We, AixpertSoft GmbH (hereinafter referred to as „we“ or „us“), take the protection of your personal data seriously and hereby inform you about data protection on our website.
As part of our data protection responsibilities, new obligations have been imposed on us through the entry into force of the EU General Data Protection Regulation (Regulation (EU) 2016/679; hereinafter: „GDPR“), in order to ensure the protection of personal data of the data subject (we shall also refer to you as the data subject below as „customer“, „user“, „you“, „your“ or „data subject“).
To the extent that we decide, either alone or jointly with others, on the purposes and means of data processing, this primarily includes the obligation to inform you transparently about the type, scope, purpose, duration, and legal basis of the processing (cf. Articles 13 and 14 GDPR). With this declaration (hereinafter: „Data Protection Notice“), we inform you about how we process your personal data.
These privacy notices consist of a general part for all processing of personal data and data processing situations that apply whenever a website is accessed (General) and a special part, the content of which relates only to the specific processing situation indicated therein, with the designation of the respective service or product, in particular the website visits detailed herein (Website Visits).
To help you find the sections relevant to you, please refer to the following overview of the data protection declaration's structure:
| Part |
Designation |
This part is for you…
|
| Part A |
General |
always relevant. |
| Part B |
Website and social media presences |
relevant when you use our German internet services, including our social media profiles. |
Definitions
In accordance with Article 4 of the GDPR, the following definitions form the basis of this privacy policy:
- „Personal data“ (Article 4(1) GDPR) means any information relating to an identified or identifiable natural person („data subject“). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Identifiability may also be established through the linking of such information or other additional knowledge. The means by which the information came about, its form or embodiment are irrelevant (photos, video or audio recordings may also contain personal data).
- „Processing“ (Article 4(2) GDPR) means any operation or set of operations performed on personal data or on sets of personal data, whether or not by automated means. This notably includes collecting (i.e. obtaining), recording, organising, structuring, storing, adapting or altering, retrieving, consulting, using, disclosing by transmission, disseminating or otherwise making available, aligning, combining, restricting, erasing or destroying personal data, as well as amending an initial purpose or objective for data processing.
- „Controller“ (Article 4(7) GDPR) means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
- „Third party“ (Article 4(10) GDPR) is any natural or legal person, public authority, agency or other body, other than the data subject, the controller, the processor and the persons who, under the direct authority of the controller or processor, are authorised to process the personal data; this shall include other legal entities within the same group of companies.
- „Processor“ (Article 4(8) GDPR) means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller, in particular in accordance with the controller's instructions (e.g. an IT service provider). In the sense of data protection law, a processor is not a third party.
- „Consent“ (Art. 4(11) GDPR) of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
Name and address of the controller
The entity responsible for the processing of your personal data within the meaning of Article 4(7) GDPR is:
AixpertSoft GmbH
Pascalstraße 25
52076 Aachen
web@aixpertsoft.de
Contact Data Protection Officer
Daniel Strotman
datenschutzbeauftragter@aixpertsoft.de
Legal bases for data processing
Under the law, the processing of personal data is generally prohibited and only permitted if the data processing falls under one of the following grounds of justification:
- Art. 6(1) sentence 1 lit. a GDPR („Consent“): where the data subject has given consent to the processing of his or her personal data for one or more specific purposes, by electronic means or by a declaration or other unambiguous confirmatory action.;
- Article 6(1) sentence 1(b) GDPR: where processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
- Art. 6(1) sentence 1(c) GDPR: Where processing is necessary for compliance with a legal obligation to which the controller is subject (e.g., a statutory retention obligation);
- Art. 6(1) first sentence, point (d) of the GDPR: where the processing is necessary to protect the vital interests of the data subject or of another natural person;
- Art. 6(1) sentence 1(e) GDPR: Where processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller or
- Art. 6(1), sentence 1, point (f) of the GDPR („legitimate interests“): If processing is necessary for the purposes of the legitimate (in particular legal or economic) interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
For the processing operations we carry out, we specify the applicable legal basis below for each. A processing operation may also be based on several legal bases.
Data deletion and storage duration
For the processing operations we undertake, we will state below how long the data is stored by us and when it will be deleted or blocked. If no express storage period is specified below, your personal data will be deleted or blocked as soon as the purpose or legal basis for storage ceases to apply. Your data is generally only stored on servers in the EU, subject to any onward transfer in accordance with the provisions in A.(6) and A.(7).
However, data may be stored beyond the specified period in the event of (impending) legal proceedings with you or any other legal action, or if storage is required by statutory provisions to which we are subject as controllers (e.g. § 257 HGB, § 147 AO). When the storage period prescribed by statutory provisions expires, the personal data will be blocked or deleted, unless further storage by us is necessary and there is a legal basis for doing so.
