Privacy policy (Disclaimer):
We are very pleased about your interest in our company. Data protection is of particular importance to consense communications GmbH. Informational use of the Internet pages of consense communications GmbH (hereafter referred to as "controller", "we" or "us") is generally possible without providing any personal data. However, if a user of the website (II.) (hereinafter referred to as "data subject") wishes to make use of special services of our company via our website, it may be necessary to process personal data. If it is necessary to process personal data and there is no legal basis for such processing, we will obtain the consent of the data subject.
Personal data, such as the name, address, e-mail address or telephone number of a data subject, will be processed from 25 May 2018 onwards always in accordance with the Basic Data Protection Regulation and at all times in compliance with the country-specific data protection provisions applicable to the data controller (currently the Federal Data Protection Act ("BDSG")).
The data controller has implemented numerous technical and organizational measures to ensure that the personal data processed via this website is protected as completely as possible. Nevertheless, Internet-based data transmissions can generally have security gaps, so that absolute protection cannot be guaranteed. For this reason, every person concerned is free to transmit personal data to us by alternative means, such as by telephone.
I. General regulations
1. definitions
The controller's privacy statement is based on the terminology used by the European legislator when the basic data protection regulation was adopted and which is also to a large extent reflected in the national data protection legislation. The data protection declaration should be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we would like to explain the terms used in advance.
We use the following terms, among others, in this data protection declaration:
1.1 Personal data
Personal data is any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, on-line identification, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
1.2 Data subject
Data subject means any identified or identifiable natural person whose personal data are processed by the controller.
1.3 Processing of personal data
Processing is any operation or set of operations, performed with or without the aid of automated means, which is performed upon personal data, such as collection, recording, organisation, organisation, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
1.4 Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of limiting their future processing.
1.5 Profiling
Profiling is any automated processing of personal data consisting of the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to the performance of work, economic situation, health, personal preferences, interests, reliability, conduct, location or change of location of that natural person.
1.6 Pseudonymisation
Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the need for additional information, provided that this additional information is kept separately and is subject to technical and organisational measures which ensure that the personal data is not attributed to an identified or identifiable natural person.
1.7. Controller or data controller
Controller or data controller is the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or national law, provision may be made for the controller or for the specific criteria for his or her designation in accordance with Union or national law.
1.8. Processors
Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
1.9. Recipient
The recipient is any natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not that person is a third party. However, authorities which may receive personal data in the context of a specific investigation mandate under Union or national law shall not be considered as recipients.
1.10. Third parties
A third party is a natural or legal person, public authority, agency or other body, but not the data subject, the controller, the processor and the persons who, under the direct authority of the controller or the processor, are authorised to process the personal data.
1.11 Consent
Consent shall mean any freely given and informed unequivocal expression of the data subject's wishes in the specific case, in the form of a statement or any other unequivocal affirmative act by which the data subject signifies his or her consent to the processing of personal data relating to him or her.
2. the name and address of the controller
The person responsible within the meaning of the BDSG and the Basic Data Protection Regulation as well as other data protection laws and other regulations of a data protection nature applicable in the member states of the European Union is
consense communications GmbH (GPRA)
Friedenstraße 6a,
81671 Munich
VAT ID No.: DE 231220811
Phone: +49 89 2300260
e-mail:
Website:
II. provisions for the website
1. collection of general data and information for informational website use
1.1 Type, scope and purpose of data processing
1.1.1 The controller's website collects a set of general data and information each time the website is accessed by a user of the website or by an automated system. These general data and information are stored in the log files of the server. The (1) browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system accesses our website (so-called referrers), (4) the sub-websites that are accessed via an accessing system on our website, (5) the date and time of an access to the Internet site, (6) an Internet Protocol address (IP address), (7) the Internet service provider of the accessing system and (8) other similar data and information which serve to avert danger in the event of attacks on our information technology systems.
1.1.2 The data is required to (1) deliver the contents of our website correctly, (2) optimise the contents of our website for them and (3) ensure the permanent functionality of our information technology systems and the technology of our website. The IP addresses of users are deleted or anonymised after the end of use. In the case of anonymisation, the IP addresses are changed in such a way that the individual details of personal or factual circumstances can no longer be assigned to a specific or identifiable natural person, or can only be assigned to a specific or identifiable natural person with a disproportionate amount of time, cost and labour. The data and information collected are therefore evaluated by the data controller both statistically and with the aim of increasing data protection and data security in our company in order to ultimately ensure an optimum level of protection for the personal data processed by us. The general data of the server log files are stored separately from all personal data provided by a data subject.
