Privacy Policy

SolutionsAcademy

Privacy

Privacy Policy

Introduction

With the following data protection declaration, we would like to inform you about which types of your personal data (hereinafter also referred to as "data") we process for what purposes and to what extent. The data protection declaration applies to all processing of personal data carried out by us, both in the context of the provision of our services and in particular on our websites, in mobile applications and within external online presences, such as .B our social media profiles (hereinafter collectively referred to as "online offer").
The terms used are not gender-specific. As of November 13, 2020

Content Overview

  • Introduction
  • Overview of processing
  • Relevant legal bases
  • Security measures
  • Transfer and disclosure of personal data
  • Data processing in third countries
  • Use of cookies
  • Commercial and business services
  • Use of online marketplaces for e-commerce
  • Provision of the online offer and web hosting
  • Registration, registration and user account
  • Blogs and publication media
  • Contact
  • Communication via messenger
  • Video conferences, online meetings, webinars and screen sharing

Event data (Facebook) ("Event data" is data that can be transmitted by us to Facebook via Facebook pixel (via apps or other means), e.B. and relates to persons or their actions; The data includes, for example.B information about visits to websites, interactions with content, functions, installation of apps, purchases of products, etc.; the event data is processed for the purpose of creating target groups for content and advertising information (Custom Audiences); Event data does not include the actual content (such as.B. written comments), no login information and no contact information (i.e. no names, e-mail addresses and telephone numbers). Event data will be deleted by Facebook after a maximum of two years, the target groups formed from them with the deletion of our Facebook account).

Applicant data (e.B. personal details, postal and contact addresses, the documents belonging to the application and the information contained therein, such as.B cover letter, curriculum vitae, certificates and other information about their person or qualification provided voluntarily by applicants with regard to a specific position or voluntarily).

Overview of processing

The following overview summarizes the types of data processed and the purposes of their processing and refers to the persons concerned.

Types of data processed

  • Event data (Facebook) ("Event data" is data that can be transmitted by us to Facebook via Facebook pixel (via apps or other means), e.B. and relates to persons or their actions; The data includes, for example.B information about visits to websites, interactions with content, functions, installation of apps, purchases of products, etc.; the event data is processed for the purpose of creating target groups for content and advertising information (Custom Audiences); Event data does not include the actual content (such as.B. written comments), no login information and no contact information (i.e. no names, e-mail addresses and telephone numbers). Event data will be deleted by Facebook after a maximum of two years, the target groups formed from them with the deletion of our Facebook account).
  • Applicant data (e.B. personal details, postal and contact addresses, the documents belonging to the application and the information contained therein, such as.B cover letter, curriculum vitae, certificates and other information about their person or qualification provided voluntarily by applicants with regard to a specific position or voluntarily).
  • Content data (e.B. entries in online forms).
  • Contact details (e.B. e-mail, telephone numbers).
  • Meta/communication data (e.B. device information, IP addresses).
  • Usage data (e.B websites visited, interest in content, access times).
  • Image and/or video recordings (e.B. photographs or video recordings of a person).
  • Location data (information on the geographical position of a device or person).
  • Contract data (e.B subject matter of the contract, term, customer category).
  • Payment data (e.B. bank details, invoices, payment history).

Special categories of data

  • Data showing racial and ethnic origin. Categories of persons concerned
  • Employees (e.B. employees, applicants, former employees).
  • Applicants.
  • Business and contractual partners.
  • Interested parties.
  • Communication partners.
  • Customers.
  • Users (e.B. website visitors, users of online services).

Purposes of processing

  • Affiliate tracking.
  • Provision of our online offer and user-friendliness.
  • Conversion measurement (measuring the effectiveness of marketing measures).
  • Application procedure (justification and possible subsequent implementation as well as possible later termination of the employment relationship).
  • Office and organizational procedures.
  • Cross-device tracking (cross-device processing of user data for marketing purposes).
  • Direct marketing (e.B. by e-mail or post).
  • Feedback (e.B. Collecting feedback via online form).
  • Interest-based and behavioral marketing.
  • Contact requests and communication.
  • Profiling (creation of user profiles).
  • Remarketing.
  • Reach measurement (e.B. access statistics, recognition of returning visitors).
  • Security measures.
  • Tracking (e.B interest/behavioural profiling, use of cookies).
  • Provision of contractual services and customer service.
  • Managing and responding to requests.
  • Target grouping (determination of target groups relevant for marketing purposes or other output of content).