Data security
We employ appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties (e.g. TLS encryption, formerly known as SSL encryption, for our websites), taking into account the state of the art, implementation costs and the nature, scope, context and purpose of the processing, as well as the existing risks of a data breach (including the probability and impact thereof) for the data subject. Our security measures are continuously improved in line with technological developments. We will provide further information on this upon request.
Collaboration with data processors
Like many companies, we also use external domestic and foreign service providers (e.g. for IT, telecommunications, sales and marketing) to conduct our business. These providers only act on our instructions and have been contractually obligated to comply with data protection regulations in accordance with Article 28 of the GDPR.
Prerequisites for the transfer of personal data to third countries
As part of our business relationship, your personal data may be shared with or disclosed to third parties. These may also be located outside the European Economic Area (EEA), i.e. in third countries. Such processing is carried out exclusively for the fulfilment of contractual and business obligations and for the maintenance of your business relationship with us. We will inform you of the specific details of the disclosure at the relevant points below.
The European Commission certifies certain third countries as having a level of data protection comparable to the EEA standard through so-called adequacy decisions, pursuant to Article 45(1) of the GDPR (a list of these countries, along with a copy of the adequacy decisions, can be found on the European Commission's website at). commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en?prefLang=de&etrans=deThis includes the United States of America since 10.07.2023, meaning that data transfer there does not require special authorisation, provided that the US companies are certified under the EU-US Data Privacy Framework; this is under www.dataprivacyframework.gov/ evident. However, in other third countries to which personal data may be transferred, there may not be a consistently high level of data protection due to a lack of legal provisions. Where this is the case, we ensure that data protection is adequately guaranteed. This can be achieved through binding corporate rules, standard contractual clauses of the European Commission for the protection of personal data, certificates, or recognised codes of conduct. Please contact us if you would like more detailed information on this. Specific information about the service providers used can be found in this privacy policy and within the consent page (or so-called cookie banner).
No automated decision-making (including profiling)
We do not intend to use any personal data collected from you for an automated decision-making process (including profiling).
No obligation to provide personal data
As a general rule, we do not make the use of our services dependent on you providing us with personal data beforehand. As an applicant or customer, you are generally under no legal or contractual obligation to provide us with your personal data; however, it may be the case that we can only provide certain services to a limited extent or not at all if you do not provide the data required for them. If this should be the case as an exception in the context of the products presented below and offered by us, you will be informed separately.
Legal obligation to transmit certain data
We may be subject to a special statutory or legal obligation to provide lawfully processed personal data to third parties, in particular public authorities (Art. 6(1)(c) GDPR).
Your Rights
You can assert your rights as a data subject at any time by contacting us using the contact details provided at the beginning. As a data subject, you have the right to:
- in accordance with Article 15 GDPR, to request information about your data processed by us. In particular, you may request information about the purposes of processing, the category of data, the categories of recipients to whom your data have been or will be disclosed, the planned storage duration, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data, provided they were not collected by us, as well as the existence of automated decision-making, including profiling, and, if applicable, meaningful information about the details thereof;
- in accordance with Article 16 GDPR, to request the immediate rectification of inaccurate data or the completion of your data stored by us;
- in accordance with Art. 17 GDPR to request the deletion of your data stored with us, insofar as the processing is not necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise or defence of legal claims;
- in accordance with Art. 18 GDPR, to request the restriction of the processing of your data, provided that the accuracy of the data is contested by you or the processing is unlawful;
- in accordance with Art. 20 GDPR to receive the data you have provided to us in a structured, common and machine-readable format or to request the transfer to another controller („data portability“);
- in accordance with Art. 21 GDPR, to object to the processing, provided that the processing is based on Art. 6 Para. 1 Sentence 1 lit. e or lit. f GDPR. This is particularly the case if the processing is not necessary for the performance of a contract with you. Unless it is an objection to direct marketing, we ask that when you exercise such an objection, you state the reasons why we should not process your data as we have done. In the event of your justified objection, we will examine the situation and will either cease or adjust the data processing or show you our compelling legitimate grounds for continuing the processing;
- in accordance with Article 7(3) of the GDPR, you may withdraw your consent – meaning your voluntary, informed, and unambiguous indication of wishes by which you signify your agreement to the processing of personal data relating to you for one or more specific purposes – at any time, if you have given such consent (even if given before the GDPR came into effect, i.e. before 25 May 2018). This means that we will no longer be permitted to continue processing data based on that consent for the future, and
- in accordance with Art. 77 GDPR, to lodge a complaint with a supervisory authority regarding the processing of your personal data, for example with the supervisory authority responsible for us, as named below: Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen, Email: poststelle@ldi.nrw.de
Changes to the privacy notice
As part of the further development of data protection law, as well as technological or organisational changes, our privacy policy is regularly reviewed for any need for adaptation or supplementation. You will be informed about changes, in particular, on our website at http://aixpertsoft-jobs.de/. This privacy policy is dated 30 August 2024.
