Privacy Policy

Effective of: 11th of July 2022

At qohubs, we care about your personal data. It is very important to us to be transparent about the data we collect about you, how we use such data and with whom we share it. Therefore, we advise you to read the following Privacy Policy to be informed about the processing of your personal data.

 

General Information

Personal designations.

 

This data protection declaration is aimed at all persons who visit our website. All personal designations refer to both male and female and various people and language forms and are always to be understood with the addition "(m/f/d)".

Data protection at a glance.

 

According to Article 12 of the General Data Protection Regulation (hereinafter GDPR), the operators of a website are obliged to inform visitors precisely, transparently, and understandably how personal data is processed. We want to make a sincere contribution to this and summarize our data protection declaration.

The details are below the summary:

We process personal data to establish, perform and/or terminate contracts in the following cases: Wix.com contact form, video conferencing (via TeamViewer or Zoom), Wix.com landing page builder.

We process personal data based on your consent in the following cases: Google Analytics, social networks with linked company pages (Facebook, Instagram, Xing, LinkedIn, Twitter), YouTube videos.

We process personal data based on our legitimate interest in the following cases: transient cookies, rights management (including external legal advice), advertising to existing customers.

In the following cases, we process personal data with the help of automated decision-making (possibly including profiling): No processing takes place here.

Responsible.

The person responsible within the meaning of Article 4 paragraph 7 GDPR for processing personal data of visitors to this website is qohubs doo, Svetice 36, 10000 Zagreb, Croatia, meet@qohubs.com, +385 1 4647 478, management: Dijana Vetturelli, Viktor Vetturelli. 

Rights.

(1) The persons concerned have several rights with regard to the personal data processed about them according to the GDPR, in particular the right to

1. Information about the stored personal data,

2. Correction of incorrectly stored personal data,

3. Deletion of personal data for which there is no legal basis for further storage,

4. Restriction of the processing of stored personal data,

5. Data portability

6. a complaint to the competent supervisory authority for data protection.

(2) As far as the factual requirements of the respective claims are given and we can identify them, we will fulfill your claims promptly.

Automated decision making, including profiling.

Automated decision-making does not take place.

Data transfer to entities outside the European Union

(1) There is the possibility that we transmit and/or have personal data transmitted to bodies located outside the European Union or at least cannot rule this out (hereinafter: third-country body). In these cases, according to Article 44 GDPR, we have to guarantee that the level of protection of the General Data Protection Regulation is not undercut. As a precaution, we would like to point out that the third country office can be both a controller and a processor.

(2) If we refer to a so-called adequacy decision in the following declaration, this means that the third-country agency is located in a country, area, or specific sector for which the Commission has decided that it offers an adequate level of protection. This guarantee then follows from Article 45 GDPR.

(3) If we refer to the so-called standard contractual clauses in the following declaration, this means that the third country body has accepted the so-called EU standard contractual clauses and has thus contractually committed itself to respect the level of protection of the General Data Protection Regulation. This guarantee then follows from Article 46 paragraphs 1 and 5 GDPR.

(4) If we refer in the following declaration to the fact that you have consented to the transfer to the third-country agency, this means that you have been informed of all possible risks of such transfers, for which there is no adequacy decision or other guarantees, and have nevertheless agreed to the data transfer. This guarantee follows from Article 49 Paragraph 1 lit. a GDPR. For reasons of transparency, we describe the corresponding risks in a different place.

(5) We only issue this notice as a precaution. It only applies if we refer to it in the following statement. There is also the possibility that we will not make use of this.

Special constellation: EU standard contractual clauses and third-country offices based in the USA

(1) In addition to the statements under "Data transfer to locations outside the European Union" - paragraph 3, we would like to draw your attention to a special constellation. In the case of transmissions to third-country offices based in the USA, the possibility of invoking the EU standard contractual clauses is restricted. So if we intend to invoke the EU Standard Contractual Clauses in this context (or already do so), we would like to point out the following:

(2) We will only base the transfer of personal data to US third-country entities on the EU Standard Contractual Clauses if we have previously conducted a thorough investigation of the facts involved. In doing so, we first determine a risk level (type and, in particular, the sensitivity of the data concerned, the scope of data processing, the purpose of data processing, susceptibility to misuse). We then check whether the contractual commitments of the US third country office and the technical and organizational measures taken there (e.g., processing of data exclusively in EU-based data centers, encryption technology) sufficiently minimize the previously identified risks. We will only invoke this if we come to the conclusion that the EU standard contractual clauses are, exceptionally, also a sufficient guarantee for a US third-country agency.

(3) We only issue this notice as a precaution. It only applies if we refer to it in the following statement. There is also the possibility that we will not make use of this.

Special constellation: Consent to transfer to third-country entities located in the USA, including risk notices

(1) In addition to the explanations under "Data transfer to bodies outside the European Union" - paragraph 4, we draw your attention to another special constellation. In the case of transfers to third-country entities based in the USA, the possibility of invoking the EU standard contractual clauses is limited. Therefore, in some cases, the only option is to ask you for your consent to this transfer. However, before you give this consent, we ask you to take note of the following risks and consider them when deciding whether to consent:

(2) We urge you to note that data transfers to the U.S. without the protection of an adequate decision may involve significant risks. In particular, please note the following risks:

1. there is no uniform data protection law in the U.S.; certainly not one that would be comparable to the data protection law applicable in the EU. This means that both U.S. companies and government agencies have more opportunities to process your personal data, in particular for advertising targeting, profiling, and conducting (criminal) investigations. Our ability to take action against this is significantly limited.

