Privacy policy

Preface

For the 42DIGITAL GmbH compliance with data protection laws is not only a legal obligation, but a necessary element of trust. In the following we want to transparently inform you about the methods, scope and purpose of the processing of your personal data which might be collected from you while visiting this website. We will also inform you about your rights.

Please note that this privacy policy is for informational purposes only. Only the German Datenschutzerklärung is legally binding.

Controller

As operator of the website www.42digital.de the 42DIGITAL GmbH Performance Marketing Agency, Konsul-Smidt-Straße 8c, 28217 Bremen, Germany (subsequently referred to as “we” and “us”) is the controller pursuant to Art. 4 No. 7 of the General Data Protection Regulation (GDPR). You can contact us at contact@42digital.de with any questions about this privacy policy.

Data protection officer

You can reach our DPO at:
Süddeutsche Datenschutzgesellschaft mbH
c/o Maximilian Mayer
Von-Brettreich-Straße 4
93049 Regensburg
Tel: +49 (0) 941 – 38177070
Mail: verwaltung@sddsg.de

Rights of the data subject

Your rights as a data subject
As a data subject you have the following rights concerning your personal data. You have

  • the right of access to information on – among others – the purposes of the processing, the categories of personal data concerned, the envisaged period for which the personal data will be stored as well as possible recipients, pursuant to and in accordance with the requirements of Art. 15 GDPR and § 34 BDSG
  • the right to rectification and to erasure of incorrect or incomplete data pursuant to and in accordance with the requirements of Art. 16 and 17 GDPR and § 35 BDSG.
    the right to restriction of processing pursuant to and in accordance with the requirements of Art. 18 GDPR and § 35 (1) 2 BDSG.
  • the right to object, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) pursuant to and in accordance with the requirements of Art. 21 (1) GDPR.
  • the right to withdraw your given consent at any time, which does, however, not affect the lawfulness of processing based on consent before its withdrawal according to Art. 7 (3) GDPR.
  • the right to data portability in a structured, commonly used and machine-readable format pursuant to and in accordance with the requirements of Art. 20 GDPR
  • You have, pursuant to and in accordance with the requirements of Art. 22 GDPR, the right not to be subject to a decision based solely on automated processing, including profiling, which entails legal effects concerning you or significantly affects you in a similar way.
  • Furthermore pursuant to Art. 77 GDPR you have the right to lodge a complaint with a supervisory authority about the processing of your personal data by us, in particular in the member state of your habitual residence, place of work or place of the alleged infringement.

Procedure
When you claim your rights toward us according to the GDPR and the BDSG, we will process the data you thereby submit to fulfill your claims.

Subsequently we will store the data submitted by you and the data submitted by us to you in return for the purpose of documentation until the expiry of the regulatory offenses limitation period (3 years).

The lawfulness of processing and storing the data is based on Art. 6 (1) point (f) GDPR (legitimate interest of data processing). The legitimate interest results from our obligation to fulfill your requests and the need to exonerate ourselves in possible fine proceedings by proving that we have lawfully fulfilled your requests.

You can object to the processing of your personal data based on our legitimate interest at any time under the premises of Art. 21 GDPR. Please use the contact details provided in the imprint. We would like to note that the processing of your personal data is mandatory for the verification of compliance with data protection rights of the data subject according to Art. 21 (1) GDPR, as other methods of verification do not exist or are not equally suitable.

Data protection measures / arrangements

We secure our website and other systems — and thus your data — through technical and organizational measures against loss, destruction, access, change or dissemination through unauthorized persons. In particular your personal data will be transmitted encrypted through the internet. Therefore we operate with the coding system TLS (Transport Layer Security).

Having said this, the transmission of information via internet is never fully safe, which is why we cannot guarantee the safety of the data transmitted by our website to a 100%.

Data processing modalities

Sources and categories of personal data
We process your personal data insofar as it is necessary for the statement, content-related configuration or modification of a contractual relationship between you and us (inventory data). In particular the following can be inventory data: Name, form of address, contact details (postal address, telephone, email address), date of birth , etc.

Furthermore we process your usage data. Usage data is data that is collected when you interact with our web content and our services, in particular your IP address, start and end of your visit on our website and information on the contents you have viewed on our website.

We collect the data mentioned directly from you (e.g., through the visit of our website), or, provided that it is permitted by data protection laws, from third parties or respectively from publicly accessible sources (e.g., commercial or association register, the press, media, internet).

Data transfer to third party countries outside the EU
All information we acquire from or on you will generally be processed on servers located within the European Union. A transmission of your data or a processing of your data in third party countries will occur without your explicit consent solely if this is legally intended or permitted and if an appropriate data protection level is guaranteed in the third party country or if there are contractual obligations in place via the EU’s so-called standard contractual clauses.

Regarding data transfers to the U.S., the European Commission has issued an adequacy decision called the EU-U.S. Data Privacy Framework, which ensures an adequate level of protection for data transfers of personal data by companies participating in the EU-U.S. Data Privacy Framework. To the extent that we use services that transfer personal data to the U.S., the respective service states whether the company is certified by the EU-U.S. Data Privacy Framework.

Data disclosure, processing on behalf of the controller
We will never illicitly disclose your personal data to third parties. However, we may disclose your data to third parties, in particular if you have agreed to data disclosure, if the disclosure is necessary to fulfill our legal obligations or if we are obligated or authorized to disclose said data by law or administrative or judicial orders. In particular this may be the case for the purposes of criminal proceedings, averting of dangers or enforcement of intellectual property rights.