1.2 Legal basis and storage period
1.2.1 From 25 May 2018, the legal basis for the processing of the data subject's personal data in connection with the use of an information website is Article 6(1)(b) of the European Data Protection Regulation (EU) 2016/679.
1.2.2 We delete the data collected during the website visit, which may allow identification of the data subject, immediately after the website visit.
2. contact possibility via the website
2.1 Type, scope and purpose of data processing
Due to legal regulations, the website of the person responsible for processing data contains information that enables rapid electronic contact with our company and direct communication with us, which also includes a general address for so-called electronic mail (e-mail address). If a data subject contacts the data controller by e-mail or via a contact form, the personal data transmitted by the data subject is automatically stored. Such personal data transmitted by a data subject to the controller on a voluntary basis are stored for the purposes of processing or for contacting the data subject. Such personal data shall not be disclosed to third parties.
2.2 Legal basis and storage period
2.2.1 From 25 May 2018, the legal basis for the processing of the data subject's personal data in connection with a contact is Article 6(1)(b) of the European Data Protection Regulation (EU) 2016/679.
2.2.2 We delete the data collected in the course of the contact which may allow the identification of the data subject immediately after processing, unless the data are necessary for purposes related to the contact.
3. use of the comment function in the blog on the website
3.1 We offer users on a blog located on our website the opportunity to leave individual comments on individual blog posts. A blog is a portal maintained on a website, usually publicly accessible, where one or more persons, called bloggers or web bloggers, can post articles or write down thoughts in so-called blog posts. The blog posts can usually be commented by third parties. In this case, the name and a valid e-mail address are required.
3.2 If you leave a comment in the blog published on this website, in addition to the comments you leave, information on the time of the comment entry as well as the selected user name (pseudonym) will be stored and published. Furthermore, the IP address assigned by the Internet Service Provider (ISP) is also logged. This storage of the IP address is done for security reasons and in the event that you violate the rights of third parties or post unlawful content by submitting a comment. The storage of this personal data is therefore in the own interest of consense communications GmbH so that it can be extracted in the event of a legal violation.
3.3 The legal basis for the storage of data is Art. 6 para. 1 lit. a DSGVO. This collected personal data is not passed on to third parties unless such a transfer is required by law or serves the legal defence of the person responsible for processing.
4. use of the download function
4.1 We offer users a download function on our website to provide them with the relevant information.
4.2 In the case of a download, the data you provide (your e-mail address, your name, your job title if applicable and your company) will be stored by us in order to answer your questions. We delete the data collected in this context after the storage is no longer necessary or restrict the processing if there are legal storage obligations.
5. data protection for applications and in the application process
5.1 Who is responsible for data processing?
The person responsible within the meaning of data protection law is
consense communications GmbH (GPRA)
Friedenstraße 6a
81671 Munich
Applicants can find further information about our agency, details of the persons authorised to represent the agency and also further contact details in our imprint:
5.2 Which data are processed by us? And for what purposes?
We process the data sent to us in connection with job applications in order to check suitability for the position (or other open positions in our agency, if applicable) and to conduct the application process.
5.3 On what legal basis is this based?
The legal basis for the processing of your personal data in this application procedure is primarily § 26 BDSG in the version valid from 25.05.2018. According to this, the processing of data required in connection with the decision to establish an employment relationship is permissible.
Should the data be necessary for legal prosecution after the application procedure has been completed, data processing may be carried out on the basis of the requirements of Art. 6 DSGVO, in particular to safeguard legitimate interests in accordance with Art. 6 (1) lit. f) DSGVO. Our interest then consists in the assertion or defence of claims.
5.4 How long is the data stored?
Data of applicants will be deleted after 6 months in the event of a rejection. In the event that you have agreed to further storage of your personal data, we will transfer your data to our applicant pool. There the data will be deleted after two years. If you have been awarded a job during the application process, we will transfer your data to our storage systems intended for personnel data.