2. the US legislator has granted itself numerous access rights to your personal data (see, for example, Section 702 of FISA or E.O. 12333 in conjunction with PPD-28), which are not compatible with our understanding of the law. In particular, there is no proportionality test prior to access comparable to those in the European Union.

3. citizens of the European Union cannot expect effective legal protection in the USA.

(3) We make this declaration merely as a precaution. It shall only apply if we refer to it in the subsequent declaration. It is also possible that we will not make use of this.

Note on the legal processing obligation.

Only insofar as we refer to Article 6 (1) sentence 1 lit. c DSGVO in the following privacy statement, there is a legal obligation to process.

Processing operations necessary for the performance of contracts (primary legal basis: Article 6 (1) sentence 1 lit. b DSGVO).

General information on the purpose and legal basis of the processing operations is described below.

(1) The purpose of the processing operations described below is the establishment, performance, termination of contracts, as well as the defense against claims on your part which are directly or indirectly related to the respective contract.

 

(2) Insofar as the purpose of the processing is the establishment, performance, termination of contracts, Article 6 (1) sentence 1 lit. b DSGVO is the legal basis for the processing of your personal data. According to this provision, the processing of your personal data is also permissible without your consent if it is necessary for the performance of a contract to which you are a party or for the implementation of pre-contractual measures that take place at your request.

(3) Insofar as the purpose of the processing is the defense against claims on your part that are directly or indirectly related to the respective contract, Article 6 (1) sentence 1 lit. b DSGVO shall also be the legal basis in addition to Article 6 (1) sentence 1 lit. f DSGVO. Our legitimate interest in this respect follows from our right to defend ourselves against claims on their part.

(4) Insofar as we refer to Article 6(1) sentence 1 lit. f DSGVO, you have the right to object to the processing, which in cases of justified objection leads to an end of the processing based on this. And as far as we do not explicitly refer to Article 6(1) sentence 1 lit. c DSGVO, there is no obligation to process.

 

General information on the storage period with regard to the data within the scope of the processing operations described below.

 

(1) We store the data as long as this is necessary to establish, perform, possibly terminate the contract and/or to defend ourselves against claims by you that are directly or indirectly related to the respective contract.  

(2) If a contractual relationship is established between us, we shall store the data additionally until the expiry of our statutory retention periods. The legal basis for this is Article 6 (1) sentence 1 lit. c DSGVO. According to these regulations, some of the above-mentioned data must also be retained beyond the time when the purpose has been achieved. For example, we may be obliged to keep all business-related documents for 11 years starting from the time of collection.

(3) If we process your data in your capacity as an applicant, we will generally store the data until a final decision has been made on your application and

1. in the event of rejection, for a further six months after rejection, whereby the legal basis for the six-month storage is Article 6 (1) sentence 1 lit. f DSGVO and our legitimate interest follows from the right to defend against discrimination complaints.

2. If we ask you whether you wish to be included in our applicant pool and you answer in the affirmative, until the time of revocation of your consent, the legal basis for this storage is your consent pursuant to Article 6(1) sentence 1 lit. b DSGVO.

In the cases of paragraph 3 clauses 1 and 2, we only reserve the right to store, but a storage obligation is not established by this privacy policy.

(4) Insofar as we refer to Article 6(1) sentence 1 lit. f DSGVO, you have the right to object to the processing, which in cases of justified objection leads to an end of the processing based on this. And unless we expressly refer to Article 6(1) sentence 1 lit. c DSGVO, there is no obligation to process.

 

 

Contact form of Wix.com.

 

In brief: We keep a form available on our website. In this respect, we use the tool of Wix.com Ltd. The data transfer to Israel, which thus cannot be excluded, is justified because the EU has determined an adequate level of data protection for this country.

 

Processing in detail: We provide you with a contact form on this website. We will receive and check the data processed via this and use it to respond to you if necessary. In this respect, we use the tool of Wix.com Ltd. Nemal St. 40, 6350671 Tel Aviv, Israel, telephone no.: +972 (3) 545-4900, fax: +972 (3) 546 6407, e-mail address: support@wix.com. More information on how it works can be found here: https://de.wix.com/features/main. More detailed information about data protection at this provider can be found here: https://support.wix.com/de/article/dsgvo-häufig-gestellte-fragen and here: https://de.wix.com/about/privacy.

 

Data processed: Here, we generally process the following data from you: (1) contact data entered by you and (2) communication data.

 

Third country status: The processing is not prevented by the fact that the recipient(s)/provider(s) are located outside the European Union. This is because the provider is located in Israel, for which the EU Commission has decided that this country offers an adequate level of protection (cf. Article 45 GDPR). The basis for this is the Commission's decision of January 31, 2011 on Case No. K 2011 (332).

 

Zoom.

In a nutshell: You can register with us for a webinar or otherwise communicate with us via a video conferencing tool, in which case we process all the data required for registering (making an appointment, if necessary), conducting and following up on the associated video conference. We use the tool "Zoom" for this purpose. The US data transfer, which cannot be ruled out, is justified because the processing only takes place if you consent to it. It is still important to note that during video conferences - if you voluntarily activate your camera - image data is processed that may allow conclusions to be drawn about particularly sensitive data, such as health if you wear glasses or religious beliefs if you wear religious symbols.

