Germany

SSL or TLS Encryption

When you enter your data on websites, place online orders, or send emails over the internet, you must always expect that unauthorized third parties may access your data. Complete protection against such access does not exist. However, we do everything we can to protect your data as best as possible and close security gaps as far as possible.

An important protection mechanism is the SSL or TLS encryption of our website, which ensures that data you transmit to us cannot be read by third parties. You can recognize the encryption by the lock icon before the entered internet address in your browser and by the fact that our internet address begins with https:// and not with http://.

Data Transfer to the USA

We also use tools from companies on our website that transfer your data to the USA and store it there and possibly process it further. The European Commission has adopted an adequacy decision for the EU-US Data Privacy Framework. This establishes that the USA ensures an adequate level of protection for personal data transferred from the EU to US companies. This decision is based on new guarantees and measures introduced by the USA to meet data protection requirements. The adequacy decision includes, among other things, restrictions and guarantees regarding access by US intelligence services to the data. Binding guarantees have been introduced to limit the access of US intelligence services to what is necessary and proportionate to protect national security. Enhanced oversight of the activities of US intelligence services has also been established to ensure that restrictions on surveillance activities are observed. An independent redress mechanism has also been established to address and resolve complaints from European citizens about access to their data. The EU-US Data Privacy Framework thus allows European companies to transfer data to certified US companies without having to introduce additional data protection guarantees. You can view a list of all certified companies at the following link: https://www.dataprivacyframework.gov/s/participant-search

A change in the European Commission's decision cannot be ruled out.

Data Protection Officer

We have appointed a data protection officer for our company.

DataGAP GmbH

Markus Altenburg

Bessemerstr. 82 - 10. OG Süd

12103 Berlin

Email address: team@datagap.de

Phone number: +49 (0)30 - 577 10 513

External Hosting

Our website is hosted on a server of the following internet service provider (host):

IONOS SE
Elgendorfer Str. 57
56410 Montabaur

LANSOL GmbH
Rheingönheimer Weg 13
D-67117 Limburgerhof

How Do We Process Your Data?

The host stores all data from our website. This also includes all personal data that is automatically recorded or entered by you. This may include in particular: your IP address, pages accessed, names, contact details and inquiries, as well as meta and communication data. When processing data, our host adheres to our instructions and only processes the data to the extent necessary to fulfill the service obligation to us.

On What Legal Basis Do We Process Your Data?

Since we address potential customers through our website and maintain contacts with existing customers, the data processing by our host serves to initiate and fulfill contracts and is therefore based on Art. 6 Para. 1 lit. b) GDPR. In addition, it is our legitimate interest as a company to provide a professional internet offering that meets the necessary requirements for security, speed, and efficiency. In this respect, we also process your data on the basis of Art. 6 Para. 1 lit. f) GDPR.

Use of Cookies

Our website places cookies on your device. These are small text files that serve various purposes. Some cookies are technically necessary for the website to function at all (necessary cookies). Others are needed to perform certain actions or functions on the site (functional cookies). For example, without cookies, it would not be possible to enjoy the benefits of a shopping cart in an online shop. Still other cookies are used to analyze user behavior or optimize advertising measures. When we use third-party services on our website, e.g., for payment processing, these companies can also leave cookies on your device when you visit the website (so-called third-party cookies).

How Do We Process Your Data?

Session cookies are only stored on your device for the duration of a session. As soon as you close the browser, they disappear automatically. Permanent cookies, on the other hand, remain on your device if you do not delete them yourself. This can lead, for example, to your user behavior being permanently analyzed. You can influence how your browser handles cookies through the settings:

• Do you want to be informed when cookies are set?
• Do you want to exclude cookies generally or for certain cases?
• Do you want cookies to be automatically deleted when the browser is closed?

If you deactivate or do not allow cookies, the functionality of the website may be limited.

If we use cookies from other companies or for analysis purposes, we will inform you about this within this privacy policy. We also ask for your consent in this regard when you visit our website.

On What Legal Basis Do We Process Your Data?

We have a legitimate interest in ensuring that our online offerings can be used without technical problems by visitors and that all desired functions are available to them. The storage of necessary and functional cookies on your device is therefore based on Art. 6 Para. 1 lit. f) GDPR. We use all other cookies on the basis of Art. 6 Para. 1 lit. a) GDPR, provided that you give us appropriate consent. You can revoke this at any time with effect for the future. If you have consented to the placement of necessary and functional cookies when asked for consent, the storage of these cookies is also based exclusively on your consent.

Contact Form

You can send us a message via the contact form on this website.

