Responsible for processing data:
Ramp 106 GmbH, Lagerstr.36, 20357 Hamburg, Germany, Tel. +49 40 209310869, firstname.lastname@example.org
Data protection officer:
Dr. Nils Haag
When you visit our website, there are certain pieces of personal information we are required to process. This is solely done for the purposes and to the extent described below. We shall only pass on your data to third parties in the manner subsequently described.
In order to provide you with our website and services, we automatically collect and process the following data from you:
- Date and time of your access
- The referral website, from which you visited our site
- The pages you visit on our website
- Information about your Internet browser (browser type and version)
- the operating system of the device with which you access our website and service
- Your Internet Service Provider
For security reasons, this information is stored in log files, which do not contain your IP address, and are then deleted after 30 days. The data in the log files is stored separately from your other data.
A longer storage is only necessary in individual cases (e. g. in case of concrete suspicion of abuse or fraud). In these cases, the respective log files are stored until the facts of the case have been clarified and subsequent necessary measures have been completed.
To provide our website and its services, we use service providers who process your data exclusively on our behalf. They do so in accordance with our instructions and have taken suitable technical and organizational measures to protect your rights, as stated in this data protection declaration (so-called contract processors according to Article 28 of the GDPR.
- for website hosting, including the necessary services therein:
- Google Ireland Limited
The legal basis for processing your data to provide our website and services is Article 6 paragraph 1 sentence 1 letter f, of the GDPR. We have a legitimate interest in processing your data so that we can provide our website and its services in a technically flawless manner, securely and optimized for your needs. The data in the server log files is stored separately from other data.
When you visit our website, we also collect and use your information, so that you can more conveniently use our website and services, as well as to measure and improve the effectiveness of our marketing activities. To this end, we also employ so-called cookies and other technologies similar to cookies, such as pixel tags (i.e. small, transparent graphics, also called web beacons). Cookies are small text files that are stored on your device via your internet browser. You can find out more about the term, how cookies work and other data protection and technical terms below under “Help with data protection terms”.
To provide this website we use the following cookies:
|_ga||2 Years||Google Analytics|
|_gid||24 Hours||Google Analytics|
|_gat||1 Minute||Google Analytics|
|AMP_TOKEN||30 Seconds to 1 Year||Google Analytics|
|_gac_<property-id>||90 Days||Google Analytics|
|__utma||2 Years from Set/Update||Google Analytics|
|__utmt||10 Minutes||Google Analytics|
|__utmb||30 Minutes from Set/Update||Google Analytics|
|__utmc||End of the Browser Session||Google Analytics|
|__utmz||6 Months from Set/Update||Google Analytics|
|__utmv||2 Years from Set/Update||Google Analytics|
|nid||6 Months||Google Maps|
|pref||2 Years||Google Maps|
|khcookie||End of the Browser Session||Google Maps|
|Pop-up Cookie, Consent Cookie||99 Years||Cookie Layer|
|woocommerce_cart_hash||End of the Browser Session||WooCommerce|
|woocommerce_items_in_cart||End of the Browser Session||WooCommerce|
|wp_woocommerce_session||End of the Browser Session||WooCommerce|
You have the possibility to contact us in different ways. This includes contacting us using the forms on our website and by e-mail. Depending on the content of your message, the data processing that takes place within the scope of contacting us may serve different purposes. In general, we store and process the data provided to deal with the issue you submitted. Your data is also stored and processed in a customer management system.
Only should your contact serve to directly establish a contractual relationship between us shall another matter apply. In these cases, we base the processing of your data on Article 6(1), first sentence, point (b) of the GDPR.
After contacting us, your stored data will be deleted as soon as it is no longer required and it is not subject to any legal storage obligations. At a minimum, we conduct annual checks regarding the necessity of such storage is necessary.
On our website you can subscribe to a free newsletter including advertisements if you have expressly consented to its receipt. To prevent fraudulent use, you will first receive an e-mail with a confirmation link which you must activate to receive the actual newsletter (so-called double opt-in procedure).
When you register for the newsletter, your e-mail address, your IP address and the date and time of your registration will be transmitted to us and stored and processed by us. Your data will only be used to prove your consent to receive and dispatching of the newsletter. You data is not transferred to third parties.
