1. Privacy at a glance

General information

The following notes give a simple overview of what happens to your personal data when you visit our website. Personal data is all data that allows you to be personally identified. Detailed information on data protection can be found in our privacy policy.

Data collection on our website 

Who is responsible for the data collection on this website?

The data processing on this website is carried out by the website operator. The website operator’s contact details can be found in the legal notice of this website.

How do we collect your data?

Your data will be collected on the one hand when you provide it to us. This may, for example, include the data you enter in a contact form.

Other data is automatically collected when you visit the site through our IT systems. This includes above all technical data (e.g. Internet browser, operating system or time of the page request). The collection of this data occurs automatically as soon as you enter our website.

What do we use your data for?

Part of the data is collected to ensure flawless provision of the website. Other data can be used to analyse your user behaviour.

What rights do you have regarding your data?

You have the right at any time free of charge to obtain information about the origin, recipients and purposes regarding your stored personal data. You also have a right to request the correction, blocking or deletion of this data. For this purpose, as well as for further questions about data protection you can contact us at any time at the address given in the legal notice.

Furthermore, you have a right of appeal to the relevant regulatory authority. You also have the right to request, under certain circumstances, the restriction of the processing of your personal data. Details can be found in the privacy policy under “Right to restriction of processing”.

Analysis tools and third-party tools

When visiting our website, your surfing behaviour may be statistically evaluated. This happens especially with cookies and with so-called analysis programs. The analysis of your surfing behaviour is usually anonymous; surfing behaviour cannot be traced back to you.

You may object to this analysis or prevent it by not using certain tools. Detailed information about these tools and your opt-out options can be found in the privacy policy below. 

Recipients of Data (On-Site Visits)

We use service providers for on-site services. These service providers are carefully chosen – especially with regard to data protection and data security – and take all measures required by data protection law for permissible data processing. The data you provide us for your visit will generally not be passed on to further third parties. In particular, your data will not be passed on to third parties for their advertising purposes.

2. General information and mandatory information 

Data protection

The operator of these pages takes the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations as well as this privacy policy.

When you visit this website, various personal data is collected. Personal data is information that personally identifies you. This privacy policy explains what information we collect and what we use it for. It also explains how and for what purpose this happens.

We point out that the transmission of data on the Internet (e.g. in the case of communication by e-mail) may have security gaps. Complete protection of the data from access by third parties is not possible.

Note regarding the responsible controller

The responsible controller for data processing on this website is:

Invertica GmbH
Kastellweg 25
69120 Heidelberg

E-Mail: info@invertica.de

The responsible controller is the natural or legal person who, alone or in concert with others, decides on the purposes and means of processing personal data (e.g. names, e-mail addresses, etc.).

Statutory data protection officer

The data protection officer for our company is:

Invertica GmbH
Christoph Wassermann
Kastellweg 25
69120 Heidelberg (Deutschland)

E-Mail: christoph.wassermann@invertica.de

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke given consent at any time. An informal message by e-mail to us is sufficient for this purpose. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to object to data collection in special cases and with regard to direct advertising (Art. 21 GDPR)

If the data processing occurs on the basis of Art. 6 (1) (e) or (f) GDPR, you have the right, at any time, to object to the processing of your personal data for reasons arising from your particular situation; this also applies to profiling based on these provisions. The respective legal basis on which processing is based is stated in this privacy policy. If you object, we will no longer process your personal data, unless we can establish compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or processing is necessary for the purpose of enforcing, pursuing or defending legal claims (Art 21 (1) GDPR).

If your personal data is processed to operate direct advertising, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is related to such direct advertising. If you object, your personal data will no longer be used for the purpose of direct advertising (objection pursuant to Art. 21 (2) GDPR).

Right of appeal to the competent supervisory authority

In the event of violations of the GDPR, you are entitled to exercise your right of appeal to a supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged infringement. The right of appeal is without prejudice to any other administrative or judicial remedies.

Right to data portability

You have the right to have data submitted to us or to a third party, based on your consent or in the performance of a contract, provided to you in a standard, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done as far as technically feasible.

SSL or TLS encryption

This site uses, for security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as a site operator, an SSL or TLS encryption. You can recognise an encrypted connection by the changing of the address bar of the browser from “http: //” to “https: //” and the lock symbol in your browser line.

 If the SSL or TLS encryption is activated, the data that you send to us cannot be read by third parties. 