5.5 To which recipients will the data be transferred?
Applicant data will be screened by HR and the management upon receipt. Suitable applications will then be forwarded internally to the respective team leaders for the respective open position. The further procedure is then coordinated. In principle, only those persons in the agency have access to applicant data who require this for the proper course of our application procedure.
5.6 Where is the data processed?
The data is processed exclusively in computer centres in the Federal Republic of Germany.
5.7 Rights as "data subjects
Applicants have the right to be informed about the personal data we process about them. In the case of a request for information that is not made in writing, we ask for your understanding that we may then require applicants to provide evidence that they are the person they claim to be. Furthermore, applicants have the right to correction or deletion or to restriction of processing, insofar as applicants are legally entitled to this. Furthermore, applicants have the right to object to processing within the scope of the statutory provisions. The same applies to a right to data transferability.
5.8 Our data protection officer
We have appointed a data protection officer in our agency. Applicants can reach him or her at the following contact details:
consense communications GmbH (GPRA)
- Data protection officer -
Friedenstraße 6a
81671 Munich
E-mail:
5.9 Right of appeal
Applicants have the right to complain about the processing of personal data by us to a data protection supervisory authority.
6. commentary function
6.1 Type, scope and purposes of data processing
6.1.1 For the comment function on this page, in addition to the comment, information on the time of the creation of the comment, the e-mail address and, if the comment is not posted anonymously, the user name of the person concerned is stored.
6.1.2 Storage of the IP address: Our comment function stores the IP addresses of users who post comments. Since we do not check comments on our website before they are activated, we need this data to be able to take action against the author in the event of legal violations such as insults or propaganda.
6.2 Legal basis and storage period
6.2.1 From 25 May 2018, the legal basis for the processing of the data subject's personal data in connection with the comments function is Article 6(1)(a) of the European Data Protection Regulation (EU) 2016/679.
6.2.2 The data will be stored by us for as long as necessary to provide the comment function or to fulfil the purpose for which the personal data were collected.
7. cookies
7.1 Type, scope and purpose of data processing
7.1.1 Depending on the settings of the data subject's browser, the data controller collects information on the use of the website through the use of so-called cookies. Cookies are small text files that are stored on the data carrier of the data subject and store certain settings and data for exchange with the controller's system via the browser. Most of the cookies used are deleted from the hard disk of the person concerned at the end of the browser session (session cookies). Session cookies are required, for example, to provide login information across several pages. Other cookies remain on the computer of the person concerned and make it possible to recognize the computer at the next visit (permanent cookies).
7.1.2 By using cookies, the data controller can provide users of this website with more user-friendly services that would not be possible without the setting of cookies.
7.1.3 By means of a cookie, the information and offers on our website can be optimised in the interest of the user.
7.1.4 The person concerned can prevent the setting of cookies by our website at any time by means of a corresponding setting in the Internet browser used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programs (e.g. Firefox: Tools > Settings > Privacy > Show cookies > Remove cookie/ Remove all cookies; Internet Explorer: Tools > Internet Options > Delete general browser history/ Delete cookies). This is possible in all common Internet browsers. If the person concerned deactivates the setting of cookies in the Internet browser used, it is possible that not all functions of our website can be fully used.
7.2 Legal basis and storage period
7.2.1 From 25 May 2018, the legal basis for the processing of the data subject's personal data in connection with cookies is Article 6(1), first sentence, letters a and b of the European Data Protection Regulation (EU) 2016/679.
7.2.2 The data collected via the cookies will be stored by us for as long as necessary to provide the relevant services or to fulfil the purpose for which the personal data were collected or until the cookies are deactivated.
8. Google Web Analytics services that use cookies
8.1 Type, scope and purposes of data processing
8.1.1 Data protection regulations for the use and application of Google Analytics (with anonymisation function)
8.1.1.1 The data controller has integrated the Google Analytics component (with anonymisation function) on the website. Google Analytics is a web analysis service. Web analysis is the collection, collection and evaluation of data on the behaviour of visitors to websites. Among other things, a web analysis service collects data on which website a person concerned came to a website from (so-called referrers), which sub-pages of the website were accessed or how often and for how long a subpage was viewed. Web analysis is used to optimize a website and to perform a cost-benefit analysis of Internet advertising.
