In the following, we inform you about the collection of personal data when you use our website and when you contact us. Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behavior.
Responsible for compliance with the information obligations pursuant to Art. 13 and 14 GDPR and the other rights of data subjects as well as for dealing with any data protection violations is the INOMIC GmbH, represented by the CEO Serkan Arslan.
Address:
Altrottstrasse 31
69190 Walldorf
Germany
E-Mail: info@inomic-solutions.com
INOMIC GmbH
Local Court Mannheim HRB753133 / VAT ID No.: DE451397111
You can contact our data protection officer by post at address Kaiserstraße 95-101a, 66133 Saarbrücken, Germany with the addition “Data Protection Officer” or by e-mail at datenschutz@ra-wiesen.de.
When you use our website for information purposes only, i.e. even if you do not actively provide us with further information, so-called server log files are automatically recorded, such as your IP address, the web browser and operating system you use, the domain name of your Internet provider and other data.
This serves the purposes of a smooth connection setup, the corresponding usability and the stability and security of the websites and is based on our legitimate interest in improving the stability and functionality of our websites in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.
The recipients of the data may be technical service providers for the operation and maintenance of our websites who work for us on our behalf in accordance with Art. 28 GDPR.
The data is generally deleted at the end of the respective session, as it is then generally no longer required for the stated purposes.
Our websites are hosted by the external service provider Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany (provider). The personal data collected during use is stored on the provider’s servers. This may include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses and other data generated via a website. The provider is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f GDPR). Our provider will only process your data to the extent necessary to fulfill its performance obligations and will follow our instructions with regard to this data. In order to ensure data protection-compliant processing, we have concluded an order processing contract with our provider.
This serves the purposes of a smooth connection setup, the corresponding usability and the stability and security of the websites and is based on our legitimate interest in improving the stability and functionality of our websites in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.
The recipients of the data may be technical service providers for the operation and maintenance of our websites who work for us on our behalf in accordance with Art. 28 GDPR.
The data is generally deleted at the end of the respective session, as it is then generally no longer required for the stated purposes.
We use the cookie plugin CookieYes GDPR Cookie Consent. This processes the date and time of the visit, browser information, consent information, device information and the IP address of the requesting device. The legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR (legitimate interest). Obtaining and managing legally required consents is to be regarded as a legitimate interest within the meaning of the aforementioned provision. Consents and revocations are stored for a period of one week.
As part of certain processing of personal data that takes place when using our website, data may be transferred to the USA or to servers of US companies. When this is the case or at least cannot be ruled out, we will always inform you in the following statements. In each case, we base the transfer on the EU Commission’s adequacy decision on the EU-US Data Privacy Framework (DPF), provided that the data importers are certified in accordance with this, and alternatively on the EU Commission’s standard contractual clauses.
On our website you will find forms for individual communication (e.g. to contact us, request a callback). If you make use of these forms, the data entered in the input mask will be transmitted to us and stored. This data typically includes names, addresses, e-mail addresses, telephone numbers and any other information you provide to us.
The legal basis for the processing of data transmitted to us via the contact form is generally Art. 6 para. 1 lit. f GDPR, as the purpose pursued and our legitimate interest is to simply contact you and process your request.
Insofar as the contact is aimed at the conclusion of a contract, Art. 6 para. 1 lit. b GDPR (“pre-contractual measure”) is the legal basis for the processing.
The recipients of your data are the service providers we have integrated in compliance with data protection regulations. On the one hand, our websites are maintained by such service providers; on the other hand, service providers may receive your data if this is necessary to fulfill their respective services.
The data will be deleted no later than 6 months after the matter in question has been conclusively clarified. If there is a contractual relationship, the statutory retention periods apply, according to which your data will be deleted after 6 or 10 years.
If you contact us by e-mail or telephone, we will store and process your inquiry, including all personal data (name, inquiry), for the purpose of processing your request. We will not pass on this data without your consent.
This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the inquiries addressed to us (Art. 6 para. 1 lit. f GDPR).
The data sent will remain with us until you ask us to delete it or the purpose for storing the data no longer applies (e.g. after your request has been processed). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.
