If you have any questions about data protection, please contact our data protection officer.

WAGNER Group GmbH
Schleswigstrasse 1-5
D-30853 Langenhagen
Joachim Cors
Phone: +49 511 97383 203
E-mail: datenschutz@wagner.de

The small black icon on the edge of the screen gives you the option to revalidate the data protection settings.

Every access to our website and every retrieval of a file stored on the website is logged. The storage serves internal system-related and statistical purposes.

The following are logged:

• name of the retrieved file,
• date and time of retrieval,
• amount of data transferred,
• notification of successful retrieval,
• operating system used,
• browser and browser type,
• the website from which you were redirected,
• the internet service provider,
• pages visited and
• requesting domain.

In addition, the IP addresses of the requesting computers are logged. However, the controller does not draw any conclusions about a person.

This data is only required to display the content of our website correctly, to optimize the content for you in the long term and to support criminal prosecution in the event of hacker attacks. The data is processed on the basis of our legitimate interest pursuant to Art. 6 para. 1 subpara. 1 lit. f) GDPR. The processing of the data is necessary for the operation of the website.

The data is stored for as long as it is needed to fulfill the purpose and then automatically deleted.

In accordance with Art. 15 GDPR, you have a right to information about the processing of your personal data.

In addition, you are free to exercise your rights to rectification, erasure or, if erasure is not possible, to restriction of processing and to data portability in accordance with Articles 16-18 and 20 GDPR. If you wish to exercise this right, please contact our data protection officer.

You also have the right to lodge a complaint with the competent supervisory authority at any time. If you are of the opinion that your personal data is not being processed in compliance with data protection laws, we would kindly ask you to contact our data protection officer.

Furthermore, you have the right to object to the processing of your personal data at any time.

We use technical and organizational security measures to protect the personal data you provide to us from manipulation, loss, destruction or access by unauthorized persons. Our security measures are continuously improved and adapted in accordance with the state of the art. It cannot be ruled out that unencrypted data transmitted by you may be viewed by third parties during transmission. We would like to point out that data transmission via the Internet (e.g. communication by e-mail) cannot be guaranteed to be completely secure. Sensitive data should therefore either not be transmitted via the Internet at all or only via a secure connection (SSL).

Consent to the processing of personal data can only be given by a person of legal age. For information society services, the consent of a child is permitted from the age of sixteen in accordance with Art. 8 GDPR.

The content of this website is hosted by Mittwald CM Service GmbH & Co KG, Königsberger Str. 4 - 6, 32339 Espelkamp (hereinafter referred to as Mittwald). Further details can be found in Mittwald's privacy policy: https://www.mittwald.de/datenschutz. Mittwald is used on the basis of Art. 6 para. 1 subpara. 1 lit. f) GDPR. We have a legitimate interest in ensuring that our website is displayed as reliably as possible. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 subpara. 1 lit. a) GDPR and Section 25 para. 1 TDDDG (German Telecommunications Digital Services Data Protection Act), insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time. Furthermore, we have concluded an order processing contract with the provider.

All your personal data and other information that you provide to us via the contact form set up on our website will only be collected and processed for the purpose of processing and responding to your inquiries. 
If you contact us, you give your consent for data processing in accordance with Art. 6 para. 1 subpara. 1 lit. a) GDPR. 
If you are interested in an offer, your personal data will be processed for the purpose of initiating a contract in accordance with Art. 6 para. 1 subpara. 1 lit. b) GDPR.

Your data will be forwarded to us by e-mail via our provider. If you do not provide it, we will unfortunately not be able to contact you and process your request.

Automated decision-making is not carried out.

Your personal data will be passed on to external third parties to the extent necessary for processing your request, to our subsidiaries and business partners.

External service providers for the support of our IT systems and software solutions, suppliers and business partners, are integrated as processors (Art. 28 GDPR) in compliance with data protection regulations.

A transfer of the personal data provided by you to a third country or an international organization takes place to the extent that inquiries from the respective country are forwarded to the responsible employees of the WAGNER Group or a subsidiary based in the respective country. Outside the European Union and the European Economic Area, this applies to Australia, India, Singapore, Canada and the USA.

You have the right to withdraw your consent at any time with effect for the future. The legality of the data processing carried out until the revocation remains unaffected.

