Privacy Policy

1. Name and contact details of the data controller

This privacy policy applies to data processing by:
Responsible party: VIAOPTIC GmbH, Am Leitz-Park 1, D-35578 Wetzlar, Germany
Email: info@viaoptic.de
Phone: +49 6441 9011-0

1.2 Contact details of the data protection officer

Data Protection Officer:
Name: Mike Plasberg
Address: Am Leitz-Park 1, 35578 Wetzlar, Germany
Email: plasberg@viaoptic.de
Phone: +49 6441 9011-59

2. Collection and storage of personal data and purpose of processing

When visiting our website, your browser automatically transmits certain information to our web server, which is stored in temporary log files. The following data is collected and processed:

• IP address of the requesting device
• Date and time of access
• Duration of the session
• Name and URL of accessed files
• Website from which access was made (referrer URL)
• Browser type and operating system
• Name of your internet service provider

The data is processed for the following purposes:

• Ensuring a smooth connection to our website
• Ensuring convenient website usage
• Evaluating system security and stability
• Administrative purposes

Legal basis: Article 6 (1) lit. f GDPR (legitimate interests). Our legitimate interest follows from the purposes mentioned above. We do not use collected data to identify individuals.

3. Disclosure of data

Your personal data will only be disclosed to third parties in the following cases:

• With your explicit consent (Article 6 (1) lit. a GDPR)
• For the assertion, exercise, or defense of legal claims (Article 6 (1) lit. f GDPR)
• To comply with a legal obligation (Article 6 (1) lit. c GDPR)
• If necessary for contractual performance (Article 6 (1) lit. b GDPR)

4. Cookies

We use cookies on our website. These are small files that your browser automatically creates and that are stored on your end device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not harm your end device, nor do they contain viruses, Trojans, or other malware.
Information stored in cookies is related to the specific end device used. This does not mean that we gain direct knowledge of your identity.
We use cookies primarily for the following purposes:

• Session cookies: These allow us to recognize that you have already visited specific pages of our website. They are automatically deleted when you leave our site.
• Temporary cookies: These are stored on your device for a defined period and allow us to recognize returning visitors and their settings for ease of use.
• Analytical cookies: These help us statistically record and evaluate website usage to optimize our offering for you (see Section 5).The data processed through cookies is necessary to protect our legitimate interests as well as those of third parties in accordance with Article 6 (1) lit. f GDPR.
  Most browsers accept cookies automatically. However, you can configure your browser to prevent cookies from being stored on your computer or to display a prompt before a new cookie is created. Disabling cookies may lead to limitations in website functionality.
  In this context, no data is shared with third parties. The data is processed exclusively for the stated purposes—sending an offer and making telephone contact. The legal basis for the processing of data transmitted as part of an email inquiry is the implementation of pre-contractual measures or the performance of a contract in accordance with Article 6 (1) lit. b GDPR, or your consent pursuant to Article 6 (1) sentence 1 lit. a GDPR. Your personal data is generally deleted once it is no longer required for the purpose for which it was collected. The personal data collected for the purpose of obtaining an offer is deleted once the offer has been sent and timely telephone contact has been established or was unsuccessful. Further processing will only take place if necessary for contract initiation, execution, or fulfillment of contractual obligations.

5. Matomo

We use Matomo due to our legitimate interest in optimizing and analyzing our online offering in accordance with Article 6 (1) lit. f GDPR. Matomo is a service provided by InnoCraft Ltd. (150 Willis St, 6011 Wellington, New Zealand, NZBN 6106769).
We have configured Matomo in a way that does not use cookies, and IP addresses are only processed in an abbreviated form to restrict direct personal identification. The collected information is transmitted solely to our server in Germany and stored there, ensuring that no data is transferred to third countries. The collected data is used to analyze the use of our online offering, such as generating reports on website activity, in order to improve our services.
For more details, please visit: matomo.org/matomo-cloud-privacy-policy

6. onlyfy one

Onlyfy one is part of the comprehensive XING service provided by New Work SE, which aims to enhance and simplify professional life through a variety of applications (such as onlyfy one, the XING social network, kununu, etc.). The goal is to make the working world more fulfilling for individuals while increasing business success. As part of the broader XING service, onlyfy one functions as an online platform that connects talent with companies. Through onlyfy one, companies can post job advertisements, identify potential candidates (including those from the XING professional network, if applicable), receive and manage applications, and communicate with candidates and applicants.
New Work SE facilitates these connections between talent and businesses via onlyfy one. This includes recommending candidates, displaying them in the business customer's company account, and generating and providing recruiting-relevant information and analytics based on data processed within onlyfy one and, where applicable, other XING applications or external sources.

