Go to
current jobs

Data Protection

We take the protection of your personal data seriously

 

PRIVACY POLICY 

This Privacy Policy  explains to you the type, scope and purpose of the processing of personal data (hereinafter referred to as "data") in the scope of provision of our services on our website and the associated websites, functions and content, as well as external online presences, such as our social media profile (hereinafter jointly referred to as the "website"). We refer to the definitions in Article 4 of the General Data Protection Act (GDPR) with regard to the terms used, such as "processing" or "controller".


Data controller

salesjob Personalberatung GmbH
Grunewaldstraße 61-62
10825 Berlin
Contact: Bitte aktiveren Sie Javascript.
Managing Director: Clemens Nau
Legal Notice: https://sales-job.com/en/about-us/imprint/
Contact Data Protection Officer: Bitte aktiveren Sie Javascript.


Types of data processed

- Inventory data (e.g., personal master data, names or addresses).
- Contact data (e.g. email address, phone numbers).
- Content data (e.g. text input, photographs, videos).
- Usage data (e.g. websites visited, interest in content, access times).
- Meta/communication data (e.g. device information, IP addresses).


Categories of data subjects

Visitors and users of the online offer (hereinafter, data subjects are also referred to as "users" by us).

Purpose of the processing:
- Provision of the website, its functions and contents.
- Response to contact requests and communication with users.
- Security measures.
- Range measurement/Marketing

Terms used

“Personal data” refers to all information relating to an identified or identifiable natural person (hereinafter “data subject”); a natural person is regarded as identifiable, if he/she can be directly or indirectly identified, especially by means of association with an identifier such as a name, with an identification number, with location data, with an online identifier (e.g. cookies) or with one or several special features reflecting the physical, physiological, genetic, psychological, economic, cultural, or social identity of that natural person.
"Processing" means any operation carried out with or without the aid of automated procedures or any such series of operations in connection with personal data. The term is broad and covers virtually every aspect of dealing with data.

"Pseudonymisation" means the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without additional information, provided that this additional information is kept separately and is subject to technical and organisational measures ensuring that the personal data is not attributed to an identified or an identifiable natural person.
"Profiling" means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location, or movements.

"Data controller" refers to the natural or legal person, public authority, agency, or any other body that alone or jointly with others determines the purposes and means of the processing of personal data.
A "processor " is a natural or legal person, public authority, agency or other body that processes personal data on behalf of the  data controller.


Applicable legal bases

In accordance with Article 13 GDPR, we inform you of the legal basis of our data processing. For users within the scope of the General Data Protection Regulation (GDPR), i.e. the EU and the EEC, as long as the legal basis in the Privacy Policy  is not mentioned, the following applies:

The legal basis for obtaining consent is Article 6 para. 1 lit. a and Article 7 GDPR
The legal basis for processing for the fulfilment of our services and the execution of contractual measures as well as for replying to enquiries is Article 6 para. 1 lit. b GDPR
 The legal basis for processing to fulfil our legal obligations is Article 6 para. 1 lit. c GDPR
In the event that vital interests of the data subject or another natural person require processing of personal data, Article 6 para. 1 lit. d GDPR applies as the legal basis.
The legal basis for the processing required to carry out a task in the public interest or in the exercise of official authority which has been entrusted to the controller is article 6 para. 1 lit. e GDPR.
The legal basis for processing to protect our legitimate interests is Article 6 para. 1 lit. f GDPR.
The processing of data for purposes other than those for which it was collected is determined in accordance with Article 6 para. 4 GDPR.
The processing of special categories of data (in accordance with Article 9 para. 1 GDPR) is determined in accordance with the provisions of Article 9 para. 2 GDPR.