Visiting websites
You can find information about our company and the services we offer, in particular at http://aixpertsoft-jobs.de/ and its associated sub-pages (hereinafter collectively referred to as the „Websites“). When you visit our Websites, personal data may be processed. If you leave our Website via links to other providers or open corresponding pages, our responsibility ends from this click, as we then have no further influence on the processing of any data transmitted to the third party by clicking the link, such as your IP address. For information on how your personal data is handled when using these Websites, please refer to the respective data protection provisions of the providers, as well as if the use of the websites of other providers involves the collection, processing or use of personal data.
Processed personal data
When using the websites for informational purposes, the following categories of personal data are collected, stored, and processed by us:
„Log data“: When you visit our website, a log record (so-called server log files) is temporarily and anonymously stored on our web server. This consists of:
- the page from which the page was requested (so-called referrer URL)
- the name and URL of the requested page
- the date and time of the call
- of the description of the type, language and version of the web browser used
- the IP address of the requesting computer, which is shortened so that a personal reference can no longer be established
- the amount of data transferred
- to the operating system
- the message as to whether the call was successful (access status/HTTP status code)
- the GMT time zone difference
Log data is stored based on our legitimate interests in protecting against unauthorised use and misuse, as well as protecting our customers from these.
„Contact form data“When using contact forms, the data transmitted through them will be processed (e.g., depending on the query: first name, last name, gender, address, telephone number, email, profession, workplace, possibly payment details, and the time of transmission).
Purpose and legal basis for data processing
We require and use your data to introduce you to our company, make job offers, and enable you to apply to us. We process the personal data detailed above in compliance with the regulations of the GDPR, other relevant data protection regulations, and only to the extent necessary. Insofar as the processing of personal data is based on Art. 6 (1) sentence 1 letter f GDPR, the aforementioned purposes also represent our legitimate interest.
The processing of log data is for statistical purposes and to improve the quality of our website, particularly the stability and security of the connection (legal basis is Art. 6(1)(f) GDPR). The processing of contact form data is for the purpose of handling customer enquiries (legal basis is Art. 6(1)(a), (b) or (f) GDPR).
Duration of data processing
Your data will only be processed for as long as is necessary to achieve the aforementioned processing purposes; the legal bases specified within the scope of the processing purposes shall apply accordingly. With regard to the use and storage period of cookies, please refer to the section „Data Deletion and Storage Period“. Third parties engaged by us will store your data on their systems for as long as this is necessary in connection with the provision of services to me, in accordance with the respective order. For further details on the storage period, please refer to „Data Deletion and Storage Period“.
Transfer of personal data to third parties; Legal basis
The following categories of recipients, who are generally data processors (see A. (6) above), may receive access to your personal data:
- Service provider for the operation of our website and the processing of data stored or transmitted by the systems; the legal basis for the transfer is then Art. 6(1) sentence 1(b) or (f) GDPR, insofar as they are not order processors;
- State authorities/agencies, insofar as this is necessary for the fulfilment of a legal obligation. The legal basis for disclosure is then Article 6 (1) sentence 1 letter c GDPR;
- Individuals involved in our business operations (e.g. auditors, banks, insurers, legal advisors, supervisory authorities, parties involved in company acquisitions or the formation of joint ventures). The legal basis for disclosure is then Art. 6(1)(b) or (f) GDPR.
For guarantees of an appropriate level of data protection when data is transferred to third countries, see above under „Prerequisites for the transfer of personal data to third countries“.
Furthermore, we will only disclose your personal data to third parties if you have given your explicit consent in accordance with Art. 6(1)(a) GDPR.
Use of cookies, plugins and other services on our website
We use cookies on our website. Cookies are small text files that are assigned to and stored on your hard drive by the browser you use via a characteristic string of characters, through which certain information flows to the entity that sets the cookie. Cookies cannot execute programs or transfer viruses to your computer and therefore cannot cause damage. They are used to make the overall web offering more user-friendly and effective, i.e. more pleasant for you.
Cookies can contain data that allows for the recognition of the device being used. However, some cookies only contain information about specific settings that cannot be linked to an individual. Cookies cannot directly identify a user.