Relevant legal bases

In the following, we inform you of the legal bases of the General Data Protection Regulation (GDPR), on the basis of which we process the personal data. Please note that in addition to the provisions of the GDPR, the national data protection requirements may apply in your or our country of residence and domicile. If, in addition, more specific legal bases are decisive in individual cases, we will inform you of these in the data protection declaration.

  • Consent (Art. 6 para. 1 sentence 1 lit. a. GDPR) – The data subject has given his or her consent to the processing of personal data concerning him or her for a specific purpose or for several specific purposes.
  • Performance of the contract and pre-contractual requests (Art. 6 para. 1 sentence 1 lit.b. GDPR) – The processing is necessary for the performance of a contract to which the data subject is a party or for the implementation of pre-contractual measures taken at the request of the data subject.
  • Legal obligation (Art. 6 para. 1 sentence 1 lit.c. GDPR) – The processing is necessary to fulfill a legal obligation to which the controller is subject.
  • Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR) – The processing is necessary to safeguard the legitimate interests of the controller or a third party, unless the interests or fundamental rights and freedoms of the data subject that require the protection of personal data prevail.
  • Application procedure as a pre-contractual or contractual relationship (Art. 9 para. 2 lit.b GDPR) – Insofar as special categories of personal data within the meaning of Art. 9 para. 1 GDPR (e.B. health data, such as severely disabled status or ethnic origin) are requested from applicants so that the controller or the data subject is covered by labour law and social security law and the can exercise social protection rights and fulfil his or her obligations in this regard, their processing is carried out in accordance with Art. 9 para. 2 lit.b. GDPR, in the case of the protection of vital interests of the applicants or other persons in accordance with Art. 9 para. 2 lit.c. GDPR or for the purposes of health care or occupational medicine, for the assessment of the employee's ability to work, for medical diagnostics, care or treatment in the health or social sector or for the administration of systems and services in the health or social sector in accordance with Art. 9 para. 2 lit. h. GDPR. In the case of a communication of special categories of data based on voluntary consent, their processing is carried out on the basis of Art. 9 para. 2 lit. a. GDPR. National data protection regulations in Germany: In addition to the data protection regulations of the General Data Protection Regulation, national regulations on data protection apply in Germany. This includes, in particular, the Act on the Protection against Misuse of Personal Data in Data Processing (Federal Data Protection Act – BDSG). In particular, the BDSG contains special provisions on the right to information, the right to erasure, the right to object, the processing of special categories of personal data, processing for other purposes and transmission as well as automated decision-making in individual cases, including profiling. Furthermore, it regulates data processing for the purposes of the employment relationship (§ 26 BDSG), in particular with regard to the establishment, implementation or termination of employment relationships as well as the consent of employees. Furthermore, state data protection laws of the individual federal states can be applied.

Security measures

We take appropriate technical and organisational measures to ensure a level of protection appropriate to the risk, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing, as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons.

Measures shall include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical and electronic access to the data, as well as access, input, disclosure, ensuring availability and their separation. Furthermore, we have set up procedures that ensure the exercise of data subject rights, the deletion of data and reactions to the threat to the data. Furthermore, we take into account the protection of personal data already during the development or selection of hardware, software and procedures in accordance with the principle of data protection, through technology design and through data protection-friendly default settings.

SSL encryption (https): In order to protect your data transmitted via our online offer, we use SSL encryption. You can recognize such encrypted connections by the prefix https:// in the address bar of your browser.

Transmission and disclosure of personal data

As part of our processing of personal data, it happens that the data is transmitted to other bodies, companies, legally independent organisational units or persons or disclosed to them. The recipients of this data may include, for example.B payment institutions in the context of payment transactions, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such a case, we observe the legal requirements and, in particular, conclude corresponding contracts or agreements with the recipients of your data that serve to protect your data.