Under certain circumstances we may transmit your data to external service providers which process data on our behalf and in accordance with our instructions (data processor) to simplify and disburden our own data processing. Every data processor will be bound by contract according to Art. 28 GDPR. In particular this means that the data processor has to offer sufficient guarantees that appropriate technical and organizational measures are implemented so that data processing is compliant with the requirements of the GDPR and your rights as a data subject are ensured. Despite commissioning data processors we remain the responsible party for the processing of your personal data according to the GDPR.

Purpose / Objective of the data processing
In general we will use the data solely for the purpose for which the data was gathered. We may subsequently process the data for another, different purpose, provided that this other purpose is not incompatible with the original purpose (Art. 5 (1) point (c) GDPR).

Storage period
Unless specified otherwise, we will store data gathered from you only for as long as it is necessary for each respective purpose and unless there are legal retention obligations preventing deletion, for example from commercial law or tax law.

Individual processing activities / operations

In the following we want to outline as transparently as possible, which of your data we will process under which circumstances, on what basis and for what purpose.

Server log files
Each time our website is accessed, the following general information will be automatically sent to our servers by your browser (so called server log files): Your IP address, product and version information of the browser and operating system used (so called user agent), the webpage from which the access originated (so called referer), date and time of the request and possibly your internet service provider. Furthermore the status and the volume of data will be recorded.

Your computer’s IP address will be stored only for the duration of your visit to the website and subsequently will immediately be deleted or made partially unrecognizable through reduction. The rest of the data will be stored for a limited period of time (to a maximum of 7 days).

The legal basis for the usage of these server log files is Art. 6 (1) point (f) GDPR (legitimate interest of data processing). The legitimate interest arises from the necessity to operate our website, especially to discover and remove website errors, to determine the utilization of the webpage, to make adjustments and improvements and to guarantee the security of the system. You can object to the processing of your personal data based on the legitimate interest at any time under the premises of Art. 21 GDPR. Please use the contact details provided in the imprint. We would like to point out that the processing of your server log files is mandatory in accordance with Art. 21 (1) GDPR, as otherwise the website cannot be operated at all.

Cookies
To improve user-friendliness we use so called “cookies” and the “web Storage” of your browser on our website.

What Cookies are
Simply put, a cookie is a small text file, that stores data about visited websites. Cookies can store a kind of “user profile”, including information like your preferred language or other page set-ups, that are required by our website to be able to offer you certain services. This file will be stored on your terminal device and also helps with recognizing you in the event of a new visit to our website.

Under certain circumstances we can gather information on your preferred activities on our webpage through these cookies, and thus align the webpage according to your individual interests and even increase the navigation speed on our website.

How you can avoid Cookies
You can manually delete the cookies in your browser’s security settings at any time.

Optionally you can prevent the storage of cookies by default via the respective settings of your browser. Please do note that in this case you possibly will not be able to use all functions of our website entirely or that errors may occur in the presentation or usage of the website.

Third party Cookies
It is possible that third party service providers, with the help of whom we develop and operate our website, independently store cookies on your terminal device, in particular through so called plugins (see section below “Third-party services”). Should you solely want to accept our own cookies, but not the cookies of these third parties, you can prevent these third party cookies by use of the respective browser setting “Block third-party cookies”.

Which Cookies are implemented
In detail our webpage places the following cookies:

Name
Description
Domain
Validity
Third party access
_fbp
Used by Facebook to display a range of advertising products, for example real-time bids from third party advertisers.
.42digital.de
3 months
Yes, Meta
_ga, _ga_
This cookie is required by the Google Analytics service. It is used to recognize individual website visitors by using an identifier consisting of two randomly generated 32-bit numbers (e.g. 12345.67890). Instructions on how to prevent this cookie from being stored can be found below under “Google Analytics”.
.42digital.de
2 years
Yes, Google
_gat_UA-
This cookie is required by the Google Analytics service. It is used to reduce the request rate to the server and thus to relieve the server. It does not contain any personal data. Information on how you can prevent this cookie from being stored can be found below under “Google Analytics”.
.42digital.de
1 minute
Yes, Google
_gid
This cookie is required by the Google Analytics service. It is used to recognise individual website visitors by using an identifier consisting of two randomly generated 32-bit numbers (e.g. 12345.67890). Information on how you can prevent this cookie from being stored can be found below under “Google Analytics”.
.42digital.de
1 day
Yes, Google
_gcl_au
This cookie is required by the Google AdSense / Google Tagmanager service. It is used to extract information regarding advertising clicks and store it in the cookie.
.42digital.de
3 months
Yes, Google
f0_sid
This cookie is used by the Website protection service Fraud0 and stores a session ID to protect the website from cyberattacks and abuse.
www.42digital.de
1 day
f0_uid
This cookie is used by the Website protection service Fraud0 and stores a unique user ID to protect the website from cyberattacks and abuse.
www.42digital.de
1 year
_pk_id.<WebsiteID>.<domainHash>
This cookie is used to analyse and develop our website by recognising the user, the number of users, the number of days since the last visit of a user, and the number of visits of a user.
www.42digital.de
1 year
No
_pk_ses.<WebsiteID>.<domainHash>
This cookie is used to analyse the website by recording the user’s new visits to the website, whether 30 or more minutes have passed since the user’s last visit and how many of these visits have taken place.
www.42digital.de
30 minutes
No
_pk_ref.<WebsiteID>.<domainHash>
This cookie is used to analyse the website by storing the traffic sources of the users or referrers on the website, which record how the user arrived at the current website or file.
www.42digital.de
6 months
No
wp-wpml_current_language
Saves the language version of a web page selected by the user
www.42digital.de
Session
No

 

Legal Basis
The legal basis for the use of cookies that are absolutely necessary for the function of the website (e.g. shopping cart cookie, session cookie) is Art. 6 para. 1 p. 1 letter f) GDPR (legitimate interest in data processing) as well as §25 para. 2 No. 2 TTDSG (absolute necessity for the provision of a telemedia service expressly requested by the user). The legitimate interest results from our need to be able to offer you a functioning website. Cookies are necessary for this because they are an integral part of current Internet technology and without cookies many functions of current websites would not be available. We therefore require cookies to provide you with the website in response to your request.