Processing and third-party providers in detail: We use the following provider here: Zoom Video Communications, Inc, 55 Almaden Blvd, Suite 600, San Jose, CA 95113 (USA) further contact option here: https://support.zoom.us/hc/de.  We would like to briefly describe this processing procedure: You can register on our website for one of our webinars or otherwise communicate with us via video conference. We carry out all the necessary steps associated with this, from the initiation, to the implementation, to the follow-up of the webinar via this service provider, who receives your data for these purposes as soon as you register for the webinar via our website, but at the latest when you participate in the webinar. Here, we process the data that the provider provides to us for the purpose of establishing, executing and terminating this contract precisely for these purposes. We have commissioned this provider in accordance with Article 28 DSGVO. The privacy policy of this provider can be found here: https://zoom.us/de-de/privacy.html .

Data processed: Here, we generally process the following data from you: We document via this provider all data that you disclose when registering and participating in the respective webinar or other video conference. You can find more information on how this is processed at: https://zoom.us/webinar. If you voluntarily activate your camera, image data will be processed that may allow conclusions to be drawn about particularly sensitive data, such as health if you wear glasses or religious beliefs if you wear religious symbols.

Third-country tolls: The fact that this provider is based outside the European Union also does not prevent us from commissioning this provider. This is because you can only participate in our webinar or other video conference with us if you consent to the associated transfer of data to the USA (see Article 49(1)(a) DSGVO). Please be sure to read our risk notices beforehand (cf. General Section/Special Constellation: Consent to Transfer to Third-Party Entities Located in the USA, including the risk notices.

 

Landing page builder from Wix.com.

In a nutshell: We have created this website with a landing page tool that also processes data about your interaction with our website on our behalf. In this respect, we use the tool of Wix.com Ltd. The data transfer to Israel, which thus cannot be excluded, is justified because the EU has determined an adequate level of data protection for this country.

Processing and third-party providers in detail: We created this website using a landing page builder. A landing page is a website - often set up for a specific case - that is called up after a click on a search engine entry or an advertising medium (e.g., social media post) so that a contract can be established, executed and/or terminated there. A landing page builder is a provider that enables the creation of such a landing page by means of a modular system. In this context, the landing page builder is also entrusted with the processing of personal data (in particular, collection via forms, the storage and forwarding of collected data, processing of the contract), which is collected via this website. In this respect, we use the tool of Wix.com Ltd. Nemal St. 40, 6350671 Tel Aviv, Israel, telephone no.: +972 (3) 545-4900, fax: +972 (3) 546 6407, email address: support@wix.com. More information on how it works can be found here: https://de.wix.com/features/main. You can find more information about data protection with this provider here: https://support.wix.com/de/article/dsgvo-häufig-gestellte-fragen and here: https://de.wix.com/about/privacy. We have entrusted this provider with these activities in accordance with Article 28 DSGVO.

Data processed: In this context, we generally process the following data from you: personal data that you disclose when visiting our website or communicating with our website (especially via forms). In particular, such data that serve to establish, execute and/or terminate a contract that you conclude via our website (such as order and payment details as well as your contact details).

Third country status: the processing is not prevented by the fact that the recipient(s)/provider(s) are located outside the European Union. This is because the provider is located in Israel, for which the EU Commission has decided that this country offers an adequate level of protection (see Article 45 GDPR). The basis for this is the Commission's decision of January 31, 2011 on Case No. K 2011 (332).

 

Processing operations for which your consent is required (primary legal basis: Article 6(1) sentence 1 lit. a DSGVO).

General information on the purpose and legal basis of the processing operations described below.

(1) The purpose of the processing operations described below is described separately for each tool.

(2) The legal basis for the respective data processing is your consent pursuant to Article 6 (1) sentence 1 a DSGVO. According to this provision, the processing of your personal data is permitted if you have given your consent to processing the personal data relating to you for one or more specific purposes.

 

General information on the storage period regarding the data in the context of the processing operations described below.

(1) We store the data until you have revoked your consent. You can declare your revocation at any time; for example, by sending an informal message to one of the above-mentioned contact channels.

(2) This does not include all data for which a reason for storage other than your consent applies. In particular, we store the information that and how you have consented for five years, whereby the period begins to run on the day following the day on which you revoke your consent. The legal basis for this is Article 6(1) sentence 1 lit. c DSGVO in conjunction with. Article 7(1) DSGVO, as we are obliged to document the granting of consent. Furthermore, this longer storage is also justified by Article 6 (1) sentence 1 lit. f DSGVO, as it is in our legitimate interest to defend ourselves against claims for damages based on the fact that no consent was given at all. This storage interest exists at least until the expiry of the statutory limitation period.

 

Notes on the "consent" legal basis

(1) Insofar as we obtain consent from you for processing, you have the right to revoke this consent at any time with effect for the future. As a rule, this is possible by sending an informal message to us (see "Responsible party." above).

(2) Furthermore, we would like to point out that we process further of your personal data within the scope of obtaining your consent. These are, on the one hand, identity features (such as your name, your e-mail address, your IP address) and, on the other hand, log data on consent (time of consent, status of consent, scope of consent). We base this data processing on Article 6 (1) sentence 1 lit. c DSGVO in conjunction with. Article 7 (1) DSGVO. The purpose is the need to prove that you have given your consent.