A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session. In terms of their function, a further distinction is made between cookies:
- Technical CookiesThese are mandatory for navigating the website, using basic functions, and ensuring the website's security; they do not collect information about you for marketing purposes, nor do they store which websites you have visited.;
- Performance CookiesThese collect information about how you use our website, which pages you visit, and whether, for example, errors occur in website usage; they do not collect information that could identify you – all information collected is anonymous and is only used to improve our website and find out what interests our users;
- Advertising Cookies, Targeting CookiesThese are used to offer website users needs-based advertising and offers from third parties on the website and to measure the effectiveness of these offers. Advertising and targeting cookies are stored for a maximum of 13 months.;
- Sharing CookiesThese serve to improve the interactivity of our website with other services (e.g. social networks); sharing cookies are stored for a maximum of 13 months.
Any use of cookies that is not strictly technically necessary constitutes data processing, which is only permitted with your explicit and active consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. This applies in particular to the use of advertising, targeting, or sharing cookies. Furthermore, we will only pass on your personal data processed by cookies to third parties if you have given your explicit consent to do so in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
There is a possibility to opt out of the use of cookies for reach measurement and advertising purposes optout.networkadvertising.org/ (Network Advertising Initiative opt-out page), the US website www.aboutads.info/choices or the European website www.youronlinechoices.com/uk/your-ad-choices/ to object.
Social Media Plugins
Facebook
We use plugins from the social network facebook.com, operated by Meta Platforms, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or for EU citizens, Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland („Meta“). When you call up internet pages of our online presence equipped with such a plugin, a connection to Meta's servers is established and the plugin is displayed on the internet page by notifying your browser. This transmits to the Meta server which of our internet pages you have visited. If you are logged in as a member of Facebook, Meta assigns this information to your personal Facebook account. When using the plugin function (e.g. clicking the „Like“ button, leaving a comment), this information is also assigned to your Facebook user account, which you can only prevent by logging out before using the plugin. Meta Platforms, Inc. has joined the EU-U.S. Data Privacy Framework (available at www.dataprivacyframework.gov/list ) and therefore offers an adequate level of data protection within the meaning of the GDPR, in accordance with legal provisions. Where data is transferred to the USA, it is further based on the EU Commission's standard contractual clauses. Further details can be found at: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381. For more information on how we protect your privacy, please see Facebook's Privacy Notice: https://de-de.facebook.com/about/privacy/. Usage is based on your consent or our legitimate interests.
We process your data in accordance with Article 6(1)(a) of the GDPR, provided you have consented, and further in accordance with Article 6(1)(f) of the GDPR, as providing a connection to social networks is in our legitimate interest. The purpose and extent of data collection and the further processing and use of the data by Meta, as well as users' rights and settings options regarding the protection of their privacy, can be found in Facebook's privacy policy: https://www.facebook.com/about/privacy/.
Xing
Our website uses functions of the XING network. The provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany.
Each time one of our pages containing XING features is accessed, a connection is made to XING servers. To our knowledge, no personal data is stored in this process. In particular, no IP addresses are stored, nor is usage behaviour analysed. Further information on data protection and the XING Share button can be found in XING's privacy policy at: https://www.xing.com/app/share?op=data_protection.
Web analytics using Matomo
We use the software „Matomo“ (www.matomo.org) on our Aixpertsoft website, a service provided by InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand.
The software sets a cookie on your computer, which allows your browser to be recognised. The information collected this way is stored exclusively on our server. It is not passed on to third parties.
Matomo has been configured by us so that your IP address is not stored in full, but rather 2 bytes of the IP address are masked (e.g. 192.168.xxx.xxx). This way, an assignment of the shortened IP address to the calling computer is ruled out and a direct personal reference is not possible.
The legal basis upon which we process personal data using Matomo is Article 6(1)(f) of the GDPR.
We need the data to analyse the usage of our website and individual functions, and to optimise the offering of individual components of the website and their user-friendliness.
The data will be deleted as soon as it is no longer required for our purposes.
You can object to the recording of data in the manner described above:
- You can completely prevent cookies from being stored on your browser. However, this may mean that you are no longer able to use certain functions of our website.
- You can enable the „Do Not Track“ setting in your browser. Our Matomo system is configured to respect this setting.
- You can create a so-called opt-out cookie with a validity period of two years. This will result in Matomo not registering your subsequent visits. However, please note that the opt-out cookie will be deleted if you clear all cookies.
Further information on Matomo's data protection can be found in the matomo.org/privacy-policy.