8.1.1.2 The operating company of the Google Analytics component is Google Inc. (hereinafter referred to as "Google"), 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
8.1.1.3 The data controller uses the addition "_gat._anonymizeIp" for web analysis via Google Analytics. By means of this addition, the IP address of the Internet connection of the data subject is shortened and anonymised by Google if the access to our Internet pages is from a member state of the European Union or from another state that is a party to the Agreement on the European Economic Area.
8.1.1.4 Google Analytics sets a cookie on the information technology system of the data subject. By setting the cookie, Google is enabled to analyse the use of our website. Each time one of the individual pages of this website, which is operated by the data controller and on which a Google Analytics component has been integrated, is called up, the Internet browser on the information technology system of the data subject is automatically prompted by the respective Google Analytics component to transmit data to Google for the purpose of online analysis. Within the scope of this technical procedure, Google receives knowledge of personal data, such as the IP address of the person concerned, which Google uses, among other things, to trace the origin of visitors and clicks and subsequently to enable commission settlements.
8.1.1.5 By means of the cookie, personal information such as the access time, the place from which an access originated and the frequency of visits to our website by the person concerned is stored. Each time our website is visited, this personal data, including the IP address of the Internet connection used by the person concerned, is transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may pass on this personal data collected through the technical process to third parties.
8.1.1.6 The person concerned can prevent the setting of cookies by our website at any time by means of a corresponding setting of the Internet browser used and thus permanently object to the setting of cookies. Such a setting of the Internet browser used would also prevent Google from setting a cookie on the information technology system of the person concerned. In addition, a cookie already set by Google Analytics can be deleted at any time via the Internet browser or other software programs.
8.1.1.7 Furthermore, the data subject has the opportunity to object to the collection of data generated by Google Analytics and relating to the use of this website, as well as to the processing of this data by Google, and to prevent such processing. To do this, the person concerned must download and install a browser add-on from the link . This browser add-on informs Google Analytics via JavaScript that no data and information about visits to websites may be transmitted to Google Analytics. The installation of the browser add-on is considered by Google as a contradiction. If the data subject's information technology system is deleted, formatted or reinstalled at a later date, the data subject must reinstall the Browser Add-On in order to deactivate Google Analytics. If the browser add-on is uninstalled or deactivated by the person concerned or another person within his or her sphere of control, the browser add-on may be reinstalled or reactivated.
8.1.1.8 Further information and Google's applicable privacy policy can be found at and Google Analytics is explained in more detail under this link .
8.1.2 Data protection provisions on the use and application of Google Maps
This website uses the product Google Maps by Google Inc. By using this website you agree to the collection, processing and use of automatically collected data by Google Inc.
The terms of use of Google Maps can be found under "Terms of use of Google Maps".
8.1.3 Data protection regulations for the use of Google AdWords
8.1.3.1 The data controller has integrated Google AdWords on the website. Google AdWords is an internet advertising service that allows advertisers to display ads in Google's search engine results as well as in the Google advertising network. Google AdWords allows an advertiser to specify pre-defined keywords that will display an ad in Google's search engine results only when the user uses the search engine to retrieve a keyword-related search result. In the Google advertising network, the ads are distributed to topic-relevant web pages by means of an automatic algorithm and in accordance with the previously defined keywords.
8.1.3.2 The operating company of the Google AdWords services is Google
8.1.3.3 The purpose of Google AdWords is to advertise our website by displaying advertisements relevant to our interests on the websites of third party companies and in the search engine results of the Google search engine and by displaying third-party advertising on our website.
8.1.3.4 If a data subject reaches our website via a Google advertisement, a so-called conversion cookie is stored on the information technology system of the data subject by Google. A conversion cookie loses its validity after thirty days and does not serve to identify the data subject. If the cookie has not expired, the conversion cookie is used to determine whether certain sub-pages on our website have been accessed. The conversion cookie enables both us and Google to track whether a person who has reached our website via an AdWords ad has generated sales, i.e. whether he or she has completed or abandoned a purchase of goods.
8.1.3.5 The data and information collected through the use of the conversion cookie is used by Google to create visit statistics for our website. These visit statistics are in turn used by us to determine the total number of users who were referred to us via AdWords ads, i.e. to determine the success or failure of the respective AdWords ad and to optimize our AdWords ads for the future. Neither our company nor other Google AdWords advertisers receive any information from Google that could be used to identify the person concerned.