You can object to the processing of your data based on our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the imprint.

However, we would like to point out that the processing of your data in certain cookies is mandatory in the sense of Art. 21 (1) GDPR, as otherwise the website cannot be operated at all and we do not have the technical possibility to prevent the setting of cookies on certain individual end devices. However, you may be able to do this yourself in your browser. For more information on this, please look at the instructions for your browser.

The legal basis for the use of cookies that are not absolutely necessary for the function of the website is Art. 6 para. 1 p. 1 letter a) GDPR (consent of the person concerned). We ask you for your consent to the use of cookies that are not necessary when you first access the website via a displayed notice text. You can revoke your consent at any time with effect for the future by calling up the cookie banner again and changing the settings made.

Web Storage

What is Web Storage
Web storage is a technology for web applications that store data in a web browser. Web storage can be seen as a further development of cookies but differs from them in some respects.

In contrast to cookies, which can be accessed by both server and client, the web storage is completely controlled by the client. This means that data is not transferred to the server every time the website is accessed. Access is only possible locally via scripts on the website. Specifically, this means that third parties cannot access the information stored on the website. Only you and we can access the locally stored data.

Legal basis
The legal basis for the use of web storage, which is absolutely necessary for the function of the website, is Art. 6 para. 1 p. 1 letter f) GDPR (legitimate interest in data processing) and §25 para. 2 No. 2 TTDSG (absolute necessity for the provision of a telemedia service expressly requested by the user). The legitimate interest results from our need to be able to offer you a functioning website. The Web Storage is necessary for this because it is an integral part of current Internet technology and without it many functions of current websites would not be available. We therefore require the Web Storage in order to provide you with the website in response to your request.

You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the imprint.

However, we would like to point out that the processing of your data in web storage may be compulsory within the meaning of Art. 21 (1) GDPR, since otherwise the website cannot be operated at all and we do not have the technical option to prevent the usage on certain end devices. However, you may be able to do this yourself in your browser. For more information, please look at the instructions for your browser.

The legal basis for the use of the web storage, which is not absolutely necessary for the function of the website, is Art. 6 para. 1 p.1 letter a) GDPR (consent of the data subject). We ask you for your consent to the use of this data when you first access the website by means of a message text that appears. You can revoke your consent at any time with effect for the future by calling up the cookie banner again and changing the settings made.

Contacting us
Our website offers options for contacting us directly.

We process the data you send us exclusively until the purpose of your contact has been achieved, unless there are legal retention periods to the contrary. If the purpose of your contact is to assert data subject rights, what has been said in the section “Your rights as a data subject” applies.

The following data is processed within the framework of the contact form:
Name, e-mail address and the content of the message.

The legal basis for the use of the data you provide to us by contacting us in the context of contractual or pre-contractual relations or for responding to (pre)contractual inquiries is Art. 6 para. 1 p. 1 letter b) GDPR (data processing for the performance of a contract).

The legal basis for processing the data you provide to us by contacting us in cases other than for contractual or pre-contractual purposes or inquiries is Art. 6 para. 1 p. 1 letter f) GDPR (Legitimate Interest in Data Processing). Our legitimate interest in processing arises from our interest in responding to requests and maintaining user relationships.

You can object to the processing of your data based on our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the imprint.

The data transmitted to us by you will be processed solely up until the point in which the purpose of your request is reached, unless contradicting legal retention periods exist. If the purpose of your contact is assertion of the rights of the data subject the section “your rights as a data subject” applies.

Online applications

Our website offers you the option of applying online via an application form. Please note that you will be asked to provide mandatory information, without which you will not be able to submit your application.

We require the following mandatory information from you:

  • Name: This information is necessary for us because we attach importance to a personal address within the framework of professional correspondence. We will only use your details for this purpose.
  • Email address: We need your email address because we need an uncomplicated way to process your request and then contact you. We use your information exclusively for this purpose.
  • Telephone number: Your telephone number is necessary for us to contact you because it is much easier and quicker to make arrangements by telephone than to communicate exclusively by email. It also allows us to reach you quickly in case of last-minute changes. We use your information exclusively for this purpose.
  • Availability: It is necessary for us to know your availability so that we can plan the period of your possible employment and thus plan our personnel accordingly. We will only use your details for this purpose.
  • Curriculum vitae: The CV is necessary for us to assess your skills, formal qualifications and suitability for the position applied for. We will only use your information for this purpose.

All other information is voluntary. This allows you to send us additional information and documents that you consider important and useful for your application.

Overall, the use of the online form is voluntary. You can also send us your application by e-mail or letter post at any time. As applications usually contain particularly sensitive information, we would like to point out that there are risks involved in transmitting such data via the Internet, in particular through interception/spying on the data. If you are unsure about this, we advise you to contact us by post.

