PRIVACY POLICY

Home 9 Privacy Policy

THE DATA PROTECTION DECLARATION

 

According to art. 4 point 1. Regulation (EU) 2016/679, i.e. the General Data Protection Regulation (hereinafter referred to as the “GDPR”), shall be deemed to be “processing” any transaction carried out with or without the aid of automated procedures or any such series of transactions in connection with personal data, such as the collection, collection, organisation, sorting, storage, adaptation or modification, reading, querying, use, disclosure by transmission, dissemination or any other form of provision, comparison or linking, restriction, deletion or destruction.

With the following data protection declaration, we inform you in particular about the type, scope, purpose, duration and legal basis of the processing of personal data, insofar as we decide either alone or together with others about the purposes and means of the processing. In addition, we inform you below about the third-party components we use for optimisation purposes and to increase the quality of use, insofar as third parties process data as a result of this on their own responsibility.

Our privacy policy is structured as follows:

I. Information about us as the controller

II. Rights of users and data subjects

III. Processing activities on our website

 

I. INFORMATION ABOUT US AS THE CONTROLLER

The controller for the processing activities on this website in the sense of data protection law is:

Greencells GmbH
Bahnhofstraße 28
66111 Saarbrücken
Germany

Phone: +49 (0) 681 992 669 10
Telefax: +49 (0) 681 992 665 74

Contact details of the data protection officer:

PROLIANCE GmbH
www.datenschutzexperte.de
Leopoldstr. 21
80802 Munich
[email protected]

When contacting the Data Protection Officer, please state the company to which your enquiry relates. Please refrain from enclosing sensitive information such as a copy of an ID card with your request.

 

II. RIGHTS OF USERS AND DATA SUBJECTS

With a view to the data processing described in more detail below, users and data subjects have the right

  • on confirmation of whether data concerning them are processed, on information about the data processed, on further information about data processing and on copies of the data (cf. also Art. 15 GDPR);
  • of correction or completion of incorrect or incomplete data (cf. also Art. 16 GDPR);
  • to the immediate erasure of the data concerning them (cf. also Art. 17 GDPR), or, alternatively, if further processing is required pursuant to Art. 17 para. 3 GDPR, to the restriction of processing pursuant to Art. 18 GDPR;
  • on receipt of the data concerning them and provided by them and on transmission of these data to other providers/responsible parties (cf. also Art. 20 GDPR);
  • on complaint to the supervisory authority if they are of the opinion that the data concerning them are processed by the provider in violation of data protection provisions (cf. also Art. 77 GDPR).
  • to withdraw consent to the processing of personal data at any time. The consequence of this is that the data processing based on the consent will no longer be continued in the future. The legality of the processing carried out up to the point of revocation remains unaffected by the revocation.

In addition, the provider is obliged to inform all recipients to whom data have been disclosed by the provider about any correction or deletion of data or the restriction of the processing which takes place on the basis of Articles 16, 17, para. 1, 18 GDPR. However, this obligation shall not apply if such notification is impossible or involves a disproportionate effort. Notwithstanding this, the user has a right to information about these recipients.

Users and data subjects also have the right to object to the future processing of data concerning them in accordance with Art. 21 GDPR, provided that the data is processed by the provider in accordance with Art. 6 para. 1 lit. f) GDPR. In particular, an objection to data processing for the purpose of direct advertising is permissible.

III. PROCESSING ACTIVITIES ON OUR WEBSITE

ACCESS TO AND STORAGE OF INFORMATION IN TERMINAL EQUIPMENT

By using our website, access to information (e.g. IP address) or storage of information (e.g. cookies) in your terminal equipment may occur. This access or storage may involve further processing of personal data pursuant to the GDPR.

In cases where such access to information or such storage of information is strictly necessary for the technically error-free delivery of our services, this is done on the basis of Art. 6 Abs. 1 S. 1 lit. a) GDPR, § 25 para. 1 s. 1, para. 2 no. 2 TDDDG.