 

Cookie consent tool from Wix.com

In a nutshell: To obtain your consent for the use of certain cookies, we use a cookie consent tool. With this, we collect and store all consent processes that you trigger in this context. In this respect, we use the tool of Wix.com Ltd. The data transfer to Israel, which thus cannot be excluded, is justified because the EU has determined an adequate level of data protection for this country.

 

Processing and third-party providers in detail: With this tool, we document your consent to the cookie-based data processing on our website. In this respect, we use the tool of Wix.com Ltd. Nemal St. 40, 6350671 Tel Aviv, Israel, phone no.: +972 (3) 545-4900, fax: +972 (3) 546 6407, e-mail address: support@wix.com. More information on how it works can be found here: https://de.wix.com/features/main. More detailed information about data protection at this provider can be found here: https://support.wix.com/de/article/dsgvo-häufig-gestellte-fragen and here: https://de.wix.com/about/privacy. 

Data processed: In this context, we would like to point out that we process personal data from you when obtaining consent. These are on the one hand identity characteristics and on the other hand log data for consent.

Third country status: The processing is not prevented by the fact that the recipient(s)/provider(s) are located outside the European Union. This is because the provider is located in Israel, for which the EU Commission has decided that this country offers an adequate level of protection (see Article 45 GDPR). The basis for this is the Commission's decision of January 31, 2011 on Case No. K 2011 (332).

 

 

Google Analytics.

 

In a nutshell: We use cookies to evaluate your usage behavior on and interaction with our website. We then evaluate this information in order to be able to design our website in an even more targeted manner. For this purpose, we use the "Google Analytics" tool. The US data transfer, which cannot be ruled out, is justified because the processing only takes place if you consent to it.

 

Processing and third-party providers in detail: To analyze your user behavior on our website, we use the following service provider with its tool described in more detail in the heading: Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043. If you are based within the European Economic Area, your data is additionally processed by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland. We are happy to briefly describe this processing procedure: The tool uses so-called "cookies". These are text files that are stored on your computer and enable an analysis of your use of the website. The provider will use this information on our behalf for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The privacy policy of this provider can be found here: https://policies.google.com/privacy?fg=1 The purpose can be described as follows: We use this tool to be able to analyze and regularly improve the use of our website. The statistics obtained allow us to improve our offer and make it more interesting for you as a user. You can find more details about the way of processing via this provider here: https://marketingplatform.google.com/intl/de/about/analytics/.

 

Data that is processed: This tool uses so-called "cookies". These are text files that are stored on your computer and enable an analysis of your use of the website. The information generated by this about your use of this website is usually transmitted to a server of the provider in the USA and stored there. However, your IP address will be truncated beforehand by the provider within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a server of the provider in the USA and shortened there. The IP address transmitted by your browser when using this tool is not merged with other data by the provider. We also use this tool for a cross-device analysis of visitor flows, which is carried out via a user ID. You can deactivate the cross-device analysis of your usage in your customer account under "My data", "Personal data". For your information, we would like to point out that we use this tool with the extension "_anonymizeIp()". This means that IP addresses are processed in abbreviated form, which means that it is not possible to relate them to a specific person. If the data collected about you is related to a person, this is immediately excluded and the personal data is deleted immediately.

 

Third country status: The processing is not prevented by the fact that the data is transmitted to the USA, possibly in cooperation with Google LLC. This is because we only use this tool if you consent to the associated transfer of data to the USA (see Article 49(1)(a) DSGVO). Please be sure to read our risk notices beforehand (cf. General Part/Special Constellation: Consent to Transfer to Third-Party Entities Located in the USA, including the risk notices). 

 

 

Facebook.

 

In a nutshell: We use the social network "Facebook". In doing so, we process data about your interaction with this social network and with us via this social network. We receive detailed information about this, which we use in a targeted manner; for example, for the purposes of improved communication, promotional approaches and the determination of potential customers. The US data transfer, which cannot be excluded, is justified because the processing only takes place if you consent to it.

 

Joint responsibility: If and insofar as we analyze visitor interactions with our company site, we are in this respect jointly responsible with the provider of the social network under data protection law; this in accordance with Article 26 DSGVO. Our agreement with the provider can be found here: https://www.facebook.com/legal/terms/page_controller_addendum. You can find out when the provider and when we process your personal data on our own responsibility under "Processing and third-party providers".

Processing and Third-Party Providers: We use the above-mentioned social media. Its provider is: Facebook Inc, 1601 S. California Avenue, Palo Alto, CA 94304, USA. If you are located outside the USA and/or Canada, Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland is responsible. We have no influence on the data collected and data processing operations, nor are we aware of the full extent of the data collection, the purposes of the processing, the storage periods. We also have no information on the deletion of the collected data by this provider. If you select our company pages, it is possible that the provider stores the data collected about you as usage profiles and uses these for purposes of advertising, market research and/or demand-oriented design of its website. You have the right to object to the creation of these user profiles, whereby you must contact the provider to exercise this right. A privacy policy of the provider can be found here: https://www.facebook.com/policy.php. Insofar as we can influence the data processing, its purpose is to present our company, to analyze your usage behavior with regard to interaction with our company page maintained there, as well as to communicate with you via this social network (possibly advertising). If and insofar as we commission Facebook to process data for us beyond this, we are a principal within the meaning of Article 28 DSGVO.

