Overarching privacy statement for websites

Scope

This privacy statement applies for all pages on our online network which link to this statement.
General information regarding your rights as applicant can be found here.

General information on data processing

We collect and use personal data from our users strictly only to the extent necessary for providing a functional website as well as our content and products/services. The collection and use of our users’ personal data generally only takes place with the user’s consent. An exception is made in cases where it is actually impossible to obtain prior consent and the processing of the data is permitted by statutory regulations.

Legal basis for the processing of your data:

In particular, legitimate interests may include:

Usage data/server log files

Each time our webpages are accessed, our systems automatically collect data and information from the computer system of the accessing computer.

In this case, the following types of data are collected: Browser type, version used, operating system of the user, internet service provider, IP address of the user, date and time accessed, websites from which the user’s system are directed to our website or which the user is directed to from our website.

The legal basis for the temporary storage of the data and the log files is Art.6(1) f of the GDPR with the aforementioned legitimate interests.

The temporary storage of the IP address by the system is necessary to make it possible for the website to be delivered to the user’s computer. For this purpose, the IP address of the user must remain saved for the duration of the session.

Storage in log files takes place to ensure the functionality of the website. Furthermore, we use the data to optimise the website and to ensure the safety of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context. These purposes also justify our legitimate interests to perform data processing pursuant to Art. 6(1) f of the GDPR. The data will be deleted as soon as they are no longer necessary to fulfil the purpose of their collection. In the case of the collection of the data for the provision of the website, this is the case when the respective session is terminated. The collection of the data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Furthermore, we reserve the right to review the files when concrete indications exist which point to a justified suspicion of unlawful use or a specific attack on the pages. In this case, it is within our legitimate interests to perform processing for the purposes of clarifying the issue and the criminal prosecution of such attacks and unlawful use.

Use of cookies

We use cookies. Cookies are text files which are stored in the internet browser and/or by the internet browser on the user’s computer system. When a user accesses a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string of characters which makes it possible to uniquely identify the browser when the website is accessed again in future. We use cookies to make our website more user-friendly. A number of elements of our website make it necessary to be able to identify the accessing browser even after switching to a different page. In this case, the following data is stored in the cookies and transmitted: Language settings, items in a shopping cart, login information etc.

Furthermore, on some of our websites, we also use cookies which make it possible to analyse the surfing behaviour of users. In this manner, search terms entered, the frequency of pages accessed, the use of website functions etc. are transmitted. The data on users collected in this fashion are pseudonymised via technical measures. Hence, it is no longer possible to reference the data to the accessing user. The data will not be stored with the user’s other personal data.

Legal basis for data processing via cookies: The legal basis for the processing of personal data via the use of cookies is Art. 6(1) f GDPR. The legal basis for the processing of personal data via the use of technically necessary cookies is Art. 6(1) f GDPR. The legal basis for the processing of personal data via the use of cookies for purposes of analysis, provided that the corresponding consent has been obtained from the user, is Art. 6(1) a GDPR.

The purpose of the use of technically necessary cookies is to simplify the use of websites for users. A number of the functions of our website cannot be offered without the use of cookies. For these functions, it is necessary for the browser to be recognised again even after switching to a different page. We require cookies for the provision of the shopping cart, applying language settings, remembering search terms etc. The use of the analysis cookies takes places with the purpose of improving the quality of our website and its content. Via the analysis cookies, we find out how the website is used, allowing us to constantly optimise our offerings. These purposes also justify our legitimate interests to perform data processing. When our website is accessed, the user is informed of the use of cookies for the purposes of analysis and his consent obtained for the processing of the personal data used in this context. Reference to this privacy statement is also made in this context. Cookies are stored on the user’s computer and transmitted from it to our website. Hence, you as a user also have full control over the use of cookies. By modifying the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Cookies which have already been saved can be deleted at any time. This can also take place in an automated fashion. If cookies are deactivated for our website, it may no longer be possible to use the full extent of all functions of the website. You can manage cookies from a number of US companies via the American website www.aboutads.info/choices/ or the EU website www.youronlinechoices.com/uk/your-ad-choices/.