Hosting
The hosting provider is used for the purpose of fulfilling contracts with our potential and existing customers (Article 6(1)(b) GDPR) and in the interest of providing our online services securely, quickly, and efficiently through a professional provider (Article 6(1)(f) GDPR). We have our website hosted by an external service provider (hoster). The hoster stores, among other things, data from inquiries submitted via the contact form; this data is deleted there after we have processed it. Furthermore, the other personal data collected on this website is stored on the hoster's servers. This includes IP addresses, contact inquiries, meta- and communication data, contract data, contact details, names, website access data, and other data generated via a website. Our hoster will only process your data to the extent necessary to fulfil its contractual obligations and will follow our instructions with regard to this data. We have concluded a contract processing agreement with our hoster.
Content Delivery Networks (Cloudflare)
To provide our services (in this case: online presences), we use so-called Content Delivery Networks, specifically Cloudflare, for the purpose of fast, secure, and stable delivery of our online presences. Cloudflare is a company headquartered in the USA (Cloudflare Inc. 101 Townsend St, San Francisco, CA 94107), a so-called third country within the meaning of the GDPR. Appropriate contractual data protection provisions have been concluded with the provider. Cloudflare's privacy policy can be found at https://www.cloudflare.com/privacypolicy/ available, the accreditation under the Data Privacy Framework (DPF) can be found here.
Cloudflare, via its globally networked data centres, distributes our web content to visitors (data subjects) of our online presences, processing content data, usage data (websites visited, interests), as well as communication and metadata (IP addresses, device information, MAC addresses, access times, and log files).
The legal basis for the processing is Article 6(1)(f) of the GDPR, the legitimate interest of AixpertSoft GmbH for the aforementioned purposes.
Personal data will be regularly deleted automatically if it is no longer required for the aforementioned purposes and there are no legal or contractual obligations to retain it.
Onepage.io
We use the services of ONEPAGE GmbH, Hanauer Landstraße 172, 60314 Frankfurt am Main (Onepage.io).
Onepage.io is the technical foundation for our landing page and potentially the entire funnel (including the contact form and its processing), which we use to get in touch with potential customers or applicants. Your entered data will be transferred to the Onepage.io system to enable contact. When the page is accessed, browser and device information, date and time of access, referrer URL, and IP address are also recorded. The collected log data is used without personal reference and profile creation for statistical analysis, operation, security, and optimisation of our website. It also serves for the anonymous recording of visitor numbers, as well as the scope and type of usage of our website. The legal bases for this processing are Article 6 (1) a GDPR, provided you have consented thereto, further Article 6 (1) b GDPR, as the entry of your data is carried out as a pre-contractual measure to become a customer or employee with us; finally, Article 6 (1) f GDPR, because we have a legitimate interest in enabling you to contact us. The storage period of the processed data is determined by Onepage.io. Further information on data protection by Onepage.io can be found at Onepage.io Privacy Policy.
Data storage in Ionos HiDrive
For the collection, secure storage, and protection of your data entered via the contact form from unauthorised access, we use the cloud storage service HiDrive from IONOS (IONOS SE, Elgendorfer Straße 57, 56410 Montabaur, Germany).
Data storage by this service takes place exclusively on servers in German data centres that meet the highest security standards (ISO 27001). Data transmission is end-to-end encrypted. In addition, we have entered into data protection agreements with IONOS to ensure the security of data processing. In exceptional cases, such as support requests, IONOS may access data after prior agreement, but complete access by IONOS cannot be ruled out. The legal bases for this processing are Article 6(1)(a) GDPR, provided you have consented, Article 6(1)(b) GDPR, as the input of your data is carried out as a pre-contractual measure to become a customer or employee with us, and finally Article 6(1)(f) GDPR; in the latter case, our legitimate interest lies in ensuring the confidentiality, availability, and integrity of the processed data as well as the resilience of the systems used. Further information on data protection at IONOS can be found at www.ionos.de/terms-gtc/privacy-policy/.
All-inclusive
We use the services of ALL-INKL.COM – Neue Medien Münnich, Hauptstraße 68, D-02742 Friedersdorf, as our external hosting provider.
You can find ALL-INKL's privacy policy at all-inkl.com/data-protection-information/. We have concluded a service contract with ONPAGE GmbH.
Tracking and analysis services, marketing
We use analytics services on our websites to collect information about your visit to our website, which allows us to understand the functionality of our website and make it more user-friendly. Data processing is carried out statistically. Your IP address is truncated by the last octet by default, so that the previously personal user data is anonymised directly and cannot be assigned to an individual user. We also analyse your usage behaviour pseudonymously in order to tailor our advertising to your personal interests. To do this, we record your activities on this website (e.g. browsing behaviour, subpages visited, duration of stay, etc.). The data will not be merged with the holder of the pseudonym without your explicit consent. As the provider, we have a legitimate interest in analysing user behaviour in order to optimise our web offering and our advertising. We will obtain the necessary consents from you.
