Privacy Policy
1. Controller
The controller responsible for the processing described below is
Branicks Group AG
Neue Mainzer Straße 32-36
60311 Frankfurt am Main
Germany
Tel.: +49 69 94548 58-0
Fax: +49 69 9454858-99 98
Email: info@branicks.com
2. General data processing when using our website
2.1. Usage data
Purposes and scope of the processing/legal bases:
When your visit our website, usage data is temporarily processed on the web server to enable you to access our website. This data includes the following:
- Name and address of the requested content;
- Date and time of the request;
- Data volume transferred;
- Access status (content transferred, content not found);
- Description of the web browser and operating system used, including information on the selected language;
- Referrer URL, which indicates the page from which you accessed our site;
- The IP address of the requesting terminal device.
The legal basis for the processing is Article 6(1) sentence 1 (f) GDPR and our legitimate interest in being able to provide you with an attractive and functional website. We anonymise your IP address by truncating it in such a manner that it is no longer possible to determine an individual’s identity based on any usage data.
2.2. Consent management via consent management platform
Purposes and scope of the processing/legal bases:
Insofar as we use technically necessary cookies and similar technologies in the context of integrating the service, the legal basis for this is section 25 (2) no. 2 of the German Telecommunications Digital Services Data Protection Act (Telekommunikation-Digitale-Dienste-Datenschutz-Gesetz, “TDDDG”). The subsequent processing is carried out on the basis of Article 6(1) sentence 1 (f) GDPR for the purpose and in the pursuit of our legitimate interest in being able to use cookies and similar technologies on our website in a manner consistent with the requirements of data protection law and enabling you to easily and conveniently withdraw your consent.
When you configure settings via our consent banner, we process the following data:
- The lifetime of the cookie;
- The version of the cookie;
- The address of the website from which your consent was sent;
- The date and time of consent;
- A pseudonym known as a randomly generated unique identifier (UID);
- Your consent status, which serves as proof of your consent.
This data is logged on our servers and stored on your terminal device in a cookie. This is how our website is able to check your consent status on all subsequent and future visits and how cookies and other technologies are enabled or disabled when you return to the page based on your decision to use them. Verification takes place by matching the key and consent status from the cookie on your terminal device with the values provided to us when you gave your consent, to ensure that the status of the consent you originally gave has not changed.
Storage time/criteria for determining storage time:
Your pseudonym (UID) and your consent status are also stored in both the browser of your terminal device in a cookie and on our servers for a period of one year.
Recipients/categories of recipients:
For our content management platform, we use the service provider Usercentrics GmbH, Sendlinger Str. 7, 80331 Munich, Germany.
Cookies and similar technologies
Purposes and scope of the processing/legal bases:
Where necessary, this website uses cookies and similar technologies to store data in the browser of your terminal device and to read data that has already been stored. Cookies, your browser’s local storage, pixels and tags may be used for this purpose.
These are used for technical purposes in order to provide the content necessary for the website (essential); to store and manage any of the website visitor’s optional settings and security settings (functional and security); to track the visitor’s interactions through statistical analysis for optimising the design of the website (statistics); and to analyse and control the effectiveness of targeted advertising (marketing).
Cookies are small text files that can be stored on your terminal device and read.
There are different types of cookies, such as session cookies, which are deleted as soon as you close your browser, and persistent cookies, which are stored beyond the individual session for a certain period of time.
In addition to cookies, way may also use your browser’s local storage to store and read data there.
We may also incorporate pixels into our website. Pixels are small individualised image files that are loaded when a page loads and can be used to track user activity.
Finally, we may use tags (markers) on our website. Tags are small HTML or Java Script code fragments or markers which allow website analysis or user tracking services to distinguish or identify users and track specific user activities.
Detailed information on the cookies and similar technologies we use in the categories “essential”, “functional and security”, “statistics”, and “marketing”, in particular on the name, purpose description, domain name, provider, expiry of validity of the cookie or technology and, where applicable, information on transfers to third countries, is available on our consent management platform by accessing the Cookie Settings provided at the bottom of each page.
The legal basis for the use of technically necessary cookies and similar technologies in the “essential” category is section 25 (2) no. 2 TDDDG. Subsequent data processing is based on our legitimate interests pursuant to Article 6(1) sentence 1 (f) GDPR.
The legal basis for the use of optional cookies and similar technologies in the categories “functional and security”, “statistics” and “marketing” is section 25 (1) TDDDG. Subsequent data processing is based on your consent given pursuant to Article 6(1) sentence 1 (a) GDPR.
Your consent is given voluntarily and may be withdrawn at any time by accessing the Cookie Settings provided at the bottom of each page. Your consent is generally valid for one year. It is stored in a cookie on your terminal device and will be requested again after that cookie is deleted, after your consent is withdrawn or after expiry of one year.
Please note that without certain cookies and similar technologies, our website may not display properly and some functions may no longer be available.
Data processing in third countries:
Cookies and similar technologies may also be used to process your data in countries outside the European Union (EU) and the European Economic Area (EEA) in third countries which do not offer an appropriate level of data protection. If your data is transferred to third countries, in particular to the USA, there is a risk that authorities there may access your data for security and surveillance purposes without you being informed or having the right to appeal.
Therefore, when transferring data to third countries, we take measures to ensure an appropriate level of data protection in accordance with Article 44 et seq. GDPR. In particular, standard contractual clauses adopted by the European Commission pursuant to Article 46(2)(c), (5) sentence 2 GDPR are agreed and other technical measures put in place. In future, the clauses will be replaced by standard data protection clauses adopted by the European Commission pursuant to Article 46(2)(c), GDPR.