The legal basis for processing your data is Article 6 paragraph 1 sentence 1 letter f, of the GDPR. We have a legitimate interest in processing your data so that we can inform you about interesting offers and information and prove your agreement to receive the newsletter.
If we send you the newsletter regularly your data will be stored. If we no longer send you a newsletter, we will delete your data no later than 12 months after the last newsletter was sent to you.
Please note that you can unsubscribe at any time by sending an email to email@example.com by clicking on the unsubscribe link included in each newsletter.
Your data will be processed in and transferred to the USA that means a third country outside the European Union (EU) or the European Economic Area (EEA). There is no adequate decision of the EU Commission for this country guaranteeing a level of data protection compliant with the European standard. To effectively protect your data, the transmission and processing is carried out based on the so-called EU-US Privacy Shield, under which the provider is registered. Further information can be found here: https://www.privacyshield.gov/welcome
This service provider helps us to determine on a pseudonymized basis how many recipients have opened our newsletters and the links they contain by integrating pixel tags into the newsletters. Within the scope of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and time of retrieval are initially collected. This information is used for the technical improvement of services based on the technical data or the target groups and their reading behavior based on their retrieval locations (which can be determined using the IP address) or access times. The legal basis for this is article 6, paragraph 1, sentence 1, letter f, of the GDPR. We have a legitimate interest in analyzing the opening behavior of our newsletters in order to optimize our services and operate them economically. If you do not agree, do not open our newsletter and do not click on the links contained therein. According to its own information, the shipping service provider can use this data in pseudonymized form, i.e. without assignment to a user, to optimize or improve its own services, e.g. for technical optimization of shipping and presentation or for statistical purposes to determine the recipients’ countries of origin.
In several areas on our website, we carry out a Spam scan, which is aimed to protect us from unwanted, automated input by third parties and the corresponding Spam created. To this end, you shall be requested to enter a series of letters or numbers in a field (so-called captchas). In connection herewith, your IP address will be processed.
The legal basis for processing your data to provide our website and services is article 6, paragraph 1, sentence 1, letter f, of the GDPR. We have a legitimate interest in effectively preventing Spam, as a manual removal of Spam content would incur a high degree of effort and costs. If you do not consent to this, you will not be permitted to use the comment function.
The legal basis for processing your data to provide our website and services is article 6, paragraph 1, sentence 1, letter f, of the GDPR. We have a legitimate interest in optimizing our website and improving our services by embedding content from third-party providers.
A more detailed description of whose content is embedded and how your data is processed is given below in the respective description of the embedded content:
- Vimeo (Vimeo Inc., 555 West 18th Street New York, New York 10011, USA)
You have the option of creating and using an account, which, for example, can be used to purchase tickets, book events or purchase reports. Upon registering, we may receive (via Google, Facebook, eMail, LinkedIn or Xing) the follow data from you:
- Personal data: first name, last name, birthday, eMail, telephone number
- Company data: company name, email, homepage, telephone number, address, company type, area of activity, number of employees, career level
- Link to Facebook, LinkedIn, Google or XING
When you decide to purchase one of our products, we will also process your name, your address, contact information, as well as contract and payment information (e.g. bank account) you provide in order to complete the payment process. The legal basis for processing your data to provide our website and services is article 6, paragraph 1, sentence 1, letter b, of the GDPR. This information shall be transferred to third-party financial service providers, as well as to authorities and consultants within the legally permissible scope) for the purpose of executing the payment process.
Additional data shall be used for the following purposes:
- Recommendations on relevant content and events from OMR and OMR partners on the basis of interests provided
- Contact by other members and OMR partners
- Publication in participant lists and profiles
- Dispatching of newsletters regarding OMR Events and Products
- Creation of a personalized event experience (suggestion of speakers, exhibitors, Side Events, Masterclasses, jobs, etc … )
The legal basis for processing your data to provide our website and services is article 6, paragraph 1, sentence 1, letter f, of the GDPR. We have a legitimate interest in providing the above-mentioned services.