We use online conferencing tools, among other things, to communicate with our customers. If you communicate with us via video conference, your personal data will be collected and processed by us and the provider of the conference tool. The conferencing tools collect all data that you provide/enter to use the tools (e-mail address and/or your telephone number). The conferencing tools also process the duration of the conference, the start and end (time) of participation in the conference, the number of participants and other “contextual information” in connection with the communication process (metadata).
Furthermore, the provider of the tool processes all technical data that is required to process the online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or loudspeaker and the type of connection.
If content is exchanged, uploaded or otherwise made available within the tool, it is also stored on the tool provider’s servers. Such content includes, in particular, cloud recordings, chat/instant messages, voicemails, uploaded photos and videos, files, whiteboards and other information that is shared while using the service.
Please note that we do not have full control over the data processing procedures of the tools used. Our options are largely determined by the company policy of the respective provider. Further information on data processing by the conference tools can be found in the privacy policies of the tools used, which we have listed below this text.
Conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6 para. 1 lit. b GDPR). Furthermore, the use of the tools serves the general simplification and acceleration of communication with us or our company (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). If consent has been requested, the tools in question are used on the basis of this consent; consent can be withdrawn at any time with effect for the future.
The data collected directly by us via the conference tool will be deleted from our systems as soon as you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Stored cookies remain on your end device until you delete them. Mandatory statutory retention periods remain unaffected.
We have no influence on the storage period of your data, which is stored by the operators of the conference tools for their own purposes. For details, please contact the operators of the conference tool directly.
We prefer to use Microsoft Teams as a conference tool. Details on data processing can be found here: https://learn.microsoft.com/de-de/microsoftteams/rooms/data-and-privacy-info
If personal data is transferred to the USA or to servers of US companies in this context, we base this on the EU Commission’s adequacy decision on the EU-US Data Privacy Framework (DPF) on the EU Commission’s standard contractual clauses as the legal basis.
If you subscribe to our e-mail newsletter, we will send you regular information about our offers. The only mandatory information for sending the newsletter is your e-mail address. The provision of further data is voluntary and is used to address you personally.
For the dispatch of newsletters we use HubSpot (2nd Floor 30 North Wall Quay, Dublin 1, Ireland), with whom we have concluded a data processing agreement. This enables us to organize the sending of newsletters and analyze newsletter campaigns. During the analysis, we can see, for example, whether a newsletter message has been opened and which links, if any, have been clicked on. We can also see whether certain predefined actions were carried out after opening/clicking (conversion rate). For example, we can see whether you have made a purchase or similar after clicking on the newsletter.
The service provider also enables us to subdivide (“cluster”) the newsletter recipients according to various categories. The newsletter recipients can be subdivided according to age, gender or place of residence, for example. In this way, the newsletters can be better adapted to the respective target groups.
Data processing takes place on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time by unsubscribing from the newsletter directly on the website or by using the link contained in every newsletter message.
The legality of the data processing operations already carried out remains unaffected by the revocation.
The data you provide us with for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and deleted from the distribution list after you unsubscribe from the newsletter. Data stored by us for other purposes remains unaffected by this.
After you unsubscribe from the distribution list, your e-mail address will be stored in a so-called blacklist to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). Storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.
If you have provided us with your e-mail address when purchasing goods or services, we reserve the right (provided you have not initially objected to this) to regularly send you offers for similar goods or services, such as those already purchased, from our range by e-mail, in particular in the form of a newsletter. In accordance with Section 7 (3) UWG, we do not need to obtain separate consent from you for this. Data processing is carried out on the basis of our legitimate interest in personalized direct advertising in accordance with Art. 6 para. 1 lit. f GDPR. However, you can object to the corresponding use of your email address at any time with effect for the future by sending us a brief message. Upon receipt of your objection, the use of your e-mail address for advertising purposes will be discontinued immediately.
You must register to participate in our webinars and other events. To do so, we require the following information from you: first and last name, email address, and telephone number, if applicable.