In cases where such a process serves other purposes (e.g. the needs-based design of our website), this will only be carried out on the basis of § 25 para. 1 TDDDG with your consent pursuant to Art. 6 para. 1 lit. a) GDPR. The consent can be revoked at any time with effect for the future.

Personal data (usually referred to as “data” in the following) will only be processed by us to the extent necessary and for the purpose of providing a functional and user-friendly website, including its contents and the services offered there.

For more information on the processing of your personal data and the relevant legal basis in this context, please refer to the following sections on the specific processing activities on our website.

SERVER DATA

For technical reasons, in particular to ensure a secure and stable Internet presence, data is transmitted to us or to our web space provider via your Internet browser. With these so-called server log files, the type and version of your Internet browser, the operating system, the website from which you switched to our Internet presence (referrer URL), the website(s) of our Internet presence that you visit, the date and time of the respective access as well as the IP address of the Internet connection from which our Internet presence is used are collected.

These data collected in this way will be temporarily stored, but not together with other data of yours.

This data is stored on the legal basis of Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the improvement, stability, functionality and security of our Internet presence.

The data will be deleted after seven days at the latest, unless further storage is required for evidentiary purposes. Otherwise, all or part of the data will be excluded from deletion until an incident is finally resolved.

CONTACT INQUIRIES / CONTACT POSSIBILITY

If you contact us via contact form on the website, the data you provide will be used to process your request. Providing the data is necessary for processing and answering your inquiry – without their provision we cannot answer your inquiry or, if necessary, only to a limited extent.

The legal basis for this processing is Art. 6 para. 1 lit. b) GDPR if your request is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiry addressed to us (Art. 6 para. 1 sentence 1 lit. f) GDPR) or on your consent (Art. 6 para. 1 sentence 1 lit. a) GDPR), provided that this has been requested.

Your data will be deleted if your inquiry has been finally answered and there is no legal obligation to keep your data safe, e.g. in the case of a possible subsequent contract processing.

COOKIES

Our website uses so-called “cookies”. Cookies are small text files that are either temporarily stored on your end device for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your terminal device until you delete them yourself or an automatic solution is provided by your web browser.

Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g.  language settings). Other cookies are used to evaluate user behaviour or display advertising.

The processing of data using strictly necessary cookies is based on a legitimate interest pursuant to Art. 6 para. 1 lit. f) GDPR in the technically error-free delivery of our services. For details on the processing purposes and legitimate interests, please refer to the following explanations on the specific data processing.

The processing of personal data using other cookies is based on consent in accordance with § 25 Abs. 1 S. 2 TDDDG, Art. 6 para. 1 lit. a) GDPR. The consent can be revoked at any time with effect for the future. Insofar as such cookies are used for analysis and optimisation purposes, we will inform you separately about this in this privacy policy and obtain your consent in accordance with Art. 6 para. 1 lit. a) GDPR.

You can set your browser to

  • be informed about the setting of cookies,
  • only allow cookies in individual cases,
  • exclude the acceptance of cookies for certain cases or generally,
  • activate the automatic deletion of cookies when the browser is closed.

The cookie settings can be managed under the following links for each browser:

You can also manage cookies of many companies and functions used for advertising individually. To do so, use the appropriate user tools, available at https://www.aboutads.info/choices/ or http://www.youronlinechoices.com/uk/your-ad-choices.

Most browsers also offer a so-called “do-not-track function”. When this feature is enabled, the browser tells ad networks, websites, and applications that you do not want to be “tracked” for behavioural advertising and the like.

For information and instructions on how to edit this feature, please refer to the links below, depending on your browser provider:

Additionally, you can prevent the loading of so-called scripts by default. “NoScript” allows the execution of JavaScripts, Java and other plug-ins only at trusted domains of your choice. Information and instructions on how to edit this function can be obtained from the provider of your browser (e.g. for Mozilla Firefox at: https://addons.mozilla.org/en-US/firefox/addon/noscript/).