Your personal data, which you communicate to us via the contact form, will be stored by us for the duration of the processing of your request and kept until the expiry of the corresponding legal deadlines.

You can contact us via the e-mail address provided on our website. You can also contact us via the telephone or fax number provided on the website. If you make use of these options, the personal data transmitted will be stored and only collected and processed for the purpose of processing and responding to your inquiry.

If you contact us, you give your consent for data processing in accordance with Art. 6 para. 1 subpara. 1 lit. a) GDPR. 
If you are interested in an offer, your personal data will be processed for the purpose of initiating a contract in accordance with Art. 6 para. 1 subpara. 1 lit. b) GDPR

If you do not provide your data, we will unfortunately not be able to process your request. Automated decision-making is not carried out.

Your personal data will be passed on to external third parties to the extent necessary for processing your request, to our subsidiaries and business partners.

External service providers for the support of our IT systems and software solutions, suppliers and business partners, are integrated as processors (Art. 28 GDPR) in compliance with data protection regulations.

A transfer of the personal data provided by you to a third country or an international organization takes place to the extent that inquiries from the respective country are forwarded to the responsible employees of the WAGNER Group or a subsidiary based in the respective country. Outside the European Union and the European Economic Area, this applies to Australia, India, Singapore, Canada and the USA.

You have the right to withdraw your consent at any time with effect for the future. The legality of the data processing carried out until the revocation remains unaffected.

Your personal data that you provide to us will be stored by us for the duration of the processing of your request and kept until the expiry of the corresponding legal deadlines.

If you subscribe to our electronic newsletter, your personal data will be processed for the purpose of regularly sending you our newsletter on the basis of Art. 6 para. 1 subpara. 1 lit. a) GDPR. The registration process is logged on the basis of our legitimate interests in accordance with Art. 6 para. 1 subpara. 1 lit. f) GDPR and serves as proof of consent to receive the newsletter.

Registration for our newsletter takes place in a so-called double opt-in procedure. This means that after registering, you will receive an e-mail asking you to confirm your registration. This confirmation is necessary so that no one can register with other people's e-mail addresses. Subscriptions to the newsletter are logged in order to be able to prove the registration process in accordance with legal requirements. This includes storing the time of registration and confirmation as well as the IP address. Changes to your data stored by the mailing service provider are also logged.

If you do not give your consent, we will unfortunately not be able to provide you with our newsletter. Automated decision-making is not carried out.

The newsletters contain a so-called ”web-beacon”, i.e. a pixel-sized file that is retrieved from the server of the mailing service provider when the newsletter is opened. As part of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and time of retrieval, is initially collected. This information is used for the technical improvement of the services based on the technical data or the target groups and their reading behavior based on their retrieval locations (which can be determined with the help of the IP address) or the access times in accordance with Art. 6 para. 1 subpara. 1 lit. f) GDPR. The statistical surveys also include determining whether the newsletters are opened, when they are opened and which links are clicked. This information is anonymized; it is not possible to identify your email address. The evaluations help us to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.

Your personal data will be passed on to external third parties to the processor named below:

SC-Networks GmbH
Würmstrasse 4
D-82319 Starnberg

The service provider was integrated in compliance with data protection regulations. An order processing contract has been concluded with SC-Networks GmbH.

A transfer of the personal data provided by you to a third country or an international organization does not take place and is not planned.

You have the right to withdraw your consent at any time with effect for the future. The legality of the data processing until the revocation remains unaffected.

Your personal data that you provide to us when you subscribe to the newsletter will be stored by us until you withdraw your consent to receive the newsletter and will be removed from the mailing list after you unsubscribe.

The personal data you provide will be collected and processed for the purpose of deciding on the establishment of an employment relationship in accordance with Art. 6 para. 1 subpara. 1 lit. b) GDPR. The provision of your personal data is necessary for the handling of the application process and for the decision on the establishment of an employment relationship.

If you do not provide your data, we will unfortunately not be able to consider you for a vacancy. Automated decision-making is not carried out.

In order to assess your documents, they will be forwarded to the responsible employees in the HR department and to the responsible contact persons in the respective specialist departments for which the application is intended.

If the job advertisement concerns one of our affiliated companies and you have given your consent, your application will be forwarded to the employee responsible there, who will contact you accordingly and take all further steps in the application process.

A transfer to a third country or other international organization of the personal data provided by you does not take place and is not planned.