Information, blocking, deletion and correction

Within the scope of the applicable legal provisions, you have the right to free information about your stored personal data, its origin and recipients and the purpose of the data processing and, if necessary, the right to correct, block or delete this data. For this purpose as well as for further questions on the subject of personal data, you can always contact us at the address given in the legal notice.

Right to restriction of processing

You have the right to demand the restriction of the processing of your personal data. You can contact us at any time at the address given in the legal notice for this purpose.

  • The right to restriction of the processing exists in the following cases: If you deny the accuracy of your personal data stored with us, we usually need time to check this. For the duration of the review, you have the right to request that your personal data be restricted. If the processing of your personal data is unlawful, you may request the restriction of data processing instead of deletion. If we no longer need your personal data but you require it for the purpose of exercising, defending or asserting legal claims, you have the right to demand, instead of the deletion, the restriction of the processing of your personal data. If you have filed an objection pursuant to Art. 21 (1) GDPR, a balance must be made between your and our interests. If it is not certain whose interests prevail, you have the right to demand that your personal data be restricted.
  • Wenn die Verarbeitung Ihrer personenbezogenen Daten unrechtmäßig geschah/geschieht, können Sie statt der Löschung die Einschränkung der Datenverarbeitung verlangen.
  • Wenn wir Ihre personenbezogenen Daten nicht mehr benötigen, Sie sie jedoch zur Ausübung, Verteidigung oder Geltendmachung von Rechtsansprüchen benötigen, haben Sie das Recht, statt der Löschung die Einschränkung der Verarbeitung Ihrer personenbezogenen Daten zu verlangen.
  • Wenn Sie einen Widerspruch nach Art. 21 Abs. 1 DSGVO eingelegt haben, muss eine Abwägung zwischen Ihren und unseren Interessen vorgenommen werden. Solange noch nicht feststeht, wessen Interessen überwiegen, haben Sie das Recht, die Einschränkung der Verarbeitung Ihrer personenbezogenen Daten zu verlangen.

If you have restricted the processing of your personal data, this data may only be used with your consent or for the assertion, processing or defence of legal rights or the protection of the rights of another natural or legal person or for the sake of a major public interest of the European Union or a Member State.  

Objection to advertising emails

The use of contact data published in the context of the legal notice obligation for sending unsolicited advertising and information materials is hereby rejected. The site operators expressly reserve the right to take legal action in the event of unsolicited advertising such as spam e-mails.

Duration of storage

Personal data will be deleted after expiry of the statutory retention period, if it is no longer required for contract fulfilment or contract initiation.

Legal basis of processing

If you have given us consent to process your personal data for a specific purpose, the processing is performed based on Art. 6 (1) (a) GDPR. If such processing is necessary in order to fulfil or initiate a contract with you, the processing is based on Art. 6 (1) (b) GDPR. In some cases, for example, in order to fulfil tax obligations, we may be subject to a legal obligation to process personal data. The legal basis for this in such cases is Art. 6 (1) (c) GDPR. In rare cases, processing may also be done to protect vital interests of you or another natural person. In this exceptional case, processing takes place based on Art. 6 (1) (d) GDPR. Finally, processing operations can also be based on Art. 6 (1) (f) GDPR. This is the case if the processing is to safeguard a legitimate interest of our company or a third party, unless your interests, fundamental rights or fundamental freedoms prevail. Such a legitimate interest can already be assumed if you are a customer of ours. If the processing of personal data is based on Art. 6 (1) (f) GDPR, our legitimate interest is the performance of our business activities.


We as the controller have taken technical and organisational security measures in accordance with Art. 32 GDPR. This includes in particular measures to ensure the confidentiality, integrity and availability of the data. In addition, we have established processes that ensure the protection of data subject rights, the deletion of personal data and an immediate response to the threat to such data. In addition, we ensure the protection of personal data already in the development and selection of hardware and software in accordance with the principles of Art. 25 GDPR. All our employees and persons involved in data processing are obliged to comply with the General Data Protection Regulation and other data protection laws and the confidential handling of personal data. 

 In the case of the collection and processing of personal data, the information is transmitted in encrypted form in order to prevent misuse of the data by third parties. Our security measures are continually being revised in line with technological developments.

However, Internet-based data transmissions can generally have security gaps such that absolute protection cannot be guaranteed.

Change of our privacy policy

We reserve the right to change our security and privacy practices to the extent required by technical developments. In these cases, we will also adapt our privacy policy accordingly. Please therefore take note of the current version of our privacy policy.

3. Data collection on our website


The internet pages partly use so-called cookies. Cookies do not harm your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and stored by your browser.