Please note that if you disable cookies, the functionality of our website may be limited.

CHANGE COOKIE SETTINGS

You can revoke or change your cookie settings at any time. To do so, access the cookie settings again via our integrated privacy trigger icon. You can find this at the bottom left of our website.

FACEBOOK (META)

Greencells maintains a company page at Facebook, Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA to communicate with prospects and users and to inform them about our services.

Data processing regarding “page insights” when visiting our Facebook fan page

When you visit our Facebook fan page, your personal data will be processed by Facebook as the operator of the platform and by us as the operator of the fan page. Insofar as this data processing takes place in connection with the Insights functionality of Facebook (Meta Platforms Ireland Ltd. or Meta Platforms Inc.), we are jointly responsible for such processing with Facebook (Art. 26 (1) GDPR).

Page Insights (https://www.facebook.com/business/a/page/page-insights) is a function provided by Facebook, which allows the operator of a Facebook fan page (us) to obtain summarized data about the interaction of visitors.

Page Insights may be based on personal data collected in connection with a person’s visit to or interaction with our site and in connection with content provided. Please be aware of what personal data you share with us via Facebook. Your data may be processed for market research and advertising purposes even if you are not logged into Facebook or do not have a Facebook account. For example, user profiles can be created from the usage behaviour and resulting interests of the users. The user profiles can in turn be used, for example, to display advertisements within and outside the platforms that presumably correspond to the interests of the users. This data collection takes place via cookies that are stored on your terminal device. Furthermore, data that is independent of the devices utilized by the users may also be stored in the user profiles; in particular, if the users are members of the respective platforms and logged in to them.

We only receive summarized (aggregated) data from Facebook, which does not allow any conclusions to be drawn about individual persons. The legal basis for the processing of your personal data relating to Facebook Insights is the consent the Facebook user gives to Facebook (Art. 6 (1) lit. a) GDPR.)

For information on the purposes Facebook pursues with the processing of your personal data and the legal basis for this data processing, please refer to Facebook’s privacy policy.

Please note that we have no influence on the data collection and further processing within the responsibility of Facebook. As a result, we cannot provide information about the extent to which, where and for how long the data is stored by Facebook. Furthermore, we cannot state to what extent Facebook complies with existing deletion obligations, what evaluations and links are made with the data on the part of Facebook and to whom the data is passed on by Facebook.

Information on the processing of your personal data, which is processed by Facebook for its own purposes, can be found in Facebook’s privacy policy: https://www.facebook.com/about/privacy/.

Your rights as an affected person of the data processing

If you as a visitor to the site would like to exercise your rights (information, correction, deletion, restriction, data portability, complaint to the supervisory authority, objection or revocation), you can contact both Facebook and us. You can independently adjust your advertising settings in your user account. To do so, click on the following link and log in: https://www.facebook.com/settings?tab=ads or https://www.youronlinechoices.com.

You can (also) restrict the visibility of your Facebook account towards us via the Facebook settings. For further details, please refer to Facebook’s privacy policy: https://www.facebook.com/about/privacy/.

Facebook’s data protection officer

To contact Facebook’s data protection officer, you can use the online contact form provided by Facebook under the following link https://www.facebook.com/help/contact/540977946302970.

X

Greencells maintains a company page at X (previously known as Twitter), X Corp., 11355 Market St #900, San Francisco, CA 94103, USA to communicate with prospects and users and to inform them about our services.

You can reach our Twitter page from our e-mail signature by redirection. However, it is made clear that we do not use a social plugin from Twitter on our website. Accordingly, no user data is transmitted to the Twitter servers when you visit our website. Only when the user is linked to the pages of Twitter, the data is forwarded to their server. When you visit our site on Twitter, Twitter’s Terms and Conditions and Privacy Policy apply. Unless otherwise stated in our privacy policy, we process the data of users who communicate with us within Facebook, e.g. send us messages there. Twitter is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active).