Your application documents will be stored by us for the duration of the application process and kept for a further 3 months so that we can answer any subsequent questions you may have. After this period, the documents will be deleted. Documents sent by post will be returned or destroyed at the end of the 3-month period.

We will only store your data for 12 months after receipt of your express consent to use our talent pool in order to inform you during this period about vacancies within our company that may be of interest to you. After this period, the documents will be deleted.

Furthermore, you are entitled to all the aforementioned data subject rights. If you wish to exercise these rights, please contact our data protection officer.

Technically necessary cookies (session cookies)

We use technical cookies on our website to make the website more user-friendly. In order to use the full functionality of our website, it is therefore necessary for technical reasons to allow session cook-ies.

The purpose of using such cookies is to enable you to use the website in a simplified and more user-friendly manner. It is therefore necessary for the browser to be able to identify you even after a page change.

The data is not used to create a user profile for you. The legal basis for the use of technical cookies is Section 25 (2) TDDDG. It is not possible to use the website without session cookies.

Cookies for evaluation (tracking cookies)

In addition to the use of technical cookies, tracking cookies are used on this website. Cookies are text files that are stored on your computer and enable your use of the website to be analyzed. However, they only collect and store data in pseudonymous form. They are not used to identify you personally and are not merged with data about the bearer of the pseudonym. We use this information to deter-mine the attractiveness of our website and to continuously improve its content.
The legal basis for the use of tracking cookies is the consent you have given in accordance with Sec-tion 25 (1) TDDDG. 
You have the right to withdraw your consent at any time with effect for the future. The legality of the data processing until the revocation remains unaffected.
You can adjust the cookie settings at any time.

Individual information about the cookies and analysis services used as well as the purpose and legal basis of data processing are also described in detail in the privacy policy.

This website uses Google Analytics, a web analytics service provided by Google Ireland Ltd (Gordon House, Barrow Street, Dublin 4, Ireland; hereinafter referred to as ”Google”), which uses cookies. Cookies are text files that are stored on your computer and enable your use of the website to be analyzed. Cookies usually transmit the information generated about your use of this website to a Google server in the European Union (EU) or European Economic Area (EEA). However, since this website uses IP anonymization, your IP address will be truncated by Google beforehand within member states of the European Union or in other signatory states to the Agreement on the European Economic Area.

In exceptional cases, the full IP address is transmitted to a Google server in the USA and truncated there. Google uses this information on our behalf to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

The collection within the scope of this service only takes place after you have given your express consent. The legal basis for this is § 25 para. 1 TDDDG. You have the right to withdraw your consent at any time with effect for the future. The legality of the data processing until the revocation remains unaffected.

The purpose of the survey is to evaluate the use of our website. Furthermore, the use of Google Analytics enables us to create reports on website activities and thus improve our Internet presence. In addition to us, Google is to be named as the recipient of the data.

The data will be deleted as soon as it is no longer required for our recording purposes. You can prevent the collection of your data by Google Analytics at any time, even after you have given your consent.

The data transfer by Google to the USA is based on the EU standard contractual clauses, details of which can be found here: https://privacy.google.com/businesses/controllerterms/mccs/. You can find further information at: https://support.google.com/analytics/answer/6004245?hl=en&sjid=2159006869275437341-EU

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt000000001L5AAI&status=Active

This website uses Google Ads, a service provided by Google Ireland Ltd (Gordon House, Barrow Street, Dublin 4, Ireland; hereinafter referred to as “Google”).

We use the conversion tracking function for which Google Ads places cookies on your computer if you have reached our website via an advertisement placed by Google. The data collected by the cookie is not user-related and is therefore not used for personal identification. The cookies lose their validity after 30 days. The data is collected for the purpose of creating conversion statistics for Google Ads customers. We only receive information about the total number of users who clicked on our ad and were subsequently redirected to a website with a conversion tracking tag.    

The purpose of the collection is to provide you with targeted advertising. The legal basis for this is your consent in accordance with Art. 6 para. 1 subpara. 1 lit. a) GDPR and Section 25 para. 1 TDDDG, insofar as the consent within the meaning of the TDDDG relates to the setting of cookies or access to information on your terminal device.

You have the right to withdraw your consent at any time with effect for the future. The legality of the data processing until the revocation remains unaffected.