We need this data to send you the access data and to identify you. We process this data on the basis of Art. 6 para. 1 sentence 1 lit. b GDPR to fulfill our contractual obligation. We will also use your e-mail address to subsequently send you documents relating to the webinar you attended.
When registering for the webinar, you have the option of consenting to the sending of advertising on the basis of Art. 6 para. 1 lit. a GDPR. We will then use your e-mail address and your first and last name to send you advertising.
We use the Microsoft Teams product for webinars. Information on data protection can be found here: Data protection notice – Microsoft data protection
If personal data is transferred to the USA or to servers of US companies in this context, we base this on the EU Commission’s adequacy decision on the EU-US Data Privacy Framework (DPF) on the EU Commission’s standard contractual clauses as the legal basis. If you have consented to being contacted for advertising purposes, we will store your email address and your first and last name until you withdraw your consent.
Our website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties. Nevertheless, we would like to point out that data transmission on the Internet (especially when communicating by e-mail) can have security gaps.
We use so-called cookies when you use our website. These are small text files that are stored on your end device. Cookies cannot execute programs or transmit viruses to your end device.
Certain, so-called transient cookies are automatically deleted when you log out or close the browser. Other, so-called persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie.
Certain cookies are necessary to make the websites more user-friendly, effective and simple. For example, some website functions require that your browser can be identified even after a page change. It is also necessary to save the settings you have selected with regard to the use of technically unnecessary cookies.
The use of cookies in this respect is based on Section 25 (2) (2) TDDDG and Art. 6 (1) (f) GDPR on the basis of our legitimate interest in a user-friendly design of our website.
If necessary, such data will be passed on to technical service providers if they act as processors for the operation and maintenance of our websites in accordance with Art. 28 GDPR.
The storage period is usually a maximum of one year from the last visit to the respective website.
Cookies also serve to better tailor our offer to your interests or to generally improve it on the basis of statistical evaluations. The legal basis for this processing is your consent, Art. 6 para. 1 lit. a GDPR.
We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Google Tag Manager is a tool that enables us to integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create any user profiles, does not store any cookies and does not carry out any independent analyses. It is only used to manage and display the tools integrated via it. However, Google Tag Manager records your IP address, which may also be transferred to Google’s parent company in the United States. The legal basis for this is the EU Commission’s adequacy decision on the EU-US Data Privacy Framework (DPF) and the EU Commission’s standard contractual clauses.
The use of Google Tag Manager is based on your consent in accordance with Art. 6 (1) (a) GDPR and § 25 (1) TDDDG, insofar as the consent includes the storage of cookies or access to information on the user’s end device (e.g., device fingerprinting) within the meaning of the TDDDG; consent can be revoked at any time.
This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics enables us to analyze the behavior of website visitors. We receive various usage data, such as page views, length of visit, operating systems used and origin of the user. This data is summarized in a user ID and assigned to the respective end device of the website visitor.
We can also use Google Analytics to record your mouse and scroll movements and clicks, among other things. Google Analytics also uses various modeling approaches to supplement the collected data records and uses machine learning technologies for data analysis.
Google Analytics uses technologies that enable the recognition of the user for the purpose of analyzing user behavior (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is generally transmitted to a Google server in the USA and stored there.
The use of this analysis tool is based on Art. 6 (1) (a) GDPR and § 25 (1) TDDDG, insofar as consent includes the storage of cookies or access to information on the user’s terminal device (e.g., device fingerprinting) within the meaning of the TDDDG; consent can be revoked at any time.
If personal data is transferred to the USA or to servers of US companies in this context, we base this on the EU Commission’s adequacy decision on the EU-US Data Privacy Framework (DPF) on the EU Commission’s standard contractual clauses as the legal basis.
You can prevent the collection and processing of your data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de .
You can find more information on how Google Analytics handles user data in Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=de .
We have concluded an order processing contract with Google.