 

Data that is processed: We maintain a company page on this social network and may analyze whether and how you have visited our company page there; whether and how you react to our posts on social networks; whether and how you communicate with us via the channels there. In this respect, the consent that you have given to this provider is decisive.

 

Supplementary information on the legal basis: In addition to our general statements on the legal basis, we also inform you here: If you yourself maintain a profile on this social medium, the legal basis is your consent within the meaning of Article 6(1) sentence 1 lit. a DSGVO, which you have given to the provider of the social network. In all other cases, the legal basis is Article 6(1) sentence 1 lit. f DSGVO, according to which your data may be processed if it is necessary to protect our legitimate interests or the interests of a third party, unless your interests or fundamental rights and freedoms requiring the protection of personal data override these, in particular if the data subject is a child. We have the economic interest to link our company pages, whereby you click on the links independently and voluntarily. In all other respects, the provider is responsible.

 

Third country status: The US data transfer, which cannot be ruled out, does not prevent the commissioning of or joint responsibility with the provider of this social. This is because the processing of your personal data via this tool only takes place if you consent to the associated data transfer to the USA (cf. Article 49 (1) lit. a DSGVO). This is done towards us, as far as we control the data processing. Please be sure to read our risk notices before doing so (cf. General Section/Special Constellation: Consent to Transfer to Third-Party Entities Located in the USA, including the risk notices). Insofar as the provider controls the processing (for example, if you visit the social network independently of an action on our website), there is already no transmission by us to the USA, so that we also do not have to provide any further guarantee within the meaning of Article 44ff. of the GDPR. Here, there is at most a relationship between us and the provider of the social network within the meaning of Article 26 of the GDPR.

 

Addition "company page": We have linked our company page with this provider on our website. If you click on this link (meaning the link to our company page), you will be taken to our profile. With regard to this processing, we refer to our previous statements on visiting our company page with this provider. 

 

 

Instagram.

 

In a nutshell: We use the social network "Instagram". In doing so, we process data about your interaction with this social network and with us via this social network. This provides us with detailed information that we use in a targeted manner; for example, for the purposes of improved communication, promotional approaches and the determination of potential customers. The US data transfer, which cannot be excluded, is justified because the processing only takes place if you consent to it.

 

Joint responsibility: If and insofar as we analyze visitor interactions with our company website, we are in this respect jointly responsible with the provider of the social network under data protection law; this in accordance with Article 26 DSGVO. You can find out when the provider and when we process your personal data on our own responsibility under "Processing and third-party providers".

 

Processing and third-party providers in detail and joint responsibility: We use the above-mentioned social medium. Its provider is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland, impressum@support.instagram.com. We have no influence on the data collected and data processing operations, nor are we aware of the full scope of data collection, the purposes of processing, the storage periods. We also have no information on the deletion of the collected data by this provider. If you select our company pages, it is possible that the provider stores the data collected about you as usage profiles and uses these for purposes of advertising, market research and/or demand-oriented design of its website. You have the right to object to the creation of these user profiles, whereby you must contact the provider to exercise this right. A privacy policy of the provider can be found here: https://help.instagram.com/519522125107875. As far as we can influence the data processing, its purpose is to present our company, to analyze your usage behavior in relation to the interaction with our company page maintained there, as well as to communicate with you via this social network (possibly advertising). If and insofar as we commission this provider to process data for us beyond this, we are the client within the meaning of Article 28 DSGVO.

 

Data that is processed: We maintain a company page on this social network and may analyze whether and how you have visited our company page there; whether and how you react to our posts on social networks; whether and how you communicate with us via the channels there. In this respect, the consent that you have given to this provider is decisive.

 

Supplementary information on the legal basis: In addition to our general statements on the legal basis, we also inform you here: If you yourself maintain a profile on this social medium, the legal basis is your consent within the meaning of Article 6 (1) sentence 1 lit. a DSGVO, which you have given to the provider of the social network. In all other cases, the legal basis is Article 6(1) sentence 1 lit. f DSGVO, according to which your data may be processed if it is necessary to protect our legitimate interests or the interests of a third party, unless your interests or fundamental rights and freedoms requiring the protection of personal data override these, in particular if the data subject is a child. We have the economic interest to link our company pages, whereby you click on the links independently and voluntarily. In all other respects, the provider is responsible.

 

Third country status: The US data transfer, which cannot be ruled out, does not prevent the commissioning of or joint responsibility with the provider of this social. This is because the processing of your personal data via this tool only takes place if you consent to the associated data transfer to the USA (cf. Article 49 (1) lit. a DSGVO). This is done towards us, as far as we control the data processing. Please be sure to read our risk notices before doing so (cf. General Section/Special Constellation: Consent to Transfer to Third-Party Entities Located in the USA, including the risk notices). Insofar as the provider controls the processing (for example, if you visit the social network independently of an action on our website), there is already no transmission by us to the USA, so that we also do not have to provide any further guarantee within the meaning of Article 44ff. of the GDPR. Here, there is at most a relationship between us and the provider of the social network within the meaning of Article 26 of the GDPR.

 

Addition "company page": We have linked our company page with this provider on our website. If you click on this link (meaning the link to our company page), you will be taken to our profile. With regard to this processing, we refer to our previous statements on visiting our company page with this provider. 

 

 

LinkedIn.

