Important Notice: This translation of the privacy-policy is only for informational purposes. Only the German version of the privacy policy is legally binding.
Any discrepancies or differences created in the translation are not binding and have no legal effect for compliance or enforcement purposes. If any questions arise related to the accuracy of the information contained in the translated website, please refer to the German version of the website which is the official version.
Preamble
With the following privacy policy, we, “deutsche training sales- and management-training GmbH” (hereinafter: deutsche training), would like to inform you about what kinds of your personal data (hereinafter also referred to simply as “data”) we process for what purposes and to what extent. The privacy policy applies to all processing of personal data carried out by us, both in the context of providing our services and in particular on our websites, in mobile applications and within external online presences, such as our social media profiles (hereinafter collectively referred to as “online offering”).
Current State and Changes to this Privacy Policy
This privacy policy is currently valid and is dated July 25, 2023.
Due to the further development of our website and offers or due to changed legal or regulatory requirements, it may become necessary to change this privacy policy. The respectively current privacy policy can be retrieved and printed out by you at any time on the website at https://www.deutsche-training.de/en/privacy/.
Table of Contents
- Name and Contact Details of the Controller
- Relevant Legal Bases
- Overview of Processing Operations
- Security Measures
- Transfer of Personal Data
- Erasure of Data
- Rights of Data Subjects
- Use of Cookies
- Business Services
- Provision of Online Offering and Web Hosting
- Blogs and Publications
- Contact and Request Management
- Newsletter and Electronic Notifications
- Contact and Request Management
- Booking Inquiries for our Seminars and Workshops
- Web Analytics, Monitoring and Optimization
- Social Media Presence
- Changes and Updates to the Privacy Policy
- Definitions
Name and Contact Details of the Controller
deutsche training sales- and management-training GmbH (hereinafter: “deutsche training” or “we”), Traunsteiner Strasse 21, 83358 Seebruck am Chiemsee, Germany
Email: info@deutsche-training.de
Phone: 08667 – 7177
Fax: 08667 – 1307
Relevant Legal Bases
Relevant legal bases according to the GDPR: The following overview summarizes the legal bases of the GDPR on which we process personal data. Please note that in addition to the regulations of the GDPR, national data protection regulations may apply in your or our country of residence. In addition, special legal bases may apply in individual cases; we will inform you of these in the privacy policy.
- Consent (Art. 6 para. 1 lit. a GDPR) – The data subject has given consent to the processing of their personal data for one or more specific purposes.
- Fulfillment of contract and pre-contractual inquiries (Art. 6 para. 1 lit. b GDPR) – Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
- Legal obligation (Art. 6 para. 1 lit. c GDPR) – Processing is necessary for compliance with a legal obligation to which the controller is subject.
- Legitimate interests (Art. 6 para. 1 lit. f GDPR) – Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.
- Job application procedures as pre-contractual or contractual relationships (Art. 6 para. 1 lit. b GDPR) – Insofar as special categories of personal data within the meaning of Art. 9 para. 1 GDPR (e.g. health data, such as disability or ethnic origin) are requested from applicants within the framework of the job application process so that the controller or the data subject can exercise his/her rights arising from labor law and social security and social protection law and fulfill his/her related obligations, their processing takes place in accordance with Art. 9 para. 2 lit. b GDPR, in the case of the protection of vital interests of applicants or other persons pursuant to Art. 9 para. 2 lit. c GDPR or for purposes of occupational medicine, the assessment of the employee’s ability to work, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services pursuant to Art. 9 para. 2 lit. h GDPR. In the case of a consent-based disclosure of special categories of data, their processing takes place on the basis of Art. 9 para. 2 lit. a GDPR.
National data protection regulations in Germany: In addition to the data protection regulations of the GDPR, national regulations for data protection in Germany apply. These include in particular the Law for the Protection against Misuse of Personal Data in Data Processing (Federal Data Protection Act – BDSG). The BDSG contains special regulations on the right to access, the right to erasure, the right to object, the processing of special categories of personal data, processing for other purposes and transmission as well as automated individual decision-making including profiling. In addition, data protection laws of the individual federal states may apply.