The website operator uses Google Ads. Google Ads is an online advertising program of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads enables us to display advertisements in the Google search engine or on third-party websites when the user enters certain search terms on Google (keyword targeting). Furthermore, targeted advertisements can be displayed based on the user data available at Google (e.g. location data and interests) (target group targeting). As the website operator, we can evaluate this data quantitatively by analyzing, for example, which search terms led to the display of our advertisements and how many advertisements led to corresponding clicks.
The use of Google Ads is based on Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s end device (e.g. device fingerprinting) within the meaning of the TDDDG; the consent can be revoked at any time.
Insofar as personal data is transferred to the USA or to servers of US companies in this context, we base this
US companies, we base this on the adequacy decision of the EU Commission on the EU-US Data Privacy Framework (DPF) on the
standard contractual clauses of the EU Commission as the legal basis.
Details can be found here: https://policies.google.com/privacy/frameworks and https://privacy.google.com/businesses/controllerterms/mccs/ .
This website uses the functions of Google Analytics Remarketing. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Remarketing analyzes your user behavior on our website (e.g. clicks on certain products) in order to classify you into certain advertising target groups and then display suitable advertising messages to you when you visit other online offers (remarketing or retargeting).
Furthermore, the advertising target groups created with Google Remarketing can be linked to Google’s cross-device functions. In this way, interest-based, personalized advertising messages that have been adapted to you depending on your previous usage and surfing behavior on one device (e.g. cell phone) can also be displayed on another of your devices (e.g. tablet or PC).
If you have a Google account, you can object to personalized advertising by clicking on the following link: https://www.google.com/settings/ads/onweb/.
The use of Google Remarketing is based on Art. 6 (1) (a) GDPR and § 25 (1) TDDDG, insofar as consent includes the storage of cookies or access to information on the user’s terminal device (e.g., device fingerprinting) within the meaning of the TDDDG; consent can be revoked at any time.
If personal data is transferred to the USA or to servers of US companies in this context, we base this on the adequacy decision of the EU Commission on the EU-US Data Privacy Framework (DPF) on the
standard contractual clauses of the EU Commission as the legal basis.
Further information and the data protection provisions can be found in Google’s privacy policy at https://policies.google.com/technologies/ads?hl=de.
This website uses Google Conversion Tracking. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
With the help of Google conversion tracking, Google and we can recognize whether the user has performed certain actions. For example, we can evaluate which buttons on our website were clicked how often and which products were viewed or purchased particularly frequently. This information is used to create conversion statistics. We find out the total number of users who have clicked on our ads and what actions they have taken. We do not receive any information with which we can personally identify the user. Google itself uses cookies or comparable recognition technologies for identification purposes.
The use of Google Conversion Tracking is based on Art. 6 para. 1 lit. a GDPR; consent can be revoked at any time.
If personal data is transferred to the USA or to servers of US companies in this context, we base this on the adequacy decision of the EU Commission on the EU-US Data Privacy Framework (DPF) on the
standard contractual clauses of the EU Commission as the legal basis.
You can find more information about Google Conversion Tracking in Google’s privacy policy: https://policies.google.com/privacy?hl=de.
Google reCAPTCHA is used on our website; the provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).
This is intended to check whether the data entry, e.g. in a contact form, is made by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent on the website by the website visitor or mouse movements made by the user). The data collected during the analysis is forwarded to Google.
Data processing is based on our legitimate interest in protecting our website from abusive automated spying and spam (Art. 6 para. 1 lit. f GDPR).
Further information about Google reCAPTCHA and Google’s privacy policy can be found at the following links: https://www.google.com/intl/de/policies/privacy/.
If personal data is transferred to the USA or to servers of US companies in this context, we base this on the adequacy decision of the EU Commission on the EU-US Data Privacy Framework (DPF) on the
standard contractual clauses of the EU Commission as the legal basis.
Our pages use so-called web fonts from Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly. To prevent personal data from being transmitted to Google’s servers in the USA, we have integrated Google Fonts locally.
Elements of social media are used on this website. You can usually recognize these by their respective logos. We ensure that the integrated social media elements do not transfer your personal data to the respective provider the first time you access the page. This may only happen if you have consented to this. You can give your consent via the settings of the cookie banner or by clicking on the button associated with the social media element, whereby the respective provider can receive the information that you have visited our website with your IP address. If you are logged into your respective social media account at the same time, the respective provider can assign the visit to this website to your user account.