In addition to us, Google must be named as the recipient of the data. The data is deleted as soon as it is no longer required for our recording purposes.

Consent is also required by Google in accordance with its policy: https://www.google.com/about/company/user-consent-policy.html

Further information about the collection and processing of your data by Google and your rights as a data subject in this regard can be found in Google's privacy policy at: https://policies.google.com/privacy?hl=en. The data transfer by Google to the USA is based on the EU standard contractual clauses, details of which can be found here: https://privacy.google.com/businesses/controllerterms/mccs/

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt000000001L5AAI&status=Active

This website uses the Google reCAPTCHA service, operated by Google Ireland Ltd (Gordon House, Barrow Street, Dublin 4, Ireland; hereinafter referred to as “Google”), which protects the website from spam and abuse.

The reCAPTCHA service is intended to prevent abusive activities being carried out by automated software on the website. This is ensured by checking whether the entries actually originate from a natural person.

Data such as the address of the page on which the captcha is used, the user's IP address, the user's input behavior (e.g. answering the reCAPTCHA question, input speed in the form fields, the order in which the input fields are selected, etc.) as well as browser, browser size and resolution, browser plug-ins, date, language setting, the display instructions (CSS) and scripts (JavaScript) of the website and the mouse or touch events within the website are collected and processed for verification purposes. If the user of the website is logged in to Google, the Google account is also recognized and assigned. Cookies from other Google services such as Gmail, Search and Analytics are also read by Google in this case. Data that is collected and stored when Google reCAPTCHA is used is sent to Google in encrypted form. Whether the captcha is displayed in the form of a checkbox or by entering text on the page is decided by Google's subsequent evaluation. No personal data is read or saved from the input fields of the respective form.

The legal basis for the use of reCAPTCHA is Art. 6 para. 1 subpara. 1 lit. a) GDPR and § 25 para. 1 TDDDG, insofar as the consent within the meaning of the TDDDG relates to the setting of cookies or access to information on your terminal device. You have the right to withdraw your consent at any time with effect for the future. The legality of the data processing until the revocation remains unaffected. The data will be deleted as soon as you leave our website.

When using this Google service, personal data may be transferred to Google LLC in the USA (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). You can find more information about the collection and processing of your data by Google and your rights as a data subject in this regard in Google's privacy policy: https://policies.google.com/privacy?hl=en

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt000000001L5AAI&status=Active

Our website also uses Insight Tag technology, which is operated exclusively by LinkedIn Ireland Unlimited Company (Wilton Place, Dublin 2, Ireland); hereinafter referred to as “LinkedIn”.

The purpose of the Insight Tag is to enable us to optimize our campaigns, retarget website visitors and learn more about our target audience. The LinkedIn Insight Tag creates a unique LinkedIn browser cookie in a visitor's browser and enables the collection of the following data for this cookie: metadata such as IP address, timestamp and page events (e.g. page views). The log files (URL, referrer URL, IP address, device and browser properties and the time of access) are also recorded by LinkedIn. After seven days, the direct identifiers of LinkedIn members are deleted; the remaining data is pseudonymized and deleted after 180 days.

LinkedIn does not share any personal data with us, but only provides summarized reports on website audience and ad performance. LinkedIn members can control the use of their personal data for advertising purposes in their account settings. You have the option to object to the analysis of usage behavior and targeted advertising by LinkedIn here: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

The legal basis for the processing of the data is your consent pursuant to Art. 6 para. 1 lit. a) GDPR and § 25 para. 1 TDDDG, insofar as the consent within the meaning of the TDDDG relates to the setting of cookies or access to information on your terminal device. You have the right to withdraw your consent at any time with effect for the future. The legality of the data processing carried out until the revocation remains unaffected.