For more information about privacy on X, click here: https://x.com/en/privacy.

INSTAGRAM

Greencells maintains a company page on Instagram (Meta Platforms, Inc., 1601 Willow Road, Menlo Park, CA 94025, USA) to communicate with interested parties and users and to inform them about our services.

You can reach our Instagram page via links on our website. However, it is made clear that we do not use any social plugin or other services from Instagram on our website. Accordingly, no user data is transmitted to Instagram’s servers when you visit our website. Only when the user is linked to the Instagram pages will the data be forwarded to their servers. If you visit our site via Instagram, Instagram’s terms of use and privacy policy apply. Unless otherwise stated in our privacy policy, we process the data of users who communicate with us within Instagram, e.g. by sending us messages. Meta Platforms is certified under the EU-U.S. Data Privacy Framework and is therefore committed to complying with appropriate data protection standards, which can be viewed at the following link: https://www.dataprivacyframework.gov/s/participant-search.

Further information on data protection at Instagram can be found here: https://privacycenter.instagram.com/policy

LINKEDIN

When you visit our LinkedIn presence, your personal data will be processed by LinkedIn as operator of the platform and by us as operator of our presence within the platform. Insofar as this data processing takes place in connection with the Insights functionality of LinkedIn (LinkedIn Ireland Unlimited Company. or LinkedIn Corporation.), we are jointly responsible for it with LinkedIn (Art. 26 (1) GDPR).

Data processing regarding “page insights” when visiting our LinkedIn page

LinkedIn Page-Insights (https://legal.linkedin.com/pages-joint-controller-addendum) is a function provided by LinkedIn, which allows the operator of a LinkedIn page (us) to receive summarized data about the interaction of visitors.

LinkedIn evaluates your interaction with our LinkedIn presence as part of the Page Insights function and also uses the personal information provided by you (professional activity, industry, country, etc.). The evaluated data is made available to us by LinkedIn, but only in aggregated form (i.e. LinkedIn does not provide us with specific information on individual users as part of this function, but only summarized information). We use this aggregated data for the target group-specific presentation of our LinkedIn page and generally for its optimization with regard to the above-mentioned advertising purposes. We have a legitimate interest in these advertising purposes and the processing of your data is based on Art. 6 (1) lit. f) GDPR.

For information on the purposes LinkedIn pursues with the processing of your personal data and the legal basis for this data processing, please refer to LinkedIn’s privacy policy.

Please note that we have no influence on the data collection and further processing within the responsibility of LinkedIn. As a result, we cannot provide information about the extent to which, where and for how long the data is stored by LinkedIn. Furthermore, we cannot state to what extent LinkedIn complies with existing deletion obligations, what evaluations and links are made with the data on the part of LinkedIn and to whom the data is passed on by LinkedIn.

Your rights as an affected person of the data processing

If you as a visitor to the site would like to exercise your rights (information, correction, deletion, restriction, data portability, complaint to the supervisory authority, objection or revocation), you can contact both LinkedIn and us. You can independently adjust your advertising settings in your user account. For further information on data processing by LinkedIn, please refer to LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy.

LinkedIn’s data protection officer

To contact the data protection officer of LinkedIn, you can use the contact form under the link https://www.linkedin.com/help/linkedin/ask/TSO-DPO.

EXTERNAL LINKS TO SOCIAL MEDIA

On our website social media (e.g. Instagram and X) is solely embedded as a link to the respective service. After clicking on the embedded text/image-link you will be directed to the website of the respective provider. User information will only be transferred after the redirection to the respective provider. Information regarding the use of your personal data through the use of the website can be found in the privacy policies of the visited websites.

GOOGLE MAPS

Our homepage uses the online map service provider Google Maps via an interface. Provider of the map service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. This allows us to display interactive maps directly on the website and makes it easy for you to use the map function. To use the functionalities of Google Maps it is necessary to save your IP address.