Other services
manage4media as a contractor for applications via social platforms
Applications via Social Platforms: Applications via Facebook and Instagram will be redirected to the domain aixpertsoft-bewerbung.de, which is owned by manage4media.
Collected data
The following types of data are regularly processed: IP address, name, telephone number and email address of applicants; furthermore, answers provided by applicants in the form, work experience, driving licence, anonymised usage data (visits and duration of visits to specific websites, actions performed such as clicks or form submissions).
Data deletion
The Contractor shall delete the Client's data upon termination of this Agreement, unless the Contractor is under a statutory obligation to retain the Client's data.
Wufoo
We use Wufoo, a programme from SurveyMonkey Europe UC, 2nd Floor, 2 Shelbourne Buildings, Shelbourne Road, Dublin, Ireland, to contact you via our contact forms and surveys. Wufoo processes and stores the content you enter into the contact form for us. This includes – depending on the design of the contact form and the queries there – company, name, email address, telephone number, and other details. Wufoo only processes and stores your entries once you submit the form. When using a contact form, the data may be transferred to the USA. Please refer to the notes in this declaration regarding the transfer of data to third countries. You can find more detailed information on Wufoo's data protection policy at: https://www.wufoo.com/privacy/.
Using make.com
We use the Make tool from the provider Celonis SE, Theresienstraße 6, 80333 Munich, Germany („Make“) on our website. Make enables us to integrate services from other platforms provided by third parties. This allows these platform providers to gain knowledge of your activities in relation to the respective platform. The processing is carried out on the basis of our legitimate interest in accordance with Article 6(1)(f) of the GDPR, in order to technically enable contact with our applicants and interested parties. For more information on the terms of use and data protection guidelines of Make, please visit Terms and Conditions (Make Terms and Conditions) and www.make.com/en/privacy-notice title (Create Privacy Policy).
Using Zapier
We use the Zapier tool on our website to automate and integrate apps and services. The provider is Zapier Inc., 548 Market St #62411, San Francisco, California 94104, USA („Zapier“).
Zapier allows us to connect and automate different platforms and services, whereby these providers can gain knowledge about your activities in relation to the respective platform. Zapier has joined the EU-U.S. Data Privacy Framework (www.dataprivacyframework.gov/list) and therefore offers an adequate level of data protection within the meaning of the GDPR in accordance with legal provisions. The processing is carried out on the basis of our legitimate interest pursuant to Article 6(1)(f) GDPR in order to technically enable contact with our applicants and interested parties. Further information on data protection at Zapier can be found at zapier.com/legal/data-privacy.
Apply on
We use the job advertisement and applicant management software of On-apply GmbH, Lindleystraße 8a, 60314 Frankfurt am Main, to optimise our recruitment processes.
We have entered into a data processing agreement with On-apply. We receive personal data via On-apply if you actively provide it to us by applying for one of our open positions or by activating your user account. We use your data exclusively for the purposes of the application process, and it is stored in our applicant management system for this purpose.
Information about the cookies used by On-apply can be found here: https://onapply.de/datenschutz
Meta-Pixel (formerly Facebook Pixel)
This website uses the Facebook/Meta Visitor Action Pixel to measure conversions. The service is provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.
However, according to Facebook, the data collected is also transferred to the USA and other third countries. The pixel allows us to track the behaviour of visitors who were redirected to our website after clicking on a Facebook advertisement. This enables us to evaluate the effectiveness of our Facebook advertisements for statistical and market research purposes and to optimise our future advertising measures.
The data we collect is anonymised, meaning that as website operators, we cannot draw conclusions about the identity of users. Facebook, on the other hand, stores and processes the data, which allows it to be linked to the respective user profile. Facebook can use this data in accordance with its data usage policy (https://de-de.facebook.com/about/privacy/) for their own advertising purposes, including the placement of ads on and off Facebook. This data usage is beyond our control.
The use of this service is based on your consent according to Art. 6(1)(a) GDPR and § 25(1) TTDSG, which can be withdrawn at any time.
We use the advanced matching feature of the Meta Pixel. This feature allows us to send various types of data (such as city, state, postcode, hashed email addresses, names, gender, date of birth, or phone number) of our customers and prospects that we collect via our website to Meta (Facebook). This feature enables us to tailor our Facebook advertising campaigns even more precisely to interested parties and to improve the attribution of website conversions as well as the expansion of Custom Audiences.