You can find more information about the LinkedIn pixel at: https://www.linkedin.com/help/linkedin/answer/a427660/?lang=en-US. You can find LinkedIn's privacy policy at https://www.linkedin.com/legal/privacy-policy

Data transfer to the USA is based on the EU standard contractual clauses, details of which can be found here: https://www.linkedin.com/legal/l/eu-sccs

We use the IPAPI tool (www.ipapi.co) from Kloudend, Inc. (1887 Whitney Mesa Dr #4080 Henderson, NV 89014 - USA) to automatically localize the location, country, time zone and access to the website via computer or mobile device as well as the Internet provider and routing information (IP address). The tool is used to adapt the content of our website on the basis of localization findings and to better tailor it to the respective visitor. The tool is also used to protect against attackers and bots. The legal basis for data processing is our legitimate interest pursuant to Art. 6 para. 1 subpara. 1 lit. f) GDPR in presenting the website in the best possible way. You can find the privacy policy of Kloudend Inc. at: https://ipapi.co/privacy/

We want to make communication with interested parties, customers and users easier and adapted to the current technical and practical reality. We therefore use conferencing tools for video and audio conferences. You can find out which individual web conferencing tools we use in the following section.

As a rule, data is first collected that represents metadata and technical data of the users and the conferences. Metadata includes, for example, the duration of the conference, the period of participation, the number of participants or the name and/or description of the meeting. Technical data includes IP addresses and device and hardware information of the participants, such as MAC addresses, device and operating systems or information about peripheral devices and connection quality. In the case of optional participation via a cell phone, further data can be stored in addition to the telephone number. The data collected also includes all data that you provide for the use of the service (some of which is optional). The usual data here is your name, telephone number, email address and other log and profile data.

During a meeting in a web conferencing tool, video and audio data recorded by your microphone/camera as well as all content that can be uploaded (messages in chats, surveys, etc. as well as other files such as presentation documents) can be processed, logged or displayed. When using the optional web conference recording function, this data can be stored permanently, including on the service provider's servers.

However, we would like to point out that we have no influence on what data is collected. Accordingly, failure to provide the aforementioned data may mean that you are unable to participate in the web conference. Automated decision-making is not carried out. Details on the processing of data by the relevant services can be found in the data protection notices of the respective services, which are referred to in the following section.

We use the web conferencing tools to communicate with you in a simple, effective and direct way. The legal basis for this is our legitimate interest pursuant to Art. 6 para. 1 subpara. 1 lit. f) GDPR. In the case of an existing contractual relationship, the use of such a service serves the purpose of providing a service, for which the legal basis for processing is Art. 6 para. 1 subpara. 1 lit. b) GDPR. The same legal basis applies to registration and participation in an online webinar offered by us. If your consent has been obtained, the legal basis for the processing of the data is Art. 6 para. 1 lit. a) GDPR and Section 25 para. 1 TDDDG, provided that the consent within the meaning of the TDDDG relates to the setting of cookies or access to information on your terminal device. You have the right to withdraw your consent at any time with effect for the future. The legality of the data processing carried out until the revocation remains unaffected.

We have no influence on the storage period of the data stored by the service providers for their own purposes. If you ask us to delete your data or if the purpose for storing the data no longer applies, we will delete your data unless this is contrary to mandatory statutory provisions. Cookies stored by you will remain on your end device until you delete them.

We use the web conferencing tool Microsoft Teams. This is an application of Microsoft Corporation (One Microsoft Way, Redmond, WA 98052-6399, USA; hereinafter “Microsoft”).

The personal data transmitted by you will be collected and processed exclusively for the purpose of conducting external and internal video conferences within the framework of a contractual relationship in accordance with Art. 6 para. 1 subpara. 1 lit. b) GDPR. 

If there is no contractual relationship, the legal basis is Art. 6 para. 1 subpara. 1 lit. f) GDPR. Our interest here is in effective communication and exchange between the parties involved.

The provision of your personal data is necessary for the video conferences to take place. If you do not provide it, you will unfortunately not be able to participate. Automated decision-making is not carried out.

Personal data that is processed in connection with video conferences is not passed on to third parties unless it is intended to be passed on.

You can find Microsoft's privacy policy at: https://privacy.microsoft.com/en-us/privacystatement

Data transfer to the USA is based on the EU standard contractual clauses, details of which can be found here: https://docs.microsoft.com/de-de/compliance/regulatory/offering-EU-Model-Clauses

Microsoft 365 is a productivity, collaboration and exchange platform for individual users, groups, communities and networks that can be used across organizational units.
Microsoft 365 applications, such as Teams, OneDrive, SharePoint etc. (hereinafter referred to as “M365”) process personal data.

This data protection notice provides information about the processing of personal data when using Microsoft 365 applications.