6.1 Joint Responsibility

With regard to the interaction within the corporate account of VIAOPTIC GmbH, VIAOPTIC GmbH and New Work SE share joint responsibility in accordance with Article 26 GDPR, as they jointly determine the purposes and means of data processing in accordance with Article 4 No. 7 GDPR. The current version of the joint responsibility agreement under Article 26 GDPR, which New Work SE enters into with companies using onlyfy one, can be viewed here as an appendix to gain insight into the key aspects of the agreement.

6.2 Data Processing by New Work SE

Regarding data processing for which New Work SE is solely responsible or responsible within the scope of joint responsibility with VIAOPTIC GmbH, you can find further information in XING’s privacy policy: privacy.xing.com/en/privacy-policy. There, you will also find the contact details of New Work SE and the data protection officer of New Work SE.

6.3 Interruption of your online application

You can interrupt the creation of your online application at any time and continue it at a later date. For this purpose, cookies are used. Data you provide to create the user account as well as uploaded documents are recorded in the corporate account of VIAOPTIC GmbH in onlyfy one. The data remains stored even if you interrupt and/or do not complete an application. In this case, your application will be marked as incomplete, and the data will remain visible to VIAOPTIC GmbH with restricted access.

6.4 Access to your data

You can view, edit, or update the data you have provided as part of your online application at any time in your candidate profile.

6.5 Notes on special features of onlyfy one

6.5.1 Calendar function

If the calendar function is used, your data will be processed as part of and for the purpose of scheduling appointments in the application process. The legal basis is Article 6 (1) lit. f GDPR. The calendar function is provided by an IT service provider (Cronofy Ltd., United Kingdom). The United Kingdom is classified as a safe third country by the European Commission due to its adequacy decision. Click here for more information on Cronofy’s data protection policy.

7. onlyfy - Data processing by VIAOPTIC GmbH

Below you will find information from VIAOPTIC GmbH regarding data processing for which VIAOPTIC GmbH is solely responsible or jointly responsible with New Work SE.
Transparency and the trustworthy handling of your personal data are important foundations for good cooperation. Therefore, we inform you about how we process your data and how you can exercise your rights under the General Data Protection Regulation (GDPR). The following information provides an overview of the collection and processing of your personal data in connection with the execution of the application process. Please read this privacy policy carefully before applying with us.

7.1 Data Protection Contact

If you have any questions regarding data processing, please contact:
Mike Plasberg
Am Leitz-Park 1
35578 Wetzlar
Phone: +49 6441 9011-59
Email: plasberg@viaoptic.de

7.2 What is personal data?

According to Article 4 No. 1 GDPR, personal data includes all information relating to an identified or identifiable natural person. A natural person is considered identifiable if they can be identified directly or indirectly, particularly by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more specific characteristics that are an expression of the physical, physiological, genetic, psychological, economic, cultural, or social identity of that natural person.

7.3 What data is processed?

To carry out the application process, the following data or categories of data are processed:

• Applicant master data (first name, last name, title, email address, phone number, address, date of birth, nationality)
• Qualification data (cover letter, motivation letter, CV, previous work experience, professional qualifications, and skills)
• Voluntary information, such as an application photo, information about a disability, or other details you voluntarily provide in your application or upload
• Additional questions dependent on the job posting (e.g., driver's license, nationality)
• Communication between you and us, as well as comments and evaluations recorded during your application process
• Other data/categories, such as publicly available professional data, e.g., a profile on professional social media networks like XING or LinkedIn
• Special categories of personal data: If you provide information in your application documents that falls under special categories of personal data as defined in Article 9 (1) GDPR (e.g., data revealing your sexual orientation, health information, data revealing your ethnic origin or religion), we will process this data only within the legally permissible framework.