We use your data to process your application and to communicate with you, in particular to assess your suitability for current or future employment with our company.

If your application is successful, our HR department will add your data to the personnel file when you are hired. If your application is unsuccessful, we will store your data for a period of six months from the date you receive the decision. During this period, your data will only be accessed if you wish to justify our decision or to defend ourselves against legal claims.

After this period has expired, we will delete or destroy your data unless we are obliged by law to store your data for longer. If you have applied by letter post, we will return your application documents to you by letter post, provided you have given us a domestic postal address and wish us to return them. Otherwise, your documents will be destroyed if the application process is unsuccessful.

The legal basis for the data you voluntarily provide in the application form is Art. 6 para. 1 p. 1 letter f) GDPR (legitimate interest in data processing). Obviously irrelevant data will be deleted by us. Our legitimate interest arises from our need to process applications and information about the applicant. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the imprint.
The legal basis for the processing of mandatory data is Art. 88 (1) GDPR in conjunction with Section 26 BDSG (data processing in the context of employment) as well as Art. 6 (1) lit. b) GDPR (data processing for the performance of a contract and for the implementation of pre-contractual measures).

We reserve the right to anonymise applicant data so that it is no longer possible to draw conclusions about your person and then to evaluate it for internal company statistical purposes. We do not carry out any further evaluation without your consent.

Hosting services

Our website is hosted on servers of external providers to ensure the efficient and secure provision of the website.

Each time you visit the website, general information is automatically transmitted from your browser to the server (so-called server log files). For more information, see “Server log files” above.

The legal basis for the use of hosting service and the associated processing of your data is Art. 6 para. 1 p. 1 letter f) GDPR (Legitimate Interest in Data Processing), unless otherwise stated for the respective service. The legitimate interest arises from our need for a technically flawless presentation of our website without requiring in-depth knowledge of website programming and maintenance of IT systems. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the imprint.

Third party services

For simplification of our data processing and to extend the functionality of our website we use third party services and resources, for example plugins, external content, software or other external service providers (services). In doing so the possibility exists that personal data will be transmitted to the service provider. If required, to protect your data, we have contractually obligated the service provider according to Art. 28 GDPR to solely process the data according to our instructions. We would like to explicitly point out that we are regularly only responsible for the data acquisition and transmission by the service according to the GDPR, but not for a possible subsequential processing by the respective service provider.

In detail we use the following services:

Google services
Our webpage uses services from the company Google Ireland Limited (“Google EU”), Gordon House, Barrow Street, Dublin 4, Irland. This company represents the company Google LLC (“Google US”), 1600 Amphitheatre Parkway Mountain View, CA 94043, USA in the EU.

By using the services data will be transmitted to Google EU and possibly from Google EU to Google US. Google as a whole can use the transmitted data to create anonymized user profiles for statistical purposes. In addition, if you possess a Google-account and are logged into it, Google can associate the transmitted data with your account, even across multiple devices. In general we do not have any influence regarding this data processing. Controller of this data processing is therefore Google EU.

The company Google LLC complies with the requirements of the “EU-U.S. Data Privacy Framework”. The Privacy Framework Agreement regulates the protection of personal data transferred from a member state of the European Union to the USA. It ensures that the data transferred there is also subject to a level of data protection comparable to that of the European Union. You can access the list of certified companies here: https://www.dataprivacyframework.gov/s/participant-search.

You can find more information about the handling of user data in the privacy policy of Google: https://policies.google.com/privacy.

The details of the concluded standard contractual clauses (ensuring the level of data protection in third countries) can be found here: https://support.google.com/adspolicy/answer/10042247?hl=de

You can change your individual Google ad-settings on the following website: https://adssettings.google.com/?hl=de (Please note: The settings made are deleted when you delete the cookies in your browser)

We use:

Google Ads (vormals Adwords)
We use the “Ads” advertising service from Google. This service enables us to advertise our offers on external websites with the help of so-called Google Ads. We can also determine how successful the individual advertising measures are. These ads are delivered by Googles via so-called “ad servers”. For this purpose, we use ad server cookies (see above under “Cookies”), through which various parameters can be measured to determine success. We ourselves do not collect or process any personal data through the aforementioned advertising measures. We only receive statistical evaluations from Google. These evaluations enable us to identify which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising media; in particular, we cannot identify you on the basis of this information.

On the page about advertising (https://policies.google.com/technologies/ads?hl=de), you can find out more about advertising with Google, how exactly your data is used in connection with advertising and how long Google stores this data.

Due to the marketing tools used, your browser automatically establishes a direct connection with Google’s server. We have no influence on the scope and further use of the data collected by Google through the use of this tool and therefore inform you according to our state of knowledge: Through the integration of ads, Google receives the information that you have called up the corresponding part of our website or clicked on an ad from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, it is possible that the provider may obtain and store your IP address.

You can prevent participation in this tracking procedure in several ways:

  1. by setting your browser software accordingly not to accept cookies (see “How to avoid cookies” above),
  2. by deactivating cookies for conversion tracking, on the following website: https://adssettings.google.com/?hl=de (this setting will be deleted when you delete your cookies) or
  3. by permanently deactivating them in your Firefox, Internetexplorer or Google Chrome browsers at the link http://www.google.com/settings/ads/plugin. Please note that in this case you may not be able to use all the functions of our website to their full extent.