 

In a nutshell: We use the social network "LinkedIn". In doing so, we process data about your interaction with this social network and with us via this social network. This provides us with detailed information that we use in a targeted manner; for example, for the purposes of improved communication, promotional approaches and the identification of potential customers. The U.S. data transfer, which cannot be excluded, is justified because the processing only takes place if you consent to it.

 

Joint responsibility: If and insofar as we analyze visitor interactions with our company website, we are in this respect jointly responsible with the provider of the social network under data protection law; this in accordance with Article 26 DSGVO. You can find out when the provider and when we process your personal data under our own responsibility under "Processing and third-party providers".

 

Processing and third-party providers in detail and joint responsibility: We use the above-mentioned social medium. Its provider is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. We have no influence on the data collected and data processing operations, nor are we aware of the full scope of data collection, the purposes of processing, the storage periods. We also have no information on the deletion of the collected data by this provider. If you select our company pages, it is possible that the provider stores the data collected about you as usage profiles and uses these for purposes of advertising, market research and/or demand-oriented design of its website. You have the right to object to the creation of these user profiles, whereby you must contact the provider to exercise this right. A privacy policy of the provider can be found here: https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv. Insofar as we can influence the data processing, its purpose is to present our company, to analyze your usage behavior in relation to the interaction with our company page maintained there, as well as to communicate with you via this social network (possibly advertising). If and insofar as we commission this provider to process data for us beyond this, we are the client within the meaning of Article 28 DSGVO.

 

Data that is processed: We maintain a company page on this social network and may analyze whether and how you have visited our company page there; whether and how you react to our posts on social networks; whether and how you communicate with us via the channels there. In this respect, the consent that you have given to this provider is decisive.

 

Supplementary information on the legal basis: In addition to our general statements on the legal basis, we also inform you here: If you yourself maintain a profile on this social medium, the legal basis is your consent within the meaning of Article 6 (1) sentence 1 lit. a DSGVO, which you have given to the provider of the social network. In all other cases, the legal basis is Article 6(1) sentence 1 lit. f DSGVO, according to which your data may be processed if it is necessary to protect our legitimate interests or the interests of a third party, unless your interests or fundamental rights and freedoms requiring the protection of personal data override these, in particular if the data subject is a child. We have the economic interest to link our company pages, whereby you click on the links independently and voluntarily. In all other respects, the provider is responsible.

 

Third country status: The data processing operations are also not prevented by the fact that the data may be processed outside the European Union by the provider, possibly in cooperation with LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA. This is because the processing of your personal data via this tool only takes place if you consent to the associated data transfer to the USA (cf. Article 49 (1) lit. a DSGVO). This is done vis-à-vis us, insofar as we control the data processing. Please be sure to read our risk notices before doing so (cf. General Section/Special Constellation: Consent to Transfer to Third-Party Entities Located in the USA, including the risk notices). Insofar as the provider controls the processing (for example, if you visit the social network independently of an action on our website), there is already no transmission by us to the USA, so that we also do not have to provide any further guarantee within the meaning of Article 44ff. of the GDPR. In this case, there is at most a relationship between us and the provider of the social network within the meaning of Article 26 of the GDPR.

 

Addition "company page": We have linked our company page with this provider on our website. If you click on this link (meaning the link to our company page), you will be taken to our profile. With regard to this processing, we refer to our previous statements on visiting our company page with this provider. 

 

 

Xing.

 

In a nutshell: We use the social network "Xing". In doing so, we process data about your interaction with this social network and with us via this social network. This provides us with detailed information that we use in a targeted manner; for example, for the purposes of improved communication, promotional targeting and determining potential customers.

 

Joint responsibility: If and insofar as we analyze visitor interactions with our company site, we are in this respect jointly responsible with the provider of the social network under data protection law; this in accordance with Article 26 DSGVO. You can find out when the provider and when we process your personal data on our own responsibility under "Processing and third-party providers".

 

Processing and third-party providers in detail and joint responsibility: We use the above-mentioned social medium. Its provider is New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany. We have no influence on the collected data and data processing operations, nor are we aware of the full scope of data collection, the purposes of processing, the storage periods. We also have no information on the deletion of the collected data by this provider. If you select our company pages, it is possible that the provider stores the data collected about you as usage profiles and uses these for purposes of advertising, market research and/or demand-oriented design of its website. You have the right to object to the creation of these user profiles, whereby you must contact the provider to exercise this right. A privacy policy of the provider can be found here: https://privacy.xing.com/de/datenschutzerklaerung. Further information on data protection with this provider can also be found here: https://privacy.xing.com/de. Insofar as we can influence the data processing, its purpose is to present our company, to analyze your usage behavior in relation to interaction with our company page maintained there, as well as to communicate with you via this social network (possibly advertising). 

Data that is processed: We maintain a company page on this social network and may analyze whether and how you have visited our company page there; whether and how you react to our posts on social networks; whether and how you communicate with us via the channels there. In this respect, the consent that you have given to this provider is decisive.

 

Supplementary information on the legal basis: In addition to our general statements on the legal basis, we also inform you here: If you yourself maintain a profile on this social medium, the legal basis is your consent within the meaning of Article 6 (1) sentence 1 lit. a DSGVO, which you have given to the provider of the social network. In all other cases, the legal basis is Article 6(1) sentence 1 lit. f DSGVO, according to which your data may be processed if it is necessary to protect our legitimate interests or the interests of a third party, unless your interests or fundamental rights and freedoms requiring the protection of personal data override these, in particular if the data subject is a child. We have the economic interest to link our company pages, whereby you click on the links independently and voluntarily. In all other respects, the provider is responsible.

