GDPR

Index

- Privacy Policy
- Cookie Policy

Privacy Policy 

Valid from: 01.09.2025

The operator of the WWW.IP-CAMP.DE website (hereinafter: Website), IP-CAMP GmbH (hereinafter: Service Provider) informs the Users regarding the data processing on the website and the Service Provider’s activities in accordance with the General Data Protection Regulation no. 2016/679 of the European Parliament and of the Council (hereinafter: GDPR). 

Name and address of the data controller

ip camp GmbH
Eichstätter Straße 40
85117 Eitensheim
info@ip-camp.de
Website: www.ip-camp.de 
Name and address of the Data Protection Officer 
E-Mail: datenschutzbeauftragter@instart-group.com

1. Definitions

Website: The totality of the contents and services available under the www.ip-camp.eu domain.  

User: A person visiting, browsing the Website. 

Service: The information technology service provided by the Service Provider: software development, support, education etc. 

Client: The person who concluded a contract with the Service Provider for the Service and uses the Service of the Service Provider. 

Contact persons: the contributors, employees, subcontractors of the Client, with whom the Service Provider is obliged to cooperate in order to perform the contract. 

2. What is the purpose of this privacy policy?

By using the Website and the Services, a contract is made between the Service Provider and the User or Client.  In this privacy policy, the Service Provider informs the Users and Clients, in accordance with the relevant laws, about the personal data processing occurring on the Website and during the provision of the Service in detail.  In respect of the data processing occurring on the Website, the Service Provider is considered as data controller.  The Service Provider is also considered as data controller during the provision of the Services.  

3. What is the purpose of the Website?

On the Website, the Users may get information regarding the Services offered by the Service Provider without registration. The Users and Clients are responsible for the data provided and the contents uploaded by the Users and Clients; the Service Provider excludes its liability therefore. 

4. How does the privacy policy concern the User and other data subjects?

By visiting the Website, using the services available on the Website, using the functions of the Website, the User automatically, without any further legal declaration, acknowledges the content of this privacy policy. By concluding the contract for a Service or by ordering a Service, the Client automatically, without any further legal declaration, acknowledges the content of this privacy policy. 

5. Who may modify this privacy policy and how, and where and how does the Service Provider publish it?

The Service Provider is entitled to unilaterally modify this privacy policy at any time. The service provider publishes the modification of the privacy policy by displaying the consolidated text of the privacy policy under a separate menu entry on the Website. We request the Users and Clients to carefully read the privacy policy every time they visit the Website. This privacy policy is continuously available on the Website. The Users and Clients may open, review, print and save this privacy policy from the Website, however, they may not modify it, since that can be done only by the Service Provider.  

6. Which of your personal data and how long do we process, what do we use them for and upon what authorization? 

The legal grounds for our data processing are the following:

a) according to paragraph (1) a) of Article 6 of the GDPR, the informed and freely given consent of the user to the data processing (hereinafter: Consent);

b) according to paragraph (1) b) of Article 6 of the GDPR, the data processing is necessary for the performance of a contract to which the User as data subject is a party (hereinafter: Performance of contract)

c) according to paragraph (1) c) of Article 6 of the GDPR, the processing is necessary for compliance with a legal obligation to which the data controller is subject (hereinafter:  Compliance with legal obligation)

d) according to paragraph (1) d) of Article 6 of the GDPR, processing is necessary to protect the vital interests of the data subject or of another natural person (hereinafter: Vital interest);

e) according to paragraph (1) e) of Article 6 of the GDPR, processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller (hereinafter: Public interest);

f) according to paragraph (1) f) of Article 6 of the GDPR, processing is necessary for the exercising of the legitimate interests pursued by the controller or by a third party (hereinafter: Legitimate interest) 

6.1. Processing the data of persons requesting an offer

 The Service Provider processes the following data and for the below purposes of the persons contacting it in order to request a quote:

6_1

The processing and storage period of the data related to making an offer corresponds with the general civil law limitation period of 5 years; keeping the data is necessary within this limitation period for the possible enforcement of rights and claims.  

6.2. Processing data of the contact persons of contractual Clients 

The Service Provider uses the data of the contact persons of the Clients having contractual relationship with the Service Provider in order to perform its contract existing with the Client and to keep contact with the Client as follows: 

6_2

It is in the legitimate interest of both the Service Provider and the Client that the Client may be continuously reached through its contact persons. The data regarding the contact persons are limited and only include data that are significant from the point of view of sending notifications; the provided telephone number and e-mail address usually serve specifically for corporate communication, therefore this does not affect the basic rights and freedoms of the relevant contact person unproportionately. The storage period, if the data are part of the contract, corresponds to the storage period prescribed by the accounting act, which relates to the storage of the contract. If the data are not included in the contract, the storage period is the general civil law limitation period of 4 years  

6.3. Data processed during the automatic data collection related to the Website 

We use cookies and different other programs in order to get to know the needs of the Website Users and their behaviour related to the Website and to further develop the Website based on those and prepare anonymous statistics about the Website visits. Some tiny programs facilitate that the User does not need to repeatedly enter their identification data at the next sign-in and that their identification is easier and faster, while other programs serve the identification of the User. 