You may delete your user account, including the data contained therein, at any time. The data saved within the scope of your registration and use of your user account, as well as the payment information provided, shall be deleted within 14 days of informing us of your desire to delete your user account. Excluded from this is data that must be retained for commercial or tax-related purposes. The legal basis for saving your data is article 6, paragraph 1, sentence 1, letter c, of the GDPR; we delete this data upon expiration of the legal retention period.
For our events, you have the option of purchasing tickets. We only receive the following information, which we solely use for the duration and execution of the respective event:
Form of address, title, first name, last name, company, company size, position, email, career level, telephone number, sector, country, specific food preferences, billing address
When you apply to attend a (Digital) Masterclass (at our Festival), we provide speakers and presenters, as detailed in the General Terms and Conditions, with the information you provided regarding first and last name, company and position for the purpose of selecting attendees to the event in question. For the purposes of exchange and contact after the Masterclass, the presenting company shall receive the first and last name, email address, company and position for every participant of the respective Masterclass.
The legal basis for processing your data to provide our website and services is article 6, paragraph 1, sentence 1, letter f, of the GDPR.
At the OMR Festival, you have the option of having your badge scanned by exhibitors their booth to provide them with your personal data so that the respective exhibitor or represented sub-exhibitor may contact you. In this case, the following data will be passed on to the exhibitor (or sub-exhibitor): Name, company, email address. Data shall be transferred with the express purpose of facilitating contact and exchange at the OMR Festival (article. 6 paragraph. 1 sentence. 1 letter. f GDPR). Should you not consent to this, please inform the respective contact person at the booth.
At our events, images and videos shall be created, which may be published in print, digital or online, as well as on our social media channels. This data processed is necessary for the purposes of the legitimate interests of public relations work pursued by the event organizer (Art. 6 paragraph. 1 sentence. 1 letter. f GDPR). Should you not consent to this, please inform the respective photographer in concrete situations.
The data entered in connection with executing the event shall be deleted within 365 days of the conclusion of the event. Excluded from this is data that must be retained for commercial or tax-related purposes. The legal basis for saving your data is article 6, paragraph 1, sentence 1, letter c, of the GDPR; we shall delete this data upon expiration of the legal retention period.
- Use of Web Analytics Services
When you visit our website, we automatically collect and process data to track the behavior of visitors, so that we can optimize our website and adapt it accordingly to user interests.
The legal basis for the processing of your data is article 6, paragraph 1, sentence 1, letter f, of the GDPR. We have a legitimate interest in conducting web analysis on an anonymized basis to better understand our users, to optimize our website accordingly and to determine whether the Internet advertising we place achieves the results we desire. You can object to the use of these services by opting-out. However, please note, that you may not be able to use all functions of our website.
Google Analytics (with anonymization function)
On this website we use the web analysis service Google Analytics (with anonymization function) of Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. The purpose of the Google Analytics component is to analyze the use of our website by visitors. Google as our contract processor, provides us with reports according to Article 28 of the GDPR. With the reports we can display and evaluate the activities on our website.
A Google Analytics cookie is stored on the device you visit our website with. By accessing individual pages of this website, the Google Analytics component automatically transfers the Internet browsers data on your device to Google for online analysis. As part of this technical process, Google receives information about your personal data, information about the browser type/version, operating system used, the page you have previously visited, the host name of the accessing device, IP address and the time of the request, which Google uses, among other things, to trace the origin of visitors and clicks. However, this data is not merged with any other data about you. In addition, we use the function whereby Google automatically shortens the IP address of your Internet connection and thus makes it anonymous when you access our website from a member state of the European Union or from another signatory state to the Agreement on the European Economic Area. If, in exceptional cases, data is processed outside the EEA, where there is no data protection level that meets the European standard, this is done based on the EU-US Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AA
Alternatively, you can use the browser add-on, which you can download and install here: https://tools.google.com/dlpage/gaoptout
The installation of the browser add-on is contradictory. If your device is erased, formatted, or reinstalled at a later date, you must reinstall the browser add-on.
We have configured Google Analytics in such a way that the data on which the reports are based on is deleted within 26 months.
We inform you regarding the processing of personal data on behalf of Albacross Nordic AB (“Albacross”).
Information collected from cookies set in your device that qualify as personal data will be processed by Albacross, a company offering lead identification and ad targeting services with offices in Stockholm and Krakow. Please see below for full contact details.