Note on the validity of the GDPR and the Swiss Data Protection Act (FADP): These data protection information serves to inform in accordance with both the Swiss Federal Act on Data Protection (FADP) and the GDPR. For this reason, we kindly ask you to note that due to the broader spatial scope of application and understandability, the terminology of the GDPR is used. In particular, instead of the terms “processing” of “personal data” and “overriding interests” used in the FADP, the terms “processing” of “personal data” and “legitimate interests” as defined in the GDPR are used. However, the legal meaning of the terms is still determined in accordance with the FADP when it applies.
Overview of Processing Operations
The following overview summarizes the types of data processed and the purposes of their processing, and refers to the affected individuals.
Types of Processed Data
- Inventory data
- Payment data
- Contact details
- Content data
- Contract data
- Usage data
- Meta, communication and procedural data
- Applicant data
Categories of Data Subjects
- Customers
- Prospects
- Communication partners
- Users
- Applicants
- Business and contract partners
- Participants
- Depicted persons
Purposes of Processing
- Provision of contractual services and customer service
- Contact requests and communication
- Security measures
- Range measurement
- Office and organizational procedures
- Conversion measurement
- Management and replying to inquiries
- Job application procedures
- Marketing
- User profiles with user-related information
- Provision of our online offering and usability
- Information technology infrastructure
Security Measures
We take appropriate technical and organizational measures in accordance with the legal requirements, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, in order to ensure a level of security appropriate to the risk. The measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as access to, input, transmission, securing of availability and its segregation. Furthermore, we have established procedures to ensure that data subjects’ rights are exercised, data is erased, and we have reacted to the endangered personal data. Furthermore, we take the protection of personal data into account as early as the development or selection of hardware, software and procedures, in accordance with the principle of privacy by design and privacy by default. IP address truncation: If IP addresses are processed by us or by the services and technologies we use, and the processing of the full IP address is not necessary, the IP address is truncated (also known as “IP masking”). Here, the last two digits, or the last part of the IP address after a period, are removed or replaced with placeholders. The purpose of IP address truncation is to prevent the identification of a person based on their IP address. In general, we use encryption during the visit to our website within the browser connection through the widespread SSL (Secure Socket Layer) procedure together with the respective highest level of encryption supported by your browser. This is usually a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. Whether an individual page of our website is transmitted in encrypted form can be recognized by the closed depiction of the key or lock symbol in the lower status bar of your browser. Moreover, we use suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
Transfer of Personal Data
In the course of our processing of personal data, the data may be transferred to other bodies, companies, legally independent organizational units or persons, or disclosed to them, if necessary to fulfill our contractual obligations or if we or the third party have a legitimate interest in the transfer. The data is only transferred to third parties to the extent permitted by law or with your consent.
General information about data transfer
We do not transmit your personal data to third parties for any purposes other than those listed below. We only pass on your personal data to third parties if:
- you have expressly consented to this in accordance with Art. 6 Para. 1 Sentence 1 lit. a GDPR,
- the transfer is necessary for the assertion, exercise or defense of legal claims in accordance with Art. 6 Para. 1 Sentence 1 lit. f GDPR and there is no reason to believe that you have an overriding interest worthy of protection in not transmitting your data,
- in the event that disclosure is required by law pursuant to Art. 6 Para. 1 Sentence 1 lit. c GDPR, and
- if it is legally permissible and necessary for the processing of contractual relationships with you pursuant to Art. 6 Para. 1 Sentence 1 lit. b GDPR.
Erasure of Data
The data processed by us will be erased in accordance with the statutory provisions as soon as their permitted purpose for processing ceases to apply. If the data is not deleted because it is necessary for other legally permissible purposes, its processing will be restricted (i.e. blocked). This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be kept for commercial or tax reasons or for purposes of preserving evidence or to safeguard rights.
Rights of Data Subjects
Rights of data subjects under the GDPR: As a data subject, you have the following rights under the GDPR, which arise in particular from Articles 15 to 21 GDPR:
- Right to object: You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on points (e) or (f) of Article 6(1), including profiling based on those provisions. Where personal data are processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.
- Right to withdraw consent: You have the right to withdraw your consent in accordance with Art. 7 para. 3 GDPR at any time. As a result, we are no longer allowed to continue processing data based on this consent in the future;
- Right to access: You have the right to obtain confirmation from us as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and certain additional pieces of information in accordance with Art. 15 GDPR;
- Right to rectification: You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you in accordance with Art. 16 GDPR;
- Right to erasure: You have the right to obtain from us the erasure of personal data concerning you without undue delay in accordance with Art. 17 GDPR, unless processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
- Right to restriction of processing: You have the right to obtain from us restriction of processing in accordance with Art. 18 GDPR where you contest the accuracy of the personal data, processing is unlawful and you oppose the erasure of the personal data, we no longer need the personal data for the purposes of the processing or you have objected to processing pursuant to Art. 21 para. 1 DGPR;
- Right to data portability: You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller in accordance with Art. 20 GDPR;
- Right to lodge a complaint with a supervisory authority: You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.