8.1.3.6 The conversion cookie is used to store personal information, such as the websites visited by the data subject. Whenever a person visits our website, personal data, including the IP address of the Internet connection used by the person concerned, is transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may pass on this personal data collected via the technical process to third parties.
8.1.3.7 The person concerned can prevent the setting of cookies by our website at any time by means of a corresponding setting of the Internet browser used and thus permanently object to the setting of cookies. Such a setting of the Internet browser used would also prevent Google from setting a conversion cookie on the information technology system of the person concerned. In addition, a cookie already set by Google AdWords can be deleted at any time via the Internet browser or other software programs.
8.1.3.8 Furthermore, the data subject has the opportunity to object to interest-based advertising by Google. To do so, the person concerned must call up the link from each of the Internet browsers he or she uses and make the desired settings there.
8.1.3.9 Further information and Google's applicable privacy policy can be found at
8.2 Legal basis and storage period
8.2.1 From 25 May 2018, the legal basis for the processing of personal data of the data subject in connection with web analytics services is Article 6 (1) sentence 1 letters a, b and f of the European Data Protection Basic Regulation (EU) 2016/679. If we process your personal data on the basis of Article 6 (1) sentence 1 letter f, this is based on the legitimate interest in designing our website in a user-oriented manner and in placing user-related advertising.
8.2.2 The data collected via cookies will be stored by us for as long as necessary to provide the respective services or to fulfil the purpose for which the personal data was collected or until the cookies are deactivated.
9. social plugins
9.1 Type, scope and purposes of data collection, processing and use
Data protection with the social plugins used: The website contains buttons from various social media networks using the so-called "2-click solution". In order to leave it up to the person concerned to decide whether data is transferred to these networks, only a reference to the respective function is initially shown instead of the actual social plugin. Only by clicking on the link is the respective social plugin activated, which leads to the data transfers described below.
9.2 Data protection regulations for the use and application of Facebook
9.2.1 The data controller has integrated components of the company Facebook on this website.
9.2.2 The operating company of Facebook is Facebook Inc. (hereinafter referred to as "Facebook"), 1 Hacker Way, Menlo Park, CA 94025, USA. If a data subject lives outside the USA or Canada, the person responsible for processing personal data is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
9.2.3 After activation of the social plugin, each time the data subject accesses one of the individual pages of the website , which is operated by the data controller and on which a Facebook component (Facebook plug-in) has been integrated, the Internet browser on the data subject's information technology system is automatically prompted by the respective Facebook component to download a representation of the corresponding Facebook component from Facebook. A complete overview of all Facebook plug-ins is available at . As part of this technical process, Facebook is informed which specific subpage of our website is visited by the person concerned.
9.2.4 If the person concerned is logged on to Facebook at the same time, Facebook will recognize which specific page of our website the person concerned is visiting each time the person concerned calls up our website and for the entire duration of the respective stay on our website. This information is collected by the Facebook component and assigned by Facebook to the respective Facebook account of the person concerned. If the person concerned clicks on one of the Facebook buttons integrated on our website, for example the "Like" button, or if the person concerned makes a comment, Facebook assigns this information to the personal Facebook user account of the person concerned and stores this personal data.
9.2.5 If the data subject does not want this information to be transferred to Facebook in this way, he or she can prevent the transfer by logging out of his or her Facebook account before accessing our website.
9.2.6 The data policy published by Facebook, which is available at , provides information about the collection, processing and use of personal data by Facebook. It also explains which setting options Facebook offers to protect the privacy of the person concerned. In addition, various applications are available that make it possible to suppress data transmission to Facebook, such as the Facebook blocker from the provider Webgraph, which can be obtained at . Such applications can be used by the data subject to suppress data transfer to Facebook.
9.3 Data protection regulations for the use and application of LinkedIn
9.3.1 The Controller has integrated components of LinkedIn Corporation on the website . LinkedIn is an Internet-based social network that allows users to connect with existing business contacts and to establish new business contacts.
9.3.2 The operating company of LinkedIn is LinkedIn Corporation (hereinafter referred to as "LinkedIn"), 2029 Stierlin Court Mountain View, CA 94043, USA. For data protection matters outside the USA, LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible.
9.3.3 After activation of the plugin, the LinkedIn component will cause the browser used by the data subject to download an appropriate representation of the LinkedIn component each time he or she visits our website. Further information about LinkedIn plugins can be found at . This technical process allows LinkedIn to know which specific page of our website is visited by the data subject.