Security measures

In accordance with legal requirements, we take appropriate technical and organisational measures to ensure a level of protection appropriate to the risk, taking into account current technology, implementation costs, the nature, scope, context and purposes of processing, and the varying likelihood and severity of the risk to the rights and freedoms of natural persons.
The measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical access to the data, as well as the access, input, transmission, security of availability and its separation. Furthermore, we have established procedures that guarantee the exercise of data subjects' rights, deletion of data, and reaction to data risks. In addition, we take the protection of personal data into account as early as the development or selection of hardware, software and procedures, in accordance with the principle of data protection through technology design and data protection-friendly defaults.

Collaboration with processors, mutual data controllers and third parties
If, in the context of our processing, we disclose data to other persons and companies (processors, mutual data controllers or third parties), transmit it to them or otherwise grant access to the data, this will only be done on the basis of a legal permission (e.g. if the data has been transmitted to third parties, such as payment service providers, to fulfil the contract), users have consented to a legal obligation to do so or on the basis of our legitimate interests (e.g. the use of agents, web hosts, etc.).

Insofar as we disclose data to other companies in our group, convey it or otherwise grant access to it, this is done in particular for administrative purposes as a legitimate interest and, moreover, on a basis that complies with the legal requirements.

Transfers to third countries

If we process data in a third country (i.e. outside the European Union (EU), the European Economic Area (EEA) or the Swiss Confederation) or in the context of the use of third party services or disclosure, or transmission of data to other persons or companies, this will only occur if it is to fulfil our (pre)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Except as expressly provided or required by law, we process or disclose the data only in third countries with a recognised level of privacy, including those certified under the "Privacy Shield", or on the basis of specific warranties, such as contractual obligations under so-called standard safeguards of the EU Commission, the existence of certifications or binding internal data protection regulations (Articles 44 to 49 GDPR, information page of the European Commission).

Data subject's rights

You have the right to request confirmation as to whether the data in question is being processed and for information about this data as well as for further information and copying of the data in accordance with legal requirements.
You have the right, in accordance with the legal requirements, to demand the completion of the data concerning you or the correction of the incorrect data concerning you.
In accordance with the statutory provisions, you have the right to demand that the relevant data be deleted immediately, or alternatively to demand a restriction of the processing of the data in accordance with the statutory provisions.
You have the right to request the data concerning you that you have provided to us in accordance with Article 20 GDPR and to request its transmission to other controllers.
You also have the right, in accordance with the statutory provisions, to submit a complaint to the competent supervisory authority.


Right to cancel/revoke orders

You have the right to withdraw granted consent with effect for the future.

Right to object

You may object to the future processing of your data in accordance with legal requirements at any time. The objection may be lodged in particular against processing for direct advertising purposes.

Cookies and right of objection to direct advertising

Cookies are small files that are stored on the user's computer. Different data can be stored within the cookies. A cookie is primarily used to store information about a user (or the device on which the cookie is stored) during or after his/her visit to a website. Temporary cookies, "session cookies" or "transient cookies", are cookies that are deleted after a user leaves a website and closes his/her browser. For example, the content of a shopping cart in an online shop or a login status can be stored in a cookie of this nature. Cookies are referred to as "permanent" or "persistent" if they remain saved even after the browser is closed. For example, the login status can be saved if users visit it after several days have passed. Likewise, the interests of users may be stored in a cookie of this nature and used for reach measurements or marketing purposes. "Third-party cookies" are cookies that are offered by providers other than the data controller who operates the website (otherwise, if the only cookies are run by the data controller, they are referred to as "first-party cookies").

We may use temporary and permanent cookies and clarify this within the framework of our Privacy Policy .

If we ask the users for their consent to the use of cookies (e.g. in the context of a cookie consent), the legal basis for this processing is Article 6 para. 1 lit. a GDPR. Otherwise, the personal cookies of the users will be used in accordance with the following explanations in the context of this Privacy Policy  on the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Article 6 para. 1 lit. f GDPR) or if the use of cookies is necessary to provide our contract-related services, according to Article 6 para. 1 lit. b GDPR, or if the use of cookies is necessary to perform a task that is in the public interest or in the exercise of public authority, according to Article 6 para. 1 lit. e GDPR.