Use of Cookies
Cookies are small text files or other storage technologies that store information on a user’s device and read information from the device. For example, cookies can be used to store login status on a user account, shopping cart content in an online shop, pages and content visited and functions used on a website. Cookies can also be used for various purposes, e.g. for functionality, security and convenience purposes as well as to analyze visitor flows. An overview of the cookies used and your configuration options can be found here: Cookie Policy.
Information on obtaining consent: We use cookies in accordance with legal provisions. Therefore, we obtain the prior consent of users, unless this is not required by law. In particular, consent is not required if the storage and reading of information in cookies is absolutely necessary for the provision of our online offering or online service requested by users (i.e. required cookies). This includes cookies that are necessary for the functionality and security of our online offering. The legal basis for such processing is Art. 6 para. 1 sentence 1 lit. f) GDPR.
Information on legal bases: The legal basis on which we process users’ personal data using cookies depends on whether we ask users for their consent. If users give their consent, then the legal basis for processing their data is that consent. Otherwise, the data processed using cookies is based on our legitimate interests (e.g. in the functionality and optimization of our online offering and its contents Art. 6 para. 1 sentence 1 lit. f) GDPR) or is necessary to fulfill our contractual obligations towards the user and to provide our online offerings and services (see Art. 6 para. 1 sentence 1 lit. b) GDPR).
Storage duration: Unless we provide users with explicit information on the storage duration of permanent cookies (e.g. within the scope of a so-called cookie opt-in), the following applies: The storage duration of temporary cookies is up to 30 days maximum. Permanent cookies are stored by us for a maximum period of two years after the last use of our offering, unless we have a legitimate interest in further storage, e.g. for evidence purposes. Individual cookies may be stored for shorter or longer periods, depending on their purpose.
General information on revocation and objection (opt-out): In general, users can set their browser so that it informs them about cookie placement and only allows cookies on a case-by-case basis, accepts cookies in certain cases, or generally prohibits them. If cookies are generally prohibited, the functionality of our online offering may be restricted. Users can delete cookies manually from their end device. In addition, users can object to the creation of user profiles for cookie-based online marketing purposes and use the opt-out options mentioned above. We will then not collect and process for these purposes the personal data of the users from the use of cookies. If cookies are deactivated, the functionality of our online offering may be restricted.
Processing of cookie data on the basis of consent: We use a cookie consent management system, through which users’ consent to the use of cookies or technologies referred to within the cookie consent management system is obtained, managed and revoked. Consent is stored in order to document consent in accordance with legal requirements and queried again from users at a later point in time. Storage can take place on the server side and/or in a cookie (opt-in cookie or by using comparable technologies) in order to be able to assign consent to a user or their device. Unless we provide explicit information on the providers of cookie management services, the following information applies: The duration of storage of the consent can amount to a maximum of two years. A pseudonymous user ID is formed and the time of consent, information on the scope of the consent (e.g. which categories of cookies and/or service providers) as well as the browser, system and used end device is stored.
Legal bases: Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR); Contract fulfillment and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR); Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).
Additional information on processing procedures, procedures and services:
Measurement of opening and click rates: The newsletters contain a so-called “web beacon”, i.e. a pixel-sized file that is retrieved from our server, or if we use a shipping service provider from its server, when the newsletter is opened. As part of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and the time of the retrieval are initially collected. This information is used for the technical improvement of our newsletter on the basis of the technical data or the target groups and their reading behavior on the basis of their retrieval locations (which can be determined with the help of the IP address) or access times. This analysis also includes determining whether newsletters are opened, when they are opened and which links are clicked. This information is assigned to the individual newsletter recipients and stored in their profiles until they unsubscribe from the newsletter. The evaluations serve us to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users. The measurement of opening and click rates as well as the storage of the measurement results in the profiles of the users and their further processing are based on a consent of the users. Unfortunately, a separate revocation of the success measurement is not possible. In this case, the entire newsletter subscription must be canceled or objected to. In this case, the stored profile information will be deleted.