 

Addition "company page": We have linked our company page with this provider on our website. If you click on this link (meaning the link to our company page), you will be taken to our profile. With regard to this processing, we refer to our previous statements on visiting our company page with this provider. 

 

Twitter.

 

In a nutshell: We use the social network "Twitter". In doing so, we process data about your interaction with this social network and with us via this social network. This provides us with detailed information, which we use in a targeted manner; for example, for the purposes of improved communication, promotional approaches and the determination of potential customers. The U.S. data transfer, which cannot be excluded, is justified because the processing only takes place if you consent to it.

 

Joint responsibility: If and insofar as we analyze visitor interactions with our company website, we are in this respect jointly responsible with the provider of the social network under data protection law; this in accordance with Article 26 DSGVO. You can find out when the provider and when we process your personal data under our own responsibility under "Processing and third-party providers".

 

Processing and third-party providers in detail and joint responsibility: We use the above-mentioned social medium. Its provider is Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland. We have no influence on the data collected and data processing operations, nor are we aware of the full scope of data collection, the purposes of processing, the storage periods. We also have no information on the deletion of the collected data by this provider. If you select our company pages, it is possible that the provider stores the data collected about you as usage profiles and uses these for purposes of advertising, market research and/or demand-oriented design of its website. You have the right to object to the creation of these user profiles, whereby you must contact the provider to exercise this right. A privacy policy of the provider can be found here: https://twitter.com/de/privacy. To the extent that we can influence the data processing, its purpose is to present our company, to analyze your usage behavior in relation to interaction with our company page maintained there, as well as to communicate with you via this social network (possibly advertising).

 

Data processed: We maintain a company page on this social network and may analyze whether and how you have visited our company page there; whether and how you react to our posts on social networks; whether and how you communicate with us via the channels there. In this respect, the consent that you have given to this provider is decisive.

 

Supplementary information on the legal basis: In addition to our general statements on the legal basis, we also inform you here: If you yourself maintain a profile on this social medium, the legal basis is your consent within the meaning of Article 6 (1) sentence 1 lit. a DSGVO, which you have given to the provider of the social network. In all other cases, the legal basis is Article 6(1) sentence 1 lit. f DSGVO, according to which your data may be processed if it is necessary to protect our legitimate interests or the interests of a third party, unless your interests or fundamental rights and freedoms requiring the protection of personal data override these, in particular if the data subject is a child. We have the economic interest to link our company pages, whereby you click on the links independently and voluntarily. In all other respects, the provider is responsible.

 

Third country status: The data processing operations are also not prevented by the fact that the data may be processed outside the European Union by the provider, possibly in cooperation with Twitter, Inc., 1355 Market Street #900, San Francisco, California 94103 USA. This is because the processing of your personal data via this tool only takes place if you consent to the associated data transfer to the USA (cf. Article 49 (1) lit. a DSGVO). This is done vis-à-vis us, insofar as we control the data processing. Please be sure to read our risk notices before doing so (cf. General Section/Special Constellation: Consent to Transfer to Third-Party Entities Located in the USA, including the risk notices). Insofar as the provider controls the processing (for example, if you visit the social network independently of an action on our website), there is already no transmission by us to the USA, so that we also do not have to provide any further guarantee within the meaning of Article 44ff. of the GDPR. In this case, there is at most a relationship between us and the provider of the social network within the meaning of Article 26 of the GDPR.

 

Addition "company page": We have linked our company page with this provider on our website. If you click on this link (meaning the link to our company page), you will be taken to our profile. With regard to this processing, we refer to our previous statements on visiting our company page with this provider. 

YouTube (with its own channel).

 

In a nutshell: We use a video playback solution to present our and/or third-party videos to you as part of our Internet presence, but also on our channel. When you start these videos, both the provider of the video platform and we document this in order to subsequently be able to show you interest-based information and ads. In this respect, we use the portal "YouTube". The US data transfer, which cannot be ruled out, is justified because the processing only takes place if you consent to it.

 

Processing and third-party providers in detail: We use the above-mentioned video platform or portal on our website. Its provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043. If you are based within the European Economic Area, your data is additionally processed by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland. A privacy policy of the provider can be found here: https://policies.google.com/privacy?fg=1.Gern we describe this processing procedure specifically: Plugins of the video portal YouTube are integrated on our website. Each time you call up a page that offers one or more YouTube video clips, a direct connection is established between your browser and a YouTube server. These videos are all embedded in "extended data protection mode" No data about you as a user will be transmitted to YouTube if you do not play the videos. Only when you play the videos, the data mentioned in paragraph 3 will be transmitted. We have no influence on this data transmission. If you use a Google account and do not want the assignment with your profile on YouTube, you must log out before activating the button.

 

Data processed: By visiting the website, YouTube receives the information that you have accessed the corresponding subpage of our website. This occurs regardless of whether YouTube provides a user account through which you are logged in or whether there is no user account. If you are logged in to Google, your data will be directly assigned to your account. YouTube stores your data as usage profiles and uses them for purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) for the provision of needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right. Further information on the purpose and scope of data collection and its processing by YouTube can be found in the privacy policy. There you will also find further information on your rights and setting options to protect your privacy: https://www.google.de/intl/de/policies/privacy.