The purpose for the processing of the personal data is that it enables Albacross to improve a service rendered to us and our website (e.g “Lead Generation” service), by adding data to their database about companies. The Albacross database will in addition to “Lead Generation” be used for targeted advertising purposes towards companies and for this purpose data will be transferred to third party data service providers. For the purpose of clarity, targeted advertising regards companies, not towards individuals.
The data that is collected and used by Albacross to achieve this purpose is information about the IP-address from which you visited our website, and technical information that enables Albacross to tell apart different visitors from the same IP-address. Albacross stores the domain from form input in order to correlate the IP-address with your employer.
We collect and process data on our website to be able to show you more suitable advertising on this and other websites (remarketing/re-targeting) and to measure the success of our advertising campaigns. We work together with providers who help us to understand whether users can reach us via certain advertising measures (so-called conversion tracking). In this context, pseudonymous user profiles are created. The legal basis for the processing of your data is article 6, paragraph 1, sentence 1, letter f, of the GDPR. We have a legitimate economic interest in presenting advertisements of interest on our website and in measuring the success of placed advertisements.
You can object to the use of these services by opting-out. However, please note, that you may not be able to use all functions of our website.
- a) Google Marketing Services
On these websites we use marketing services of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
The services used include:
AdWords: The use of the Google service AdWords allows us a conversion tracking, i.e. it can be determined whether you have reached our website via a Google ad. Based on that we are not able to identify you. Only statistics are created.
Double-Klick: The use of the Google Double-Click service allows us to present relevant advertisements to the user. Cookies are used to identify the user’s browser. In this way it can be traced what displays were shown to the user and what displays he opened.
AdSense: Using the AdSense Google service allows us to display third-party ads on our pages. Cookies and pixel tags are used to evaluate visitorbehavior and to be able to display ads that are as relevant to your interests as possible.
Google Re-Marketing: The use of Google’s Re-Marketing function allows us to display interest-based advertisements to the user within the Google advertising network that refer to content that the user has previously accessed on our website. This can also be done across devices.
Google Tag Manager: Using the Google Tag Manager service only allows us to integrate the listed services by implementing the other cookies/tags.
Firebase: Using the Google Firebase service allows us to analyze user groups and display push messages in which only anonymous data is transmitted to Firebase. Here you can get further information: https://www.firebase.com/terms/privacy-policy.html
The cookies are automatically deleted after 30 days. You can object or adapt the use to meet advertisement interest here: https://www.google.com/ads/preferences/?hl=en
If data is processed outside the EEA, where no data protection level according to the European standard exists, this is done on the basis of the EU-US Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AA
- b) Facebook Pixel
On this website we use the so-called “Facebook pixel” of the provider Facebook (for EU: Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; International: Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA). This is a small, invisible pixel that connects to Facebook servers when you visit our website. Personal data such as the IP address and other information such as browser type/version, operating system used, the page you have previously visited, the host name of the accessing device, IP address and the time of the request can also be transmitted. This makes it possible for Facebook to identify the users of our website and to display targeted advertising to those users who are interested in our website. We can also use the Facebook pixel to see if our Facebook ads are effective.
If data is processed outside the EEA, where no data protection level according to the European standard exists, the EU-US Privacy Shield shall apply: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO
On our website we use so-called “social plugins” of various social networks (hereinafter: “plugin providers”). A social network is an internet-based social meeting point that enables users to communicate with each other and interact in a virtual space. The legal basis for the processing of your data is article 6, paragraph 1, sentence 1, letter f, of the GDPR. We are interested in providing the most convenient and optimized offer on our website and to operate economically by integrating social plugins and the analyses that are thus possible at the same time.
After activating the plugin, a direct connection to the system of the respective social plugin provider is established via your Internet browser. The content of the social plugin is then transmitted directly to your Internet browser and integrated into our website. At the same time the social plugin transmits the information to the respective social plugin provider that you have called the corresponding page of our Internet presence. This applies regardless of whether you have created a profile with the social plugin provider or logged in or then actively use a social plugin (e. g. by clicking the “I like” button or by making a comment).