Legal bases: Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR).
Mailchimp: Email sending and automation service;
Service provider: Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA;
Legal bases: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR);
Website: https://mailchimp.com;
Privacy Policy: https://mailchimp.com/legal/</a >;
Data Processing Agreement: https://mailchimp.com/legal/</a >;
Legal basis for third country transfer: EU Standard Contractual Clauses, Data Privacy Framework (DPF) (Provided by service provider);
Additional information: Special security measures for European data transfers: https://mailchimp.com/help/mailchimp-european-data-transfers/</a >.
Business Services
We process data of our contractual and business partners, e.g. customers and interested parties (hereinafter collectively referred to as “contractual partners”) within the context of contractual and comparable legal relationships as well as related actions and communication with the contractual partners (or prior to establishing the contract), e.g. to respond to inquiries. We process this data to fulfill our contractual obligations, to safeguard our rights and for the purposes of administrative tasks associated with this data and business organization. We also process the data based on our legitimate interests in proper and effective business management and protection of our contractual partners, business and assets against misuse, damage, loss and other interference (e.g. involving measures for IT and building security, legal tasks and quality assurance). As permitted by law, we also transfer data to third parties if this is necessary in the context of the uses and purposes stated above (e.g. to technical service providers, couriers, banks, tax consultants, legal representatives or authorities).
Provision of Online Offering and Web Hosting
We process data about our users to provide them with our online offering. For this purpose, we process the IP address of the users, which is necessary to deliver the contents of our online offering to their browsers or end devices.
Processed data types: Usage data (e.g. websites visited, interest in content, access times); Meta and communication data (e.g. IP addresses, times of access); Content data (e.g. entries in online forms).
Data subjects: Users (e.g. website visitors, users of online services).
Purposes of processing: Provision of our online offering and user-friendliness; Information technology infrastructure (operation and provision of information systems and technical devices); Security measures.
Legal bases: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).
Additional information on processing operations, procedures and services:
Provision of online offering on rented server space: We use the services of a server provider to provide our online offering; Legal bases: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).
Collection of access data and log files: We temporarily store the access to our online offering in server log files, which contain usage data, communication data and metadata that we need to provide the service, ensure security and analyze those log files. IP addresses are stored anonymized; Legal bases: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Deletion of data: Log file information is stored for a maximum of 30 days and then deleted or anonymized. Data whose further storage is required for evidentiary purposes is excluded from deletion until final clarification of the respective incident.
Content Delivery Network (CDN): We use a “Content Delivery Network” (CDN). A CDN is a service that delivers the contents of our online offering faster and more securely by means of regionally distributed servers connected via the internet; Legal bases: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).
Innnet: Services in the field of providing information technology infrastructure and related services (e.g. storage space and/or computing capacities);
Service provider: InnNet GmbH, Internet-Services, Schmerbeckstrasse 4, 83512 Wasserburg, Germany;
Legal bases: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR);
Website: https://innnet.de/;
Privacy Policy: https://innnet.de/en/contact/legal-notice/</a >.
Blogs and Publications
We use blogs or comparable means of online communication and publication (hereinafter referred to as “publication medium”). The data of the readers are processed for the purposes of the publication medium only to the extent necessary for its presentation and communication between authors and readers or for security purposes. For the rest, we refer to the information on the processing of visitors to our publication medium within the scope of these data protection information.
Processed data types: Inventory data (e.g. names, addresses); Contact details (e.g. e-mail, telephone numbers); Content data (e.g. entries in online forms); Usage data (e.g. websites visited, interest in content, access times); Meta and communication data (e.g. device information, IP addresses).
Data subjects: Users (e.g. website visitors, users of online services).
Purposes of processing: Provision of contractual services and customer service; Feedback (e.g. collecting feedback via online form); Security measures; Managing and responding to inquiries.
Legal bases: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).
Contact and Request Management
When contacting us (e.g. by contact form, e-mail, telephone or via social media), the data of the inquiring persons are processed insofar as this is necessary to answer the contact inquiries and any requested arrangements.
Processed data types: Inventory data (e.g. names, addresses); Contact details (e.g. e-mail, telephone numbers); Content data (e.g. entries in online forms); Usage data (e.g. websites visited, interest in content, access times); Meta and communication data (e.g. device information, IP addresses).