Google uses Cookies, to collect information about user behaviour. The legal basis for the processing of your personal data is your given consent according to Art. 6 para. 1 lit. a) GDPR, § 25 para. 1 TDDDG.

Since a transfer of personal data by Google to affiliates and sub-processors to countries outside the EU and EEA is possible, further appropriate safeguards are required to ensure the level of data protection under the GDPR. For the U.S., there is an adequacy decision of the EU Commission pursuant to Art. 45 (1) GDPR regarding companies with certification under the EU-U.S. Data Privacy Framework. Google LLC is certified under the EU-U.S. Data Privacy Framework and is therefore committed to compliance with adequate data protection standards, which can be verified via the following link: https://www.dataprivacyframework.gov/s/participant-search.

For potential transfers to other countries outside the EU and the EEA, for which no adequacy decision of the EU Commission exists, we have concluded standard contractual clauses with the provider in accordance with Art. 46 (2) lit. c) GDPR. These oblige the recipient of the data in the country outside the EU to process the data in accordance with the level of protection in Europe.

Further information on the handling of user data can be found in Google’s privacy policy:

https://www.google.de/intl/de/policies/privacy/.
Opt-out: https://www.google.com/settings/ads/.

GOOGLE ANALYTICS

Our website uses Google Analytics, an internet analysis service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google Analytics uses so-called “cookies” and web beacons.

Google will use this information on behalf of the operator of this website to evaluate your use of the website and to create reports on website activity. Google will also use this information to provide the website operator with further services related to the use of the website and the internet. The IP address sent by your browser in the context of Google Analytics is not combined with other data from Google. Processing is carried out in accordance with Art. 6 para. 1 lit. a) GDPR on the legal basis of your given consent.

We use Google Analytics only with activated IP anonymisation. This means that your IP address will only be further processed by Google in abbreviated form. We have concluded a Data Processing Agreement with the service provider in which we oblige him to protect the data of our customers and not to pass them on to third parties.

Since a transfer of personal data by Google to affiliates and sub-processors to countries outside the EU and EEA is possible, further appropriate safeguards are required to ensure the level of data protection under the GDPR. For the U.S., there is an adequacy decision of the EU Commission pursuant to Art. 45 (1) GDPR regarding companies with certification under the EU-U.S. Data Privacy Framework. Google LLC is certified under the EU-U.S. Data Privacy Framework and is therefore committed to compliance with adequate data protection standards, which can be verified via the following link: https://www.dataprivacyframework.gov/s/participant-search.

For potential transfers to other countries outside the EU and the EEA, for which no adequacy decision of the EU Commission exists, we have concluded standard contractual clauses with the provider in accordance with Art. 46 (2) lit. c) GDPR. These oblige the recipient of the data in the country outside the EU to process the data in accordance with the level of protection in Europe.

The terms of use of Google Analytics and information on data protection can be accessed via the following links:

http://www.google.com/analytics/terms/.

https://policies.google.com/privacy.

The data will be deleted as soon as it is no longer necessary for the purpose for which it was collected. User and event-level data associated with cookies, user IDs (e.g., User ID), and advertising IDs (e.g., DoubleClick cookies, Android Advertising ID, IDFA) will be deleted no later than 14 months after collection.

You can prevent cookies from being saved by adjusting the settings of your browser software accordingly. Please note, however, that if you do so you may not be able to use all the functions of this website without restriction. You can also prevent Google from collecting the data generated by the cookie and analysing your use of the website (including your IP address) and processing this data by Google by downloading and installing the browser plugin available at https://tools.google.com/dlpage/gaoptout.

