedure serve for preventing the misuse of the contact web form and for ensuring the safety of our IT systems. 

2.  Scope and Purpose of the Processing and Transferring of Personal data related to business partners

In the context of its relationship with business partners, IMSTec GmbH process the following personal data of contact persons at our customers, interested parties, sales partners, suppliers partners, (each a “Business Partner”): 

  • contact information, such as full name, work address, work telephone number, work mobile phone number, work fax number and work email address,
  • payment data that are required for processing payment transactions,
  • further information necessarily processed in a project or contractual relationship with IMSTec or voluntarily provided by the Business Partner, e.g. within the framework of orders placed, inquiries or project details,
  • personal data collected from publicly available resources, e.g. the business partner’s Internet pages.

IMSTec may process the personal data for the following purposes: 

  • communication with Business Partners on products, services and projects, e.g. to process enquiries from the business partner or to provide technical information on products,
  • planning, execution and administration of the business relationship with the Business Partner, e.g. in order to process the order of customer-specific solutions and services, processing payments, for accounting and billing purposes, to carry out deliveries and to perform maintenance or repairs,
  • carry out surveys,
  • ensuring compliance with legal requirements (e.g. tax and commercial law retention obligations),
  • solving of legal disputes, enforcement of existing contracts and to establish, exercise or defend legal claims.

In order to fulfil contractual obligations, it may be necessary to pass on personal data to service providers, such as transport service providers, and other suppliers, who will only act in accordance with instructions from IMSTec. 

3.  Scope and Purpose of the Processing of Personal data from job applicants

Information on this can be found on the respective application page:

4.  Legal Bases for Processing Personal data

Insofar as we obtain the consent of the person concerned for the processing of personal data, Art. 6 Par. 1 lit. a EU General Data Protection Regulation (GDPR) serves as the legal basis.

Art. 6 Par. 1 lit. b (GDPR) serves as the legal basis for the processing of personal data required to fulfil of a contract to which the person concerned is a party. This also applies to processing operations that are necessary for the implementation of pre-contractual activities.

Insofar as the processing of personal data is necessary to fulfil a legal obligation to which our company is subject, Art. 6 Par. 1 lit. c (GDPR) serves as the legal basis.

Art. 6 Par. 1 lit. d (GDPR) serves as the legal basis in the event that vital interests of the person concerned or of another natural person necessitate the processing of personal data.

If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and fundamental freedoms of the person concerned do not outweigh the first-mentioned interest, Art. 6 Par. 1 lit. f (GDPR) serves as the legal basis for the processing.

5.  Erasure and Storage Duration

The personal data of the person concerned will be erased or blocked, once the storage purpose is no longer applicable.

Information may be stored beyond, if this was provided for by European or National legislation within Union law regulations, laws or other instructions to which the person responsible is subject (storage obligations).

Personal data will also be erased or blocked, in case a storage period defined by the stated norms expires, unless a further storage is required for the conclusion or performance of a contract.

6.  Withdrawal of Consent and Erasure of Information

The user of the homepage and Business Partners have the right to withdraw the consent at any time with effect for the future, i.e. the withdrawal of the consent does not affect the legality of processing carried out prior to the withdrawal on the basis of the consent.

After withdrawal, IMSTec may only process the personal data to the extent that the processing can be based on another legal basis.

7.  The Data Subject’s Rights

You may exercise the following rights at any time using the contact information of the data protection officer (“Datenschutzbeauftragter”): 

  • Information about your personal data stored with us its processing,
  • Correction of incorrect personal data,
  • Deletion of your data stored with us,
  • Restriction of data processing, in case we are not allowed to erase information yet due to legal obligations,
  • Objection against the processing of your personal data by us and
  • Data portability, as far as you have given your consent to processing or have concluded a contract with us.

When having given a consent, you may withdraw this consent at any time with respect to the future. At any moment you may lodge a complaint with the respective supervisory authority responsible for you. Your responsible  supervisory authority is determined by federal state (“Bundesland”), domicile, your work or the presumed infringement. A list of all supervisory authorities (non-public sector) and their addresses is provided

8.  SSL- Encryption

We use state of the art encryption (e.g. SSL) via HTTPS in order to protect your data during transmission. 

9.  Privacy Policies of the Web Hosting Providers

10. Google Analytics and Cookies

This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”).  Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. We only process our users‘ personal data generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States.  In case of activation of the IP anonymization, Google will truncate/anonymize the last octet of the IP address for Member States of the European Union as well as for other parties necessary to the Agreement on the European Economic Area. 

Only in exceptional cases, the full IP address is sent to and shortened by Google servers in the USA.  On behalf of the website provider Google will use this information for the purpose of evaluating your use of the provide a functioning website, compiling reports on website activity for website operators and providing other services relating to website activity our services, and internet usage to the website provider.  Google will not associate your IP address with any other data held by Google. 

You may refuse the use of cookies by selecting the appropriate settings on your browser. However, please note that if you do this, you may not content. Our users‘ personal data is regularly only processed after the user’s consent. Exceptional cases are such cases, in which a prior consent cannot be able to use the full functionality of this website. Furthermore you can prevent Google’s collection and use of data (cookies and IP address) by downloading obtained for actual reasons and installing the browser plug-in available under

You can refuse the use of Google Analytics processing is permitted by clicking on the following link. An opt-out cookie will be set on the computer, which prevents the future collection of your data when visiting this website:

11. Online Forms / Microsoft Forms

In addition, we use online forms (e.g. for surveys or complaints) using Microsoft Forms, an offer from Microsoft with which we have concluded a data sharing/supplier agreement. The forms can be addressed in different ways (via hyperlink, QR code, embedding in a website oder sending an email). The data processing is based on your consent to the processing of your personal data according to art. 6 (1) a) GDPR or art. 6 (1) b) GDPR, if the processing is necessary for the purpose of contract execution.

Further information about Microsoft Forms can be found here: We cannot rule out that in individual cases personal data will also be transmitted to and processed by Microsoft Corporation in the USA. For more information on how Microsoft processes personal data, see

12. Data privacy during the application process

The protection of your personal data during processing throughout the application process is an important concern for us: 

By submitting your data, you indicate your consent to us storing and processing the data. All personal information is treated with the utmost confidentiality within the company in accordance with the EU DSGVO and BSDG-neu.

We use the personal data you provide exclusively for processing your application. Your application documents will only be passed on or otherwise transferred to persons involved in the application process. Your application documents will not be passed on to third parties.

If the position for which you have applied has been filled elsewhere or if we also consider you suitable for another position, we would be happy to forward your application within our company. Please inform us if you do not agree with this procedure. 

After the application process has been completed, your personal data will be deleted if your application is not considered, unless you expressly consent to it being stored beyond this point.

Please note that resumes, references, cover letters and other data provided by you for the purpose of the application may regularly contain information about particularly sensitive data. We recommend that you do not provide any information on the following particularly sensitive areas:

- racial or ethnic origin, 

- political opinions, 

- religious or philosophical beliefs, 

- membership in a trade union or political party, 

- physical or mental health, 

- sexual life. 

If you have any questions about the recording, processing or use of your personal data or in cases of information, correction or deletion of data, as well as revocation of consent given, please contact jobs(at)