How Do We Process Your Data?

We store your message and the information from the form to be able to process your request including follow-up questions. This also applies to the contact details provided. We do not pass on the data to other persons without your consent.

How Long Do We Store Your Data?

We delete your data as soon as one of the following points occurs:

• Your request has been completely processed.
• You request us to delete the data.
• You revoke your consent to storage.

This only does not apply if we are legally obligated to retain the data.

On What Legal Basis Do We Process Your Data?

If your request is related to our contractual relationship or serves to implement pre-contractual measures, we process your data on the basis of Art. 6 Para. 1 lit. b) GDPR. In all other cases, it is our legitimate interest to process inquiries addressed to us effectively. The legal basis for data processing is thus Art. 6 Para. 1 lit. f) GDPR. If you have consented to the storage of your data, Art. 6 Para. 1 lit. a) GDPR is the legal basis. In this case, you can revoke your consent at any time with effect for the future.

Request by Email, Telephone, or Fax

You can send us a message by email or fax or call us.

How Do We Process Your Data?

We store your message as well as your self-provided contact details or the transmitted telephone number to be able to process your request including follow-up questions. We do not pass on the data to other persons without your consent.

How Long Do We Store Your Data?

We delete your data as soon as one of the following points occurs:

• Your request has been completely processed.
• You request us to delete the data.
• You revoke your consent to storage.

This only does not apply if we are legally obligated to retain the data.

On What Legal Basis Do We Process Your Data?

If your request is related to our contractual relationship or serves to implement pre-contractual measures, we process your data on the basis of Art. 6 Para. 1 lit. b) GDPR. In all other cases, it is our legitimate interest to process inquiries addressed to us effectively. The legal basis for data processing is thus Art. 6 Para. 1 lit. f) GDPR. If you have consented to the storage of your data, Art. 6 Para. 1 lit. a) GDPR is the legal basis. In this case, you can revoke your consent at any time with effect for the future.

Registration Function

To be able to use certain functions or offers on our website, you must register. This requires the provision of your email address and possibly other personal data.

How Do We Process Your Data?

We store the data you provide during registration and use it to provide you with the function or offer for which you have registered. Should there be any changes regarding the offer or function, we use your email address to inform you about them. We also use your email address to make further contract offers to you if necessary.

How Long Do We Store Your Data?

We delete your data as soon as one of the following points occurs:

• The purpose of data processing has ceased.
• You request us to delete the data.
• You revoke your consent to storage.

This only does not apply if we are legally obligated to retain the data.

On What Legal Basis Do We Process Your Data?

We store and use your data to fulfill the usage relationship established during registration and possibly to initiate further contracts. The legal basis is therefore Art. 6 Para. 1 lit. b) GDPR.

Font Awesome (Local Hosting)

We use icons from the Font Awesome icon library on our website. The library is offered by Fonticons Inc. We have installed the icons locally, so no connection to the company's servers takes place when you visit our website.

For more information about Font Awesome, please visit https://fontawesome.com/ and specifically in the privacy policy: https://fontawesome.com/privacy.

jQuery

What is jQuery?

Service that enables access to a JavaScript library for use on this website

Who Processes Your Data?

The OpenJS Foundation, 548 Market St, PMB 57274, San Francisco, California, USA

Where Can You Find More Information About Data Protection at jQuery?

https://openjsf.org/privacy

On What Basis Do We Transfer Your Data to the USA?

jQuery adheres to the standard contractual clauses of the European Commission (cf. https://openjsf.org/privacy)

How Do We Process Your Data?

We use jQuery services on our website. jQuery is a JavaScript library. It simplifies JavaScript programming by providing an easy-to-use interface for many common tasks. With jQuery, users can make their websites faster and more interactive. When you visit our website, a direct connection is established between your browser and jQuery's servers. This way, jQuery learns that our website has been accessed via your IP address.

On What Legal Basis Do We Process Your Data?

The fonts from jQuery ensure a uniform font appearance on our websites. As a company, we have a legitimate interest in this. The data processing is therefore lawful according to Art. 6 Para. 1 lit. f) GDPR.

If you have consented to data processing, we process your data exclusively on the basis of Art. 6 Para. 1 lit. a) GDPR. You can revoke your consent at any time. From the time of revocation, we may no longer process your data.

eCommerce and Payment Providers

Customer and Contract Data

How Do We Process Your Data?

When we enter into a contract with you, we need certain personal data from you. We collect, process, and use this data only to the extent necessary to establish, define the content of, or modify our legal relationship. If you can only use our services via our website or if the services are billed via the website, we also collect usage data if this is necessary to enable you to use our offer or to bill the service used.