If personal data is collected on our website through the tool described here and forwarded to Facebook, then we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, are jointly responsible for this data processing (Art. 26 GDPR). This joint responsibility is limited exclusively to the collection and forwarding of the data to Facebook. The processing of the data after its transfer to Facebook is not our responsibility. Our joint obligations are set out in a joint processing agreement, which you can view here: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the privacy information and the data protection-compliant implementation of the Facebook tool on our website. Facebook is responsible for the security of the data in its products. Data subject rights (e.g. requests for information) relating to the data processed by Facebook can be asserted directly with Facebook. If you assert your rights with us, we will forward them to Facebook.
Data transfers to the USA are based on the EU Commission's standard contractual clauses. Further details can be found at: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.
For more information on how we protect your privacy, please see Facebook's Privacy Notice: https://de-de.facebook.com/about/privacy/
You can find the „Custom Audiences“ remarketing function in the Ad Settings under https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen disable when you are logged into Facebook. If you do not have a Facebook account, you can disable Facebook's use of your information for interest-based advertising on the European Interactive Digital Advertising Alliance website: http://www.youronlinechoices.com/de/praferenzmanagement/
Revenue.io
For the processing of personal data, we use the services of A&M Sales Solutions GmbH, Großer Kolonnenweg 18, 30163 Hannover, who provide us with the CRM software umsatz.io.
This software supports us in managing and maintaining customer relationships by enabling us to systematically capture, store, and process customer data.
umsatz.io is a powerful tool that helps us to efficiently organise our sales activities, track customer inquiries and optimise business processes. By using this software, we ensure that we can provide the best possible service to our customers.
As the data controller, it is our concern to ensure the protection of your personal data. We have therefore carefully selected A&M Sales Solutions GmbH and ensure that your data is processed by umsatz.io in compliance with the applicable data protection regulations.
You can find further information about umsatz.io, the specific functions of the software, and the applicable data protection policies on the provider's website at the following link: https://www.umsatz.io/impressum. Here you will find detailed information on how your data is processed and protected, as well as other legal notices relating to the use of the software.
Perspective
This website uses Mobile Funnel software, operated by Perspective Software GmbH, a company based in Germany.
This software is used for the creation and operation of mobile funnels.https://perspective.co/impressumThe data entered when using the Mobile Funnel are transmitted via SSL encryption and stored in a database. The operator of this website is responsible for this data within the meaning of Art. 24 GDPR. Perspective merely acts as the operator of the software and is a processor in this context, in accordance with Art. 28 GDPR. The basis for data processing by Perspective is a contract for order processing between the responsible entity and Perspective.
To provide its services, particularly for the operation of the Mobile Funnel, Perspective Software GmbH also processes further data, which may include personal data in part.
The responsible body within the meaning of data protection law is Perspective Software GmbH, Müggelstraße 22, 10247 Berlin, Email: privacy@perspective.co.
General log data, known as server logs, are automatically collected with every access to the Funnel. This data is generally pseudonymised, and therefore does not allow conclusions to be drawn about natural persons. Without this data, it would sometimes be impossible to technically deliver and display the content of the software correctly. Furthermore, this data is necessary for security reasons, particularly for controlling access, input, transmission, and storage. In addition, the anonymous information can be used for statistical purposes and to optimise the service and technology. In cases of suspected unlawful use of the software, log files can be retrospectively checked and evaluated. The legal basis for this can be found in Section 15 (1) of the German Telemedia Act (TMG) and Article 6 (1) lit. f of the GDPR. Data collected includes the domain name of the website, the web browser and its version, the operating system, and the timestamp of the access to the software. The user's IP address is not stored; instead, the user is assigned a so-called session ID. The scope of this logging corresponds to the usual extent of any other website on the Internet. The storage duration of these access logs is up to 7 days. There is no right to object.
General data is collected, such as the website's domain name, the web browser and its version, the operating system, the user's session ID, and the timestamp of access to the software. All data that the user enters when using the funnels (e.g., by completing form fields or using interactive components) is assigned to the user via a session ID and made available to the operator of this website. The deletion, storage, and further processing of this personal data are the responsibility of the website operator and are carried out in accordance with applicable legal requirements.