With the active use of a social plugin, the corresponding information is transmitted directly from your Internet browser to the respective social plugin provider and stored there. As soon as you are logged in at the same time at one of the social plugin providers, they can assign your visit to our website to your account created there. We have no influence on the type and extent of the data collected and transmitted. Details on the scope and purpose of data collection, processing and use can be found in the data protection information of the social plug-in providers. There you can see your rights and setting options to protect your privacy.
If you do not agree to a social plugin provider assigning the data collected through our website to your account, we would ask you to log out of your account with the respective social plugin provider before activating the social plugin. If you do not want the social plugin providers to receive, save and use data at all, please do not use or click on the respective social plugins.
- a) Facebook
The social plugins of the social network Facebook are operated by Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA (www.facebook.com ), and Facebook Ireland Limited, Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland (www.facebook.de ) (“Facebook”). An overview of Facebook’s plug-ins can be found here: http://developers.facebook.com/docs/plugins ; information on data protection on Facebook can be found here: www.facebook.com/policy.php
If data is processed outside the EEA, where no data protection level according to the European standard exists, the EU-US Privacy Shield shall apply: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO
If you would like to object to the data collection by Facebook in the future, you can do this here: https://www.facebook.com/settings?tab=ads
- b) Instagram
Instagram plug-ins are operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”). An overview of Instagram plug-ins can be found here: http://blog.instagram.com/post/36222022872/introducing-instagram-badges; information on data protection at Instagram can be found here: https://help.instagram.com/155833707900388/
- c) LinkedIn
LinkedIn social plug-ins are operated by LinkedIn Ireland Unlimited Company
Wilton Place, Dublin 2, Ireland. Information on data protection on Twitter can be found here https://www.linkedin.com/legal/privacy-policy.
If data is processed outside the EEA, where no data protection level according to the European standard exists, the EU-US Privacy Shield shall apply: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO
If you wish to object to the collection of data via LinkedIn in the future, you can set an opt-out cookie here: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
- d) Twitter
Twitter social plug-ins are operated by Twitter Inc, 1355 Market St, Suite 900, San Francisco, CA 94103, USA (“Twitter”). An overview of Twitter plugins can be found here: https://twitter.com/about/resources/buttons; information on data protection on Twitter can be found here: https://twitter.com/en/privacy.
If you wish to object to the collection of data via Twitter in the future, you can set an opt-out cookie here: https://twitter.com/personalization
- e) Xing
Xing plug-ins are operated by XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany (“Xing“). Information on data protection on Twitter can be found here: https://www.xing.com/app/share?op=data_protection.
There are several places on our website where you have the option of using several services, including quizzes and checks. Generally speaking, we will not collect or process personal data to this end. The data collected within this scope is solely used to execute the feature in question and is not combined with additional personal data that we have received from you. If there are individual instances where it is possible to allocate the data to a specific person, then the legal basis for processing your data is Article 6 paragraph 1 sentence 1 letter f, of the GDPR. Our interest lies in the desire to provide said features in order to increase the attractiveness of our website. The data entered is not transferred to third parties.
The data collected within the scope of the use of said features are deleted as soon as they are no longer required or you have discontinued the use of said feature. The IP address saved within the scope of the use of said feature is automatically deleted after 7 days.
- Participation in Giveaways
On our website, you have the option of participating in a giveaway.
Upon participating in a giveaway, the data requested by us (first name, email address) shall be transferred to us, saved and processed by us, as is the date and time of your participation. This data shall solely be used for the execution of the giveaway and not transferred to third parties.
The legal basis for processing your data for the purposes of giveaways is your consent in accordance with article 6, paragraph 1, sentence 1, letter a, of the GDPR.
Your data will only be stored for the duration of the giveaway. Then your data will be deleted within 7 days.
We also use service providers (cloud providers, providers of accounting and comparable services, payment service providers) who process your personal data exclusively on our behalf in accordance with article 28 of the GDPR and in accordance with our instructions and who have taken appropriate technical and organizational measures to protect your rights. This especially applies to:
- No agency – Web design agency from Hamburg, Germany, Karpfangerstrasse 17, 20459 Hamburg (within the framework of providing maintainence to our website).