 

Third country status: The processing is not prevented by the fact that the data is transferred to the USA, possibly in cooperation with Google LLC. This is because we only use this tool if you consent to the associated transfer of data to the USA (see Article 49(1)(a) DSGVO). Please be sure to read our risk notices beforehand (cf. General Part/Special Constellation: Consent to Transfer to Third-Party Entities Located in the USA, including the risk notices). 

 

Addition "Company page": We have linked our company page with this provider on our website. If you click on this link (meaning the link to our company page), you will be taken to our profile. With regard to this processing, we refer to our previous statements on visiting our company page with this provider. 

 

Processing operations for which your consent is required (primary legal basis: Article 6(1) sentence 1 lit. f DSGVO).

 

General information on the purpose and legal basis of the processing operations described below.

(1) The purpose of the processing operations described below is described separately for each tool. It is the decisive justification for our legitimate interest in the processing.

(2) The legal basis for the respective data processing is Article 6 (1) sentence 1 lit. f DSGVO. According to this provision, the processing of your personal data is also permitted without your consent if it is necessary for the protection of our legitimate interests or those of a third party, unless your interests or fundamental rights and freedoms requiring the protection of personal data are overridden.

 

General information on the storage period with regard to the data within the scope of the processing operations described below.

 

(1) We store the data until our purpose has ceased to exist, which is always the case if you have raised a justified objection (see "Notice on the right to object."). 

(2) This does not include all data for which a reason for storage other than a legitimate interest applies. In particular, we store the information from which our legitimate interest arises for five years, starting on the day following the day on which you declared your objection or the interest ceased to exist.  This longer storage is on the one hand regulated by Article 6 (1) sentence 1 lit. c DSGVO in conjunction with. Article 5(2) DSGVO, as we are accountable with regard to the lawfulness of the data processing. This is also additionally justified by Article 6(1) sentence 1 lit. f DSGVO, as it is in our legitimate interest to defend ourselves against claims for damages based on the fact that no legitimate interest would have existed. This storage interest exists at least until the expiry of the statutory limitation period.

 

Notes on the right of objection

(1) Insofar as we base data processing in the following data protection statement on Article 6 (1) sentence 1 lit. f DSGVO, i.e. on a legitimate interest in the processing, you always have the right to object to the processing. As a rule, this is possible by sending an informal message to us (see "Responsible party." above). If the objection is justified, we will stop the processing.

(2) If the legitimate interest is based on the interest in direct advertising or promotional addressing, your objection is always justified, insofar as you are identified.

 

Promotional Addressing of Contractual Partners.

 

In brief: Insofar as you conclude a contract with us, whether it is a paid or free contract, there is the possibility that we will provide you with useful information by e-mail. You can object to this at any time, by informal message to us.

 

Processing and Third Party Providers in Detail: We process your email address and name to send you useful information by email at regular or irregular intervals. Furthermore, we store the information that a contractual relationship exists or existed between us in order to be able to prove our legitimate interest.

 

Data processed: We store and use your e-mail address, your name and the status data relating to the contractual relationship.

 

Special note on the right to object: You can object to the use of your data for this purpose at any time; for example, by sending us an informal message (contact channels can be found at the beginning of the privacy policy and in our imprint). In particular, you can object without incurring any costs other than the transmission costs according to the prime rates.

 

Informational use of the website.

 

In brief: When you visit our Internet site, so-called transient cookies briefly process data from you in order to display the Internet site to you.

 

Processing in detail: We use so-called transient cookies on our website. These include, in particular, session cookies. These store a so-called session ID, with which various requests of the visitor's browser can be assigned to the common session. This allows the visitor's computer to be recognized when the visitor returns to your website.

 

Data processed: IP address, date and time of the request, time zone difference to Greenwich Mean Time (GMT), content of the request (specific page), access status/HTTP status code, amount of data transferred in each case , website from which the request comes, browser, operating system and its interface, language and version of the browser software. We receive this data via cookies and directly from your browser.

 

Rights Management.

 

In a nutshell: If you assert rights against us (e.g., request for information), we process the associated communication data to be able to prove later how we handled your claims.

 

Processing in detail: You have a number of rights vis-à-vis us (see General section, Rights of visitors to the website). If you assert rights against us, we process the related contact, communication and transaction data. We process your data as follows:

1. we receive your request.

2. we examine your request.

3. if justified, we comply with your request.

4. we store the related data.

 

Addition to the legal basis: While the processing in the sense of the intention paragraphs 1 to 3 is justified by Article 6(1) sentence 1 lit. c DSGVO (we are obliged to process your concerns as a rule from the DSGVO), the purpose of the storage (paragraph 2 clause 4) is that we store the data in order to be able to defend ourselves later against claims from your side. This is also our legitimate interest. We store your data for five years, starting on the day following the day on which you asserted your rights.

 

Data processed: Name, contact details and communication content.

 

External advice on your claims.

 

In brief: When you assert rights against us (e.g., requests for information), in some cases we seek external advice (e.g., legal advice, data protection officer, IT service provider ...).

 

Processing in detail: You have a number of rights vis-à-vis us (see General section, Rights of visitors to the website). If you assert rights against us, we forward this request to external service providers for examination, who are in turn sworn to secrecy. weck of the processing is that we obtain expert advice to process your concerns in accordance with the law. This is in both our and your legitimate interests.

 

Data processed: Name, contact details and communication content.