If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Cookies that are already saved can be deleted in the system settings of the browser at any time. Deactivating the use of cookies can restrict some of this website's functionality.

A general objection to the use of cookies used for online marketing purposes can be declared for a large number of services, especially in the case of tracking, via the US site http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/. Furthermore, you can disable the storage of cookies in the browser settings. Please note that in this case not all functions of the website can be used in full.

Deletion of data

The data processed by us is deleted will be deleted or restricted in its processing in accordance with the legal requirements. Unless expressly stated in this Privacy Policy , the data stored by us will be deleted as soon as it is no longer required for their intended purpose and the deletion does not conflict with any statutory storage obligations.
If the data is not deleted because it is necessary for other and legally permissible purposes, the processing of the data will be restricted. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax reasons.

Changes and updates to this Privacy Policy 

We ask you to inform yourself regularly about the contents of our Privacy Policy . We will adapt the Privacy Policy  as soon as changes in the data processing carried out by us make this necessary. We will inform you as soon as the changes require your cooperation (e.g. consent) or other individual notification.

Business-related processing

Additionally we process:

  • Contract data (for example, contract object, duration, customer category).
  • Payment data (e.g., bank details, payment history)

from our customers, prospects and business partners for the purpose of providing contractual services, service and customer care, marketing, advertising and market research.


Agency services

We process our customers' data as part of our contractual services, which include conceptual and strategic consulting, campaign planning, software and design development/ consulting or maintenance, implementation of campaigns and processes / handling, server administration, data analysis/ consulting services and training services.

We process inventory data (e.g., customer master data, such as names or addresses), contact data (e.g., email, telephone numbers), content data (e.g., text entries, photographs, videos), contract data (e.g., subject matter of the contract, term), payment data (e.g., bank details, payment history), usage and metadata (e.g. as part of the evaluation and performance measurement of marketing measures). We do not process special categories of personal data unless these are part of commissioned processing. Data subjects include our customers, prospects, their customers, users, website visitors or employees, as well as third parties. The purpose of the processing is to provide contractual services, billing and our customer service. The legal basis of the processing results from Article 6 para. 1 lit. b GDPR (contractual services), Article 6 para. 1 lit. f GDPR (analysis, statistics, optimisation, safety measures). We process data which is necessary to justify and fulfil the contractual services and point out the necessity of their disclosure. Disclosure to external parties only takes place if it is necessary within the framework of an order. When processing the data provided to us within the framework of an order, we act in accordance with the instructions of the client, as well as with the legal requirements of order processing pursuant to Article 28 GDPR and process the data for no other purpose than the order.

We delete the data after expiry of legal warranty and comparable obligations. The necessity of keeping the data is checked every three years; in the case of legal archiving obligations, the deletion takes place after its expiry (6 years, pursuant to §257 para. 1 HGB, 10 years in accordance with § 147 para. 1 AO). In the case of data disclosed to us within the scope of an order by the customer, we delete the data in accordance with the specifications of the order, generally after the end of the order.


Contractual services

We process the data of our contractual partners and interested parties as well as other principals, customers, clients, patrons or contractual partners (uniformly referred to as "contractual partners") in accordance with Article 6 para. 1 lit. b. GDPR to provide our contractual or pre-contractual services to them. The data processed here, the type, scope and purpose and the necessity of its processing, are determined by the underlying contractual relationship.

The data processed includes the master data of our contractual partners (e.g. names and addresses), contact data (e.g. email addresses and telephone numbers) as well as contract data (e.g. services used, contract contents, contractual communication, names of contact persons) and payment data (e.g. bank details, payment history).

We do not process special categories of personal data unless they are part of commissioned or contractual processing.

We process data which is necessary to justify and fulfil the contractual services and point out the necessity of its disclosure, unless this is evident for the contractual partners. It is only disclosed to external persons or companies if it is required within the framework of a contract. When processing the data provided to us within the framework of an order, we act in accordance with the instructions of the client as well as with the legal requirements.