Further information on the processing of personal data by Microsoft can be found at the following link: https://privacy.microsoft.com/en-us

Data protection and the protection of your privacy are important to us. Accordingly, we only process personal data in accordance with the applicable data protection and data security legislation, in particular the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and the German Telecommunications Digital Services Data Protection Act (TDDDG). We are guided by the principle of data avoidance and data economy. Our employees are bound to confidentiality and secrecy.

Categories of personal data when using Microsoft 365

The following personal data is processed automatically when you use Microsoft 365 as soon as you use Microsoft 365:

• IP address used to access the Microsoft 365 applications.
• User name (access data for the Microsoft 365 applications)
• Data that you have stored in your Microsoft account as part of multi-factor authentication, e.g. optionally your (private) cell phone number
• Identification features: information about your person that you as a user, sender

Identify recipients of data within Microsoft 365:

• Master data: Surname, first name, contact details such as telephone number, e-mail address, fax number, if provided by you

• Other data such as a profile picture you have stored

• Data required for authentication and license use

• All user activities such as time of access, date, type of access, details of the data/files/documents accessed and all activities in connection with use, such as creating, changing, deleting a document, setting up a team (and channels in teams), making notes in the notebook, starting a chat, replying in the chat, etc.

Disclosure and transfer of data, purposes and legal bases

Your personal data will only be passed on without your prior consent in cases other than those expressly mentioned in this privacy policy if there are legal grounds for doing so or if it is necessary, e.g. to protect vital interests.

The data you provide during registration will be passed on within our group of companies for the purpose of contract fulfillment, including joint customer support, to the extent necessary. A possible transfer of personal data is based on contractual obligations towards you (pursuant to Art. 6 para. 1 subpara. 1 lit. b) GDPR) and our legitimate interest (pursuant to Art. 6 para. 1 subpara. 1 lit. f) GDPR) in passing on the data for administrative purposes within our group of companies if your rights and interests in the protection of your personal data do not prevail.
Automated decision-making (profiling) is not carried out.

Disclosure may also take place within the framework of order processing in accordance with Art. 28 GDPR, in particular if necessary service providers are involved.

If it is necessary to clarify an illegal or improper use of Microsoft 365 or for legal prosecution, personal data will be forwarded in particular to law enforcement authorities, other authorities, lawyers or other necessary third parties. This possible disclosure of personal data is justified by the fact that

• the processing is necessary for compliance with a legal obligation to which we are subject pursuant to Art. 6 para. 1 subpara. 1 lit. c) GDPR in conjunction with legal requirements

• we have a legitimate interest pursuant to Art. 6 para. 1 subpara. 1 lit. f) GDPR in disclosing the data to the aforementioned third parties to enforce our legal claims and your rights and interests in the protection of your personal data do not prevail

When using Microsoft 365, Microsoft is used as a processor and is subject to our instructions when processing personal data, as we are the controller within the meaning of the GDPR. A possible transfer of personal data is based on our legitimate interest in effectively designing our IT processes (Art. 6 para. 1 subpara. 1 lit. f) GDPR) as well as on the regulations on order processing in accordance with Art. 28 GDPR, according to which we have carefully selected third-party companies and external service providers, regularly checked them and contractually obliged them in accordance with Art. 28 para. 3 GDPR to process all personal data exclusively in accordance with our instructions.

Data transfers to third countries

Upon presentation of the corresponding purpose limitation and legitimate interests, the data to be transferred, the selected transfer process, as well as the data recipient and the receiving country are subjected to a detailed “Transfer Impact Assessment”. The result of this assessment is documented. The data is only transferred with the required content and scope if there are no positive findings.

Changes of purpose

Your personal data will only be processed for purposes other than those described if this is permitted by law or if you have consented to the changed purpose of the data processing. In the event of further processing for purposes other than those for which the data was originally collected, we will inform you of these other purposes prior to further processing and provide you with all other relevant information.

Data erasure and storage duration

The personal data of the data subjects will be deleted or blocked as soon as the purpose of the storage no longer applies, e.g. the storage of the data is no longer necessary for the performance of a contract or an overriding legitimate interest. Data may also be stored if this is provided for by the European or national legislator in regulations, laws or other provisions to which the controller is subject. The data will therefore be deleted or blocked if a storage period prescribed by the aforementioned standards expires.

We would like to get in touch with you and other interested parties, customers and users. We use various social networks for this purpose. You can find out which individual social networks we use in the following section.