How Long Do We Store Your Data?

We store your data until our legal relationship ends, unless we are legally obligated to retain the data for a longer period.

On What Legal Basis Do We Process Your Data?

We store your data to fulfill the contract with you or to carry out pre-contractual measures. The basis for data processing is thus Art. 6 Para. 1 lit. b) GDPR.

Payment Services

To allow you to conveniently pay for your purchases on our website, we use the service of payment services, i.e., external companies that process the payments for us. You can find out which ones these are specifically in the list at the end of this section.

How Do We Process Your Data?

For the payment process, you must provide certain personal data, e.g., your name, your account details, or credit card number. We pass this data on to the respective payment service. For the transaction itself, the respective contractual and privacy terms of the respective services apply.

On What Legal Basis Do We Process Your Data?

We pass on your data to fulfill the contract we have concluded with you. The basis for data processing is thus Art. 6 Para. 1 lit. b) GDPR. In addition, we have a legitimate interest in processing purchases as quickly, comfortably, and securely as possible. The legal basis is therefore also Art. 6 Para. 1 lit. f) GDPR. If you have consented to the transfer of your data, the data processing is based on Art. 6 Para. 1 lit. a) GDPR. You can revoke your consent at any time with effect for the future.

Which Payment Services Do We Use?

Stripe

What is Stripe?

Online payment service

Who Processes Your Data?

Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland

Where Can You Find More Information About Data Protection at Stripe?

https://stripe.com/de/privacy

On What Basis Do We Transfer Your Data to the USA?

On the basis of the adequacy decision of the European Commission and the corresponding certification of the company

Audio and Video Conferences

As a company, we are in contact with many people: customers, business partners, service providers, etc. In addition to other means of communication, we also use so-called online conference tools for exchange. Data protection relevant information about the provider(s) of the tools we use can be found at the end of this section. If you communicate with us via such a tool, not only we, but especially the provider of the respective tool, process your personal data.

How Do We Process Your Data?

Online conference tools record and store various personal data to enable participation in an online conference and its smooth execution. In addition to registration, conference, and technical data, this also includes certain communication content.

• Registration data: Your email address and/or telephone number and possibly other data that you provide when registering for the conference.
• Conference data: Start, end, and duration of your participation in the conference, the number of participants, and other metadata about the conference.
• Technical data: IP address, MAC address, device ID, device type, operating system and version, client version, camera type, microphone or speaker, and the type of connection.
• Communication content: Cloud recordings, chat/instant messages, voicemails, uploaded photos and videos, files, whiteboards, and other information shared during the use of the service.

For details on data processing, please refer to the privacy policies of the respective conference tool provider.

How Long Do We Store Your Data?

We, as your communication partner, delete your data on our systems as soon as one of the following points occurs:

• The purpose of data processing has ceased.
• You request us to delete the data.
• You revoke your consent to storage.

This only does not apply if we are legally obligated to retain the data.

Cookies remain on your device until you delete them.

The providers of conference tools also store your data for their own purposes. Please inquire directly with the providers about what this means for the duration of storage of your data.

On What Legal Basis Do We Process Your Data?

If we are already contractually connected or you want to enter into a contract with us, we use conference tools to fulfill the contract or to inform you about our services or products. The data processing is therefore based on Art. 6 Para. 1 lit. b) GDPR. Otherwise, the use of conference tools serves simple and fast communication, without which we could not run our business efficiently. We therefore also have a legitimate interest in data processing according to Art. 6 Para. 1 lit. f) GDPR. Another legal basis can be your consent. In this case, Art. 6 Para. 1 lit. a) GDPR is applicable. This basis ceases to apply for the future if you revoke the consent.

Which Online Conference Tools Do We Use?

Microsoft Teams

What is Microsoft Teams?

Communication platform for team collaboration

Who Processes Your Data?

Microsoft Corp., One Microsoft Way, Redmond, WA 98052-6399, USA

Where Can You Find More Information About Data Protection at Microsoft Teams?

https://privacy.microsoft.com/de-de/privacystatement

On What Basis Do We Transfer Your Data to the USA?

On the basis of the adequacy decision of the European Commission and the corresponding certification of the company.

Own Services / Miscellaneous

Handling of Applicant Data

If you would like to work for us, we are happy to receive your application. We treat all transmitted personal data strictly confidentially. This also applies to data that we collect later in the course of the application process.

How Do We Process Your Data?