When our online services are used, we may store the IP address and the time of the user action in question. The data is stored on the basis of our legitimate interests as well as the user's interests regarding protection against misuse and other unauthorised use. In principle, this data is not passed on to third parties unless it is necessary for the pursuit of our claims according to Article 6 para. 1 lit. f. GDPR there is a legal obligation to do so in accordance with the GDPR pursuant to Article 6 para. 1 lit. c GDPR.

The data will be deleted if the data is no longer required for the fulfilment of contractual or statutory duties of care or for the handling of any warranty or comparable obligations, whereby the necessity of storing the data is checked every three years; in all other respects, the statutory storage obligations apply.


Administration, financial accounting, office organisation, contact management

We process data within the framework of administrative tasks as well as the organisation of our company, financial accounting and compliance with legal obligations, e.g. archiving. In this regard, we process the same data that we process in the course of providing our contractual services. The bases of processing are Article 6 para. 1 lit. c. GDPR, Article 6 para. 1 lit. f. GDPR. Customers, prospective customers, business partners and website visitors are affected by the processing. The purpose of and our interest in the processing lies in administration, financial accounting, office organisation, archiving of data, namely, tasks which serve the maintenance of our business activities, performance of our tasks and provision of our services. The deletion of data with regard to contractual services and contractual communication corresponds to the tasks specified in these processing activities.

In this regard, we disclose or transmit data to tax authorities, consultants, such as tax consultants or auditors, as well as other fee offices and payment service providers.
Furthermore, we store information regarding suppliers, event organisers and other business partners on the basis of our business interests, e.g. for the purpose of making contact at a later date. In principle, we store this data, which is mainly company-related, permanently.

 
Business analyses and market research

In order to operate our business economically, to be able to recognize market tendencies, wishes of the contracting parties and users, we analyse the data available to us to business transactions, contracts, inquiries, etc. We process inventory data, communication data, contract data, payment data, usage data, metadata on the basis of Article 6 para 1 lit. f GDPR, whereby the persons concerned include contractual partners, interested parties, customers, visitors and users of our online offer.

The analyses are carried out for the purpose of business evaluations, marketing and market research. We can include the profiles of registered users with information, e.g. on the services they have used. The analyses help us to improve user-friendliness, the optimisation of our offer and our competitiveness. The analyses serve us alone and are not disclosed externally, unless they are anonymous analyses with summarised values.
If these analyses or profiles are personal, they will be deleted or made anonymous upon user termination, otherwise after two years from the conclusion of the contract. Macroeconomic analyses and general trend determinations are also prepared anonymously wherever possible.


Microsoft cloud services

We use the cloud and the cloud software services offered by Microsoft  (so-called software as a service, e.g. Microsoft Office) for the following purposes: document storage and management, calendar management, email dispatch, spreadsheets and presentations, exchange of documents, content and information with certain recipients or publication of websites, forms or other content and information as well as chats and participation in audio and video conferences.

Personal data of the users is processed insofar as it become part of the documents and content processed within the services described or are part of communication processes. This can include, for example, master data and contact data for users, data on processes, contracts, other processes and their content. Microsoft also processes usage data and metadata; which Microsoft uses for security purposes and service optimization.
As part of the use of publicly accessible documents, websites or other content, Microsoft can save cookies on the user's computer for the purposes of web analysis or to remember user settings.

We use the Microsoft cloud services based on our legitimate interests in accordance with Article 6 para. 1 lit. f GDPR in efficient and secure administrative and collaboration processes. Furthermore, the processing is based on an order processing contract with Microsoft.

Further information can be found in Microsoft's Privacy Policy  (https://privacy.microsoft.com/de-de/privacystatement) and the security information for Microsoft cloud services (https://www.microsoft.com/de-de/trustcenter). You can object to the processing of your data in the Microsoft Cloud according to the legal requirements. Incidentally, the deletion of the data within Microsoft's cloud services is determined by the other processing processes in which the data is processed (e.g., deletion no longer required for contractual purposes or storage for data required for taxation purposes).