9.3.4 If the data subject is logged on to LinkedIn at the same time, LinkedIn will know which specific page of our website the data subject is visiting each time the data subject accesses our website and throughout the time the data subject is on our website. This information is collected by the LinkedIn component and is assigned by LinkedIn to the LinkedIn account of the person concerned. If the data subject clicks on a LinkedIn button integrated on our website, LinkedIn will associate this information with the personal LinkedIn user account of the data subject and store this personal data.
9.3.5 If the data subject does not wish to receive such information from LinkedIn, the data subject may prevent such transmission by logging out of his/her LinkedIn account before accessing our Website.
9.3.6 LinkedIn offers the possibility to unsubscribe from e-mail messages, SMS messages and targeted advertisements and to manage advertisement settings at . LinkedIn also uses partners such as Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua and Lotame who may set cookies. Such cookies can be rejected at . LinkedIn's current privacy policy is available at . LinkedIn's cookie policy is available at .
9.4 Privacy policy on the use and application of Twitter
9.4.1 The data controller has integrated components of Twitter on the website Twitter is a multilingual, publicly accessible microblogging service on which users can publish and disseminate so-called tweets, i.e. short messages limited to 280 characters.
9.4.2 The operating company of Twitter is Twitter Inc. (hereinafter referred to as "Twitter"), 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.
9.4.3 After activation of the plug-in, each time the data subject accesses one of the individual pages of this website operated by the data controller and on which a Twitter component (Twitter button) has been integrated, the Internet browser on the data subject's information technology system is automatically prompted by the respective Twitter component to download a display of the corresponding Twitter component from Twitter. Further information on the Twitter buttons is available at . As part of this technical process, Twitter is informed which specific subpage of our website is visited by the data subject. The purpose of integrating the Twitter component is to enable our users to further disseminate the content of this website, to make this website known in the digital world and to increase our visitor numbers.
9.4.4 If the data subject is logged on to Twitter at the same time, Twitter will recognize which specific subpage of our website the data subject is visiting each time the data subject visits our website and for the entire duration of their stay on our website. This information is collected by the Twitter component and assigned by Twitter to the respective Twitter account of the data subject. If the data subject clicks on one of the Twitter buttons integrated on our website, the data and information transmitted in this way is assigned to the personal Twitter user account of the data subject and stored and processed by Twitter.
9.4.5 Twitter will always receive information via the Twitter component that the data subject has visited our website if the data subject is logged on to Twitter at the same time as accessing our website. If the data subject does not want this information to be sent to Twitter, he or she can prevent it from being sent by logging out of his or her Twitter account before accessing our website.
9.4.6 The applicable data protection regulations of Twitter are available at .
9.5 Data protection regulations for the use and application of Xing
9.5.1 The data controller has integrated components of Xing on the website . Xing is an Internet-based social network that enables users to connect with existing business contacts and to establish new business contacts.
9.5.2 The operating company of Xing is XING AG (hereinafter referred to as "Xing"), Dammtorstraße 30, 20354 Hamburg, Germany.
9.5.3 After activation of the plug-in, each time the data controller calls up one of the individual pages of this website, which is operated by the data controller and on which a Xing component (Xing plug-in) has been integrated, the Internet browser on the information technology system of the data subject is automatically prompted by the respective Xing component to download a representation of the corresponding Xing component from Xing. Further information on the Xing plug-ins can be found at . As part of this technical process, Xing is informed which specific subpage of our website is visited by the data subject.
9.5.4 If the person concerned is logged on to Xing at the same time, Xing will recognise which specific subpage of our website the person concerned is visiting each time the person concerned calls up our website and for the entire duration of their visit to our website. This information is collected by the Xing component and assigned by Xing to the respective Xing account of the person concerned. If the person concerned clicks on one of the Xing buttons integrated on our website, for example the Share button, Xing assigns this information to the personal Xing user account of the person concerned and stores this personal data.
9.5.5 Xing will always receive information via the Xing component that the data subject has visited our website if the data subject is logged on to Xing at the same time as accessing our website; this occurs regardless of whether the data subject clicks on the Xing component or not. If the data subject does not want this information to be transmitted to Xing, he or she can prevent the transmission by logging out of his or her Xing account before accessing our website.