As a rule, data is collected which is used for market research and advertising purposes. Such data includes the assignment of your visit to our website to your user account with the social network or the assignment by means of your stored cookies or your IP address. This is usually done by creating user profiles and the resulting interests. This makes it possible to display customized advertising, both within and outside the social network. As a result, cookies may be stored on your computer when you use social networks. However, we would like to point out that we generally have no influence on what data is collected.

Through the social media sites, we would like to provide you with information in the simplest and fastest way possible or give you the opportunity to share such information. Therefore, unless you have consented to data processing on the respective platform, the legal basis is our legitimate interest in accordance with Art. 6 para. 1 subpara. 1 lit. f) GDPR. If you have given your consent on the respective platform, your consent is the legal basis for processing in accordance with Art. 6 para. 1 subpara. 1 lit. a) GDPR and Section 25 para. 1 TDDDG, insofar as the consent within the meaning of the TDDDG relates to the setting of cookies or access to information on your terminal device. You have the right to withdraw your consent at any time with effect for the future. The legality of the data processing until the revocation remains unaffected.

If you withdraw your consent, ask us to delete your data or if the purpose for storing the data no longer applies, we will delete your data unless this is contrary to mandatory legal provisions. Cookies stored by you will remain on your end device until you delete them.

The data processed as a result of your visit to our presence on social media websites is classified as data processing initiated by us and is therefore subject to joint responsibility with the operator of the social media website in accordance with Art. 26 GDPR. Joint controllership is limited to those processing operations where the purpose and means of processing are decided jointly. If you wish to assert your rights as a data subject, you can do so both vis-à-vis us and vis-à-vis the operator of the social media website.

Furthermore, we would like to point out that your data may also be processed outside the European Union and that you therefore run the risk of not being able to enforce your rights properly.

On our website, we use a link to our presence on the social career network XING. This is an application of New Work SE (Dammtorstraße 30, D-20354 Hamburg; hereinafter: “XING”).

We have used functions of the XING service on our website. When you visit our website, your web browser connects to the XING servers for a short time, through which the XING functions are provided. XING does not use cookies and does not store any personal data. Furthermore, your usage behavior is not evaluated.

If you have consented to data processing at XING, your consent is the legal basis for processing in accordance with Art. 6 para. 1 subpara. 1 lit. a) GDPR and § 25 para. 1 TDDDG, insofar as the consent within the meaning of the TDDDG relates to the setting of cookies or access to information on your terminal device. You have the right to withdraw your consent at any time with effect for the future. The legality of the data processing until the revocation remains unaffected.

We would like to point out that we have no knowledge of the content of the transmitted data or its use by XING. You can find further information at: https://privacy.xing.com/en/privacy-policy

You can recognize the XING plugin by the “Share button”. This is operated by New Work SE (Dammtorstraße 30, 20354 Hamburg, Germany). When you click on it, a direct connection is established between the Xing server and your browser via the plugin. This provides the share functions - such as displaying the counter value. According to XING, it does not receive any information that you have visited our site with your IP address. The legal basis for the processing of the data is your consent in accordance with Art. 6 para. 1 lit. a) GDPR and Section 25 para. 1 TDDDG, insofar as the consent within the meaning of the TDDDG relates to the setting of cookies or access to information on your terminal device. You have the right to withdraw your consent at any time with effect for the future. The legality of the data processing carried out until the revocation remains unaffected. We would like to point out that we have no knowledge of the content of the transmitted data or its use by XING. You can find XING's privacy policy at: https://privacy.xing.com/en/privacy-policy

On our website, we use a link to the social network LinkedIn, which is operated exclusively by LinkedIn Ireland Unlimited Company (Wilton Place, Dublin 2, Ireland); hereinafter referred to as “LinkedIn”.

The link is identified by the LinkedIn logo (no LinkedIn plugin).

When you click on the LinkedIn logo, your browser establishes a direct connection to the LinkedIn servers. If you are already logged in to LinkedIn via your personal user account, the information about your visit to our website is automatically forwarded to LinkedIn. It is then possible for LinkedIn to assign the visit to the website to your account.