We specify the data collected on the Website as follows:

 6_3
 

The above data processing is in the legitimate interest of the Service Provider, since it can develop its Website and make it safer by this. The scope of the processed and collected data is not significant, the Service Provider only uses those to prepare and analyse anonymized statistics, it does not collect behavioural preferences and no automated decision-making happens based on those, furthermore, neither does the Service Provider send personalized offers to the Users.   As a result of the above, this data processing does not affect the basic rights and freedoms of the User unproportionately. 

During the visit of the Website and using the services, we place cookies in the browser of the User and in the HTML-based e-mails in accordance with this privacy policy. In general, the cookie is a tiny file, which is composed of letters and numbers and which we send to the device of the User from our server. 

The purpose of the cookies used by the Service Provider: 

a) Security: supporting and making security possible  

b) Performance, analytics and research: these types of cookies help the Service Provider get to know how the Website performs at different places. The Service Provider may also use such cookies, which evaluate, correct and search the Website, products, functions, services, including the case when the User enters the Website from other websites, and including other devices as, for example, the computer or mobile device of the User. 

The types of cookies used by the Service Provider:

a) tracking cookies

b) session cookies, which only work until the work session (generally the given visit on the Website or a browser session) lasts;

c) permanent cookies: help to recognize the User as an existing User, thereby the return to the Website is easier without a repeated sign-in. After the User signs in, the permanent cookie stays in the browser of the User and the Website can read it when the user returns to the Website. 

Control and direction of cookies: Most browsers make it possible that the Users control the use of cookies through the settings. However, if the User limits the Website in using cookies, that may be to the detriment of user experience, since it will not any more be personalized to the User. Furthermore, the User may stop the saving of personalized settings as well, for example, the saving of sign-in information. If the user does not want that the Service Provider uses cookies when he visits the Website, the User may block the use of cookies. In order that the Service Provider gets to know that the User blocked the use of cookies, the Service Provider places a block cookie on the device of the user, so that the Service Provider will know next time the User visits the Website that it may not place cookies. 

If the User does not wish to receive cookies, the User may change the browser settings on his computer. The Website does not work properly without cookies.

6.4.    Online application

6.4.1 Description and scope of data processing

The user’s consent to the processing of this data will be obtained in the course of the registration process. In addition, a further declaration of consent of the user is obtained to specifically process the submitted applicant data with a reference made to this Privacy Policy.

As part of their application, we offer users the opportunity to apply on our website by providing personal data. In doing so, the data will be entered into a contact form, transmitted to us, and stored. The following data will be collected as part of the registration process:

last name
first name
E-mail address
application documents(e.g., CV, cover letter, etc.)
The following data will also be stored when you get registered:

IP address of the user
date and time of registration
The user’s consent to the processing of this data will be obtained in the course of the registration process.

6.4.2       Legal basis for data processing

The legal basis for the processing of data when the user’s consent has been obtained is Article 6(1) clause 1 (a) GDPR.

6.4.3       Purpose of data processing

The data will be processed primarily for the establishment of an employment relationship. The overriding legal basis here is Art. 88 (1) GDPR in conjunction with Section 26 (1) of the new Federal Data Protection Act [BDSG-neu].
Your data will be used solely in the course of the application procedure.
Where applicable to the position to be filled, the processing of health data for the assessment of your ability to work in accordance with. Art. 9 (2) (h) in conjunction with Section 22 (1) (b) of the new Federal Data Protection Act [BDSG-neu].
If the user wishes to be included in our talent pool in the event of a rejection in order to consider him/her for job openings, he/she would have to provide a declaration of consent.
In addition, pursuant to the EU anti-terror regulations (EC regulations: Regulation (EC) 881/2002 and Regulation (EC) 2580/2001), we are obligated to compare the data against the so-called ‘EU terrorist lists’ to ensure that no funds or other economic resources are provided for terrorist purposes.

6.4.4       Storage period

The data will be erased once it is no longer necessary to achieve the purpose for which it was collected.This is the case for those during the registration process to fulfill a contract or to carry out pre-contractual measures when the data is no longer required for the execution of the contract. Even after conclusion of the contract, it may still be necessary to store personal data of the contractual partner in order to fulfil contractual or legal obligations.