The legal basis for the use of Google Ads is Art. 6 para. 1 p. 1 letter a) GDPR (consent of the person concerned). We ask you for your consent to use the service when you first call up the website via a message text that appears. You can revoke your consent at any time with effect for the future by calling up the cookie banner again and changing the settings you have made.

Google Analytics
Our website uses the service “Google Analytics” from Google. Google Analytics uses cookies (see above under “cookies”) to enable us an analysis of the website usage of website visitors. The information produced by the cookies about the usage of this website through the users will generally be transmitted to a Google server in the USA and stored there. Among other things the following can be transmitted: Your IP address, product- and version information about the used browser and operating system (so called user agent), the webpage from which your access took place (so called referrer), date and time of your request and possibly your internet-service-provider.

Our website has activated the IP-anonymization, so that your transmitted IP address will be reduced before transmission from the jurisdiction of the GDPR, and thereby made partially unrecognizable (anonymized). Only in exceptional cases your IP address will be first transmitted to a Google server in the USA and immediately reduced thereafter.

Google will use the transmitted information on our account to evaluate the usage of our website, to compose reports about website activity, and to deliver us further services related to the website usage and internet usage. The IP address transmitted by your browser within the frames of Google analytics will not be matched with other data from Google.

You can find more information about the terms of service and data protection by Google analytics at http://www.google.com/analytics/terms/de.html and under https://policies.google.com/technologies/partner-sites?hl=de

You can prevent the transmission and processing of data to google  that is produced by the cookie related to the website usage (including IP address), by downloading the browser-plugin available from the following link and installing it in your browser. The current link is: http://tools.google.com/dlpage/gaoptout?hl=de.

You can also prevent the setting of cookies in general (see above “How you can avoid Cookies”).

The legal basis for the usage of Google Analytics is Art. 6 (1) point (a) GDPR (consent of the data subject) , since no data processing occurs as long as you do not accept our cookies via the cookie-banner. You can revoke your consent with effect for the future at any time. You can revoke your consent at any time with effect for the future by calling up the cookie banner again and changing the settings you have made.

Google Advanced consent mode
Our website uses the “Advanced consent mode” support service from Google. This mode allows us to adjust the behavior of Analytics, Google Ads and third-party tags based on the consent status of the user, which is determined based on the selection in our consent banner or widget. Advanced consent mode also enables conversion rates to be modeled even without your consent. When you visit our website, Google tags that transmit your consent status and so called “pings” to Google are loaded. These pings contain the following functional information: Timestamp, user agent (this only includes information about the browser you are using, your operating system and device type), the referrer URL (Web only), a random number generated on each page load, and information about the consent management platform we use. Google products use these pings to model measurement values in analysis tools based on overarching trends and thereby close gaps in data collection. Modeling is based on the observable behavior of users who have consented to the use of cookies, and Google uses these models to evaluate the attribution paths of users who have not given their consent.

You can find more information on data processing and privacy by Google Advanced consent mode at: https://support.google.com/google-ads/answer/10000067?hl=en&sjid=11401170123793560795-EU

The legal basis for the use of Google Advanced consent mode is Art. 6 para. 1 sentence 1 letter f) GDPR (legitimate interest in data processing). The legitimate interest arises from our need for proper synchronization of the consent status of users and the loaded Google tags, as well as for the efficient campaign optimization of advertising. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the legal notice.

Google DoubleClick
We use the advertising service “DoubleClick” from Google. DoubleClick is used to offer digital advertising on the internet. At the core of DoubleClick are ad servers that allow marketers, advertisers and ad networks to target users with targeted internet advertising. DoubleClick can be used to monetise websites, run online campaigns and make advertising contacts.

DoubleClick typically uses cookies to serve ads that are relevant to users, to improve campaign performance reports, or to prevent a user from seeing the same ads more than once. Google uses a cookie ID to record which ads are shown in which browser and can thus prevent them from being shown more than once. In addition, DoubleClick can use cookie IDs to record so-called conversions that are related to ad requests. This is the case, for example, when a user sees a DoubleClick ad and later calls up the advertiser’s website with the same browser and buys something there. According to Google, DoubleClick cookies do not contain any personal information. Due to the marketing tools used, your browser automatically establishes a direct connection with Google’s server. We have no influence on the scope and further use of the data collected by Google through the use of this tool and therefore inform you according to our state of knowledge: Through the integration of DoubleClick, Google receives the information that you have called up the corresponding part of our website or clicked on an advertisement from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, it is possible that the provider may obtain and store your IP address.

You can prevent participation in this tracking procedure in several ways:

  1. by setting your browser software accordingly not to accept cookies (see “How to avoid cookies” above),
  2. by deactivating cookies for conversion tracking, on the following website: https://adssettings.google.com/?hl=de (this setting will be deleted when you delete your cookies) or
  3. by permanently deactivating them in your Firefox, Internetexplorer or Google Chrome browsers at the link http://www.google.com/settings/ads/plugin. Please note that in this case you may not be able to use all the functions of our website to their full extent.

The legal basis for the use of Google Ads is Art. 6 para. 1 p. 1 letter a) GDPR (consent of the person concerned). We ask you for your consent to use the service when you first call up the website via a message text that appears. You can revoke your consent at any time with effect for the future by calling up the cookie banner again and changing the settings you have made.

Google Hosted Libraries
Our website uses “Google Hosted Libraries” from Google. This service enables us to expand our website by externally integrating code frameworks. For this purpose, the required frameworks are usually requested from a Google server in the USA. Through this request, the following information, among other things, is transmitted to the Google server and stored there: Your IP address, product and version information about the browser and operating system used (so-called user agent), the website from which your access took place (so-called referrer), date and time of the request and possibly your internet service provider.

