PRIVACY POLICY

The following information provides details on collecting personal data when using our website and when you contact us. Personal data refers to any data that can be directly or indirectly attributed to you personally, such as name, address, email address, and user behavior.

Responsible party (“controller”)

4PACE GmbH – Martin-Luther-Straße 20, 66111 Saarbrücken, Germany – represented by Managing Directors Achim Angel, Michael Wille, Mesut Cengiz and Kewin Dewi is responsible for complying with the information obligations according to Art. 13 and 14 of the GDPR,  

4PACE GmbH, represented by Managing Directors Achim Angel, Michael Wille, Mesut Cengiz and Kewin Dewi.

Martin-Luther-Strasse 20
66111 Saarbrücken
Germany

E-mail: kontakt@4pace.de

Data Protection Officer

You can reach out to our data protection officer by mail at the address Martin-Luther-Straße 20, 66111 Saarbrücken with the addition “Data Protection Officer”.

Processing activities

Accessing web pages

When you simply visit our websites without actively providing further information, so-called server log files are automatically recorded, such as your IP address, the web browser and operating system you use, the domain names of your internet service provider, and other details.

This ensures a smooth connection setup, usability, and the stability and security of the websites. It is based on Article 6(1)(f) of the GDPR, which allows us to process personal data when necessary for our legitimate interests in improving the stability and functionality of our websites.

Technical service providers responsible for the operation and maintenance of our websites may be recipients of this data, acting as processors on our behalf following Article 28 of the GDPR.

The data is generally deleted at the end of each session, as it is typically no longer necessary for the purposes mentioned above.

External hosting

Our websites are hosted by the external service provider Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Deutschland (provider). The personal data collected while using our websites is stored on the provider’s servers. This may include, in particular, IP addresses, contact inquiries, meta and communication data, contract data, contact details, names, website access, and other data generated through the website. The use of the provider is to fulfill the contract with our potential and existing customers (Art. 6(1)(b) GDPR) and in the interest of ensuring a secure, fast, and efficient provision of our online services by a professional provider (Art. 6(1)(f) GDPR). Our provider will process your data only to the extent necessary to fulfill its contractual obligations and will follow our instructions regarding this data. We have entered into a data processing agreement with our provider to ensure the processing complies with data protection regulations.

Consent Management Tool

We use the CookieYes GDPR Cookie Consent plugin, which processes the date and time of the visit, browser information, consent information, device information, and the IP address of the requesting device. The legal basis for this processing is Article 6(1)(f) of the GDPR (legitimate interest). The collection and management of legally required consents are considered a legitimate interest within the meaning of the provision mentioned above. We store consents and revocations for a duration of one week.

Collection of data through forms

On our websites, you will find forms for individual communication (e. g., for contacting us or requesting a callback). If you use these forms, the data entered in the input fields will be transmitted to us and stored. This data typically includes names, addresses, email addresses, telephone numbers, and possibly additional information provided by you.

The legal basis for processing data transmitted to us via contact forms is generally Article 6(1)(f) of the GDPR, as the purpose pursued and our legitimate interest lies in facilitating easy contact and processing your inquiry.

If the approach aims to enter into a contract, the legal basis for processing is Article 6(1)(b) of the GDPR (pre-contractual measure).

The recipients of your data may include service providers that are privacy-compliant and integrated by us. On the one hand, these service providers maintain our websites; on the other hand, they may receive your data if necessary to fulfill their respective services.

The data will be deleted no later than six months after the matter related to the inquiry has been finally clarified. If a contractual relationship is established, the statutory retention periods apply, according to which your data will be deleted after six or ten years.

INQUIRY VIA EMAIL OR TELEPHONE

If you contact us via email or telephone, your inquiry, including any resulting personal data (name, inquiry), will be stored and processed by us to handle your request. We do not disclose this data without your consent.

The processing of this data is based on Article 6(1)(b) of the GDPR if your inquiry is related to the performance of a contract or is necessary for implementing pre-contractual measures. In all other cases, the processing is based on our legitimate interest in effectively processing the inquiries directed to us (Article 6(1)(f) of the GDPR).