6.4.5       Right to objection and removal

The user can have the stored data erased at any time. The stored data can be amended at any time on the user’s request. If the data is required to fulfil a contract or to carry out pre-contractual measures, premature deletion of the data is only possible insofar as there are no contractual or statutory obligations to the contrary. 

7. Who processes your personal data and who has access to them? 

7.1. The data controller The data controller of the data determined in clause 6 is the Service Provider, the contact details and corporate data of which are as follows: 

ip camp GmbH
Eichstätter Straße 40
85117 Eitensheim
info@ip-camp.de
Website: www.ip-camp.de 

On behalf of the Service Provider, the employees of the Service Provider have access to your data to the extent that it is absolutely necessary for completing their jobs.  

7.2. Data processors 

For processing and storing your personal data, we employ different undertakings, with which we conclude contracts for the processing of data.  The following data processors process your data:

7_2
From the data processors used, the data processor resident in the USA is included in the adequacy decision passed by the European Commission according to Article 45 of the GDPR and in the Commission Implementing Decision no. 2016/1260 and it is on the EU-US Data Privacy Framework (DPF) List prepared based on the latter, which means that such data transfer is not considered as data transfer to a third country outside the European Union and no separate consent of the data subjects is necessary therefore, and that the data transfer thereto is allowed under Article 45 of the GDPR. These undertakings have agreed to comply with the GDPR.  

8. Who is the data protection officer of the Service Provider and what are his contact details? 

The Service Provider is not obliged to appoint a data protection officer.  

9. What rights do you have regarding the processing of your data and how do we ensure their exercise? 

a) Right of access: you can request information as to what data, for what purpose and how long we process, to whom we disclose them and the source of your data processed by us. 

b) Right to rectification: if your data have changed or we recorded them incorrectly, you may request their rectification, correction or specification. Please check your data regularly and inform us of any change in your data within 15 days thereof, so that our database about you can always be up-to-date and accurate. 

c) Right to erasure: in the cases laid down in the law, you may request that we erase your data processed by us.  

d) Right to restriction of processing: in the cases laid down in the law, you my request that we restrict the data processing. 

e) Right to object: in case of data processing based on legitimate interest, you may object to the processing of your data, in which case we do not process your data any further, but erase them. 

Right of data portability: by exercising this right, you may request that we provide you with your certain type of data determined by law, or in case of your specific request and authorization, that we transmit them directly to another service provider appointed by you.   We call your attention to it that data portability may only be requested regarding data provided by you and processed by us by automated means and upon your consent, and that we can fulfil the request to transmit them to another service provider only if that is technically feasible and secure.  In case of the above request, we proceed in accordance with the law and we inform you of the measures we have taken based on your request within a month. 

g) Right to withdraw consent: when we process your data based on your consent, you have the right to withdraw your consent at any time, however, this does not affect the lawfulness of our processing before such withdrawal of consent.  

h) Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with:

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)

Promenade 27

91522 Ansbach

www.lda.bayern.de 

if you consider that the processing of data relating to you infringes the GDPR.

The supervisory authority stated with the complaint above shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Art. 78 GDPR. 

Besides all the above, you may initiate a lawsuit against the Service Provider in case of the breach of personal data protection. You may exercise the above rights by sending an e-mail to the info@ip-camp.de customer service address or in a letter mailed to the registered seat of the Service Provider; in case of such request, we proceed in accordance with the provisions of the relevant laws and will inform you about the measures we have taken within a month. 

In respect of requesting information exercising the right to access, we inform you that, based on Article 15 paragraph (3) and (4) of the GDPR, we are not able to provide you with a copy of data processed exclusively on paper, if the personal data of other persons are also included in such document, since the disclosure of such data to third parties prejudices the data protection and individual rights of the given person.  

11. How do we ensure the safety of your data? 

The Service Provider put in place and implemented the following information security measures in order to protect the data: 

The personal data are stored on the servers we rent and on the hard discs of the computers of the Service Provider, to which only a limited group of persons and employees have access based on strict rules of authorization management.

Access to the data and documents stored in the document management system is only possible with a password and with appropriate authorization. 

The use of our local computers require the use of passwords. Our servers are placed in a guarded server room, where the protection against water, fire and unlawful entry is assured. We test and inspect our information technology systems from time to time, repeatedly and regularly in order to create and maintain data security and IT security. 

Regular and continuous protection against malicious software is ensured for all systems and system elements of the Service Provider. During the course of planning and operating programs, applications and tools, we consider the security functions as priority and deal with them separately. We arrange for the protection of the data regarding the security of the information system (e.g. passwords, authorizations, logs) when allocating the access authorizations. 