Data transfer within the group of companies:

We may transfer personal data to other companies within our group of companies or grant them access to this data. If this transfer takes place for administrative purposes, the transfer of the data is based on our legitimate business and business interests or takes place if it is necessary for the fulfilment of our contractual obligations or if there is a consent of the data subjects or a legal permission

Data transfer within the organization:

We may transfer personal data to other entities within our organization or grant them access to this data. If this transfer takes place for administrative purposes, the transfer of the data is based on our legitimate business and business interests or takes place if it is necessary to fulfil our contractual obligations or if there is a consent of the persons concerned or a legal permission.

Data transfer within the organization:Data processing in third countries

If we process data in a third country (i.e. outside the European Union (EU), the European Economic Area (EEA)) or the processing takes place in the context of the use of third-party services or the disclosure or transfer of data to other persons, bodies or companies, this will only take place in accordance with the legal requirements.

Subject to express consent or contractually or legally required transfer, we process or have the data processed only in third countries with a recognized level of data protection, contractual obligation through so-called standard protection clauses of the EU Commission, in the presence of certifications or binding internal data protection regulations (Art. 44 to 49 GDPR, information page of the EU Commission: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de ).

Use of cookies

Cookies are text files that contain data from websites or domains visited and are stored by a browser on the user's computer. A cookie is primarily used to store the information about a user during or after his visit within an online offer. The stored information may include.B, for example, the language settings on a website, the login status, a shopping cart or the place where a video was watched. The term cookies also includes other technologies that fulfil the same functions as cookies (e.B., if user information is stored on the basis of pseudonymous online identifiers, also referred to as "user IDs")

The following cookie types and functions are distinguished:

  • Temporary cookies (also: session or session cookies): Temporary cookies are deleted at the latest after a user leaves an online offer and his or her browser.
  • Permanent cookies: Permanent cookies remain stored even after the browser is closed. For example, the login status can be saved or preferred content can be displayed directly when the user visits a website again. Likewise, the interests of users used for range measurement or marketing purposes may be stored in such a cookie.
  • First-party cookies: First-party cookies are set by ourselves.
  • Third-party cookies (also: third-party cookies): Third-party cookies are mainly used by advertisers (so-called third parties) to process user information.
  • Necessary (also: essential or strictly necessary) cookies: Cookies may be strictly necessary for the operation of a website (e.B. to store logins or other user input or for security reasons).
  • Statistics, marketing and personalization cookies: Furthermore, cookies are usually also used in the context of reach measurement and when the interests of a user or his behavior (e.B viewing certain content, use of functions, etc.) are stored on individual websites in a user profile. Such profiles serve to show users, e.B. content that corresponds to their potential interests. This procedure is also referred to as "tracking", i.e. tracking the potential interests of users. If we use cookies or "tracking" technologies, we will inform you separately in our privacy policy or as part of obtaining consent.

Information on legal bases:

The legal basis on which we process your personal data with the help of cookies depends on whether we ask for your consent. If this is the case and you consent to the use of cookies, the legal basis for the processing of your data is the declared consent. Otherwise, the data processed with the help of cookies will be processed on the basis of our legitimate interests (e.B. in the business operation of our online offer and its improvement) or if the use of cookies is necessary to fulfil our contractual obligations.

Storage period:

If we do not provide you with explicit information on the storage period of permanent cookies (e.B. as part of a so-called cookie opt-in), please assume that the storage period can be up to two years.

General information on revocation and objection (opt-out):

Depending on whether the processing is based on consent or legal permission, you have the option at any time to revoke a given consent or to object to the processing of your data by cookie technologies (collectively referred to as "opt-out"). You can first declare your objection by means of the settings of your browser, e.B., by deactivating the use of cookies (whereby this may also limit the functionality of our online offer). An objection to the use of cookies for online marketing purposes can also be declared by means of a variety of services, especially in the case of tracking, via the websites https://optout.aboutads.info and https://www.youronlinechoices.com/. In addition, you can receive further objection notices in the context of the information on the service providers and cookies used.

Processing of cookie data on the basis of consent:

Before we process or have processed data in the context of the use of cookies, we ask users for consent that can be revoked at any time. Until consent has been given, cookies are used that are absolutely necessary for the operation of our online offer.

  • Types of data processed: Usage data (e.B. websites visited, interest in content, access times), meta/communication data (e.B. device information, IP addresses).
  • Data subjects: users (e.B. website visitors, users of online services).
  • Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a. GDPR), Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR).