Data Protection
We take data protection seriously and handle data responsibly. We have outlined the necessary information concerning the use of our website below.
Third parties are not permitted to use the contact data published he imprint obligation for advertising purposes or sending information material that was not expressly requested. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.
Website privacy policyserving also as the data subjects’ information according to Article 13 and Article 14 EU General Data Protection Regulation
General Data
Details of the responsible entity:
| Company: | Lemundo GmbH |
| Legal representative: | Managing Director / Board of Management: Marcus Creutzmann, Philip Günther |
| Address: | Lerchenstraße 28, 22767 Hamburg |
Contact details data protection officer:
Dr. Sebastian Kraska, IITR Datenschutz GmbH
Marienplatz 2, 80 331 München, Deutschland
Telephone: 089 18 91 73 60
E-Mail: email@iitr.de
General Data Processing Information
1. Access Data/ Server Log Files
Lemundo works with the web space provider Host Europe. This hoster collects data about every access to the offer (so-called server log files). Protocols (so-called log files) are automatically recorded for certain services on the server. All log files are rotated daily. The logs used during the previous day are archived and are available for the retention time specified in each case.
– Access-Logfile
Enthält: Alle Zugriffe auf Ihre Webseiten, d.h. Client, URL des Abrufs, IP, Datum und Uhrzeit des Abrufs, Art des in Anspruch genommenen Dienstes, Vorhaltezeit: 60 Tage.
– Error-Logfile
Contains: Error messages from PHP, CGI and the web server itself, retention time: 7 days
– MySQL Slow-Query Log
Contains: MySQL queries running slowly (longer than 2 seconds), retention time: 7 days.
2. Data Concerned
Personal data is only collected if you provide it to us of your own accord. Beyond that, no personal data is collected. Any processing of your personal data that goes beyond the scope of the legal permissions will only take place on the basis of your explicit consent.
| Purpose of Processing: | Performance of the Agreement. |
| Categories of Recipients: |
|
| Third Country Transfers: | Within the framework of the performance of contract, processors outside the European Union may also be used. |
| Duration of Data Storage: | The duration of data storage depends on the legal retention obligations and is usually 10 years. |
Specific information about the website
Use of a Newsletter
In addition, we use your e-mail address, which we receive in connection with the sale of a good or service, exclusively for direct advertising in the form of our newsletter for our own similar goods or services, such as those ordered by you, unless you have objected to this use. You can object to the use of your e-mail address at any time without any charges other than the transmission costs according to the prime rates. Your objection (and therefore unsubscription from our newsletter) can be exercised by sending a corresponding message to our e-mail address (datenschutz@lemundo.de).
User Data
When you access our web pages, you transmit data to our web server (out of technical necessity) via your Internet browser. The following data is recorded during an ongoing connection for communication between your Internet browser and our web server:
- Request date and time
- Name of the file requested
- Page from which the file was requested
- Access status (file transferred, file not found, etc.)
- used web browser and operating system
- Complete IP address of the requesting computer
- Volume of data transferred.
For reasons of technical security, in particular for the defense against attempted attacks on our web server, this data is stored by us for a short period of time. Based on this data is not possible for us to draw conclusions about individuals. After no more than seven days the data is anonymized by shortening the IP address at domain level, so that it is no longer possible to establish a link to the individual user. In addition, the data is processed anonymously for statistical purposes; it is not compared with other data or passed on to third parties, even in excerpts.
Use of Google Analytics with the consent of website visitors.
Based on the consent of the website visitors, this website uses Google Analytics, a web analytics service provided by Google, Inc. („Google“). Google Analytics uses “cookies”, which are text files placed on your computer that help you analyze the usage of the website. The information generated by the cookie regarding your use of this website is usually transferred to a Google server in the USA and stored there. In the event that IP anonymization is activated on this website, however, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics is not merged with other Google data. You may refuse the use of cookies by selecting the appropriate settings on your browser. However, please note that this case may not be able to use the full functionality provided by this website. You can also prevent the data collection generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link. In regard to the discussion about the use of analysis tools using complete IP addresses, we would like to point out that this website uses Google Analytics only after prior consent has been granted and with the extension “_anonymizeIp()”. Therefore, IP addresses are only processed in abbreviated form in order to exclude the possibility of direct personal references. If you use a browser on a mobile device, please click this link in order to prevent the anonymous collection of data by Google Analytics on this website using a so-called “opt-out cookie”.
Use of Google AdWords Conversion Tracking with the consent of website visitors
This website uses Google AdWords Conversion Tracking, a web analytics service provided by Google, Inc. based on the consent of website visitors. („Google“). Google AdWords Conversion Tracking also uses “cookies”, which are stored on your computer and which allow an analysis of your use of the website. The information generated by the cookie regarding your use of this website will be transferred to a Google server in the USA and stored there. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties if required to do so by law or if such third parties process the data on Google’s behalf. Google will in no case associate the data with other data owned by Google. You can generally prevent the use of cookies if you prohibit the storage of cookies in your browser.
Use of Google Remarketing with website visitors’s consent
Our websites use the functions of Google Analytics Remarketing in conjunction with the cross-device functions of Google AdWords and DoubleClick. DoubleClick by Google is a service provided by Google Ireland Limited Gordon House, Barrow Street, Dublin, D04 E5W5, Dublin Ireland (“Google”). Google’s Remarketing Features Google uses cookies to present you with ads that are relevant to you. In the process, a pseudonymous identification number (ID) is assigned to your browser in order to check which ads were displayed on your browser and which ads were accessed. The cookies do not contain any personal information. The use of cookies merely enables Google and its partner websites to serve ads based on previous visits to our website or other websites on the Internet. Google transfers the information generated by the cookies to a server in the USA as it is evaluated and stored there. Google complies with the data protection provisions of the “US Safe Harbor” agreement and is registered with the “Safe Harbor” program of the US Department of Commerce. Under no circumstances will Google merge their data with other data collected by Google.
By agreeing to the use of cookies, you consent to the processing of your personal data by Google and the previously described manner of data processing as well as the named purpose. You can prevent the storage of cookies by selecting the appropriate settings on your browser software. You can also prevent the collection of the data generated by cookies and related to your Google website use, as well as the processing of such data by Google, by downloading and installing the browser plugin available under the following link under the item “Extension for DoubleClick deactivation”.
For more information about DoubleClick by Google and privacy, please visit: https://policies.google.com/technologies/ads?hl=de.
Cookies are also used for the remarketing technology or “similar target groups” function of Google Inc. . This function serves the purpose of analyzing visitor behavior and interests. Using this technology, users who have already visited this website and are interested in the offer are addressed again by targeted advertising the Google Partner Network pages. If users agree that their Google web and app browsing history is linked to their Google Account and that information from their Google Account is used to personalize ads, the remarketing function takes place across devices. In order to support this function, Google Analytics collects these users’ Google authenticated IDs. This personal data is temporarily linked to Google Analytics data in order to be able to form target groups. Your data may also be transferred to the USA. An adequacy decision by the European Commission is available for data transfers to the USA.
The data processing is based on Art. 6 (1) lit. f GDPR represents the legitimate interest in targeting visitors to the website with advertising by displaying personalized, interest-based advertising ads to visitors to the provider’s website when they visit other websites in the Google Display Network.
You may object at any time to the processing of your personal data based on Art. 6 (1) f DSGVO on grounds relating to your particular situation.
Google users can adjust their ad settings under “My Account” or deactivate personalized ads. You can therefore permanently disable Google’s use of cookies by following the link below as you can download and install the plug-in provided there: https://support.google.com/ads/answer/7395996?hl=de Alternatively, you can disable third party use of cookies by visiting the Network Advertising Initiative disable page at. open https://www.networkadvertising.org/choices/ and implement further information on opting out mentioned there.
You can find more information on Google Remarketing and the associated privacy policy at: https://www.google.com/privacy/ads/
Use of Facebook retargeting with consent of website visitors.
This website uses remarketing tags provided by the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA, based on the consent of website visitors. Using the remarketing tags., a direct connection is established between your browser and the Facebook server when you visit our websites. Facebook then receives the information that you have visited our site using your respective IP address. This allows Facebook to assign the access of our pages to your user account. We can use the therefore obtained information for the display of Facebook Ads. This function serves the purpose of targeting website visitors using interest-based advertising in the Facebook social network. When you visit the Facebook social network, you will then be shown personalized, interest-based Facebook ads. The data processing is based on Art. 6 (1) lit. f DSGVO based on the legitimate interest in the above-mentioned purpose.
You may object at any time to the processing of your personal data based on Art. 6 (1) f DSGVO on grounds relating to your particular situation. If you do not wish any data to be collected via Custom Audiences, you can deactivate Custom Audiences here.
We would like to point out that as the provider of the website pages we have no knowledge of the content regarding transmitted data or its use by Facebook. For more information, please consult Facebook’s privacy statement at https://www.facebook.com/about/privacy/ .
Use of Google Tag Manager
We use Google Tag Manager in order to implement additional plug-ins on our website. However, Google Tag Manager does not process any personal data. These are only processed by the other installed plug-ins, which is pointed out separately in this privacy policy.
Use of Hotjarwith consent of website visitors
Our website uses the web analytics service Hotjar of Hotjar Ltd. based on the consent of the website visitors. Hotjar Ltd is a European company based in Malta (Hotjar Ltd, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe, Tel: +1 (855) 464-6788).
This tool allows tracking movements on the websites on which Hotjar is used (so-called heatmaps). For example, it is possible to see how far users scroll and which buttons users click on how often. Moreover, using this tool, it is also possible to collect direct feedback from website users. Most importantly, Hotjar’s services can improve the functionality of the Hotjar-based website by making it more user-friendly, valuable and easier to use for the end users.
We pay special attention to the protection of your personal data when using this tool. In this manner, we can only track which buttons are clicked, your mouse history, how far you scrolled, your device’s screen size, your device type and browser information, geographic location (country only), and preferred language to display our website. Areas of the websites in which your personal data or that of third parties is displayed are automatically hidden by Hotjar and are therefore not traceable at any time. In order to exclude a direct personal reference, IP addresses are only stored and processed anonymously. However, Hotjar uses various third-party services such as Google Analytics and Optimizely. It may therefore be the case that these services collect data transmitted by your browser as part of web page requests. These would be, for instance, cookies or your IP address. In these exceptional cases, this processing is carried out in accordance with Art. 6 para. 1 lit. a GDPR based on your given consent for the purpose of statistical analysis of user behavior for optimization and marketing purposes.
Hotjar offers each user the option of using a “Do Not Track header” to disable the use of the Hotjar tool so that no data is recorded when they are visiting the respective website. This is a setting that all common browsers support in their latest versions. For this purpose, your browser sends a request to Hotjar instructing them to deactivate tracking connected to the respective user. If you use our websites with different browsers/computers, you have to set up the “Do Not Track header” for each of these browsers/computers separately.
When visiting a Hotjar-based website, you can prevent Hotjar from collecting your information at any time by going to our opt-out page at https://www.hotjar.com/legal/compliance/opt-out/ and clicking “disable Hotjar”.
For more information about Hotjar Ltd. and about the Hotjar tool, please visit:
https://www.hotjar.com
The privacy policy of Hotjar Ltd. can be found at:
https://www.hotjar.com/privacy/
Use of Indeed Conversion Tracking with the consent of website visitors
Based on our website visitors’ consent, our website uses Indeed Conversion Tracking, which is offered to us by Indeed Ireland Operations Limited, 124 St. Stephen’s Green, Dublin 2, Ireland. We use code for a conversion tracker made available by Indeed in order to reach job seekers or track when someone has applied for a job on our website. This conversion tracker always matches applications to Indeed when the job seeker has started their search there, regardless of any intervening activity. Indeed does not have access to the cookies on our domain.
The conversion tracker is simply a device that informs us that a job applicant has applied for a job. No personal information about the user’s identity is provided – only the number of applications made is returned to the Indeed account. If you disable the web beacon, the conversion tracker will not operate. If you would like to be removed from Indeed’s job seeker web beacon, please click here: https://conv.indeed.com/pagead/conversion-optout.
Use of Intercom
In order to communicate via chat or to be able to answer your support requests, we use Intercom, a service of Intercom, Inc., 98 Battery Street, Suite 402, San Francisco, CA 94111 USA (hereinafter “Intercom”). For this purpose, we transmit your name, e-mail address and IP address to Intercom’s servers. The legal basis for this is Art. 6 para. 1 p. 1 lit. b) DSGVO. This data is stored by Intercom until we delete it. The criteria mentioned in item 6 support this accordingly.
According to the Commission’s Implementing Decision (EU) 2016/1250 dated 12.07.2016, the transfer of data from a controller or processor in the EU to organizations in the U.S. that have committed to comply with the EU-U.S. Privacy Shield Framework Principles (hereinafter “Privacy Shield”), including the Additional Principles, by self-certifying with the U.S. Department of Commerce is permitted. Intercom has committed to these principles through self-certification with the U.S. Department of Commerce.
For detailed information about Intercom’s privacy practices, please visit https://www.intercom.com.
HubSpot
On this website, we use the HubSpot service for various purposes. HubSpot is a software company from the USA with an office in Ireland. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, Phone: +353 1 5187500.
Hubspot is an integrated software solution with which we cover various areas of our online marketing. These include: email marketing, social media publishing & reporting, reporting, contact management (e.B user segmentation & CRM), landing pages and download and contact forms.
Our sign-up service allows visitors to our website to learn more about our company, download content, and provide their contact information as well as other demographic information. This information as well as the contents of our website are stored on our software partner HubSpot’s servers. We can use them to get in touch with visitors to our website and to determine which services of our company are of interest to them. All information we collect is subject to this Privacy Policy. We use all information collected exclusively to optimize our marketing measures.
Learn more about HubSpot’s privacy policy »
More HubSpot information regarding EU data protection regulations »
More information about the cookies used by HubSpot can be found here & here »
As part of the optimization of our marketing measures, the following data may be collected and processed via Hubspot:
– Geographical position
– Browser type
– Navigation information
– Referral URL
– Performance data
– Information about how often the application is used
– Mobile Apps data
– HubSpot subscription service credentials
– Files that are displayed on site
– Domain Names
– Pages viewed
– Aggregated use
– Version of the operating system
– Internet service provider
– IP address
– Device ID
– Duration of the visit
– Where the application was downloaded from
– Operating system
– Events that occur within the application
– Access Times
– Clickstream Data
– Device Model and Version
In addition, we also use Hubspot to provide contact forms. Your consent is the legal basis for the processing in accordance with Art. 6 para. 1 lit. a GDPR. If you do not want the aforementioned data to be collected and processed via Hubspot, you can refuse your consent or revoke it at any time effecting the future.
Personal data will be kept for as long as it is necessary to fulfil the purpose of processing. Data will be deleted as soon as it is no longer required for the acheivement of purpose.
As part of the processing via HubSpot, data may be transmitted to the USA. The security of the transmission is ensured by so-called standard contractual clauses, which ensure that the processing of personal data is subject to a level of security that corresponds to that of the GDPR. If the standard contractual clauses are not sufficient to establish an adequate level of security, your consent in accordance with Art. 49 para. 1 lit. a GDPR serve as the legal basis for the transfer to third countries.
Use of own “cookies” required for the website display
This website uses its own “cookies” to store settings required for website viewing (“cookies” are records sent by the web server to the user’s browser and stored there for later retrieval). No personal data is stored in our own “cookies”. You can generally prevent the use of “cookies” if you prohibit the storage of “cookies” in your browser.
Further explanations on cookies as well as a list of all cookies used, including those that are not necessary, can be found at the end.
Information on further data processing procedures
-
Contact/prospect data
| Data Concerned: | Data communicated for the execution of contract; if applicable. Data going beyond this serving as processing on the basis of your express consent. |
| Purpose of Processing: | Contract execution, including quotes, orders, sales and invoicing, quality assurance. |
| Categories of Recipients: |
|
| Third Country Transfers: | Es werden keine Auftragsverarbeiter außerhalb der Europäischen Union eingesetzt. |
| Duration of Data Storage: | The duration of data storage depends on the legal retention obligations and is usually 10 years. |
Involvement of third party services in case of contact:
(1) When contacting us (e.g. via contact form, e-mail, telephone or via Intercom), your data will be stored for processing the contact request and its handling. The legal basis for this is Art. 6 para. 1 p. 1 lit. b) GDPR. Your information may be stored in a Customer Relationship Management System (“CRM System”) or similar organizational tool.
(2) We shall delete the data accruing in this context after the storage is no longer required or restrict the processing if there are statutory retention obligations in accordance with the provisions set out in no. 6 criteria mentioned above. We review the necessity every 2 years.
(3) We use sipgate, a service provided by sipgate GmbH, Gladbacher Str. 74, 40219 Düsseldorf, Germany (hereinafter referred to as “sipgate”) in order to manage our incoming and outgoing telephone calls with our customers and/or prospective customers. The legal basis for this is Art. 6 para. 1 p. 1 lit. b) GDPR. In this process, telephone numbers and call data (time of call and duration) are stored by Sipgate until we delete the data. The in no. 6 named criteria are applied accordingly.
-
Information on the treatment of personal data in the application process
| Data Concerned: | Application details |
| Purpose of Processing: | Execution of the Application Process |
| Categories of Recipients: |
|
| Third Country Transfers: | Es werden keine Auftragsverarbeiter außerhalb der Europäischen Union eingesetzt. |
| Duration of Data Storage: | Application data will generally be deleted within four months of decision notification, unless consent has been given for data to be stored for a longer period in order to be included in the applicant pool. |
-
Specific information on the processing of employee data
| Data Concerned: | Data communicated for the execution of contract; if applicable. Data going beyond this serving as processing on the basis of your express consent. |
| Purpose of Processing: | Contract execution within the scope of the employment relationship |
| Categories of Recipients: |
|
| Third Country Transfers: | Es werden keine Auftragsverarbeiter außerhalb der Europäischen Union eingesetzt. |
| Duration of Data Storage: | The duration of data storage depends on the legal retention obligations and is usually 10 years. |
-
Specific information on the processing of supplier data
| Data Concerned: | Data communicated for the execution of contract; if applicable. Data going beyond this serving as processing on the basis of your express consent. |
| Purpose of Processing: | Contract execution, including inquiries, purchasing, quality assurance. |
| Categories of Recipients: |
|
| Third Country Transfers: | Es werden keine Auftragsverarbeiter außerhalb der Europäischen Union eingesetzt. |
| Duration of Data Storage: | The duration of data storage depends on the legal retention obligations and is usually 10 years. |
More information and contacts
DarIn addition, you may at any time exercise your right to access, rectification or erasure. Moreover, you can restrict processing or exercise your right to object to processing, as well as the right to data portability. You can contact us by e-mail (datenschutz@lemundo.de) or letter [https://www .lemundo.de/impressum /]. You also have the right to contact the data protection supervisory authority in the event of complaints.
The employees and the service companies commissioned by the provider are obliged to maintain confidentiality and to comply with the provisions of the Federal Data Protection Act and other professional data protection regulations.
Changes to the privacy statement
We reserve the right to change the data protection declaration in order to adapt it to changed legal situations or in the event of changes to the service and data processing. However, this only applies with regard to declarations on data processing. If user consent is required or components of the data protection statement contain provisions of the contractual relationship with the users, the changes will only be made upon the users’ agreement.
Users are requested regularly stay up to date on the contents of the data protection declaration.
Data Security
Within the website visit, we use the widespread SSL procedure (Secure Socket Layer) in connection with the highest encryption level supported by your browser. As a rule, this is a 256-bit encryption. In case your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. The key or lock symbol in the lower status bar of your browser indicates whether an individual page on our website is transmitted in encrypted form.
Additionally, we use appropriate technical and organizational security measures in order to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
Cookie Overview
Privacy Policy Social Media
We operate one or more publicly accessible company websites on the social media networks, especially for self-promotion, but also for recruiting.
According to the ruling of the European Court of Justice (ECJ) issued on 05.06.2018, Ref. C-210/16, the operator of social media sites is jointly responsible for data processing, at least in the case of Facebook fan pages as by Art. 26 GDPR.
We suspect an analogous applicability of this decision to other social networks.
In the following, we would like to inform you about the handling of your data according to. Article 13 of the General Data Protection Regulation (GDPR).
- Responsibility for Data Processing
The individual responsible for the processing of personal data is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.
In case you visit one of our social media outlets such as Facebook, we are
Lemundo GmbH
Lerchenstraße 28
22767 Hamburg
Email: datenschutz@lemundo.de
Telephone (+49) 40 22 86 83 0 0
In part responsible for the data collection and processing described below.
In addition, the social media platforms’ respective operators are partly responsible for data processing.
For certain processing operations, we and the platform operators also act as joint controllers within the meaning of Art. 26 GDPR (processing operations according to No. 4). For more information, see the section on specific social media platforms below.
We have only limited influence on the data processing by operators of the social media platform (e.g. members’ management and shared information). In many instances, we are unable to influence the data processing by the operator of the social media platform and also do not know exactly what data they process.
The platform operator manages the entire IT infrastructure of the service, maintains its own data protection provisions and maintains its own user relationship with you.
- Data processing through social networks
When you visit our social media pages, certain information about you is processed. If you have your own user account on a social network and are logged into this account when you visit our presence on this social network, all of the data you collect in the process will be directly assigned to your existing account.
Social networks can usually analyze your user behavior extensively if you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). Social networks store the data collected about you as usage profiles and may use them for purposes of advertising and market research.
However, your personal data may also be collected under certain circumstances if you are not logged in or do not have an account on the respective social media portal. In this case, this data collection is, for example, carried out via cookies that are stored on your terminal device or by recording your IP address.
When you visit one of our social media pages, we process your actions and interactions with it (e.g., the content of your messages, requests, posts or comments that you address to us or leave on our social media pages, or when you like or share our posts), as well as your public profile data (e.g., your name and profile picture). Which personal data on your profile is publicly viewable depends on your profile settings, which you can manually adjust on the social media platform.
We process data on our social media outlets in order to inform customers about offers, products, promotions, contests, company news and to interact with visitors to the social media presences on these topics, as well as to respond to corresponding queries, praise or criticism and recruiting. This allows us to improve our social media content by collecting demographic and geographic analysis based on the information we collect.
- Legal Basis
Legal basis is Art. 6 para. 1 p. 1 lit. f GDPR.
The data processing is carried out in the interest of our public relations and communication.
If your contact aims at the conclusion of a contract (or is related to an existing contract), the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.
- Contests:
Occasionally, we also offer participation in contests on our social media channels. Unless otherwise specified in special data protection principles for the respective contest or unless you have given us further express consent, the personal data you submit to us as part of your participation in the contest will be used exclusively for the purpose of processing the contest (e.g. determining the prize, notifying you of the prize, sending you the prize). In case you act under a real name in the concerned social media network or are recognizable via photos in your profile, an identification by other users cannot be excluded on our part.
Generally, the legal basis for data processing in case you enter a contest is Article 6 (1) b) DSGVO. We will only share your personal information with relevant third parties in order to enable the administration and operation of our contests.
In the event of a submission of a declaration of consent that extends context of a contest, Article 6 (1) a) DSGVO is the legal basis for the consent-based data processing. Insofar you have declared your consent within the scope of a contest, you have the possibility to revoke these consents at any time with effect for future contests.
The data categories regarding our contest are as follows: social media profile name (if your social media account is under a real name, then also your name and last name), content of your entry. For winners: first and last name, email address, shipping address, phone number.
The processes initiated by the social networks may be based on different legal bases, which are to be specified by their operators.
- Social Networks in Detail
We hold profiles on:
1) Facebook
The data processing respectively takes place on the basis of an agreement between jointly responsible parties pursuant to Art. 26 DSGVO, which you can view here:
https://www.facebook.com/legal/terms/page_controller_addendum
For details, please refer to Facebook’s privacy policy: https://www.facebook.com/about/privacy/
As the operator of the site, we can not exclude the transmission and further processing of personal data by the users to third countries, such as the USA, as well as the associated possible risks for the users.
You can contact Facebook’s data protection officer via the online contact form provided by Facebook at https://www.facebook.com/help/contact/540977946302970.
- Data processing for statistical and marketing purposes
Facebook provides us with so-called page insights for our Facebook page: https://www.facebook.com/business/a/page/page-insights. This is summarized data that allows us to understand how people interact with our site. Page Insights may be based on personally identifiable information collected in connection with an individual’s visit to or interaction with our site and its content. These statistics are generated and provided by Facebook. As the operator of the site, we have no influence on the generation and presentation. We cannot turn off this feature or prevent the generation and processing of data. This serves according to Art. 6 par. 1 lit. f GDPR to protect our legitimate interests in an optimized presentation of our offer and effective communication with customers and interested parties, which prevail in the context of a balancing of interests.
You can object to the processing of your data for the aforementioned purposes at any time by accordingly changing your settings for advertisements in your Facebook user account at https://www.facebook.com/settings?tab=ads.
As part of the “Page Insights Supplement” to the existing contractual arrangements with Facebook, we have reached the agreement with Facebook required by the GDPR in Art. 26 (1) and (2) as to who assumes which data protection obligations. Accordingly, Facebook assumes primary responsibility under the GDPR for the processing of Insights Data and all obligations under the GDPR with respect to the processing of Insights Data (including Art. 12 and 13 GDPR, Art. 15 to 22 GDPR and Articles 32 to 34 of the GDPR). The “Page Insights Supplement” can be viewed at https://www.facebook.com/legal/terms/page_controller_addendum.
2) Instagram
We would like to point out that you use the Instagram channel offered here and its corresponding functions on your own responsibility. This applies in particular to the use of interactive functions (e.g. sharing, liking, disliking, commenting).
For more information, please see Instagram’s privacy policy: https://help.instagram.com/519522125107875
As the operator of the site, we can not exclude the transmission and further processing of personal data by the users to third countries, such as the USA, as well as the associated possible risks for the users.
Responsible for Instagram data protection is the Facebook data protection officer who can be found via the online contact form provided by Facebook: https://www.facebook.com/help/contact/540977946302970.
We only process your data when you contact us via the Instagram platform. In this case, Instagram collects your data and provides it to us.
In this process, we may also store and further process the data. The processing of your personal data is then governed by one of our other privacy statements, depending on which data subject group you belong to.
3) YouTube
We would like to point out that you use the Youtube channel and its respective functions offered here on your own responsibility. This applies in particular to the use of interactive functions (e.g. sharing, liking, disliking, commenting).
We only process your data if you contact us via the YouTube platform. In this case, YouTube collects your data and makes it available to us.
In this process, we may also store and further process the data. The processing of your personal data is then governed by one of our other privacy statements, depending on which data subject group you belong to.
We point out that for any processing going beyond this on our YouTube channel, the privacy policy of Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001 or alternatively Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA is applicable. We have no sustained knowledge of and no influence over the type and scope of the data processed by Google, the way in which it is processed and used or the transfer of this data to third parties. We also have no effective control options available to us in this regard. Further information on the processing of personal data by YouTube can be found here:
- User conditions: http://www.google.com/analytics/terms/de.html
- On data protection: http://www.google.com/intl/de/analytics/learn/privacy.html
- Privacy policy: http://www.google.de/intl/de/policies/privacy
- Standard contractual clauses apply in cases of personal data being transferred to the USA.
4) LinkedIn
We would like to point out that you use the LinkedIn channel offered here and its functions on your own responsibility. This applies in particular to the use of interactive functions (e.g. sharing, liking, disliking, commenting).
We only process your data if you contact us via the LinkedIn platform or apply for an advertised position via LinkedIn for these very purposes. In this case, LinkedIn collects your data and makes it available to us.
In this process, we may also store and further process the data. The processing of your personal data in case of an application is governed by our privacy policy.
Furthermore, we may collect our visitors’ data on our company site, provided that the display as a visitor can be defined as processing. However, we do not store this data on our own systems, nor are they systematically processed beyond an occasional notice.
Our information regarding the responsible body, the data protection officer and the declaration of your rights as a data subject apply to these processing steps.
For any processing beyond this, we point out that the privacy policy of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (hereinafter: LinkedIn) is applicable on our LinkedIn company page.
Further information on the processing of personal data by LinkedIn can be found at https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy
5) Xing
We would like to point out that you use the Xing channel offered here and its respective functions on your own responsibility. This applies in particular to the use of interactive functions (e.g. sharing, liking, disliking, commenting).
We only process your data if you contact us via the XING platform or apply for an advertised position via XING. In this case, XING collects your data and makes it available to us. In this process, we may also store and further process the data. The processing of your personal data in case of an application is governed by our privacy policy.
Furthermore, we may collect our visitors’ data on our company site, provided that the display as a visitor can be defined as processing. However, we do not store this data on our own systems, nor are they systematically processed beyond an occasional notice.
Our information regarding the responsible body, the data protection officer and the declaration of your rights as a data subject apply to these processing steps.
We would like to point out that the privacy policy of XING SE, Dammtorstraße 30, DE-20354 Hamburg, Germany, Tel.: +49 40 419 131-0 , Fax: +49 40 419 131-11, E-Mail: info@xing.com, (hereinafter: XING) is applicable for any further processing on our XING company website. Further information on the processing of personal data by XING can be found here: https://privacy.xing.com/de/datenschutzerklaerung
- Your rights
You can exercise your rights (access, rectification, erasure, restriction of processing, data portability and complaint) in general both against uns as well as against the operator of the respective social media portal (e.g. Facebook).
If you wish to exercise your data subject rights with respect to a specific data processing operation which we control, please contact us. We will then check your request (e.g. request for information or objection) or, if necessary, forward it to the relevant social media platform if your request concerns data processing by social media network’s operator.
Regarding your personal data, you hold the following rights against us.
- Right of access (Art. 15 GDPR) to your personal data processed by us;
- Right to rectification (Art. 16 GDPR) or completion of your personal data processed by us;
- Right to deletion (Art. 17 GDPR) of your personal data processed by us, unless the processing is exceptionally prohibited under Art. 17 para. 3 GDPR
- Right to restriction of processing (Art. 18 GDPR);
- Right to information (Art. 19 GDPR);
- Right to data portability (Art. 20 GDPR);
- Right to revoke consent previously given to us (Art. 7 (3) DSGVO). The revocation of consent does not affect the processing’s lawfulness as it is carried out on the basis of the given consent up to the time of the respective revocation.
- Right to file a complaint with a data protection supervisory authority if you believe that the processing of your personal data is unlawful.
- Objection to the processing of your data:
If we process your personal data within the framework of a balancing of interests on the basis of our overriding legitimate interest, you have the right to object to this processing with effect for the future at any time for reasons arising from your particular situation.
If you exercise your right to object, we will stop processing the data concerned. However, we reserve the right to further processing if we can demonstrate compelling legitimate grounds for the processing which override your interests, fundamental rights and freedoms, or if the processing serves the purpose of asserting, exercising or defending legal claims.
If your personal data is processed by us for the purpose of direct marketing, you can at any time object to the processing of personal data that concerns you for the purpose of such marketing. You can exercise the objection as described above.
If you exercise your right to object, we will stop processing the data concerned for direct marketing purposes.
- Storage Period.
The data collected directly via the social media outlets will be deleted from our systems as soon as the purpose for storing it no longer applies, you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies. Stored cookies remain on your terminal device until you delete them. Mandatory legal provisions – esp. retention periods – remain unaffected.
All public posts posted by you on this social media site will remain in the timeline indefinitely unless we delete them due to an update of the underlying topic, a violation of law as well as a violation of our guidelines or you delete the post yourself.
We have no influence on the storage period of your data as the social networks’ operators use them for their own purposes. For details, please contact the social networks’ operators directly (e.g. in their privacy policy).