A backup is created weekly.  Only a very limited group of authorized persons may access the backups. In respect of the messages, files sent electronically, we ensure the integrity of the data both for (communication) controller data and for user data in order to comply with the requirement of secure data exchange. We also comply with the data security requirements, which we determined in the information security document management rules.  In order to create physical data security, we ensure the appropriate protection of our doors and windows and apply strict visiting and access rules regarding our visitors. The premises provide adequate security against unlawful or forcible entry as well as against fire and natural disasters. Furthermore, the storage of data carriers used for data transfer, saving and archiving is only permissible in a reliably locked place. 

12. What do we do if a data breach occurs at us? 

In accordance with the relevant laws, we report the data breach to the supervisory authority within 72 hours of becoming aware of it, and we keep record of personal data breaches. In case it is required by law, we also inform thereof the users concerned and we proceed in compliance with our incident management policy. 

13. When and how do we modify this privacy policy? 

If the scope of the processed data or other circumstance of data processing changes, this privacy policy will be modified and published on the website in accordance with the GDPR within 30 days. 

Cookie Policy

Effective as of: 01.09.2025

The operator of the WWW.IP-CAMP.DE website (hereinafter: Website), the IP-CAMP GmbH (hereinafter “Data Controller”) hereby informs Users about the processing of personal data by using cookies on the Website and the activities performed by the Data Controller in accordance with Regulation 2016/679 of the European Parliament and of the Council on the General Data Protection Regulation (hereinafter referred to as "GDPR").

Data Controller and access to the Data Controller

ip camp GmbH
Eichstätter Straße 40
85117 Eitensheim
info@ip-camp.de
Website: www.ip-camp.de

Name and address of the Data Protection Officer

datenschutzbeauftragter@instart-group.com

1. What are cookies?

A cookie is a small text or alphanumeric file that websites store on visitors' computers or mobile devices. Cookies are widely used to improve the functioning of websites, to provide a personalised online experience or otherwise enhance the user experience, or to provide website owners with various information. Cookies do not in themselves identify the user, they only recognize the visitor's computer. We may place cookies on visitors' computers without their consent if they are strictly necessary for the functioning of the website. For all other types of cookies, we need your consent. During your visit to our website, we collect your personal data through cookies, server logs and other technologies, including in particular your IP address, user agent data, browser type, time of visit and possible preferences. The cookie is valid and active for the expiry date set when you place it. So-called "session" cookies are only valid and active as long as you keep the website open on your device, and expire immediately after you close the website. The validity period of persistent cookies is defined in months, days or years. After the expiry of the validity of a persistent cookie, your browser will automatically delete the cookie when you visit the site again. You can also delete permanent cookies from your browser within the validity period. The website uses third-party cookies that we use to send data to third parties.

Cookies used on our website that are strictly necessary for the functioning of the website: cookie_1
Additionally the following non-essential cookies exist: cookie_2

2. How do we use cookies?

We may use any personal information we obtain from the cookies we place for the following purposes:

- for technical reasons (e.g. but not limited to identifying sessions, remembering settings or preferences, etc.);

- to generate statistical analysis and for web traffic management purposes (e.g. to improve the usability of your website and the relevance of your services, to analyze information about the use of your website by visitors based on the pages visited, number of accesses, location, etc.)

“The legal basis for the use of technically non-essential cookies is your consent in accordance with Art. 6 (1) (a) GDPR in conjunction with Section 25 (1) TTDSG.” 

3. How can you prevent your computer from receiving cookies?

- You have the right to object to the processing of your personal data through cookies, in particular by revoking your consent to the use of cookies for statistical purposes directly in the cookie pop-up window on your first visit to the website.

- You also have the possibility to configure your browser to generally disable the installation of cookies. Any recent web browser will allow you to change your cookie settings. These settings can usually be found in the "Tools", "Options", "Help" or "Settings" section within your browser, which you can consult by clicking on the links below, depending on which browser you are using. 

Google Chrome: https://support.google.com/chrome/answer/95647?hl=en
Internet Explorer: http://windows.microsoft.com/en-us/internet-explorer/delete-manage-cookies#ie=ie-11
Mozilla Firefox: https://support.mozilla.org/en-US/kb/delete-cookies-remove-info-websites-stored
Safari: https://support.apple.com/en-gb/HT201265brp> Any settings you may make to manage cookies are likely to change your browsing and access conditions for certain services that require the use of cookies. We are not responsible for the consequences of the degradation of our services if the degradation is due to your refusal or deletion of cookies.

You will also have the option to opt-out of the use of cookies instead of blocking them completely and in advance. In this case, you can also subsequently delete the cookies placed on your computer in the following ways:

- Google Chrome
- Firefox
- Microsoft Internet Explorer
- Microsoft Edge
- https://support.apple.com/en-gb/guide/safari/sfri11471/mac

For further information in relation to processing personal data please refer to “PRIVACY POLICY of IP CAMP”.

 

    Language selection