You can revoke your consent at any time – by changing your cookie settings – with effect for the future.
For information on the handling of your data when using these services, please refer to the respective data protection notices:
Facebook: https://de-de.facebook.com/policy.php
Google and YouTube: https://policies.google.com/privacy
Xing: https://privacy.xing.com/de/datenschutzerklaerung
LinkedIn: https://www.linkedin.com/legal/privacy-policy
Instagram: https://help.instagram.com/519522125107875
Your personal data will not be transferred to third parties for purposes other than those mentioned above. In summary, we will only pass on your personal data to third parties if you have consented to this in accordance with Art. 6 para. 1 S. 1 lit. a GDPR, you have given your consent in accordance with Art. 6 para. 1 S. 1 lit. b GDPR is required for the processing of contractual relationships with you, this is necessary to safeguard our legitimate interests pursuant to Art. 6 para. 1 S. 1 lit. f GDPR (e.g. for the assertion, exercise or defense of legal claims or in the context of advertising measures) and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data or if there is a legal obligation pursuant to Art. 6 para. 1 S. 1 lit. c GDPR for disclosure exists.
With regard to the personal data concerning you, you have the following rights vis-à-vis us, which you can generally claim without any formal requirements (e.g. at datenschutz@n4.de or our postal address – preferably with the subject “Data subject rights”).
Rights to information, rectification, erasure, restriction and data portability
Every data subject has the right of access under Art. 15 GDPR, the right to rectification under Art. 16 GDPR, the right to erasure under Art. 17 GDPR, the right to restriction of processing under Art. 18 GDPR and the right to data portability under Art. 20 GDPR.
Restrictions apply to the right to information and the right to erasure in accordance with Sections 34 and 35 BDSG.
Right to object under Art. 21 GDPR
Insofar as we base the processing of your personal data on a balancing of interests, you can object to the processing. Our legitimate interests generally consist of responding to inquiries, carrying out direct marketing measures, providing services and/or information intended for you, processing and transferring personal data for internal or administrative purposes, operating and managing our websites, providing technical support, preventing and detecting fraud and criminal offenses, and ensuring network and data security.
When exercising an objection, we ask you to explain your interests, which in your opinion outweigh ours. In the event of your justified objection, we will either cease or adapt the data processing or demonstrate to you our compelling legitimate grounds on the basis of which we will continue the processing.
If you object to the processing of our direct advertising (based on legitimate interests), no further explanation of reasons is required on your part; further processing will then cease without further ado.
You can withdraw your consent to the processing of personal data at any time. This also applies to the revocation of declarations of consent given to us before the General Data Protection Regulation came into force, i.e. before May 25, 2018. Please note that the revocation is only effective for the future. Processing that took place before the revocation is not affected.
Finally, you have the right to complain to a data protection supervisory authority about the processing of your personal data by us.
We take appropriate technical and organizational measures in accordance with Art. 32 GDPR, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, to ensure a level of security appropriate to the risk.
The measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical access to the data, as well as the access, input, disclosure, safeguarding of availability and its separation. Furthermore, we have established procedures that guarantee the exercise of data subject rights, the deletion of data and the response to data threats. Furthermore, we take the protection of personal data into account as early as the development and selection of hardware, software and procedures, in accordance with the principle of data protection through technology design and data protection-friendly default settings (Art. 25 GDPR).
As a precaution, we would like to point out that data transmission over the Internet (especially when communicating by e-mail) can have security gaps.
To present our companies and communicate directly with you, we use social media platforms from providers such as LinkedIn, Instagram and others (hereinafter referred to as providers), through which we maintain our presence (e.g. in the context of company and employee profiles) and process your data.