7.4 For what purposes do we process your data and on what legal basis?

7.4.1 Data processing for employment purposes

Your personal data is processed for personnel selection purposes to fill open positions, i.e., to initiate an employment contract. The necessity and scope of data collection depend on the position to be filled. If the position you are seeking involves handling particularly sensitive tasks, increased personnel and/or financial responsibility, or specific physical and health requirements, more extensive data collection may be required. Your data may also be used to remind you to complete your application. The legal basis is Section 26 (1) of the German Federal Data Protection Act (BDSG).

7.4.2 Consent – Article 6 (1) lit. a and Article 9 (2) lit. a GDPR, Section 26 (2) BDSG

If you have voluntarily given us consent to process certain personal data, this consent serves as the legal basis for processing this data.
We process your personal data based on your consent in the following cases: If you agree to the extended storage of your application documents beyond the current application process so that we may consider them in future recruitment procedures.
If we rely on your consent for data processing, you have the right to withdraw your consent at any time with future effect. Please send your withdrawal request via email to info@viaoptic.de. The legality of the data processing carried out before the withdrawal remains unaffected.

7.4.3 Data Processing Based on Legitimate Interest – Article 6 (1) lit. f GDPR

In certain cases, we process your data to protect our legitimate interests or those of third parties. A legitimate interest exists, for example, if your data is necessary for the assertion, exercise, or defense of legal claims in the application process (e.g., claims under the General Equal Treatment Act). In the event of a legal dispute, we have a legitimate interest in processing the data for evidentiary purposes.

7.4.4 Feedback Questionnaire

To optimize our application processes and improve our attractiveness as an employer, we offer you the opportunity to provide personal feedback. For this purpose, we will send you a feedback questionnaire to the email address you provided (with prior consent – to be adjusted by the customer). If you participate in the survey, onlyfy one (see Section 7.5 “Who Will Your Data Be Shared With?”) will collect feedback, job title, job location, job category, and possibly the type of employment for which you applied. This information will then be transmitted to kununu and potentially other verified review platforms and published there without mentioning your name. Please note that third parties, such as your employer, may identify you based on the information you provide in the published feedback.

7.5 Who will your data be shared with?

Your data is primarily processed by our HR department. However, other internal and external entities may also be involved in processing your data.
Internal entities may include specialist departments, company divisions, or our works council.
As an external service provider, we use New Work SE. New Work SE, Strandkai 1, 20457 Hamburg, operates onlyfy one, the online platform we use for recruitment. More information about onlyfy one is available above.
If you apply via onlyfy one, your personal data will be directly recorded in onlyfy one. Even in the case of a postal or email application, your data may be transferred by us to onlyfy one.

7.6 How long will your data be stored in our onlyfy one company account?

We store your personal data for as long as it is necessary to make a decision regarding your application. In cases where an employment relationship between you and us is not established, we may continue to store your data if it is necessary to defend against potential legal claims. As a rule, your data will be deleted within six months after the completion of the application process for our company.
If no employment relationship is established and you have given us your consent for further storage of your data (“VIAOPTIC GmbH Talent Pool”), we will store your data until you withdraw your consent, but for no longer than an additional three years. In specific cases, we may also store your data for a longer period for the purpose of defending against potential legal claims.
If you withdraw your application before the application process is completed, i.e. if you delete your data and your account, the stored data will be blocked for the duration of the ongoing application process and will be deleted six months after the completion of the application process for our company.
If you do not make any further changes to your candidate profile – for example, if you do not complete an ongoing application, start a new application, or update the data of an existing application – your data will be deleted within six months after the completion of the last active application process for our company.
If you no longer use your candidate profile and have not given consent for prolonged data storage in our applicant pool, your data will be deleted within six months after the completion of the application process for our company.
You may request the deletion of your candidate profile and your application documents at any time. Once a deletion request has been submitted, you will be informed of the exact deletion date, and your data will be automatically deleted according to the conditions set forth in this privacy policy.