9.5.6 The data protection regulations published by Xing, which are available at , provide information about the collection, processing and use of personal data by Xing. Furthermore, Xing has published data protection information for the XING Share button at .
9.6 Data protection regulations for the use and application of Instagram
9.6.1 The data controller has integrated components of the Instagram service on this website. Instagram is a service that qualifies as an audiovisual platform and enables users to share photos and videos and also to disseminate such data in other social networks.
9.6.2 The operating company of the Instagram Services is Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA, USA.
9.6.3 Each time a user accesses one of the individual pages of this web site operated by the data controller and on which an Instagram component (Insta Button) has been integrated, the Internet browser on the information technology system of the user is automatically prompted by the respective Instagram component to download a representation of the corresponding component of Instagram. As part of this technical process, Instagram is informed of which specific page of our website you are visiting.
9.6.4 If you are logged in to Instagram at the same time, Instagram will recognize which specific page you have visited each time you access our website and for the entire duration of your stay on our website. This information is collected by the Instagram component and is assigned by Instagram to the user's respective Instagram account. If you click on one of the Instagram buttons integrated in our website, the data and information thus transmitted will be assigned to your personal Instagram user account and stored and processed by Instagram.
9.6.5 Instagram will receive information through the Instagram component that you have visited our website whenever you are logged in to Instagram at the same time you access our website, whether or not you click on the Instagram component. If you do not wish this information to be transmitted to Instagram, you can prevent it from being transmitted by logging out of your Instagram account prior to accessing our site.
9.6.6 Further information and Instagram's applicable privacy policy can be found at .
9.6.7 Legal basis and storage period
9.6.7.1 From 25 May 2018, the legal basis for the processing of the data subject's personal data in connection with social plug-ins is Article 6(1), first sentence, letters a and b of the European Data Protection Basic Regulation (EU) 2016/679.
9.6.7.2 The data collected via the Social Plugins shall be stored by us for as long as necessary for the provision of the respective services or for the fulfilment of the purpose for which the personal data were collected.
III. rights of the data subject
1. right to information
1.1. Any person affected by the processing of personal data has the right to obtain at any time and free of charge from the controller information on the personal data stored in relation to him or her and a copy thereof. Furthermore, the European Directive and Regulation Giver has granted the data subject access to the following information:
1.1.1 the purposes of processing;
1.1.2 the categories of personal data processed;
1.1.3 the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular in the case of recipients in third countries or international organisations;
1.1.4. where possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration;
1.1.5 the existence of a right of rectification or erasure of personal data relating to them or of a right to limit processing by the controller or a right to object to such processing;
1.1.6 the existence of a right of appeal to a supervisory authority;
1.1.7 if the personal data are not collected from the data subject: all available information on the origin of the data;
1.1.8 the existence of automated decision making, including profiling - from 25 May 2018 onwards, in accordance with Article 22(1) and (4) of the European Data Protection Basic Regulation (EU) 2016/679 - and, where automated decision making takes place, meaningful information about the logic involved and the scope and intended effects of such processing on the data subject.
1.2 Furthermore, the data subject shall have the right to obtain information as to whether personal data have been transferred to a third country or to an international organisation. If this is the case, the data subject shall also have the right to obtain information on the appropriate safeguards relating to the transfer.
2. right of rectification
Any person concerned by the processing of personal data shall have the right to obtain the rectification without delay of inaccurate personal data relating to him. The data subject shall also have the right to obtain the completion of incomplete personal data, including by means of a supplementary declaration, having regard to the purposes of the processing.
3. right to erasure (right to be forgotten)
3.1 Every data subject shall have the right to obtain from the controller the immediate erasure of personal data relating to him or her where one of the following reasons applies and where the processing is not necessary:
3.1.1 The personal data have been collected or otherwise processed for purposes for which they are no longer necessary;
3.1.2 the data subject withdraws the consent on which the processing was based - from 25 May 2018 onwards, pursuant to Article 6(1)(a) or Article 9(2)(a) of the European Data Protection Basic Regulation (EU) 2016/679 - and there is no other legal basis for the processing
3.1.3 The data subject lodges an objection to the processing - as from 25 May 2018, in accordance with Article 21(1) of the European Data Protection Basic Regulation (EU) 2016/679 - and there are no legitimate reasons for the processing or the data subject lodges an objection to the processing - as from 25 May 2018, in accordance with Article 21(2) of the European Data Protection Basic Regulation (EU) 2016/679.