Data subjects: Communication partners.
Purposes of processing: Contact requests and communication; Managing and responding to inquiries; Feedback (e.g. collecting feedback via online form); Provision of our online offering and user-friendliness.
Legal bases: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Contract fulfillment and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR).
Additional information on processing operations:
Contact form: If users contact us via a contact form, e-mail or other communication channels, the data provided in the communication channel is processed to process the contact request; Legal bases: Contract fulfillment and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR), Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).
Booking Inquiries for our Seminars and Workshops
Our website contains the option for users to inquire about booking seminars or workshops. The personal data transmitted during booking inquiries for a seminar or workshop results from the input mask used for this purpose. The data transmitted during booking inquiries are only used to process the booking, prepare for and carry out the respective seminar or workshop. In particular, the personal data is not passed on to third parties. Consent to the storage of personal data that the data subject has given for the booking inquiry can be revoked at any time. The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For personal data from the input form of the booking inquiry and that which was sent by e-mail, this is the case when it can be inferred from the circumstances that you wish to withdraw the inquiry or after the seminar or workshop has been carried out and any necessary follow-up has been completed. The legal basis for data processing is Art. 6 GDPR para. 1 b. Data collected during the booking inquiry is stored until the booking is completed. Further storage is possible.
Web Analytics, Monitoring and Optimization
Web analysis (also known as “reach measurement”) refers to the analysis of visitor flows on our online offering and can include visitor behavior and interests or demographic information as pseudonymous values. For web analysis purposes, so-called user profiles can be created and stored in a file (so-called tracking) or in a database. To this end, cookies or similar technologies can also be used. We only use web analysis with pseudonymized IP addresses. That means, any personally identifiable information is removed or excluded and the IP addresses are abbreviated. For example, while the IP address communicated by the user’s device remains stored, it is abbreviated before processing so that direct personal reference is excluded. The web analysis serves to optimize our online offering and its contents. For this purpose, we collect information about the use of the individual components of our online offering in order to continuously improve our online offering and its contents for you. For example, we determine more popular areas of interest on our websites. This enables us to find out what content users are particularly interested in and to concentrate our optimization efforts on these areas.
Processed data types: Usage data (e.g. websites visited, interest in content, access times); Meta and communication data (e.g. IP addresses, times of access).
Data subjects: Users (e.g. website visitors, users of online services).
Purposes of processing: Range measurement (e.g. access statistics, unique visitors); Profiles with user-related information (creating user profiles); Conversion measurement (measuring the effectiveness of marketing activities); Provision of our online offering and website optimization.
Legal bases: Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR); Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).
Security measures: IP masking (pseudonymization of the IP address).
Additional information on processing operations:
Piwik PRO: Reach measurement and web analytics;
Service provider: Piwik PRO GmbH, Kurfürstendamm 21, 10719 Berlin, Germany;
Legal bases: Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR);
Website: https://piwikpro.com;
Privacy policy: https://piwikpro.com/privacy/</a >.
Social Media Presence
We maintain online presences on social media platforms in order to communicate with active users, interested parties and to inform them about us. When accessing our online presences on social media platforms, data of the users may be processed outside the European Union. This may entail risks for users as e.g. enforcing users’ rights could be made more difficult. With respect to the USA, the European Court of Justice ruled that there were no adequate levels of data protection available under the “Privacy Shield”-agreement between the EU and USA. Furthermore, user data is usually processed for market research and advertising purposes within social media platforms. For example, by creating user profiles based on their user behaviour, interests and demographic information. Those profiles are used on their behalf, e.g. to place market research and advertising tailored to the specific interests of users. For these purposes, cookies and web beacons are usually stored on users’ computers, in which user behaviour and interests are stored. This takes place independently of the type of device used to access social media platforms. For details on data processing and corresponding objection possibilities (opt-out), please refer to the respective privacy policies and information provided by the social network operators. Also in the case of requests for information and the assertion of data subject rights, we point out that these can be most effectively pursued with the operators of the social media platforms. Only the operators have access to the data of the users and can take appropriate measures directly and provide information. If you still need help, please contact us.
Processed data types: Contact data (e.g. e-mail, telephone numbers); Content data (e.g. text entries, photographs, videos); Usage data (e.g. websites visited, interest in content, access times); Meta and communication data (e.g. device information, IP addresses).