The data you send us will remain with us until you request its deletion or the purpose for data storage ceases to exist (e. g., after the completion of your request). Mandatory legal provisions, especially statutory retention periods, remain unaffected.

Video conferences

For communication with our customers, we use various online conference tools. When you communicate with us via video conference, we and the conference tool provider collect and process your data.

The conference tools collect all data you provide/use to access the tools (email address and/or telephone number). Furthermore, the conference tools process the duration of the conference, start and end times (timestamps) of participation, number of participants, and other contextual information related to the communication process (metadata).

Additionally, the tool provider processes all technical data necessary for handling online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speaker, and the type of connection.

If content is exchanged, uploaded, or otherwise shared within the tool, it is also stored on the servers of the tool providers. Such content includes, in particular, cloud recordings, chat/instant messages, voicemails, uploaded photos and videos, files, whiteboards, and other information shared during service use.

Please note that we do not have full control over the data processing operations of the tools used. Our options are primarily based on the respective provider’s company policy. For further information on data processing by the conference tools, please refer to the privacy policies of the respective tools listed below.

Conference tools are used to communicate with potential or existing contractual partners or to provide certain services to our customers (Article 6(1)(b) of the GDPR). Furthermore, the use of the tools serves the general simplification and acceleration of communication with us or our company (legitimate interest within the meaning of Article 6(1)(f) of the GDPR). If consent has been obtained, the respective tools are based on this consent, which can be revoked at any time with future effect.

The data directly collected by us through the conference tool will be deleted from our systems as soon as you request deletion, revoke your consent for storage, or when the purpose for data storage no longer exists. Stored cookies will remain on your device until you delete them. Mandatory statutory retention periods remain unaffected.

We do not have any influence on the storage period of your data stored by the operators of the conference tools for their purposes. For details, please directly consult the operators of the conference tools.

As a conference tool, we prefer to use Google Meet. Details on data processing can be found here: https://support.google.com/meet/answer/9852160?hl=de&ref_topic=10632347&sjid=5202277315647706539-EU&authuser=0

If personal data is transferred to the USA or servers of US-American companies in this context, we base this on the adequacy decision of the EU Commission regarding the EU-US Data Privacy Framework (DPF) as the legal basis.

Registration for our email newsletter

When you sign up for our email newsletter, we regularly send you information about our offers. The mandatory information for sending the newsletter is only your email address. Providing additional data is voluntary and is used to address you personally.

We use Brevo, part of the service provider Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, to dispatch newsletters, with whom we have concluded an agreement for order processing. This enables us to organize the delivery of newsletters and analyze newsletter campaigns. During the analysis, we can, for example, see if a newsletter message has been opened and which links have been clicked. Additionally, we can determine if certain predefined actions (conversion rate) have been taken after opening/clicking the newsletter. For example, we can determine if you made a purchase or similar after clicking the newsletter. 

The service provider also allows us to segment the newsletter recipients into categories (“clusters”). For example, newsletter recipients can be divided based on age, gender, or location. This allows us to better tailor the newsletters to the respective target groups. 

The data processing is carried out based on your consent (Article 6(1)(a) GDPR). You can revoke this consent anytime by unsubscribing from the newsletter directly on the website or using the link provided in each newsletter message.

The legality of the data processing carried out before the revocation remains unaffected. 

The data you provide to receive the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from the distribution list after unsubscribing. Data stored for other purposes remains unaffected.

After unsubscribing from the distribution list, your email address will be stored in a blacklist to prevent future mailings. The data from the blacklist is only used for this purpose and is not merged with other data. This serves both your interest and our interest in complying with legal requirements for newsletter dispatch (legitimate interest within the meaning of Article 6(1)(f) of the GDPR). The storage in the blacklist is not time-limited. You can object to the storage if your interests outweigh our legitimate interests.

Distribution of the email newsletter to existing customers

If you have provided us with your email address when purchasing goods or services, we reserve the right (unless you initially objected) to regularly send you offers for similar goods or services from our range by email, particularly in the form of a newsletter. According to § 7(3) of the German Unfair Competition Act (UWG), we are not required to obtain separate consent from you. The data processing is based on our legitimate interest in personalized direct advertising following Article 6(1)(f) of the GDPR. However, you can object to the corresponding use of your email address at any time, with effect for the future, by sending a brief notification to us. Upon receipt of your objection, using your email address for advertising will be discontinued immediately.