All data that we collect as part of the application process, we store and use to the extent necessary for the decision on establishing an employment relationship. This includes, in addition to contact and communication data as well as application documents, e.g., notes that we make during job interviews. We only pass on your data within our company to persons who are involved in processing your application.

If your application is successful, we store the data necessary for carrying out the employment relationship in our data processing systems.

How Long Do We Store Your Data?

If we cannot make you a job offer, you decline a job offer, or you withdraw your application, we reserve the right to retain your documents and other application data for up to 6 months after the end of the application process. The reason is that we may need the data for evidentiary purposes in the event of a legal dispute. After the deadline expires, we delete the data and destroy the documents. If a legal dispute is actually threatened or already pending, we delete the data and documents If a legal dispute is actually threatened or already pending, we delete the data and documents when they are no longer needed for evidentiary purposes.

The deletion of your data always presupposes that we are not legally obligated to retain it longer.

On What Legal Basis Do We Process Your Data?

We process your applicant data on the basis of § 26 BDSG-neu (initiation of an employment relationship) and Art. 6 Para. 1 lit. b) GDPR (general contract initiation).

The same applies if your application is successful.

If we cannot make you a job offer, you decline a job offer, or you withdraw your application, we have a legitimate interest in using your data for evidentiary purposes in a possible legal dispute. The data processing is therefore based on Art. 6 Para. 1 lit. f) GDPR.

If you have expressly consented to the storage of your data, we process your data on the basis of Art. 6 Para. 1 lit. a) GDPR. You can revoke your consent at any time with effect for the future.

Other Services and Data Processing

Meffert WebRecruiter

Data Processing on Social Media

What is Social Media?

By social media, we mean the social networks on which we have created publicly accessible profiles. Which social networks these are specifically, you can read further below.

Who Processes Your Data?

The respective operating companies of the social networks. You can find the individual operators further below for the respective networks.

How is Your Data Processed?

The operators of social networks are generally able to collect and evaluate comprehensive data about the behavior of visitors and users of the network. It is not possible for us to trace all processing operations in the social networks we use, which is why further processing operations that are not listed here may be carried out by the operators of the social networks. In the terms of use and privacy policies of the respective social networks, you will find further information on this.

The processing of your data can be triggered by visiting the website of the social network or our profile page there. Even if you access a website that uses certain content from the network, e.g., Like or Share buttons, data can already be transferred to the operators of the social network. If you are a user of the social network yourself and logged into your user account, your visit to our profile page can be assigned to your account by the operator of the social network. Even if you have not registered a user account yourself or are not logged in, it is possible that the operator of the network still collects your personal data, e.g., by recording your IP address or setting cookies. With this data, the operators can create user profiles tailored to your behavior and interests and show you interest-based advertising within and outside the network. If you are a registered user of the network, the interest-based advertising can also be displayed on all devices on which you are logged in or have been logged in.

On What Legal Basis is Your Data Processed?

Our profiles in the social networks should ensure the most comprehensive presence of our company on the internet. We have a legitimate interest in this as a company. The data processing is therefore lawful according to Art. 6 Para. 1 lit. f GDPR.

The data processing operations and analyses carried out by the operators of the social networks themselves can be based on other legal bases. These must be specified by the operators of the social networks.

Who is Responsible for Processing Your Data and How Can You Assert Your Rights?

If you visit one of our profiles in the social networks, we are jointly responsible with the operator of the respective network for the data processing operations triggered by this visit. You can assert your rights in principle both against us and against the operator of the respective network.

Despite the joint responsibility with the operators of the social networks, our influence on the data processing operations of the respective operator is limited and is primarily determined by the specifications of the operator.

How Long is Your Data Stored?

If we collect data via our profiles in the social networks, it will be deleted from our systems as soon as the purpose for its storage ceases to exist, you request us to delete it, or you revoke your consent to storage. Stored cookies remain on your device until you delete them. Mandatory legal provisions – especially retention periods – remain unaffected.

We have no influence on how long the operators of the social networks store your data, which the operators collect for their own purposes. You can get information about this directly from the operator of the respective social network, e.g., in the respective privacy policy.

Which Social Media Do We Use?

LinkedIn

What is LinkedIn?

A social network for business contacts

Who Processes Your Data?

LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland

Is Your Data Transferred to Third Countries?

Yes

Where Can You Find More Information About Data Protection at LinkedIn?

https://de.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy

Where Can You as a User Adjust Your Privacy Settings?

As a registered LinkedIn user, you can adjust your privacy settings in your user account. Click on the following link and log in: https://www.linkedin.com/psettings/