Where data is transferred outside the EEA, where no standard comparable to the European data protection level exists, this shall be done based on appropriate guarantees in accordance with Articles 44 to 49 of the GDPR.
- Data Processing within the Scope of Our Online Presences
In addition to the website, we are also represented on online platforms and social networks. If you visit these websites and communicate with us via them, the terms and conditions and data protection guidelines (see below) as well as this data protection declaration apply. In this respect, we may be jointly responsible with the provider under data protection law.
Your data can be processed for analysis and advertising purposes. This is done, for example, by creating usage profiles based on your usage behavior and the resulting interests. Cookies are usually used to store the user profiles, which make it possible to analyze your usage behavior and your interests. As a rule, the user profiles serve to enable advertisements to be placed with the respective provider or elsewhere on the Internet that correspond to your interests. Furthermore, other data may be stored in addition to the user profiles, especially if you are a registered user of the platform of the respective provider and you are logged in at the time. For a detailed description of the processing of the respective providers and the possibilities of objection (opt-out), we refer to the information of the providers linked below.
If you visit us online and communicate via our platform, the legal basis for processing your data for the purposes of giveaways is your consent in accordance with article 6, paragraph 1, sentence 1, letter a, of the GDPR, provided you have granted this consent. Otherwise, data processing and communicating with us is based on legitimate interests in accordance with article 6, paragraph 1, sentence 1, letter f, of the GDPR. In this respect, we are interested in providing the most informative, customized and appealing online appearance possible.
We will delete your data (the content matter of our communication) as soon as it is no longer required for the respective purpose and as far as we are able to do so. Under “Your rights” (see below) you will find information regarding the rights you have regarding this matter. As providers are only able to access to your data partially, you should ensure that you also assert your rights with respect to these providers.
- Facebook: http://www.facebook.com/OnlineMarketingRockstars
- Twitter: https://twitter.com/OMRockstars
- Xing: https://www.xing.com/news/pages/online-marketing-rockstars-56
- Youtube: https://www.youtube.com/channel/UC2vPnUauXTOLZHpVXCm9m7Q
- Instagram: https://www.instagram.com/omrockstars/
- LinkedIn: https://www.linkedin.com/company/online-marketing-rockstars-conference
- SoundCloud: https://soundcloud.com/omrpodcast
- Spotify: https://open.spotify.com/show/4rION5Qm2nPvDbzIB1wUiH
- iTunes: https://itunes.apple.com/de/podcast/omr-podcast-channel-i-askomr-omr-podcast-i-by-online/id1056312052
If you communicate with us via such platforms or networks, we process the data in your messages and posts, depending on their content and purposes of the communication, on the basis of either article 6, paragraph 1, sentence 1, letter b, of the GDPR or article 1, paragraph 1, sentence 1, letter f, of the GDPR. We use your data in order to be able to communicate with you.
Your data will be erased as soon as they are no longer necessary for the respective purpose, provided that the respective platform or network allows this.
Facebook (Facebook Inc. , 1601 S. California Ave, Palo Alto, CA 94304, USA (www.facebook.com ) and Facebook Ireland Limited, Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland (www.facebook.de) ) enables us to receive your anonymized data on so-called fan pages using the Facebook Insight function, which is available as an irrevocable part of the user relationship. This data is collected using cookies, each of which contain a unique user code. The user code can be linked to your Facebook login information if you are registered on Facebook and is collected and processed when you visit the fan page. Information on data protection on Facebook can be found here https://www.facebook.com/about/privacy/
If you would like to object to the data collection by Facebook for the future, you can do so here: https://www.facebook.com/settings?tab=ads
If data is processed outside the EEA, where no data protection level according to the European standard exists, this is done on the basis of the EU-US Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC.
Information on data protection at Google (Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) can be found here: https://policies. google. com/privacy. If you wish to object to the future collection of data by Google, you can do so here: http://www.google.com/ads/preferences. If data is processed outside the EEA, where no data protection level according to the European standard exists, this is done on the basis of the EU-US Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AA
Information on data protection at Instagram (Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA) and an opportunity to object can be found here: http://instagram.com/about/legal/privacy/
Information on data protection on Twitter (Twitter Inc. , 1355 Market St, Suite 900, San Francisco, CA 94103, USA) can be found here: https://twitter.com/en/privacy. If you wish to object to the collection of data via Twitter in the future, you can set an opt-out cookie here: https://twitter.com/personalization. If data is processed outside the EEA, where no data protection level according to the European standard exists, this is done on the basis of the EU-US Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO
Information on data protection on Xing (Xing AG, Dammtorstraße 29-32, 20354 Hamburg, Germany) can be found here: https://www.xing.com/app/share?op=data_protection.