Microsoft cloud services are provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA. Insofar as data is processed in the USA, we refer to Microsoft's certification under the Privacy Shield (https://www.privacyshield.gov/participant?id=a2zt0000000KzNaAAK&status=Active).
 

Data protection information in the application process

We process the applicant's data only for the purpose and in the context of the application procedure in accordance with the legal requirements. The processing of the applicant's data takes place in order to fulfil our (pre)contractual obligations in the context of the application procedure within the meaning of Article 6 para. 1 lit. b. GDPR, Article 6 para. 1 lit. f. GDPR, provided data processing becomes necessary for us, e.g. within the framework of legal procedures (in Germany §26 Federal Data Protection Act applies in addition).

The application procedure requires that applicants provide us with their data. If we offer an online form, the necessary applicant data is marked, and otherwise results from the job descriptions and in principle includes information about the person, postal and contact addresses and the documents associated with the application, such as cover letter, curriculum vitae and certificates. In addition, applicants may voluntarily provide us with additional information.

By submitting the application to us, applicants agree to the processing of their data for the purposes of the application procedure in accordance with the type and scope set out in this Privacy Policy .

Insofar as special categories of personal data are provided within the meaning of Article 9 para. 1 GDPR, it shall also be processed in accordance with Article 9 para. 2 lit. b GDPR (e.g. health data, e.g. severely disabled status or ethnic origin). Insofar as special categories of personal data within the meaning of Article 9 para. 1 GDPR are requested from applicants during the application procedure, this is additionally processed in accordance with Article 9 para. 2 lit. a GDPR (e.g. health data, if these is necessary for the exercise of the profession).

If provided, applicants can send us their applications using an online form on our website. The data is encrypted and transmitted to us in accordance with the state of the Article
Applicants can also send us their applications via email. Please note, however, that emails are generally not sent in encrypted form and that the applicants themselves must ensure that they are encrypted. We cannot therefore accept any responsibility for the transmission of the application from the sender and to its receipt on our server and therefore recommend that the online form or post is used instead. Instead of applying via the online form and email, applicants still have the option to send us the application by post.

If the application is successful, the data provided by the applicants can be further processed by us for the purpose of employment. Otherwise, if the application for a job offer is not successful, the applicants' data will be deleted. Applicants' data will also be deleted if an application is withdrawn, which the applicants are entitled to do at any time.

The deletion will take place after a period of six months, reserving the justified withdrawal by the applicant, so that we can answer any follow-up questions regarding the application and meet our obligations under the Equal Treatment Act. Invoices for any reimbursement of travel expenses are archived in accordance with tax regulations.


Making contact

When contacting us (e.g. by contact form, email, telephone or via social media), the user's details are processed for the handling of the contact enquiry accordance with Article 6 para. 1 lit. b. (in the context of contractual/pre-contractual relationships), Article 6 para. 1 lit. f. (other requests) GDPR. User information can be stored in a Customer Relationship Management System ("CRM system") or comparable enquiry organisation system.

We delete the enquiries if they are no longer necessary. We review this necessity every two years; the statutory archiving obligations also apply.

Hosting and email delivery

The hosting services we use serve to provide the following services: infrastructure and platform services, computing capacity, storage space and database services, email delivery, security services and technical maintenance services that we use for the purpose of operating this online offering.

Hereby we or our hosting provider process inventory data, contact data, content data, contract data, usage data, meta data and communication data of customers, potential customers and visitors to this online offering on the basis of our legitimate interests in an efficient and secure provision of this online offering according to Article 6 para. 1 lit. f GDPR in conjunction with Article 28 GDPR (fulfilment of order processing agreement).