The legal basis for the use of Google Hosted Libraries is Art. 6 para. 1 sentence 1 letter a) GDPR (consent of the person concerned). When you first access the website, we will ask you for your consent to the use of the service via a displayed message. You can revoke your consent at any time with effect for the future by calling up the cookie banner again and changing the settings you have made.

Google Tag Manager
Our website uses the support service “Google Tag Manager” from Google. This service does not process any personal data itself. However, the Google Tag Manager ensures the triggering of scripts that are required by other services to collect data. It is not possible for the Google Tag Manager to access this data.

The legal basis for the use of Google Tag Manager is Art. 6 para. 1 p. 1 letter f) GDPR (Legitimate Interest in Data Processing). The legitimate interest results from our need for a technically flawless and fast presentation of our website and the relief of our IT infrastructure. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the imprint.

Content Delivery Networks

Our website uses so-called Content Delivery Networks (CDN). A CDN is a network of powerful servers that cache content at various locations around the world. A CDN essentially has two tasks: on the one hand, it should provide content in the shortest possible time and, on the other hand, it should relieve the web host by distributing the data traffic.

CDNs transmit two types of content: Static and dynamic content. Static content is delivered to all website visitors in the same form, such as video content from streaming services or code frameworks (e.g. Javascript, jQuery). Dynamic content is first adapted to the user and only created at the moment of the request. This includes content that takes place via web applications, email or online shops and is personalised. In order to use the latter, information about the website visitor must first be transmitted to the CDN. Your personal data may also be transmitted in the process.

Each time the application is called up, general information is automatically transmitted from your browser to the server (so-called server log files). For more information, see above under “Server log files”.
The legal basis for the use of CDNs and the transmission of your data to them is Art. 6 para. 1 sentence 1 letter f) GDPR (Legitimate Interest in Data Processing), unless otherwise stated for the respective service. The legitimate interest results from our need for a technically flawless and fast presentation of our website and the relief of our IT infrastructure. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the imprint.

We use:

Amazon Web Services – Cloudfront
We use the CDN service “Cloudfront” from Amazon Web Services. Amazon Web Services EMEA SARL (“AWS EU”), 38 Avenue John F. Kennedy, L-1855 Luxembourg, is the controller of personal data collected and processed through the “Amazon Web Services” offerings. AWS EU is the authorised representative of Amazon Web Services Inc (“AWS US”), 410 Terry Avenue North, Seattle WA 98109, United States.

By using the services, data is transmitted to AWS EU and, under certain circumstances, from AWS EU to AWS US. The Amazon Group may process the transmitted data to create anonymised user profiles for statistical purposes. In principle, we have no influence on this data processing. AWS EU is therefore responsible for this data processing.
More information on the handling of user data can be found in the AWS EU privacy policy at https://aws.amazon.com/de/privacy/?nc1=f_pr.

Cloudflare
We use the CDN service of the company Cloudflare Inc. (“Cloudflare”), 101 Townsend St., San Francisco, California 94107, USA.

Cloudflare Inc. complies with the requirements of the “EU-U.S. Data Privacy Framework”. The Privacy Framework Agreement regulates the protection of personal data transferred from a member state of the European Union to the USA. It ensures that the data transferred there is also subject to a level of data protection comparable to that in the European Union. You can access the list of certified companies here: https://www.dataprivacyframework.gov/s/participant-search.

More information on the handling of user data can be found in Cloudflare’s privacy policy: https://www.cloudflare.com/security-policy/.

Google Hosted Libraries
Our website uses “Google Hosted Libraries” from Google. See the data protection information above.

jsDelivr
We use the CDN service “jsDelivr” of the company Prospect One, Krolewska 65a, Krakow, 33-332, Poland.

More information on the handling of user data can be found in the privacy policy of jsDelivr: https://www.jsdelivr.com/privacy-policy-jsdelivr-net.

Analysis-Tools

We use certain services that record data from website visitors and provide it to us for analysis. We use this data to improve our website, services and offers on a usage-oriented basis. In particular, the following visitor behaviour information may be collected: Your IP address, product and version information about the browser and operating system used (so-called user agent), the website from which your access took place (so-called referrer), date and time of the request and possibly your internet service provider, approximate origin (country and city), language, clicks on content and viewing duration.

The legal basis for the use of analysis tools is Art. 6 para. 1 p. 1 letter a) GDPR (consent of the person concerned). When you first access the website, we ask you for your consent to the use of the service via a displayed notice text. You can revoke your consent at any time with effect for the future by calling up the cookie banner again and changing the settings you have made.

We use:

Google Analytics
Our website uses the “Google Analytics” service provided by Google. See the data protection information above.

Matomo (formerly Piwik)
Our website uses the service “Matomo” (formerly “Piwik”) of the company InnoCraft Ltd (InnoCraft), 150 Willis St, 6011 Wellington, New Zealand. Matomo is a so-called web analysis service. Matomo uses a so-called cookie. The usage information generated by the cookie (including your shortened IP address) is transmitted to our server and stored for usage analysis purposes. Your IP address is immediately anonymised during this process, so that you as a user remain anonymous to us. We store the collected information exclusively on our own server and do not transmit it to third parties. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

If you do not agree to the storage and analysis of data from your visit, you can object to the storage and use at any time by clicking on the following link. In this case, a so-called opt-out cookie is placed in your browser, which means that Matomo does not collect any session data: <iframe frameborder=”no” width=”500px” height=”250px” src=”https://www.42digital.de.de/index.php?module=CoreAdminHome&action=optOut&language=de”/></iframe/>

Please note: If you delete your cookies, the opt-out cookie will also be deleted and you may have to reactivate it.
You can find further information on data protection with Matomo at: https://matomo.org/privacy-policy/.