If you have consented to data processing at LinkedIn, your consent pursuant to Art. 6 para. 1 subpara. 1 lit. a) GDPR and § 25 para. 1 TDDDG, insofar as the consent within the meaning of the TDDDG relates to the setting of cookies or access to information on your terminal device, is the legal basis for the processing. You have the right to withdraw your consent at any time with effect for the future. The legality of the data processing until the revocation remains unaffected.

Data transfer to the USA is based on the EU standard contractual clauses, details of which can be found here: https://www.linkedin.com/legal/l/eu-sccs

We would like to point out that we have no knowledge of the content of the transmitted data or its use by LinkedIn. The following link leads to LinkedIn's privacy policy: http://de.linkedin.com/legal/privacy-policy

Plugins from the social career network LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; hereinafter referred to as “LinkedIn”) are integrated into our website and newsletter. The LinkedIn plugins can be recognized by the LinkedIn logo or the “Share” button (“Recommend”).

If you access our website or the newsletter, a direct connection is established between the LinkedIn server and your browser via the plugin. Through this connection, LinkedIn receives the information that you have visited our website with your IP address. If you are logged into your LinkedIn account and click on the “Share” button (“Recommend”), you have the option of linking content from our website to your LinkedIn profile. This links your visit to our website with your user account. We would like to point out that we have no knowledge of the content of the transmitted data or its use by LinkedIn.

The basis for processing is Art. 6 para. 1 lit. a) GDPR and § 25 para. 1 TDDDG, insofar as the consent within the meaning of the TDDDG relates to the setting of cookies or access to information on your terminal device. You have the right to withdraw your consent at any time with effect for the future. The legality of the data processing carried out until the revocation remains unaffected.

The following link leads to LinkedIn's privacy policy: http://de.linkedin.com/legal/privacy-policy

Data transfer to the USA is based on the EU standard contractual clauses, details of which can be found here: https://www.linkedin.com/legal/l/eu-sccs

You can recognize the X plugins by the “Like”, “Retweet” or “Send” buttons on our website. These are operated by the social network Twitter Inc. (Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland; hereinafter: “X”).

When you visit our website, a direct connection is established between the X server and your browser via the plugin. X receives the information that you have visited our site with your IP address. If you click on the “Share” button or use the “Retweet” function while you are logged into your X account, you may be able to link the content of our website to your X profile. This enables X to assign your visit to our website to your user account. If you do not want this assignment to your X user account, please log out of your user account.

Your data will only be transmitted with your express consent. The legal basis for the processing of the data is accordingly Art. 6 para. 1 lit. a) GDPR and § 25 para. 1 TDDDG, insofar as the consent within the meaning of the TDDDG relates to the setting of cookies or access to information on your terminal device. You have the right to withdraw your consent at any time with effect for the future. The legality of the data processing carried out until the revocation remains unaffected.

We would like to point out that we have no knowledge of the content of the transmitted data or its use by X. You can find X's privacy policy at: https://x.com/privacy?lang=en

Data transfer to the USA is based on the EU standard contractual clauses, details of which can be found here: https://gdpr.twitter.com/de/controller-to-controller-transfers.html

We operate a presence on the YouTube video platform. This is an application of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; hereinafter: “Google”).

If you have consented to data processing by YouTube, your consent is the legal basis for processing in accordance with Art. 6 para. 1 subpara. 1 lit. a) GDPR and § 25 para. 1 TDDDG, insofar as the consent within the meaning of the TDDDG relates to the setting of cookies or access to information on your terminal device. You have the right to withdraw your consent at any time with effect for the future. The legality of the data processing until the revocation remains unaffected.

It is possible that personal data may be transferred to the USA when using this Google service. We would like to point out that we have no knowledge of the content of the transmitted data or its use by Google. You can find further information at: https://policies.google.com/privacy?hl=en&gl=de

Our presence on the employer review portal “kununu” is an application of XING SE (Dammtorstraße 30, 20354 Hamburg, Germany; hereinafter referred to as “XING”).

The legal basis for the processing of the data is your consent pursuant to Art. 6 para. 1 lit. a) GDPR and § 25 para. 1 TDDDG, insofar as the consent within the meaning of the TDDDG relates to the setting of cookies or access to information on your terminal device. You have the right to withdraw your consent at any time with effect for the future. The legality of the data processing carried out until the revocation remains unaffected.

We would like to point out that we have no knowledge of the content of the transmitted data or its use by kununu or XING. You can find further information at: https://privacy.xing.com/en/privacy-policy