7.7 What rights do you have in relation to the processing of your data?

You have the right to request information about whether we store personal data about you. If you wish, we will inform you about which data is being processed, for what purposes the data is processed, to whom this data is disclosed, how long the data is stored, and what further rights you have in relation to this data.
In addition, you have the right to have your data corrected or deleted. You may also request that we provide all the personal data you have supplied to us in a structured, commonly used, and machine-readable format, either to you or to a person or company of your choice.
Furthermore, you have the right not to be subject to a decision based solely on automated processing – including profiling – that produces legal effects concerning you. As part of the application process, we do not use exclusively automated processing for decision-making.
You also have the right to object, at any time and for reasons arising from your particular situation, to the processing of personal data concerning you that is based on Article 6 (1) lit. e GDPR (processing in the public interest) or Article 6 (1) lit. f GDPR (processing to protect a legitimate interest); this also applies to profiling based on this provision. In the event of your objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or unless the processing is necessary for the assertion, exercise, or defense of legal claims.
In addition, you have the right to lodge a complaint with the competent data protection supervisory authority.
To exercise your rights, you may contact us by email at plasberg@viaoptic.de. We will process your inquiries promptly and in accordance with legal requirements, and we will inform you of the measures we have taken or will take.

7.8 Is there an obligation to provide your personal data?

The provision of personal data is neither legally nor contractually required, nor are you obligated to provide personal data. However, the provision of personal data is necessary for the execution of the application process. This means that if you do not provide us with personal data when applying, we will not be able to conduct the application process.

8. Rights of data subject

You have the right:

• to request access to the personal data we process about you in accordance with Article 15 GDPR. In particular, you may request information about the purposes of the processing, the categories of personal data, the categories of recipients to whom your data has been or will be disclosed, the intended storage duration, the existence of a right to rectification, deletion, restriction of processing, or objection, the existence of a right to lodge a complaint, the origin of your data (if it was not collected by us), and the existence of automated decision-making including profiling, as well as meaningful information about its particulars;
• to request immediate rectification of incorrect or completion of your personal data stored by us in accordance with Article 16 GDPR;
• to request the deletion of your personal data stored by us in accordance with Article 17 GDPR, unless processing is necessary for exercising the right to freedom of expression and information, for complying with a legal obligation, for reasons of public interest, or for the assertion, exercise, or defense of legal claims;
• to request the restriction of the processing of your personal data in accordance with Article 18 GDPR, if you contest the accuracy of the data, if the processing is unlawful, if you refuse deletion and we no longer need the data but you require it to assert, exercise, or defend legal claims, or if you have objected to the processing in accordance with Article 21 GDPR;
• to receive your personal data, which you have provided to us, in a structured, commonly used, and machine-readable format or to request its transmission to another data controller in accordance with Article 20 GDPR;
• to withdraw your consent given to us at any time in accordance with Article 7 (3) GDPR. This will result in us no longer continuing the data processing that was based on this consent for the future; and
• to lodge a complaint with a supervisory authority in accordance with Article 77 GDPR. In general, you may contact the supervisory authority of your habitual residence, your workplace, or our company headquarters.

9. Right to object

If your personal data is processed on the basis of legitimate interests in accordance with Article 6 (1) sentence 1 lit. f GDPR, you have the right to object in accordance with Article 21 GDPR to the processing of your personal data, insofar as there are reasons arising from your particular situation or if the objection is directed against direct marketing. In the latter case, you have a general right to object, which we will implement without requiring any specific reason.
If you wish to exercise your right to withdraw consent or to object, please send an email to info@viaoptic.de

10. Data Security

During your visit to our website, we use the widely used SSL (Secure Socket Layer) protocol in conjunction with the highest level of encryption supported by your browser. In general, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we instead use 128-bit v3 technology. You can tell if an individual page of our website is transmitted encrypted by the closed display of the key or lock symbol in the lower status bar of your browser.
We also employ appropriate technical and organizational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction, or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

11. Currentness and Amendments to this Privacy Policy

This privacy policy is currently valid and is up to date as of February 2025.
Due to the further development of our website and its offerings or due to changes in legal or regulatory requirements, it may become necessary to amend this privacy policy. The current privacy policy can be accessed and printed at any time on our website.

Legal Disclaimer:
This privacy policy has been translated into English for convenience. In the event of any discrepancies or ambiguities between the German and English versions, the German version shall prevail.