Registration and participation in events and webinars

To participate in our webinars and other events, you need to register. For this purpose, we require your data: first and last name, email address.

We need this data to send you access information and to identify you. We process this data based on Article 6(1)(b) of the GDPR to fulfill our contractual obligation. We will also use your email address to send you materials related to the attended webinar.

During the webinar registration, you can consent to receive advertising based on Article 6(1)(a) of the GDPR. If you consent, we will use your email address, first name, and last name to send you advertising materials.

For webinars, we use the product GoToWebinar from the service provider LogMeIn Inc., 333 Summer Street, Boston, MA 02210 USA (im Weiteren: LogMeIn). We have concluded a data processing agreement with LogMeIn, in which LogMeIn assures compliance with applicable data protection regulations.

If personal data is transferred to the USA or servers of US-American companies in this context, we base this on the adequacy decision of the EU Commission regarding the EU-US Data Privacy Framework (DPF) as the legal basis.

Your data will be automatically deleted after the webinar ends. If you have consented to receive advertising, we will store your email address, first name, and last name until you withdraw your consent.

Security

For security reasons and to protect the transmission of confidential content that you send to us as the website operator, our website uses SSL or TLS encryption. You can recognize an encrypted connection by changing the browser’s address bar from “http://” to “https://” and the presence of a lock symbol in your browser’s address bar. When SSL or TLS encryption is activated, third parties cannot read the data you transmit to us. However, we would like to point out that Internet data transmission (especially via email) may have security vulnerabilities.

Cookies

We use cookies when you visit our websites. These are small text files that are stored on your device. Cookies cannot execute programs or transmit viruses to your device.

Certain cookies, known as transient cookies, are automatically deleted when you log out or close the browser. Others, known as persistent cookies, are automatically deleted after a specified duration, which may vary depending on the cookie. 

Technically necessary cookies

Certain cookies are necessary to make websites more user-friendly, effective, and easier to use. For example, some features of web pages require your browser to be identified even after a page change. It is also necessary to store the settings you have chosen regarding using technically unnecessary cookies.

The processing of cookies in this regard is carried out following Art. 6(1)(f) of the GDPR based on our legitimate interest in a user-friendly design of our website.

If necessary, such data may be disclosed to technical service providers who act as processors following Art. 28 of the GDPR for the operation and maintenance of our websites.

The storage duration is usually no longer than one year, counted from the last visit to the respective website.

Technically unnecessary cookies

Cookies are also used to better tailor our offering to your interests or to improve it based on statistical evaluations. The legal basis for these processing activities is your consent, according to Art. 6(1)(a) of the GDPR.The legal basis for this processing is in each case your consent, Art. 6 para. 1 lit. a GDPR.

HERE WE USE THE FOLLOWING TECHNOLOGIES:

Google Tag Manager

We use Google Tag Manager, provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies into our website. The Google Tag Manager does not create user profiles, store cookies, or perform independent analyses. It is only used for managing and deploying the tools integrated through it. However, the Google Tag Manager collects your IP address, which can be transmitted to Google’s parent company in the United States.

The use of Google Tag Manager is based on your consent following Art. 6(1)(a) of the GDPR and § 25(1) of the TTDSG, to the extent that consent includes the storage of cookies or access to information on the user’s device (e. g., device fingerprinting); the consent can be revoked at any time.

Google Analytics

This website uses the web analytics service Google Analytics features, provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics allows us to analyze the behavior of website visitors. We receive various usage data, such as page views, duration of visit, operating systems used, and the user’s origin. This data is aggregated into a user ID and associated with the respective user’s device.

Furthermore, we can record mouse movements, scroll actions, and clicks with Google Analytics. Google Analytics also uses various modeling approaches to supplement the collected data and employs machine learning technologies for data analysis.