If data is collected on our website that both the provider and we process and use for joint purposes (e.g. in the context of analysis or advertising), the operator and we are jointly responsible. It is often not possible for us to deactivate this function. You can therefore contact both the respective provider and us with your request. We currently use the following providers:
LinkedIn (including LinkedIn Sales Navigator) of LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland;
Facebook (including Facebook Business Manager) of Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland;
Instagram of Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland;
YouTube and Google My Business of Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland;
Xing by New Work SE, Dammtorstraße 30, 20354 Hamburg.
Below you will find the links to the data protection declarations and information of the respective providers:
LinkedIn: https://www.linkedin.com/legal/privacy-policy?_l=de_DE
Facebook: https://de-de.facebook.com/policy.php
Instagram: https://de-de.facebook.com/help/instagram/155833707900388
Google: https://policies.google.com/privacy?hl=de
Xing: https://privacy.xing.com/de/datenschutzerklaerung
If you have any concerns, you can also contact the following data protection officers of the respective providers:
LinkedIn: https://www.linkedin.com/help/linkedin/ask/TSO-DPO
Facebook: https://www.facebook.com/help/contact/540977946302970
Instagram: https://www.facebook.com/help/contact/540977946302970
Google: https://support.google.com/policies/contact/general_privacy_form
You can visit our website without providing any personal data. If you only use our website for information purposes, i.e. if you do not register or otherwise provide us with information about yourself, we do not process any personal data, with the exception of the data that the operator collects and transmits to us within the scope of the cookies it uses.
For the purpose of analyzing and tracking the use of its social media platform and our website, the provider uses cookies that enable an evaluation of your surfing behavior. This allows us to improve the quality of the platform and our website and their content. We learn how the platform and the website are used and can thus constantly optimize our offer.
However, we have no influence on the data collected and data processing procedures, nor are we aware of the full extent of the data collection, the exact purposes of the processing or the storage periods. We also have no information on the deletion of the data collected by the platform operator.
Web analysis is the collection, compilation and evaluation of data about the behavior of visitors to websites. Among other things, a web analysis service collects data about the website from which a data subject came to a website (so-called referrer), which subpages of the website were accessed or how often and for how long a subpage was viewed. Web analysis is regularly used to optimize a website and for the cost-benefit analysis of Internet advertising. It may also happen that the information obtained as part of the analysis and tracking of our website is merged with your other data collected when you use the website and the platform. If you register on the platform, the operator may link data relating to your platform activities with your personal details (e.g. name/email address) on the basis of your consent, thus collecting personal data and informing you individually and in a targeted manner about your preferred topics, among other things.
We can only influence the statistics provided to us by the platform operator to a limited extent and cannot switch them off. However, we make sure that no additional optional statistics are made available to us.
We process your personal data on the legal basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR, which you gave to the provider when registering for the respective social media platform.
In addition to the purely informational use of our website, you can also actively use our website to contact us. In addition to the processing of your personal data described above in the case of purely informational use, we will then also process other personal data from you that we require, for example, to process your inquiry. This also applies in the event that we actively use the website, e.g. to contact you on your own initiative or to initiate business contacts with you.
a) Sharing, publishing and interacting with posts, reviews, photos, etc.
You can comment on, share or otherwise interact with (like, recommend, review, etc.) posts, photos, videos, etc. created by us on the provider’s platform and on our website. We may share your content on our website if this is a function of the provider’s platform and communicate with you via the platform. Public messages etc. may be published by the operator, but will not be used or processed by us for other purposes at any time.
In the case of reviews, we may publish a response (e.g. to clarify a problem, goodwill actions, etc.) to your message and ask you to contact us again. The personal data you voluntarily publish in the review may be processed in the process. Otherwise, we only reserve the right to delete content if this should be necessary.
We process your personal data to protect our legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR. Data processing is carried out in the interests of our public relations work and communication.
b) User requests
In order to process your inquiries to us, e.g. via contact forms, a chat or our e-mail address, to answer them specifically and to provide you with the requested information, we process the personal data you provide in this context. This includes your contact details in order to send you an answer or to make any necessary queries, as well as any other information that you send us in this context.
If you send us an inquiry via the platform, we may also refer you to other, secure communication channels that guarantee confidentiality, depending on the required response. You always have the option of sending us confidential inquiries to the address given in our legal notice or in this privacy policy. We may contact you electronically, by telephone or by post, depending on the subject of the inquiry and the necessity.