CLOUDFLARE

Our website uses the services of Cloudflare Inc, 101 Townsend St, San Francisco, CA 94107 USA for secure encrypted data transmission on the Internet (SSL), to improve global website performance through the Cloudflare Content Delivery Network (CDN) and to improve security and protect against hacker attacks through the Cloudflare Web Application Firewall (WAF). It is possible that Cloudflare uses its own cookies to provide these services. Processing is carried out in accordance with Art. 6 para. 1 lit. a) GDPR on the legal basis of your given consent.

Cloudflare generally only forwards that data which is controlled by website operators. The content is therefore not provided by Cloudflare, but always by the website operator itself. In addition, Cloudflare may collect certain information on the use of our website and process data that is sent by us or for which Cloudflare has received corresponding instructions. In most cases, Cloudflare receives data such as contact information, IP addresses, security fingerprints, DNS log data and website performance data derived from browser activity. Log data helps Cloudflare to detect new threats, for example. In this way, Cloudflare can ensure a high level of security protection for our website.

For security reasons and for the optimal presentation of our website, Cloudflare uses cookies.

In general, Cloudflare stores data at user level for domains in the Free, Pro and Business versions for less than 24 hours. Cloudflare only keeps data logs for as long as necessary and this data is deleted again within 24 hours in most cases. Cloudflare also does not store any personal data, such as your IP address. However, there is information that Cloudflare stores indefinitely as part of its permanent logs in order to improve the overall performance of Cloudflare Resolver and to identify any security risks. You can find information on which permanent logs are exactly stored at https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/privacy-policy/.

All data that Cloudflare collects (temporarily or permanently) is cleansed of all personal data and accordingly anonymised.

You can also completely prevent the entire collection and processing of your data by Cloudflare by deactivating the execution of script code in your browser or by integrating a script blocker into your browser.

Since a transfer of personal data by Cloudflare Inc. to affiliates and sub-processors to countries outside the EU and EEA is possible, further appropriate safeguards are required to ensure the level of data protection under the GDPR. For the U.S., there is an adequacy decision of the EU Commission pursuant to Art. 45 (1) GDPR regarding companies with certification under the EU-U.S. Data Privacy Framework. Cloudflare Inc. is certified under the EU-U.S. Data Privacy Framework and is therefore committed to compliance with adequate data protection standards, which can be verified via the following link: Participant Search (dataprivacyframework.gov).

We have entered into a data processing agreement with Cloudflare.

You can find more detailed information about data protection and Cloudflare at: https://www.cloudflare.com/de-de/gdpr/introduction/ and https://www.cloudflare.com/privacypolicy/.

GOOGLE TAG MANAGER

This website uses the Google Tag Manager of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). This service allows website tags to be managed through an interface.

The Google Tag Manager only implements tags. This means that no cookies are used and only the user’s IP address is transmitted to Google to establish a connection. The Google Tag Manager triggers other tags, which in turn may collect data. However, the Google Tag Manager does not access this data. If a deactivation has been made on domain or cookie level, it will remain for all tracking tags as long as they are implemented with the Google Tag Manager. We use the Google Tag Manager based on your consent pursuant to Art. 6 para. 1 lit. a) GDPR.

Since a transfer of personal data by Google to affiliates and sub-processors to countries outside the EU and EEA is possible, further appropriate safeguards are required to ensure the level of data protection under the GDPR. For the U.S., there is an adequacy decision of the EU Commission pursuant to Art. 45 (1) GDPR regarding companies with certification under the EU-U.S. Data Privacy Framework. Google LLC is certified under the EU-U.S. Data Privacy Framework and is therefore committed to compliance with adequate data protection standards, which can be verified via the following link: https://www.dataprivacyframework.gov/s/participant-search.

For potential transfers to other countries outside the EU and the EEA, for which no adequacy decision of the EU Commission exists, we have concluded standard contractual clauses with the provider in accordance with Art. 46 (2) lit. c) GDPR. These oblige the recipient of the data in the country outside the EU to process the data in accordance with the level of protection in Europe.

PERSONIO

We integrate the HR and application management software “Personio” from Personio GmbH, Rundfunkplatz 4, 80335 Munich, Germany on our Website.