Collection of access data and log files

We, or our hosting provider, collect data on the basis of our legitimate interests within the meaning of Article 6 para. 1 lit. f. GDPR regarding each access to the server on which this service is located (known as server log files). Access data includes the name of the requested website, file, date and time of access, amount of data transferred, report whether the site was successfully retrieved, browser type and version, the user's operating system, the referrer URL (the site visited before coming to our site), the user's IP address, and the requesting Internet service provider.
Log file information is stored for a maximum of seven days for security reasons (e.g. to investigate misuse or fraud) and then deleted. Data which must be retained as potential evidence is not deleted until the relevant incident has been ultimately clarified.

Google Tag Manager

Google Tag Manager is a solution that allows us to manage so-called website tags through a single interface (including integrating Google Analytics and other Google marketing services into our website). The Tag Manager itself (which implements the tags) does not process any personal user data. With regard to the processing of users' personal data, reference is made to the following information on the Google services. Usage Policy: https://www.google.com/intl/de/tagmanager/use-policy.html


Google Analytics

We use Google Analytics, a web analytics service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google uses cookies. The information generated by the cookie about the user's use of the website is generally transmitted to and stored on a Google server in the USA.

On our behalf, Google will use this information to analyse the use of our website by users, to compile reports on activities on this website, and to provide us with other services related to the use of this website and the Internet. Pseudonymous usage profiles of users may be created from the processed data in this respect.

We only use Google Analytics with IP anonymisation activated. This means that the IP address of the user is truncated by Google within the member states of the European Union or in other countries that are party to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address sent to a Google server in the US and shortened there.

The IP address sent by your browser will not be associated with other data held by Google. The user may refuse the use of cookies by selecting the appropriate settings in their browser; the user can also prevent Google from collecting the data generated by the cookie regarding your use of the contents data and the processing of this data by Google by downloading and installing the browser plugin available via the following link: http://tools.google.com/dlpage/gaoptout?hl=de

If we ask the users for their consent (e.g. in the context of a cookie consent), the legal basis for this processing is Article 6 para. 1 lit. a GDPR. Otherwise users' personal data is processed based on our legitimate interests (i.e. interest in the analysis, optimisation, and economical operation of our website in accordance with Article 6 para. 1 lit. f) GDPR.

As far as data is processed in the USA, we would like to point out that Google is certified under the Privacy Shield Agreement and thereby guarantees that it will comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

Further information on data use by Google, setting and objection options, can be found in Google's data protection policy (https://policies.google.com/privacy) and in the settings for the display of advertisements by Google (https://adssettings.google.com/authenticated).

Users' personal data will be deleted or made anonymous after 14 months.

 
Target group formation with Google Analytics

We also use Google Analytics to display advertisements placed by Google and its partners within advertising services only to users who have also shown an interest in our website or who have certain characteristics (e.g. interest in certain topics or products that are determined by the websites visited) that we transmit to Google (known as "remarketing" or "Google Analytics audiences"). With the help of remarketing audiences, we would also like to ensure that our advertisements correspond to the potential interest of users.
 

Google Adsense with personalised ads

We use the services of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

We use the AdSense service, which is used to display ads on our website and of which their insertion or other use we receive payment. For these purposes, usage data such as the click on an advertisement and the IP address of the user are processed, whereby the IP address is shortened by the last two digits. Therefore, the processing of the user's data is pseudonymised.

We use Adsense with personalized ads. Google uses the websites visited by users or the apps used, and the user profiles created in this way to draw conclusions about their interests. Advertisers use this information to align their campaigns with these interests, which is beneficial for users and advertisers alike. For Google, ads are personalized when collected or known information determines or affects ad selection. These include past searches, activities, site visits, use of apps, demographic and location information, and more. Specifically, this includes demographic targeting, targeting on interest categories, remarketing, and targeting on customer match lists and target group lists uploaded to DoubleClick Bid Manager or Campaign Manager.

If we ask the users for their consent (e.g. in the context of a cookie consent), the legal basis for this processing is Article 6 para. 1 lit. a GDPR. Otherwise users' personal data is processed based on our legitimate interests (i.e. interest in the analysis, optimisation, and economical operation of our website in accordance with Article 6 para. 1 lit. f) GDPR.