We process your personal data to respond to user inquiries, requests for materials, etc. on the basis of the following legal bases:
to safeguard our legitimate interests in accordance with Art. 6 para. 1 S. 1 lit. f GDPR; our legitimate interest lies in the appropriate response to or execution of customer inquiries; if the inquiry is aimed at the conclusion of a contract, the additional legal basis is Art. 6 para. 1 lit. b GDPR; with your consent in the context of using the live chat, Art. 6 para. 1 lit. a GDPR.
c) Active use of social media by us
We also actively use our presence on business-oriented platforms such as LinkedIn and associated tools such as the LinkedIn Sales Navigator to approach, communicate or initiate business contacts with you and to receive your application.
For this purpose, we process the data provided to us by the respective platform. In particular, this may include your name, your employer, your position with your employer, your education and other contacts on the respective platform. Depending on the type of contact with you, further data, such as the specific business relationship or the content of the communication with you, may be processed by us. In this case, we may also transfer your data to our CRM system and merge or link it with your data already stored there.
We process your personal data to address, communicate or initiate business contacts with you (including via our CRM) on the basis of the following legal bases:
your consent in accordance with Art. 6 para. 1 lit. a GDPR, which you provided to the provider when registering for the respective social media platform, insofar as it concerns your platform user data (name, employer, position, usage behavior on the platform, etc.); for the performance of a contract or for the implementation of pre-contractual measures pursuant to Art. 6 para. 1 lit. b GDPR, provided that we already have a business relationship with you or are taking pre-contractual measures via the platform based on your request (e.g., further contact or communication);
to safeguard our legitimate interests in accordance with Art. 6 para. 1 S. 1 lit. f GDPR; our legitimate interest lies in appropriately addressing, communicating with, or initiating business contacts with you for the purpose of establishing, conducting, maintaining, or terminating a business relationship with you.
When you apply to us, we collect the information you provide to us, in particular your name, address, date of birth, telephone numbers, nationality, e-mail address, image data (passport photo), data on school education and professional qualifications, assessments and job references, information on reliability, health data (if relevant, e.g. in the case of a severe disability).
The purposes of processing are to initiate and decide on the establishment of employment relationships.
The legal basis for the processing of your personal data in this application procedure is primarily Art. 6 para. 1 lit. b) GDPR; according to this, the processing of data required in connection with the decision on the establishment of an employment relationship is permitted.
Should the data be required for legal prosecution after completion of the application process, data processing may be carried out on the basis of the requirements of Art. 6 GDPR, in particular to safeguard legitimate interests in accordance with Art. 6 para. 1 lit. f) GDPR. Our interest then lies in the assertion of or defense against claims.
If special categories of personal data within the meaning of Art. 9 GDPR are processed (e.g. health data), the legal basis is § 26 para. 3 BDSG or Art. 9 para. 2 lit. b) GDPR in conjunction with Art. 6 para. 1 lit. b) GDPR.
If we should or wish to use your data for other purposes (e.g. for inclusion in an applicant pool or for forwarding to partner companies), this will only be done on the basis of your express consent (Art. 6 para. 1 lit. a GDPR).
Recipients of application data are generally only the persons involved in the decision-making process within the jointly responsible companies.
If you have given your consent, we may also pass on your application data to other companies in the group of companies (by secure means) for the sole purpose of checking your suitability for vacancies in these companies. The following companies are possible recipients:
The legal basis for the transfer is your consent pursuant to Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR.
For the receipt and further processing of your application, we use personnel administration and applicant management software from the provider Personio SE & Co KG, Seidlstraße 3 80335 Munich, which we have integrated by means of an order processing contract in accordance with Art. 28 GDPR.
The transfer to a third country does not take place.
After an unsuccessful application, data will be deleted after 3 months unless consent has been given for further storage.
This privacy policy is currently valid and was last updated in October 2025, but it is subject to ongoing development. The current privacy policy can be accessed at any time on our website.