3.1.4 The personal data have been processed unlawfully.
3.1.5 The deletion of personal data is necessary to comply with a legal obligation under Union law or the law of the Member States to which the controller is subject.
3.1.6 The personal data was collected in relation to information society services offered, from 25 May 2018, in accordance with Article 8(1) of the European Data Protection Regulation (EU) 2016/679.
3.2 If the personal data has been made public by the data controller and our company as the data controller is responsible for the data - from 25 May 2018 in accordance with Art. 17 Para. 1 of the European Data Protection Basic Regulation (EU) 2016/679, the controller shall take reasonable measures, including technical measures, taking into account the available technology and the implementation costs, to inform other data controllers who process the published personal data that the data subject has requested from these other data controllers the deletion of all links to these personal data or copies or replications of these personal data, unless the processing is necessary.
4. the right to limit processing
Any person concerned by the processing of personal data shall have the right to obtain from the controller the restriction of the processing if one of the following conditions is met:
4.1. the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data
4.2 The processing is unlawful, the data subject refuses to have the personal data deleted and instead requests that the use of the personal data be restricted.
4.3 The controller no longer needs the personal data for the purposes of the processing, but the data subject needs them in order to assert, exercise or defend legal claims.
4.4 The data subject has lodged an objection to the processing - as of 25 May 2018, pursuant to Article 21(1) of the European Data Protection Basic Regulation (EU) 2016/679 - and it is not yet clear whether the data controller's legitimate reasons outweigh those of the data subject.
5. right to data transferability
5.1 From 25.05.2018, every person concerned by the processing of personal data has the right to obtain, in a structured, common and machine-readable format, the personal data concerning him/her which have been made available to a controller by the data subject. He/she also has the right to obtain the communication of these data to another controller without interference from the controller to whom the personal data have been made available, provided that the processing is based on the consent pursuant to Article 6(1)(a) or Article 9(2)(a) of the European Data Protection Regulation (EU) 2016/679 or on a contract pursuant to Article 6(1)(a) or Article 9(2)(a) of the European Data Protection Regulation (EU) 2016/679 or on a contract pursuant to Article 9(2)(a) of the European Data Protection Supervisor's Regulation (EC) 2016/679. 6(1)(b) of the European Data Protection Basic Regulation (EU) 2016/679 and the processing is carried out by means of automated procedures, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
5.2 Furthermore, from 25 May 2018, when exercising their right to data transfer pursuant to Article 20(1) of the European Data Protection Basic Regulation (EU) 2016/679, the data subject has the right to obtain that personal data be transferred directly from one controller to another controller, insofar as this is technically feasible and provided that it does not adversely affect the rights and freedoms of other persons.
6. right to object
6.1 Every person concerned by the processing of personal data has the right to object, at any time, for reasons arising from his or her particular situation, to the processing of personal data concerning him or her that takes place from 25 May 2018 on the basis of Article 6(1)(e) or (f) of the European Data Protection Regulation (EU) 2016/679. This also applies to profiling based on these provisions.
6.2 In the event of an objection, the controller shall no longer process the personal data unless we can demonstrate compelling legitimate reasons for processing which outweigh the interests, rights and freedoms of the data subject, or the processing is for the purpose of asserting, exercising or defending legal claims.
7. existence of automated decision making
As a responsible company, we avoid automated decision making or profiling.
8. right of revocation of a data protection consent
8.1 Any person affected by the processing of personal data has the right to withdraw his or her consent to the processing of personal data at any time.
8.2 If the data subject wishes to exercise his or her right to withdraw consent, he or she may at any time contact our Data Protection Officer or any other employee of the controller.
9. assertion of rights
9.1 All rights listed can be asserted informally by letter or e-mail to the addresses listed above under point I 2.
10. TLS encryption
10.1 This website uses TLS 1.0 encryption for reasons of security and to protect the transmission of confidential content, such as requests that the person concerned sends to us as site operator. An encrypted connection can be recognized by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.
10.2 If TLS encryption is activated, the data that the person concerned sends to us cannot be read by third parties.
11. topicality of the data protection declaration
This privacy policy is currently valid and dated 24 May 2018.
It can be accessed and printed out at any time on our website protection/.