As far as data is processed in the USA, we would like to point out that Google is certified under the Privacy Shield Agreement and thereby guarantees that it will comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

Further information on data use by Google, setting and objection options, can be found in Google's data protection policy (https://policies.google.com/technologies/ads) and in the settings for the display of advertisements by Google (https://adssettings.google.com/authenticated).


Google Adsense with non-personalised ads

We use the services of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

We use the AdSense service, which is used to display ads on our website and of which their insertion or other use we receive payment. For these purposes, usage data such as the click on an advertisement and the IP address of the user are processed, whereby the IP address is shortened by the last two digits. Therefore, the processing of the user's data is pseudonymised.

We use Adsense with non-personalized ads. The ads are not displayed based on user profiles. Non-personalized ads are not based on past user behaviour. In the course of targeting, contextual information is used, including a rough (e.g. at the location level) geographic targeting based on the current location, the content on the current website or the app as well as current search terms. Google prevents any personalized targeting, including demographic targeting and targeting based on user lists.

If we ask the users for their consent (e.g. in the context of a cookie consent), the legal basis for this processing is Article 6 para. 1 lit. a GDPR. Otherwise users' personal data is processed based on our legitimate interests (i.e. interest in the analysis, optimisation, and economical operation of our website in accordance with Article 6 para. 1 lit. f) GDPR.

As far as data is processed in the USA, we would like to point out that Google is certified under the Privacy Shield Agreement and thereby guarantees that it will comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

Further information on data use by Google, setting and objection options, can be found in Google's data protection policy (https://policies.google.com/technologies/ads) and in the settings for the display of advertisements by Google (https://adssettings.google.com/authenticated).


Google AdWords and Conversion Measurement

We use the online marketing process Google "AdWords" to place ads on the Google Advertising Network (e.g., in search results, videos, on websites, etc.) to show them to users who may find the ads interesting. This allows us to display ads for and within our online offer more specifically in order to only present ads that potentially correspond to the user’s interests. For example, if a user sees ads for products he has been interested in on other websites, this is referred to as "re-marketing". For these purposes, when the user accesses our and other websites on which Google marketing services are active, Google directly executes a Google code, and (re)marketing tags (invisible graphics or code, also known as "web beacons") are integrated into the website. These store a unique cookie (a small file) on the user's device. Comparable technology may also be used instead of cookies. This file keeps a record of which websites the user visited, which contents he is interested in and which offers he has clicked on, as well as technical information about the browser and operating system, referring websites, visiting time and further information about the use of the website.

We also receive an individual "conversion cookie". The information collected with the help of cookies is used by Google to generate conversion statistics for us. However, we only see the total number of anonymous users who clicked on our ad and were redirected to a page with a conversion tracking tag. We do not obtain any information that can be used to identify users personally.
User data is processed pseudonymously within the Google advertising network. This means that Google does not store and process the names or email addresses of users, for example, but processes the relevant data cookie-related within pseudonymous user profiles. This means that, from Google's point of view, the ads are not managed and displayed for a specifically identified person, but for the cookie holder, regardless of who this cookie holder is. This does not apply if a user has expressly permitted Google to process the data without this pseudonymisation. The information collected about users is transmitted to Google and stored on Google's servers in the USA.

If we ask the users for their consent (e.g. in the context of a cookie consent), the legal basis for this processing is Article 6 para. 1 lit. a GDPR. Otherwise users' personal data is processed based on our legitimate interests (i.e. interest in the analysis, optimisation, and economical operation of our website in accordance with Article 6 para. 1 lit. f) GDPR.

As far as data is processed in the USA, we would like to point out that Google is certified under the Privacy Shield Agreement and thereby guarantees that it will comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
Further information on data use by Google, setting and objection options, can be found in Google's data protection policy (https://policies.google.com/technologies/ads) and in the settings for the display of advertisements by Google (https://adssettings.google.com/authenticated).