Personio enables us to store and manage the applicant data we receive. If you send us your application data via the application form on our website, the data entered in the input mask will be transmitted to Personio and stored. Processing only takes place when you use our application form.

As part of your application, the following data in particular may be processed by the service provider:

  • Name (first name and surname)
  • e-mail address
  • telephone number
  • Country of residence
  • availability
  • Salary expectations
  • Residence permit
  • LinkedIn profile (optional)
  • Channel how you became aware of us

You also have the option of uploading informative documents such as a cover letter, your CV and references. These may contain further personal data such as date of birth, address, etc.

We only use Personio to process your application.

If we use cookies and similar technologies as part of the integration of the service or if data is stored on or read from your end device by the service, this is done in accordance with Section 25 (2) TDDDG.

Subsequent data processing takes place for the purpose of initiating a contract or initiating an employment relationship at the request of the data subject on the basis of Art. 6 para. 1 sentence 1 lit. b) GDPR and § 26 para. 1 sentence 1 BDSG.

Further information on the handling of personal data by Personio can be found at https://www.personio.de/datenschutzerklaerung/.

Further information on data processing as part of the application process can be found here: Jobs at Greencells Group (personio.de).

By integrating the services on our websites, data is transmitted to the above-mentioned recipients and stored there for a period of six months after completion of the application process. If, in individual cases, the data processed by the service and made available to us is stored in our own systems beyond this, the data will also be stored for a maximum of six months after completion of the application process.

DATA TRANSFERS AND RECIPIENTS

Your personal data is not transferred to third parties, unless

  • we have explicitly pointed this out in the description of the respective data processing.
  • you have given your explicit consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR,
  • the transfer pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR is necessary for the assertion, exercise or defence of legal claims and our legitimate interests are not overridden by your fundamental rights and freedoms.
  • there is a legal obligation to transfer data pursuant to Art. 6 para. 1 sentence 1 lit. c) GDPR, and
  • required by Art. 6 para. 1 sentence 1 lit. b) GDPR for the execution of contractual relationships with you.

In addition, we use external service provider, C3:net Enterprise Web Applications, Metzer Str. 50, 66117 Saarbrücken, Germany, for the processing of our services, whom we have carefully selected and commissioned in writing. We take appropriate technical and organisational measures to ensure the lawfulness of data processing by the processor. Required data processing agreements pursuant to Art. 28 GDPR are concluded before the commission. In particular, these contracts concern web hosting services, the dispatch of emails and IT updates and maintenance. Your personal data will not be transferred to third parties by our service providers.

DATA SECURITY

We take appropriate technical and organizational measures to ensure a level of protection appropriate to the risk in accordance with Article 32 of the GDPR, taking into account the state of the art, the cost of implementation and the nature, scope, circumstances and purposes of the processing, as well as the varying probability and severity of the risk to the rights and freedoms of natural persons. This website uses SSL encryption for security reasons and to protect the transmission of confidential content.

STORAGE AND DELETION OF YOUR DATA

The period for which the personal data will be stored is determined by the relevant statutory storage periods (e.g. from commercial law and tax law). The corresponding data is deleted routinely upon expiry of the respective period in accordance with the respective law. If data is required for the fulfilment of a contract or contract initiation, or if we have a legitimate interest in further storage, the data will be deleted if they are no longer required for these purposes or if you make use of your right of withdrawal or objection.

AUTOMATED DECISION MAKING

Automated decision making or profiling according to Art. 22 GDPR does not take place in relation to the processing activities on this website.

UPDATES TO THIS POLICY

We reserve the right to adapt or update this privacy policy, if necessary, in compliance with the applicable data protection regulations. In this way, we can adapt it to the current legal requirements and take account of changes to our services, e.g. the introduction of new services. The most current version applies to your visit.

Status of this privacy policy: 09.10.2024