If you send us data about yourself as part of an application (your name, contact details, CV, cover letter, references, etc.), we will store and process these exclusively for the duration of the application process and to carry out the application procedure. The legal basis for this is Article 6, paragraph 1, sentence 1, letter b, of the GDPR. After completion of the application process your data will be securely deleted. We do not transfer this data to third parties. Only those persons who need to know internally during the application process or employment relationship are made aware of this.
Please note that we do not require any information about race, ethnic origin, gender, religion or creed, disability, age or sexual identity, illness, pregnancy, political opinion, philosophical or religious beliefs, union membership, physical or mental health or sex life in your application.
- Routine deletion and blocking of data
We store your data only for the period necessary to achieve the storage purpose or if this is specified by the European Directive and Ordinance Giver or another legislator in laws or regulations to which we are subject. In this respect, Germany is subject in particular to an obligation to retain data for six years in accordance with Section 257 (1) of the German Commercial Code (in particular commercial books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting documents) and for ten years in accordance with Section 147 (1) of the German Tax Code (in particular books, records, management reports, accounting documents, commercial and business letters, documents relevant to taxation). If the storage purpose no longer applies or if a legally prescribed storage period expires, your personal data will be blocked or deleted routinely and in accordance with legal regulations. Please also note the specific information on individual storage and deletion periods in this data protection declaration.
- Your Rights
As a data subject (Article 4, no. 1, of the GDPR) you have numerous rights with respect to us, of which we would like to inform you. Details can also be found in Articles 15 to 21 of the GDPR and Sections 32 to 37 Federal Data Protection Act (in the version applicable from 25 May 2018).
To assert your rights, please contact the following office:
You have the right to obtain information from us as to whether and which data we process about you. This also includes information on how long and for what purpose we process the data, where they come from and to which recipients or categories of recipients we pass them on to. In addition, we can provide you with a copy of this data.
- The right to correction
You have the right that we immediately correct any information about you that is incorrect or no longer applicable. You may also request that your incomplete personal data be completed. If this is required by law, we will also inform third parties about this correction if we have passed on your data to them.
- Right to cancellation (“right to be forgotten”)
You have the right to ask us for deletion of your personal data immediately if one of the following reasons applies:
- Your data is no longer necessary for the purposes it was collected or otherwise processed, or the purpose has been achieved;
- You revoke your consent and there is no other legal basis for processing;
- You object to the processing and there are no overriding legitimate reasons for processing; in the case of the use of personal data for direct marketing, a sole objection on your part to the processing is sufficient;
- Your personal data has been processed unlawfully;
- The deletion of your personal data is necessary to fulfill a legal obligation under Union law or the law of the Member States to which we are subject.
Please note that your right to cancellation may be restricted by law. These include the restrictions listed in Article 17 of the GDPR and § 35 Federal Data Protection Act of the Republic of Germany (in the version applicable from 25 May 2018).
You have the right to request a restriction of the processes of your personal data if one of the following conditions is met:
- You deny the accuracy of your personal data for a period that enables us to verify the accuracy of the personal data;
- The processing is unlawful, and you refuse to delete the personal data and instead request that the use of your personal data be restricted;
- We no longer need your personal data for the purposes of processing, but you do need it to assert, exercise or defend legal claims;
- You have filed an objection against the processing if it is not yet clear whether our justified reasons outweigh yours.
- If you have obtained a restriction on processing as set out above, we will notify you before the restriction is lifted.
- Right of Revocation for Consent
You can revoke your consent given to us at any time with effect for the future. This revocation can take place in the form of an informal message to the above-mentioned contact addresses. This also applies to consents that you have given us before the validity of the GDPR (i.e. before 25 May 2018). If you revoke your consent, the legality of the data processing carried out up to then will not be affected. As a rule, the consequence of a revocation is that you can no longer use our service, in the context of which we have asked you for your consent or can no longer use it in full.