General information on web beacons/tracking pixels

Web beacons are invisible images with the size of one pixel. These are used by partner companies, in particular for the purposes of tracking a user across various web pages for building a profile which allows users to be shown customised advertising (targeting). A pixel integrated into the webpage is loaded from the partner’s server when the webpage is accessed. In doing so, the partner receives your IP address as well as information about your browser and its version as well as the browser plugins used (browser fingerprint), about your operating system, as well as about your network operator.

Content from external providers

On our website, we use active JavaScript content and fonts which may also come from external providers such as Google. When our website is accessed, these providers may receive information about your visit on our website, such as via the transmission of your IP address. You can prevent the transmission of such information by using a JavaScript blocker, e.g. by installing the browser plugin ‘NoScript’ or deactivating JavaScript in your browser. However, this may limit functionality.

Some of our websites integrate third-party content into their offerings, such as videos from YouTube, map content from Google Maps, images, texts, and multimedia files, RSS feeds, or additional services from other websites. This always requires your IP address to be transmitted to the providers of the content. We are unable to provide information on how your data is used by these providers and also have no influence over subsequent processing. In particular, we have no information on whether the data will also be used for additional purposes, such as building a profile. To find out more, please consult the respective data privacy notices of the corresponding third-party providers.

Among other things, you can protect yourself from further tracking via tracking pixels from these providers by turning off the acceptance of third-party cookies in your browser settings.

Contact form and e-mail contact

Our webpage contains a contact form which can be used for getting in touch electronically. If a user makes use of this option, the data entered into the input form will be transmitted to us and saved. This data comprises: Name, address, e-mail address, telephone number etc. At the time the message is sent, the following data will also be saved: The IP address, date, and time. For processing the data, your consent will be obtained as part of the sending procedure, and reference will be made to this privacy statement.

Alternatively, you can also get in touch via the e-mail address provided. In this case, the personal data of the user transmitted with the e-mail will be saved. No disclosure of the data to third parties takes place in this context. The data will be used exclusively for processing the conversation.

The legal basis for the processing is:

For us, the processing of the personal data from the input form is exclusively for processing the establishment of contact. In the case of the establishment of contact via e-mail, this also includes the required legitimate interest in the processing of the data. The other personal data processed during the sending procedure serve to prevent the abuse of the contact form and to ensure the security of our information technology systems.

The data will be deleted as soon as they are no longer necessary to fulfil the purpose of their collection. For the personal data from the input fields of the contact form and data that have been transmitted via e-mail, this is the case when the respective conversation with the user has terminated. The conversation is terminated when circumstances allow one to surmise that the respective issue has been conclusively resolved. The additional personal data collected during the sending procedure will be deleted no later than after a deadline of seven days.

The user has the option of revoking his consent for the processing of the personal data at any time. If the user establishes contact with us via e-mail, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.

Newsletter

Some of our websites allow you to subscribe to a free newsletter. Provided you give us your specific consent, we will send you e-mail newsletters with promotional information (hereinafter ‘newsletter’). Our newsletter contains information on our service offerings, promotions, events, prize draws, job offers, and articles.

After registration, the data subject receives a confirmation e-mail in which an activation link needs to be clicked on to complete the registration. This corresponds to the double opt-in procedure, which ensures that the data subject is not registered for the newsletter by a third party and for documentation purposes. The consent for receiving the newsletter can be revoked by sending an e-mail to the e-mail address specified in the ‘Impressum’/Legal notice or by clicking on the unsubscribe link in the newsletter.

However, messages without promotional information which are sent as part of our contractual or other business relationship do not constitute newsletters. This includes e.g. the sending of service e-mails with technical information and follow-up questions on orders, events, prize draw notifications, or similar messages.

For the newsletter, only the e-mail address of the data subject is collected and stored. The legal basis is Art. 6(1) f GDPR with the aforementioned legitimate interests.