Advertising services
We use services on our website that help us promote the sales and popularity of our offer. These services may, for example:

  • track the browsing behaviour of our website visitors and provide appropriate advertisements based on that information.
  • collect statistical data about interaction with advertisements on our website, which we can use to optimize our advertising efforts; or
  • display an average of other customers’ opinions about our company (so-called ratings/testimonials).

In particular, the Services may collect the following data: Origin (country and city), language, operating system, end device (PC, tablet PC or smartphone), browser and any add-ons used, referer (source where the user came from), clicks on advertising banners, viewing duration, actions after clicking on advertising banners. This data or parts thereof may also be transmitted to the respective service provider to enable the use of the service.

The collected data is automatically processed, among other things, to display suitable advertising to you based on your perceived preferences, for market research purposes or to tailor our website to your needs. This constitutes automated decision-making or profiling pursuant to Art. 4 No. 4; Art. 22 GDPR. This automated processing is permitted pursuant to Art. 22 (2) No. 2 GDPR on the basis of Section 15 (3) TMG. You have the right to object to this type of data processing at any time. For this purpose, please use the contact details provided in the imprint.

The legal basis for the use of advertising services is Art. 6 para. 1 p. 1 letter a) GDPR (consent of the data subject). We ask you for your consent to the use of the service when you first call up the website via a displayed notice text. You can revoke your consent at any time with effect for the future by calling up the cookie banner again and changing any settings you have made.

We use:

Facebook Pixel, Facebook Custom Audiences und Facebook-Conversion
The so-called “Facebook pixel” is used within our online offer. Facebook is a social network of Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. You can find more information about Facebook under “Social media fan pages”.

Through the Facebook pixel, it is possible for Facebook, on the one hand, to determine you as a visitor to our online offer as a target group for the display of advertisements (so-called “Facebook ads”). Accordingly, we use the Facebook pixel to display the Facebook ads placed by us only to those Facebook users who have also shown an interest in our online offer or who have certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited) that we transmit to Facebook (so-called “Custom Audiences”). With the help of the Facebook

pixel, we also want to ensure that our Facebook ads correspond to the potential interest of the users and do not have a harassing effect. With the help of the Facebook pixel, we can further track the effectiveness of the Facebook ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Facebook ad (so-called “conversion”).

Meta Platforms, Inc. complies with the requirements of the “EU-U.S. Data Privacy Framework”. The Privacy Framework Agreement regulates the protection of personal data transferred from a member state of the European Union to the USA. It ensures that the data transferred there is also subject to a level of data protection comparable to that in the European Union. You can access the list of certified companies here: https://www.dataprivacyframework.gov/s/participant-search.

We are jointly responsible for the collection of data that Facebook collects on our online offer using Facebook pixels and similar technology. We have concluded the following agreement with Facebook for this purpose:
https://www.facebook.com/legal/controller_addendum

Insofar as anonymised reports and analyses are provided to us by Facebook, this is done on the basis of an order processing agreement: https://www.facebook.com/legal/terms/dataprocessing

Processing in the USA takes place on the basis of standard contractual clauses: https://de-de.facebook.com/legal/technology_terms

Further information on data protection at Facebook can be found at: https://www.facebook.com/about/privacy/.

Google Ads
Our website uses the “Ads” service of the company Google. See the data protection information above.

Google DoubleClick
Our website uses the “DoubleClick” service of the company Google. See the data protection information above.

Other services

Personio
We use the online application service “Personio” of the company Personio SE & Co., Seidlstraße 3, 80335 Munich, Germany on our website.

You can use the service to apply for a job directly on our website. Personio processes on behalf of and for the purposes of our company your personal data that you provide as part of the application process. A contract processing agreement has been concluded with the provider. For more information, see “Online applications” above.

For more information on the use of data by Personio, please refer to the provider’s privacy policy: https://www.personio.de/datenschutzerklaerung

The legal basis for the use of Personio is Art. 6 para. 1 p. 1 letter f) GDPR (legitimate interest in data processing). The legitimate interest arises from our need to be able to present you with vacancies in our company and also to give you the opportunity to apply for these vacancies directly. You can object to the processing of your data on the basis of our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the imprint.

Usercentrics
Our website uses the “Usercentrics” service of Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, Germany. Usercentrics is used to comply with legal obligations and to store the consent of a website visitor.

The Usercentrics Consent Management Plug-In collects log file and consent data using JavaScript. This allows us to manage and document a website visitor’s consent to specific tags on the website.

Through the service, the following data is collected and transmitted to Usercentrics: browser information, end device information, time of website visit, anonymized IP address, geographic location, opt-in and opt-out data.

The service sets cookies and stores data in the website visitor’s local storage. The data processing takes place in the European Union.

The retention period is the period during which the collected data is stored for processing. The data must be deleted as soon as it is no longer needed for the specified processing purposes.

Consent data (consent given and consent revoked) is retained for three years. After that, the data is deleted immediately or released to the responsible party in the form of a data export upon request.

More information on the handling of user data can be found in the Usercentrics privacy policy: https://usercentrics.com/privacy-policy.