 Most of the cookies we use are so-called “session cookies”. They are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies allow us to recognise your browser the next time you visit.

You can set your browser to notify you of the setting of cookies and to allow cookies only in individual cases, to allow the acceptance of cookies for specific cases or in general, as well as to undertake the automatic deletion of cookies when closing the browser. The deactivation of cookies may limit the functionality of this website.

Cookies required to perform the electronic communication process or to provide certain functions desired by you (e.g. shopping cart function) are stored based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimised provision of its services. As far as other cookies (e.g. cookies for the analysis of your surfing behaviour) are stored, these are treated separately in this privacy policy.


If you use external links offered within our website, this privacy policy does not extend to these links. Insofar as we offer links, we assure that at the time of the link setting no violations of the applicable law on the linked websites were identified. However, we have no influence on the compliance of other providers with privacy and security regulations. Therefore, please also inform yourself on the websites of the other providers about the privacy policies provided there.

Children and adolescents

Persons under the age of 16 should not submit any personal data to us without the consent of their parents or guardians. We do not request personal data from children and adolescents, do not collect it and do not disclose it to third parties. 

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us.

This includes:

  • Browser type and version 
  • Operating system used
  • Referrer URL
  • Host name of the accessing computer
  • Time of server request
  • IP-Adress

A combination of this data with other data sources does not occur. The collection of this data is based on Art. 6 (1) (f) GDPR.

The website operator has a legitimate interest in the technically error-free presentation and the optimisation of its website, which requires the server log files to be recorded. 

Inquiry by e-mail, telephone or fax 

If you contact us by e-mail, telephone or fax, your request, including any resulting personal data (name, request) will be stored and processed by us for the purpose of processing your request. We will not disclose this data without your consent.

The processing of this data is based on Art. 6 (1) (b) GDPR, if your request relates to the fulfilment of a contract or is required to carry out pre-contractual measures. In all other cases, processing is based on your consent (Art. 6 (1) (a) GDPR) and/or on our legitimate interests (Art. 6 (1) (f) GDPR), as we have a legitimate interest in the effective processing of any inquiries addressed to us. The data you send to us via contact requests remains with us until you request us to delete it, you revoke your consent to the storage, or the purpose for data storage no longer applies (e.g. after completed processing of your concern). Compulsory statutory provisions – in particular statutory retention periods – remain unaffected.

4. Plugins and Tools

Google Maps

This site uses the mapping service Google Maps via an API. The provider is the Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

To use the features of Google Maps, it is necessary to save your IP address. This information is generally transmitted to and stored by Google on a server in the United States. The provider of this site has no control over this data transfer.

The use of Google Maps is in the interest of an attractive representation of our online offers and easy findability of the places indicated by us on the website. This constitutes a legitimate interest within the meaning of Art. 6 (1) (f) GDPR.

For more information on how user data is handled, please refer to Google’s privacy policy:


5. Own services


We offer you the opportunity to apply with us (e.g. by e-mail, by post or via the online application form). In the following, we will inform you about the scope, purpose and use of your personal data collected during the application process. We guarantee that the collection, processing and use of your data will be in accordance with applicable data protection law and all other applicable laws and that your data will be kept strictly confidential.

Scope and purpose of the data collection

If you submit an application to us, we process your related personal data (such as contact and communication information, application materials, job interview notes, etc.) to the extent necessary to decide on the employment relationship. The legal basis for this is § 26 BDSG-new according to German law (initiation of an employment relationship), Art. 6 (1) (b) GDPR (general contract initiation) and – if you have given your consent – Art. 6 (1) (a) GDPR. The consent is revocable at any time. Your personal data will be passed on within our company exclusively to persons who are involved in the processing of your application.

If the application is successful, the data submitted by you based on § 26BDSG-new and Art. 6 (1) (b) GDPR will be stored for employment purposes in our data processing systems.

Retention period for the data

If we cannot make you a job offer, if you reject a job offer, withdraw your application, revoke your consent to data processing or request us to delete the data, the data you provide, including any remaining physical application documents, will be stored for a maximum of 6 months after completion of the application process (retention period) in order to be able to clarify the details of the application process in the event of disagreement (Art. 6 (1) (f) GDPR).


After expiry of the retention period, the data will be deleted unless there is a statutory retention obligation or any other legal reason for further storage. If it is apparent that the retention of your data will be required after the expiry of the retention period (e.g. due to a pending or pending legal dispute), deletion will not take place until the data has become invalid. Other statutory storage obligations remain untouched.

As of 07/2020