A statistical evaluation of the reading behaviour only takes place to the extent where it can be determined whether the recipients have opened the newsletter and clicked on the links. However, this is a function which we only use to review user activity and be able to perform the corresponding optimisations. For this purpose, the newsletter contains a web beacon, a pixel-sized file which is accessed from our server when the newsletter is opened.

You may revoke your consent to the storage of the data, the e-mail address, as well as its use to send the newsletter at any time. This revocation can be performed via a link in the newsletter itself, (in your profile area) or by sending a message to the following avenues of contact.

Data collection during registration and registered use

Some of our websites require or offer registration. The data collected during this procedure are utilised for the purposes of the use of the respective websites and services, unless otherwise described during the registration and explicitly consented to. The data collected is given by the input form used as part of the registration. All other data which you can add at a later point in time in order to complete your profile is optional and voluntary. After registration, we are permitted to inform you about relevant circumstances related to our offering which you have registered for via the e-mail address specified.

Collection and use of personal data in application procedures

Ensuring the highest possible protection for your personal data is one of our top priorities. All personal data which are collected and processed by us as part of an application are protected against unauthorised access and tampering via technical and organisational measures. Your data will be collected for filling positions in the entire company group. By entering your data, you declare your consent to the use of your data in all companies with group affiliation to the company. Furthermore, you also consent to the evaluation of your data by a service provider which assists us with the evaluation of applications with the help of psychological analysis. As part of this analysis, your application may be automatically rejected due to certain criteria. If this happens, we will inform you of this and provide you with the opportunity to make a statement. By entering your data, you also consent to allowing us to store the applications for the duration of 2 years in order to consider you for positions that become available in future as well. More information is available in the privacy statement for applicants.

Data in user-generated content

If you write comments or articles or upload files to our servers or publish images or use other services, your IP address and — if you are signed in — your user data will be stored for our security. Due to the large amount of unlawful content which is placed on the internet daily, we reserve the right to utilise this information for defence in legal disputes or criminal prosecution; i.e. also to hand it over to the opposing party in a claim, law enforcement authorities, as well as courts.

Comment subscriptions

On some of our websites, you can subscribe to follow-up comments. If you are not signed in, you will receive a confirmation e-mail in what is called a double opt-in procedure in order to verify that you are the rightful owner of the e-mail address specified. You can unsubscribe from these notifications at any time. Every one of the e-mails contains instructions for this. Registered users do not have to undergo the double opt-in procedure, as this takes place during registration.

Credit checks

Furthermore, in the case of orders or commissions, we reserve the right to disclose personal data to third parties for credit checks, provided that this is necessary for safeguarding our legitimate interests. In this case, only the data required to calculate the credit rating via a mathematical and statistical procedure by the credit agency will be transmitted. We require credit checks in order to make decisions regarding the establishment and performance of a contractual relationship while safeguarding our legitimate interests.

Transmission of data via the internet

The transmission of data via the internet generally involves certain risks. Deliberate encryption of the data does not take place; in particular, messages from the contact form of our website and messages in the service chat are transmitted unencrypted.
Please bear this in mind when transmitting data. If you would like to communicate with us via encrypted e-mail, this can be done via S/MIME encryption. Please specifically request this encryption from us, as we generally send messages unencrypted due to the currently low market penetration of e-mail encryption procedures.

Disclosure of data

When you provide us with personal data, it is only disclosed to third parties to the extent necessary for the performance of the contractual relationship or other legal grounds legitimise this disclosure.

However, we provide certain services with the assistance of service providers. We have carefully selected these service providers and taken corresponding measures to protect your personal data.

Storage durations

The personal data of the data subjects are deleted or rendered unavailable as soon as the purpose of storage no longer applies. Furthermore, storage may also take place when this is provided for via European or national legislation in Union regulations, laws, or other provisions which the controller is subject to. The data is also rendered unavailable or deleted when a prescribed storage duration mandated by the specified standards expires, unless there exists a necessity for the continued storage of the data for the conclusion of a contract or the fulfilment of a contract.