The legal basis for the use of the plugin is Art. 6 para. 1 p. 1 letter f) GDPR (legitimate interest in data processing). The legitimate interest arises from our need to provide a legally compliant website and to give you the ability to manage your cookie settings. You can object to the processing of your data based on our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the imprint.

Fraud0
Our website uses the abuse protection “fraud0” of fraud0 GmbH, Sendlinger Str. 7, 80331 Munich, Germany.

Fraud0 is used to prevent cyberattacks and harassment by so-called “bots” (artificial website users) by checking whether it is a real human visiting the website. This service enables us to operate our website in a stable manner and to protect it from abuse.

For this purpose, fraud0 analyzes the behavior of the website visitor. This is done by evaluating various information, e.g. user agent, time zone, host name, referrer URL, language or operating system, start and end time of the session as well as and other parameters.

More information on the handling of user data can be found in the Fraud0 privacy policy: https://fraud0.com/de/datenschutz.

The legal basis for the use of fraud0 is Art. 6 para. 1 p. 1 letter f) GDPR (Legitimate Interest in Data Processing). The legitimate interest results from our need for a technically flawless and secure website. You can object to the processing of your data based on our legitimate interest at any time under the conditions of Art. 21 GDPR. To do so, please use the contact details provided in the imprint.

Social media fan pages

In addition to our website we maintain an online presence on social platforms in order to communicate with our active customers, interested parties and users, and to inform them about our services.

When you visit our presence on a social platform, your data will generally be gathered and processed by the respective platform provider for our market research and advertisement purposes. The provider can also process the data for their own purposes. From your user behavior and your interest resulting from this behavior user profiles can be made. These user profiles can in turn be used to, for example, show advertisements within and outside of the platform, that presumably corresponds with your interests. For these purposes cookies (see above) are generally stored on your terminal device, in which your user behavior and your interests will be recorded. Especially if you are a member of the respective platform and are logged in, further data may be stored independently in the user profiles. For a detailed presentation of each respective data processing and the possible contradiction possibilities we point to the following linked details of the service providers, as only they fully know the exact procedures of their data processing.

We point out, that your data may also be processed outside of the European Union. This can yield risks, as for example the enforcement of your rights may be more difficult.

The legal basis for the usage of online presences and the data procession related to it is generally Art. 6 (1) point (f) GDPR (legitimate interest of data processing). The legitimate interest results from our need to be able to present ourselves to visitors in social media as well as having the ability to introduce statements of all sorts into the media- and opinion market. You can object to the processing of your personal data based on the legitimate interest at any time under the premises of Art. 21 GDPR.  Please use the contact details provided in the imprint.

The legal basis for the usage of statistical data of all visitors on our social media sites, that is gathered, prepared and made available to us by the respective platform providers is Art. 6 (1) point (f) GDPR (legitimate interest of data processing).  The legitimate interest results from our need for user-oriented improvements of our online services and design and the optimization of the communication with interested parties by analysing anonymised visitor- and user behaviour. You can object to the processing of your personal data based on the legitimate interest at any time under the premises of Art. 21 GDPR.  Please use the contact details provided in the imprint.

If you are asked for consent regarding data processing by the respective service provider, the legal basis for data processing is Art. 6 (1) point (a) GDPR (consent of the data subject). You can revoke your consent with effect for the future at any time. Please contact the service provider that asked for your consent regarding this.

In the event that you would like to assert your rights, we note that these rights, regardless of a possible joint responsibility and control, are most effectively enforced against the respective service provider. As a rule only the service providers have direct access to your data and can take appropriate measures directly or provide information. Should you need help nonetheless, you can contact us at any time and we will support you in the scope of our possibilities.

We are represented on:

Facebook
Facebook is a social network of Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The company Meta Platforms Ireland Limited is the European subsidiary company of the company Meta Platforms, Inc., 1601 Willow Road, Menlo Park, California 94025, USA.

You can find further information about the privacy policy of Facebook at: https://www.facebook.com/about/privacy/. We inform you about our own data processing in this statement.

We have concluded an additional agreement with facebook within our license agreement that regulates the responsibility and control of the data processing regarding the site-insights-function according to Art. 26 GDPR. You can find the details of this agreement here: https://www.facebook.com/legal/terms/page_controller_addendum. Facebook has, among other things, obligated themselves to inform you about data processing within the site-insights-function. You can find this information here: https://www.facebook.com/legal/terms/information_about_page_insights_data.

Instagram
Instagram is a social network of Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The company Meta Platforms Ireland Limited is the European subsidiary company of the company Meta Platforms, Inc., 1601 Willow Road, Menlo Park, California 94025, USA.

You can find further information about the privacy policy of Instagram at: http://instagram.com/about/legal/privacy/.

You can find further information about the privacy policy of Facebook at: https://www.facebook.com/about/privacy/.

Kununu
Kununu is a professional network of New Work SE, Am Strandkai 1, 20457 Hamburg, Germany. For more information on data protection at kununu, please visit:

https://privacy.xing.com/de/datenschutzerklaerung.

LinkedIn
LinkedIn is a professional network of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. This company represents in the EU LinkedIn Corporation, 1000 W. Maude Ave, Sunnyvale, California 94085, USA.

For more information on data protection at LinkedIn, please visit: https://www.linkedin.com/legal/privacy-policy.

You can configure LinkedIn’s data collection on the following page: https://www.linkedin.com/psettings/guest-controls.

 

Effective: 21.08.2023

Source: Süddeutsche Datenschutzgesellschaft mbH