Google Analytics uses technologies that enable the recognition of users to analyze user behavior (e. g., cookies or device fingerprinting). The information collected by Google about the use of this website is usually transmitted to and stored on a server in the United States.

The use of this analysis tool is based on Art. 6(1)(a) of the GDPR and § 25(1) of the TTDSG, to the extent that consent includes the storage of cookies or access to information on the user’s device (e. g., device fingerprinting); the consent can be revoked at any time.

The data transfer to the United States is based on the European Commission’s standard contractual clauses. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

You can prevent the collection and processing of your data by Google by downloading and installing the browser plugin available at the following link:https://tools.google.com/dlpage/gaoptout?hl=en .

For more information on how Google Analytics handles user data, please see Google’s privacy policy:https://support.google.com/analytics/answer/6004245?hl=en .

We have entered into a data processing agreement with Google.

Google Ads

The website operator uses Google Ads, an online advertising program provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ads enables us to display advertisements in the Google search engine or on third-party websites when users enter specific search terms on Google (keyword targeting). Furthermore, targeted advertisements can be displayed based on user data available at Google (e. g., location data and interests) (audience targeting). As a website operator, we can quantitatively analyze this data by, for example, analyzing which search terms led to the display of our advertisements and how many clicks were generated.

The use of Google Ads is based on your consent following Art. 6(1)(a) of the GDPR and § 25(1) of the TTDSG, to the extent that consent includes the storage of cookies or access to information on the user’s device (e. g., device fingerprinting); the consent can be revoked at any time.

The data transfer to the United States is based on the European Commission’s standard contractual clauses. Details can be found here: https://policies.google.com/privacy/frameworks?hl=en and https://privacy.google.com/businesses/controllerterms/mccs/ .

Google Remarketing

This website uses the features of Google Analytics Remarketing, provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Remarketing analyzes user behavior on our website (e. g., clicks on specific products) to categorize you into specific advertising target groups. Subsequently, when you visit other online offerings, Google Remarketing can display tailored advertising messages to you (remarketing or retargeting).

Furthermore, the advertising target groups created with Google Remarketing can be linked to Google’s cross-device capabilities. This allows interest-based, personalized advertising messages adapted to your previous usage and browsing behavior on one device (e. g., mobile phone) to be displayed on another of your devices (e. g., tablet or PC).

If you have a Google account, you can opt out of personalized advertising by following this link:https://www.google.com/settings/ads/onweb/.

The use of Google Remarketing is based on your consent following Art. 6(1)(a) of the GDPR and § 25(1) of the TTDSG, to the extent that consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting); the consent can be revoked at any time.

For more information and Google’s privacy policy, please visit:https://policies.google.com/technologies/ads?hl=en.

Google Conversion Tracking

This website uses Google Conversion Tracking, provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

With the help of Google Conversion Tracking, Google and we can determine whether users have performed certain actions. For example, we can evaluate which buttons on our website are clicked most frequently and which products are viewed or purchased most frequently. This information is used to create conversion statistics. We learn the total number of users who clicked on our ads and which actions they took. We do not receive any information that personally identifies users. Google uses cookies or similar recognition technologies for identification purposes.

The use of Google Conversion Tracking is based on your consent following Art. 6(1)(a) of the GDPR; the consent can be revoked at any time.

For more information about Google Conversion Tracking, please refer to Google’s privacy policy:https://policies.google.com/privacy?hl=en.

Google reCAPTCHA

On our website, we use Google reCAPTCHA, provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).

The purpose of this is to verify whether data input, such as in a contact form, is being done by a human or an automated program. To achieve this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically when the website visitor enters the website. reCAPTCHA evaluates various pieces of information for analysis (such as IP address, duration of the website visit, or mouse movements made by the user). The data collected during this analysis is transmitted to Google.

The data processing is carried out based on your consent (Article 6(1)(a) GDPR). Furthermore, we have a legitimate interest in protecting our website against abusive automated data scraping and spam (Article 6(1)(f) GDPR).

For further information about Google reCAPTCHA and Google’s privacy policy, please refer to the following links https://www.google.com/intl/en/policies/privacy/.

If personal data is transferred to the USA or servers of US-American companies in this context, we base this on the adequacy decision of the EU Commission regarding the EU-US Data Privacy Framework (DPF) as the legal basis.

Google Fonts

Our websites use web fonts provided by Google to ensure consistent font presentation. When a page is loaded, your browser downloads the necessary web fonts to its browser cache to display text and fonts correctly. To prevent the transmission of personal data to Google servers in the United States, we have locally integrated Google Fonts.

Social media elements

On this website, elements of social media are used. You can usually recognize them by their respective logos. We only use these elements to ensure data privacy in conjunction with the so-called “Shariff” solution. This application prevents the integrated social media elements from transferring your data to the respective provider’s server upon the first visit to the page. Only when you activate the respective social media element by clicking the associated button is a direct connection to the provider’s server established (consent). Once you activate the social media element, the provider receives information that you have visited our website with your IP address. If you are simultaneously logged into your social media account (e. g., Facebook), the respective provider can associate the visit to this website with your user account.

Activating the plugin represents consent following Art. 6(1)(a) of the GDPR and § 25(1) of the TTDSG. You can revoke this consent at any time with future effect.

The use of this service is intended to obtain the legally required consent for the use of certain technologies. The legal basis for this is Art. 6(1)(c) of the GDPR.

For information on how your data is handled when using these services, please refer to the respective privacy notices:

Facebook:https://de-de.facebook.com/policy.php

Google and YouTube:https://policies.google.com/privacy?hl=en

Xing:https://privacy.xing.com/en

LinkedIn:https://www.linkedin.com/legal/privacy-policy

Instagram:https://help.instagram.com/519522125107875

Disclosure of data

We do not disclose your data to third parties for purposes other than those mentioned above. We do not disclose your data to third parties for purposes other than those mentioned above. In summary, we only disclose your data to third parties if you consent according to Art. 6(1)(a) of the GDPR, if necessary for the performance of a contract with you according to Art. 6(1)(b) of the GDPR, if it is necessary to protect our legitimate interests according to Art. 6(1)(f) of the GDPR (e. g., to assert, exercise, or defend legal claims or as part of advertising activities), and there is no reason to believe that you have an overriding legitimate interest in not disclosing your data, or if there is a legal obligation to disclose it according to Art. 6(1)(c) of the GDPR.

Rights of the data subject

About the personal data concerning you, you have the following rights, which you can generally assert in any form (e. g., by sending a letter to our postal address, preferably with the subject line “Rights of the data subject”).

Right to information, correction, deletion, restriction, and data portability

Every data subject has the right to information according to Art. 15 of the GDPR, the right to correction according to Art. 16 of the GDPR, the right to deletion according to Art. 17 of the GDPR, the right to restriction of processing according to Art. 18 of the GDPR, and the right to data portability according to Art. 20 of the GDPR.

According to §§ 34 and 35 of the BDSG, restrictions apply to the right to information and deletion.

Right to object according to Art. 21 of the GDPR

If we base the processing of your data on a balancing of interests, you have the right to object to the processing. Our legitimate interests usually consist of responding to inquiries, conducting direct marketing activities, providing services and/or information intended for you, processing and transmitting personal data for internal or administrative purposes, operating and managing our websites, providing technical support, preventing and detecting fraud and criminal offenses, and ensuring network and data security.

When exercising an objection, please explain the interests you believe outweigh ours. In the event of a justified objection, we will either cease or adjust the data processing or provide compelling legitimate grounds for continuing the processing.

If you object to processing our (interest-based) direct advertising, no further explanation of reasons is required from you; further processing will cease without delay.

Revocation of consent

You can revoke your consent to processing personal data at any time. This also applies to the revocation of consent declarations given to us before the General Data Protection Regulation came into effect, i.e., before May 25, 2018. Please note that the revocation only takes effect in the future. Processing that occurred before the revocation is not affected by this.

Right of appeal

Finally, you have the right to complain with a data protection supervisory authority regarding the processing of your data by us. The responsible supervisory authority for us is the Independent Data Protection Center Saarland, Fritz-Dobisch-Straße 12, 66111 Saarbrücken.

Data security

Following Article 32 of the GDPR, we implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, taking into account the state of the art, implementation costs, the nature, scope, context, and purposes of processing, as well as the likelihood and severity of the risk to the rights and freedoms of natural persons.

These measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling physical access to the data and the access, input, disclosure, availability, and separation of the data. Furthermore, we have established procedures to ensure the exercise of data subject rights, deletion of data, and response to data breaches We also consider protecting personal data in developing or selecting hardware, software, and procedures following the principle of data protection by design and by default (Article 25 of the GDPR).

We would like to caution that data transmission over the Internet, especially when communicating via email, may have security vulnerabilities.

Social media

To present our company and facilitate direct communication with you, we utilize social media platforms provided by providers such as LinkedIn, Instagram, and others (in the following referred to as “providers”). Through these platforms, we maintain our presence, including company and employee profiles, and process your data.

Shared responsibilities

Suppose data is collected on our website that is processed and used by both the provider and us (e. g., for analysis or advertising purposes). In that case, there is a shared responsibility between the operator and us. Often, this feature cannot be deactivated by us. Therefore, you can contact the respective provider and us with your concerns. We are currently using the following providers:

LinkedIn (including the LinkedIn Sales Navigator) form LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland;
Facebook (including the Facebook Business Manager) form Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland;
Instagram from Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland;
YouTube and Google My Business from Google Ireland Ltd., Gordon House, Barrow Street,Dublin 4, Ireland;
Xing from New Work SE, Dammtor Street 30, 20354 Hamburg.

Below you will find the links to the privacy policies and information of the respective providers:

LinkedIn: https://www.linkedin.com/legal/privacy-policy?_l=de_DE
Facebook: https://de-de.facebook.com/policy.php
Instagram: https://de-de.facebook.com/help/instagram/155833707900388
Google: https://policies.google.com/privacy?hl=en
Xing: https://privacy.xing.com/en/privacy-policy

Below you will find the links to the privacy policies and information of the respective providers:

LinkedIn: https://www.linkedin.com/help/linkedin/ask/TSO-DPO
Facebook: https://www.facebook.com/help/contact/540977946302970
Instagram: https://www.facebook.com/help/contact/540977946302970
Google: https://support.google.com/policies/contact/general_privacy_form
Xing: datenschutzbeauftragter@xing.com

1. Informative use of our website

You can visit our website without providing any personal information. Suppose you only use our website for informational purposes and do not register or provide us with information about yourself. In that case, we do not process any personal data except for the data collected by the operator through cookies and transmitted to us.

To analyze and track the use of their social media platform and our website, the provider uses cookies that evaluate your browsing behavior. This enables us to improve the quality of the platform, website, and content. We gain insights into how the platform and website are used, allowing us to continuously optimize our offer.

However, we have no control over the data collected and the data processing operations, nor do we have information about the full extent of data collection, the specific purposes of the processing, or the retention periods. We also have no information about deleting data collected by the platform operator.

Web analytics involves collecting, gathering, and evaluation of data about the behavior of visitors to websites. A web analytics service captures, among other things, data about the referring website from which an individual accessed a website (referrer), which subpages were accessed, and how often and for what duration a subpage was viewed. Web analytics is regularly used to optimize a website and analyze the cost-effectiveness of internet advertising. The information obtained through the analysis and tracking of our website may be combined with other data collected while using the website and platform. If you register on the platform, the operator may link data regarding your platform activities with your personal information (including name/email address) based on your consent, thereby capturing personal data and informing you individually and specifically about your preferred topics, among other things.

We have limited control over the statistics provided by the platform operator and cannot disable them. However, we ensure that no additional optional statistics are provided to us.

We process your data based on your consent, according to Art. 6(1)(a) of the GDPR you provided to the provider when registering for the respective social media platform.

2. Active use of the website

In addition to using our website for informational purposes, you can also actively engage with us by contacting us. In addition to processing your personal data, as described above for purely informational use, we also process additional personal data from you when you actively use our website, for example, when we need it to process your inquiries. This also applies if we use the website ourselves, such as for proactive communication or initiating business contacts with you.

a) Sharing and publishing of an interaction with posts, reviews, photos, etc.
You can comment on, share, or otherwise interact (like, recommend, review, etc.) with posts, photos, videos, etc., created by us on the provider’s platform and our website. If it is a function of the platform operated by the provider, we may share your content on our website and communicate with you through the platform. The operator may publish public messages, but we will never use or process them for other purposes.

Regarding reviews, we reserve the right to publish a statement (e. g., to clarify an issue, offer complaisance actions, etc.) in response to your feedback and to request further contact. This may involve processing personal data voluntarily published by you in the review. Furthermore, we reserve the right to delete content if necessary.

We process your data to safeguard our legitimate interests, according to Art. 6(1)(f) of the GDPR. The data processing is carried out in our public relations and communication interest.

b) User inquiries
To process your inquiries, for example, through contact forms, chat, or our email address, and to provide targeted responses and the requested information, we process the personal data you provide in this context. This includes your contact details to send you a response or ask necessary follow-up questions and any other information you transmit to us in this regard.

If you submit an inquiry to us through the platform, depending on the required response, we may refer you to other secure communication channels that guarantee confidentiality. You always have the option to send confidential inquiries to the address stated in the imprint or this privacy policy. Our contact may be made electronically, by telephone, or by postal mail, depending on the subject of the inquiry and appropriateness.

We process your data to respond to user inquiries, request materials, etc., based on the following legal grounds:

To safeguard our legitimate interests, according to Art. 6(1)(f) of the GDPR. Our legitimate interest lies in the proper handling and execution of customer inquiries.
If the inquiry aims at entering into a contract, an additional legal basis is Art. 6(1)(b) of the GDPR.
With your consent within the scope of using the live chat, Art. 6(1)(a) of the GDPR.

c) Active use of social media
We actively utilize our presence on business-oriented platforms such as LinkedIn and associated tools like LinkedIn Sales Navigator to engage, communicate, establish business contacts, and receive your job applications.

For this purpose, we process the data provided to us by the respective platform. This may include your name, employer, position at your company, education, and other contacts on the platform. Depending on the nature of our interaction with you, we may process additional data, such as specific business relationships or the content of our communication. Furthermore, there is a possibility that we will transfer your data to our CRM system and combine or link it with existing data about you in that system.

We process your data to engage, communicate, or establishing business contacts with you (including through our CRM) based on the following legal grounds:

Your consent, according to Art. 6(1)(a) of the GDPR, which you provided to the provider upon registering for the respective social media platform, provided that it pertains to your platform user data (name, employer, position, platform usage behavior, etc.).
To fulfill a contract or carry out pre-contractual measures following Art. 6(1)(b) of the GDPR, if we already have a business relationship with you or if we are conducting pre-contractual measures based on your request through the platform (e. g., further contact or communication).
To safeguard our legitimate interests, according to Art. 6(1)(f) of the GDPR. Our legitimate interest lies in appropriately engaging, communicating, or establishing business contacts for the establishment, execution, maintenance, or termination of a business relationship with you.

Applications

When you apply to us, we collect the information you provide, including your name, address, date of birth, telephone numbers, nationality, email address, image data (passport photo), educational and professional qualifications, assessments and employment references, reliability information, and health data (if relevant, such as in the case of severe disability).

The purposes of processing are the initiation and decision-making regarding establishing an employment relationship. The legal bases for processing are primarily Art. 6(1)(b), Art. 88(1) of the GDPR, as well as Art. 9(2)(b) of the GDPR (for special categories of data). If we are to use or disclose your data for other purposes (such as inclusion in an applicant pool or sharing with partner companies), we will only do this based on your explicit consent (Art. 6(1)(a) of the GDPR).

Recipients of application data are generally only individuals within the corporate group involved in the decision-making process. Transfer to a third country does not take place. After an unsuccessful application, data will be deleted after three months if no consent for further storage is provided.

Currency and changes to this privacy policy

This privacy policy is valid as of July 2023 but is subject to continuous development. The most current privacy policy can be accessed on our website anytime.