Cookies, small text files, are used within the funnels and stored on the device used to access these funnels. These cookies are used to ensure website security („strictly necessary“), implement certain functionalities such as language settings („functional“), and improve the user experience or performance on the website („performance“). Strictly necessary, functional, and performance cookies are used within the funnels to save preferences like language, secure responses during poor internet connections, or to analyse the performance of a funnel and the channel used by a user to access it. The use of cookies is strictly necessary for the provision of our services and therefore for the fulfilment of the contract in accordance with Art. 6(1)(b) GDPR. The storage duration of the cookies is up to one month or until the end of the browser session. You can decide for yourself via your browser settings whether to allow cookies or object to their use. Please note that disabling cookies may lead to restricted or completely interrupted functionality of the funnels. The operator of this website can individually decide which options for cookie usage are offered to the user. It is the responsibility of the website operator to use cookies in accordance with applicable legal requirements. If the website operator uses extensions from external companies within the funnels, they are responsible for informing the user.
If Perspective Software GmbH processes personal data as the controller, you, as the data subject, have certain rights under Chapter III of the EU General Data Protection Regulation (GDPR), depending on the legal basis and purpose of the processing. These include, in particular, the right of access (Art. 15 GDPR), the right to rectification (Art. 16 GDPR), the right to erasure (Art. 17 GDPR), the right to restrict processing (Art. 18 GDPR), the right to data portability (Art. 20 GDPR), and the right to object (Art. 21 GDPR). If the processing of personal data is based on your consent, you have the right to withdraw that consent at any time under Art. 7 para. 3 GDPR. To exercise your data subject rights regarding the data processed for the operation of the funnels, please contact the data protection officer of Perspective Software GmbH (see above).
Perspective reserves the right to amend this privacy policy at any time to ensure it complies with current legal requirements or to reflect changes in services, such as the introduction of new services. Upon re-visiting the Funnel, the updated privacy policy will then apply.
Google Fonts
Unless Google Fonts are stored on our server, we use the web fonts service „Google Webfonts“, offered by Google Ireland Limited, Gordon House, Barrow St, Dublin 4, Ireland („Google“), a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, which is certified under the Data Privacy Framework to ensure compliance with European data protection law, based solely on your consent in accordance with Art. 6(1)(a) GDPR.https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active). In this case, when you visit our website, files will be loaded from a Google server to display text in a specific font. This will transfer your IP address to a Google server and it will be stored in the usual server log. The further processing of this information, including any transfer to the USA, is the responsibility of Google. In this regard, we refer to our general information on the transfer of data to third countries. Further information on the terms and settings of Google Fonts can be found under www.google.com/policies/privacy/ the deposited data protection provisions of Google. Further information on Google Fonts can be found at https://fonts.google.com/, https://developers.google.com/fonts/faq?hl=de-DE&csw=1 and https://www.google.com/fonts#AboutPlace:about
Google Tag Manager
We use Google Tag Manager, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
The Google Tag Manager allows us to integrate tracking and statistics tools, as well as other technologies, on our website. In doing so, Google Tag Manager itself does not create user profiles, store cookies, or conduct independent analyses. Its function is limited to managing and deploying the tools integrated through it. In this process, your IP address is collected and may be forwarded to Google's parent company in the USA.
The use of Google Tag Manager is based on Art. 6(1)(f) GDPR, as we have a legitimate interest in the efficient and uncomplicated management of various tools on our website. If corresponding consent has been obtained, the processing will be carried out exclusively on the basis of Art. 6(1)(a) GDPR; consent can be withdrawn at any time.
Google Ads Remarketing
This website uses Google Ads Remarketing, a service provided by Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland.
With Google Ads remarketing, we can assign people who interact with our online offering to specific target groups, in order to then show them interest-based advertising within the Google advertising network (remarketing or retargeting).
Furthermore, audiences created with Google Ads remarketing can be linked with Google's cross-device functionalities. This makes it possible for interest-based and personalised advertising messages, which have been adapted based on your previous usage and browsing behaviour on one device (e.g. smartphone), to also be displayed on another of your devices (e.g. tablet or PC).
If you have a Google account, you can disable personalised advertising via this link: https://www.google.com/settings/ads/onweb/.
The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, which you can revoke at any time.
Further information and Google's privacy policy can be found at: https://policies.google.com/technologies/ads?hl=de.
Google Conversion Tracking
This website uses Google Conversion Tracking, a service provided by Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Conversion Tracking allows us and Google to identify if users have performed specific actions on our website. For example, we can analyse how often certain buttons are clicked and which products are viewed or purchased most frequently. This information helps us to create conversion statistics. We receive data on the total number of users who have clicked on our advertisements and what actions they subsequently performed. This information does not enable us to personally identify users. Google uses cookies or comparable technologies for recognition purposes.
The use of this service is based on your consent in accordance with Art. 6(1)(a) GDPR and § 25(1) TTDSG. You can withdraw this consent at any time.
For more information on Google Conversion Tracking, please refer to Google's Privacy Policy: https://policies.google.com/privacy?hl=de