- Right to Data Transferability
You have the right to receive personal data that concerns you and that you have provided to us in a structured, common and machine-readable format and to transmit this data to others. For details and restrictions, see Article 20 of the GDPR. Exercising this right does not affect your right to cancellation.
- The Right to Appeal to the Supervisory Authority
If you believe that the processing of your data by us violates applicable data protection law, you have the right of complaint to one of the competent supervisory authorities, i.e. the Hamburg Commissioner for Data Protection and Freedom of Information or the respective supervisory authority in the member state of your place of residence, your workplace or the place of presumed data protection violation.
- Right to Objection under Article 21 of the GDPR
Article 21 of the GDPR gives you the right to object to the processing of your data at any time for reasons arising from your situation, if we base this processing on legitimate interests in accordance with article 6, paragraph 1, sentence 1, letter f, of the GDPR. If you object, we will no longer process your personal data, except in two cases:
- We can prove compelling grounds for processing that outweigh your interests, rights and freedoms;
- Processing serves to assert, exercise or defend legal claims.
Even if we process your personal data for direct advertising (e.g. in the context of our
newsletter), you have the right to object at any time to the processing of your data for such advertising. If you object to the processing of your data for direct marketing purposes, we will no longer use your personal data for this purpose.
- Help with data protection terms
Browser: This is a program for displaying websites on the Internet, for example Mozilla Firefox or Google Chrome.
Consent: This is any informed and unequivocal statement of intent, made voluntarily by the data subject in the specific case, in the form of a statement or other clear affirmative act by which the data subject indicates their consent to the processing of personal data concerning themselves.
Data controller or controller:these are natural or legal persons, authorities, institutions or other bodies which alone or together with others decide on the purposes and means of processing personal data.
Data subject:This is any identified or identifiable natural person whose personal data are processed by the controller.
Restriction of processing:This is a marking of stored personal data in such a way that its future processing (for example with a view to certain processing purposes) is restricted.
Recipient: This is a natural or legal person, authority, institution or other body to which personal data is disclosed, regardless of whether it is a third party or not.
IP address: This is an address assigned to your device (e. g. smartphone or computer) on the Internet so that your device can be addressed and reached there.
Pixel tags (web beacons):These are small, usually invisible graphics that are integrated into websites and other services for statistical analysis, usually for marketing purposes.
Personal data:This is all information relating to an identified or identifiable natural person (also called “data subject”). Identifiable is a natural person who can be identified directly or indirectly, by assignment to an identifier such as a name, an identification number, location data, an online identifier or one or more special characteristics that express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.
Profiling: This is a type of automated processing of personal data, which consists in the use of this personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects relating to the work performance, economic situation, health, personal preferences, interests, reliability, behavior, whereabouts or relocation of this natural person.
Pseudonymization: This is the processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without the need for further information. This is particularly the case if the additional information is kept separately and technical and organizational measures have been taken to ensure that the assignment to an identified or identifiable natural person is no longer possible with reasonable effort.
Processing: This means any operation carried out with or without the aid of automated procedures or any such series of operations in connection with personal data such as the collection, organization, arrangement, storage, adaptation or modification, reading, retrieval, use, disclosure by transmission, dissemination or any other form of provision, reconciliation or linking, restriction, deletion or destruction.
Processor: This is a natural or legal person, authority, institution or other body that processes personal data on behalf of a data controller.
Third party: This is a natural or legal person, authority, institution or other body (other than the data subject), the data controller, the processor and the persons authorized to process the personal data under the direct responsibility of the data controller or the processor.
We use technical and organizational security measures to protect your personal data against misuse, loss, destruction or against access by unauthorized persons. Our security measures correspond to the current state of the art.
VIII. Validity and changes of the data protection declaration
This data protection declaration is currently valid and dated 24. 05. 2018. Due to the further development of our website or the implementation of new technologies, it may become necessary to change this data protection declaration. We reserve the right to make appropriate changes at any time
IX. Your questions about data protection
If you have any questions about this privacy statement or your rights, please contact: firstname.lastname@example.org