Data subjects: Users (e.g. website visitors, users of online services).
Legal bases: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR).
Additional information on processing operations:
LinkedIn: Social network;
Service provider: LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland;
Legal bases: Legitimate Interests (Art. 6 para. 1 sentence 1 lit. f) GDPR);
Website: https://www.linkedin.com;
Privacy Policy: https://www.linkedin.com/legal/privacy-policy</a >;
Data Processing Agreement: https://legal.linkedin.com/dpa</a >;
Legal basis for third country transfer: Standard Contractual Clauses (https://legal.linkedin.com/dpa</a >);
Opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out</a >.
Google reCAPTCHA
We use Google reCAPTCHA from Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) to protect our website against spam and abuse. reCAPTCHA automatically analyzes whether a human or a computer is performing certain actions on our website.
Cookies Used
reCAPTCHA sets the following cookies:
- _GRECAPTCHA
Purpose: Distinguishing between humans and bots
Storage duration: 6 months
Domain: google.com - rc::a
Purpose: Distinguishing between humans and bots
Storage duration: Persistent
Domain: google.com - rc::b
Purpose: Distinguishing between humans and bots
Storage duration: Session
Domain: google.com - rc::c
Purpose: Distinguishing between humans and bots
Storage duration: Session
Domain: google.com
Collected Data
The following data is transmitted to Google:
- IP address
- Cookies set by Google in the last 6 months
- Login status of your Google account
- Browser type and browser settings
- Date and language settings
- JavaScript objects
- Screen resolution
- Mouse and keyboard inputs
- Referrer URL (the website you came from)
Storage Duration and Location
The data collected by reCAPTCHA is processed on Google’s servers, which may be located in the USA. The IP address is shortened within EU member states before being transferred to the USA. Data is only combined with other Google services if you are logged into your Google account during use.
Legal Basis
The use of reCAPTCHA is based on:
- Art. 6(1)(f) GDPR (legitimate interest): Protection of our website against bots and spam
- Art. 6(1)(a) GDPR (consent): Your consent to data processing
Data Transfer to the USA
Google processes data partly in the USA and is an active participant in the EU-US Data Privacy Framework. Additionally, Google uses EU Standard Contractual Clauses. For more information, visit: https://policies.google.com/privacy
Right to Object
You can prevent the collection and transfer of your data to Google by:
- Logging out of Google
- Deleting all Google cookies
- Disabling JavaScript in your browser (may limit website functionality)
Your Rights
You have the right to:
- Information about your stored data (Art. 15 GDPR)
- Correction of incorrect data (Art. 16 GDPR)
- Deletion of your data (Art. 17 GDPR)
- Restriction of data processing (Art. 18 GDPR)
- Data portability (Art. 20 GDPR)
- Withdrawal of given consent (Art. 7(3) GDPR)
- Lodge a complaint with a supervisory authority (Art. 77 GDPR)
Changes and Updates to the Privacy Policy
Please note that this privacy policy may change from time to time. If we make changes, we will update the date at the top of the privacy policy. Where changes to our privacy policy affect your rights, we will notify you of the changes and may seek your consent if necessary. We recommend that you regularly review this privacy policy to stay informed about how we process your personal data. If we provide addresses and contact information of companies and organizations in this privacy policy, please note that addresses can change over time. Therefore, please always double check for current information before contacting us. Competent Supervisory Authority: Bavarian State Office for Data Protection Supervision (BayLDA) Promenade 18 91522 Ansbach
Definitions
This section provides an overview of the terms used in this privacy policy. The legislator requires that personal data be processed in a lawful, fair and transparent manner. For this purpose, terms must be generally understandable. We have made significant effort to formulate this privacy policy as comprehensible as possible. The following explains central terms:
Inventory data: Inventory data are personal data providing information about a data subject’s identity, such as name, address, telephone number, date of birth, age, gender, etc.
Contact data: Contact data are personal data that a data subject can use to contact the controller, such as e-mail address, (mobile) telephone number, address, social media profiles, etc.
Content data: Content data are personal data contained in substantive or personal communications, such as text input, photographs, videos, etc.
Usage data: Usage data are personal data collected automatically when using online services and technical systems. For example, usage data includes which websites or content the data subject views, which functions they use or the time of access. Usage data can be recorded via cookies, web beacons and other technologies.
Special categories of personal data: Special categories of personal data are personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.
Processing: Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.