Online social media presence

We maintain online presences on social networks and platforms in order to communicate with active customers, interested parties, and users and to inform them about our services.
We would like to point out that this might cause user data to be processed outside the European Union, which can pose risks for users because this might hinder the enforcement of users' rights, for example. With regard to US providers certified under the Privacy Shield, we would like to point out that they commit themselves to comply with EU data protection standards.

Furthermore, user data is generally processed for market research and advertising purposes. Thus, for example, user profiles can be created from the user behaviour and the associated user interests. The usage profiles can in turn be used, for example, to display advertisements that presumably correspond to the interests of the users both within and outside of the platforms. For these purposes, cookies are usually stored on the user's computer, in which the user's usage behaviour and interests are stored. Furthermore, data can also be stored in user profiles separate from the devices used by the users (especially if the users are members of the respective platforms and are logged in).

The processing of users' personal data is carried out on the basis of our legitimate interests to effectively offer users information and communicate with users. Article 6 para. 1 lit. f GDPR. If the users are asked by the respective providers of the platforms for consent to the above-mentioned data processing, the legal basis of the processing is Article 6 para. 1 lit. a and Article 7 GDPR.

For a detailed description of the respective processing and the possibilities of objection (opt-out), we refer to the information provided by the providers linked below.
We would like to point out that requests for information and the assertion of user rights are also directed most effectively to the providers. Only the providers have access to the user data and can directly take appropriate measures as well as provide information. If you still need further assistance, you can contact us.

 

Integration of third-party services and content

On the basis of our legitimate interests (i.e. interest in the analysis, optimisation, and economic operation of our website within the meaning of Article 6 para. 1 lit. f. GDPR), we include content or service offerings from third parties so that we can incorporate their content and services, such as videos or fonts (hereinafter uniformly referred to as "content").

This always presupposes that the third-party providers of this content can see the IP address of users, since without the IP address they would not be able to send the content to the users' browsers. The IP address is therefore necessary in order to display this content. We strive only to use content from providers who use the IP address to deliver content, and for nothing else. Third-party providers may also use "pixel tags" (invisible graphics, also known as "web beacons") for statistical or marketing purposes. "Pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may include technical information about the browser and operating system, referring websites, visiting time, and other information about the use of our website. It may also be linked to such information from other sources.


Google Fonts

We integrate the fonts ("Google Fonts") from the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. According to Google, the user data is used solely for the purpose of displaying the fonts in the user's browser. The integration takes place on the basis of our legitimate interests in a technically safe, maintenance-free and efficient use of fonts, their uniform representation and consideration of possible licensing restrictions for their integration. Privacy Policy: https://www.google.com/policies/privacy/ 


Instagram

Within our online offer, functions and contents of the Instagram service, offered by Instagram Inc, 1601 Willow Road, Menlo Park, CA, 94025, US, can be integrated. This may include, for example, content such as images, videos, or texts and buttons that users can use to share content from this online offer within Instagram. If the users are members of the Instagram platform, Instagram can assign the calling up of the above content and functions to the users' profiles there. Instagram Privacy Policy: http://instagram.com/about/legal/privacy/

Xing

Within our website, functions and contents of the Xing service offered by XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany, can be integrated into our online offer. This may include, for example, content such as images, videos, or texts and buttons that users can use to share content from this online offer within Xing. If the users are members of the Xing platform, Xing can assign the calling up of the above content and functions to the users' profiles there. Xing Privacy Policy: https://privacy.xing.com/de/datenschutzerklaerung 


LinkedIn

Within our online offer, functions and contents of the LinkedIn service, offered by LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland, can be integrated. This may include, for example, content such as images, videos, or texts and buttons that users can use to share content from this online offer within LinkedIn. If the users are members of the LinkedIn platform, LinkedIn can assign calling up the above content and functions to the users' profiles there. LinkedIn Privacy Policy : https://www.linkedin.com/legal/privacy-policy. LinkedIn is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European privacy legislation (https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active). Privacy Policy: https://www.linkedin.com/legal/privacy-policy, opt out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out 

Contact

Call-back service