Detailed information on transfers to third countries associated with the use of cookies and similar technologies is available on our consent management platform by accessing the Cookie Settings provided at the bottom of each page.
Recipients/categories of recipients:
Detailed information on the recipients/providers of the cookies and similar technologies is available on our consent management platform by accessing the Cookie Settings provided at the bottom of each page.
Storage time/criteria for determining storage time:
By integrating cookies and similar technologies on our website, data is stored on your terminal device, transferred to the specified recipients if necessary, and stored there for as long as this is required to achieve the specified purposes.
Detailed information on the storage time for cookies and similar technologies and the data processed using them is available on our consent management platform by accessing the Cookie Settings provided at the bottom of each page.
The legal basis for the use of technically necessary cookies and similar technologies in the “essential” category is section 25 (2) no. 2 TDDDG. Subsequent data processing is based on our legitimate interests pursuant to Article 6(1) sentence 1 (f) GDPR.
The legal basis for the use of optional cookies and similar technologies in the categories “functional and security”, “statistics” and “marketing” is section 25 (1) TDDDG. Subsequent data processing is based on your consent given pursuant to Article 6(1) sentence 1 (a) GDPR.
Your consent is given voluntarily and may be withdrawn at any time by accessing the Cookie Settings provided at the bottom of each page. Your consent is generally valid for one year. It is stored in a cookie on your terminal device and will be requested again after that cookie is deleted, after your consent is withdrawn or after expiry of one year.
Please note that without certain cookies and similar technologies, our website may not display properly and some functions may no longer be available.
Data processing in third countries:
Cookies and similar technologies may also be used to process your data in countries outside the European Union (EU) and the European Economic Area (EEA) in third countries which do not offer an appropriate level of data protection. If your data is transferred to third countries, in particular to the USA, there is a risk that authorities there may access your data for security and surveillance purposes without you being informed or having the right to appeal.
Therefore, when transferring data to third countries, we take measures to ensure an appropriate level of data protection in accordance with Article 44 et seq. GDPR. In particular, standard contractual clauses adopted by the European Commission pursuant to Article 46(2)(c), (5) sentence 2 GDPR are agreed and other technical measures put in place. In future, the clauses will be replaced by standard data protection clauses adopted by the European Commission pursuant to Article 46(2)(c), GDPR
Detailed information on transfers to third countries associated with the use of cookies and similar technologies is available on our consent management platform by accessing the Cookie Settings provided at the bottom of each page. Recipients/categories of recipients: Detailed information on the recipients/providers of the cookies and similar technologies is available on our consent management platform by accessing the Cookie Settings provided at the bottom of each page. Storage time/criteria for determining storage time: By integrating cookies and similar technologies on our website, data is stored on your terminal device, transferred to the specified recipients if necessary, and stored there for as long as this is required to achieve the specified purposes. Detailed information on the storage time for cookies and similar technologies and the data processed using them is available on our consent management platform by accessing the Cookie Settings provided at the bottom of each page.
2.3. Google reCAPTCHA
Purposes and scope of the processing/legal bases:
Our website uses Google reCAPTCHA a service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. In the European Union (EU) and the European Economic Area (EEA), Google reCAPTCHA is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google reCAPTCHA automatically captures all user input and mouse movements that you make on our website (regardless of whether you visit pages containing web forms or not). The data collected this way is used to determine whether the information is being entered by a human or an automated program.
Since Google reCAPTCHA is provided by Google and is reloaded from its servers when a page is accessed, the usage data required for technical purposes to access the page is also transferred. In this respect, Google also receives your IP address which is necessary for technical purposes to access the content.
When integrating Google reCAPTCHA, cookies and other technologies from Google may also be used to store and read information on your terminal device. For information on the cookies and other similar technologies used, see “Cookies and other similar technologies” above.
Data processing in third countries:
Google reCAPTCHA may also be used to process your data in countries outside the European Union (EU) and the European Economic Area (EEA) in third countries which do not offer an appropriate level of data protection, such as the USA in particular. If your data is transferred to third countries, there is a risk that authorities there may access your data for security and surveillance purposes without you being informed or having the right to appeal. To ensure an appropriate level of data protection when transferring your data to Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, standard contractual clauses adopted by the European Commission pursuant to Article 46(2)(c), (5) sentence 2 GDPR have been agreed and other technical measures put in place. Google LLC is also certified under the Data Privacy Framework.
Recipients/categories of recipients:
In the context of using Google reCAPTCHA, we transfer your data to the following recipients:
- Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland;
- Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
We generally have no control over any further data processing by the third-party provider. For further information on how Google handles your personal data, see https://policies.google.com/privacy?hl=de.
Storage time/criteria for determining storage time:
By integrating Google reCAPTCHA on our website, data is transferred to the aforementioned recipients and stored there for as long as this is required to achieve the aforementioned purpose. We do not store the collected data separately.
2.4. Vimeo video platform
Purposes and scope of the processing/legal bases:
We embed videos from the Vimeo video platform provided by Vimeo.com, Inc., 555 West 18th Street, New York, NY 10011, USA. Embedded videos are reloaded by Vimeo’s servers when the page is accessed and the usage data necessary for technical purposes to access the page is also transferred in the process. In this respect, Vimeo.com, Inc. also receives your IP address which is necessary for technical purposes to access the content.
When videos are embedded using the Vimeo video platform, cookies and similar technologies may be used to store or read data on your terminal device. For information on the cookies and other similar technologies used, see “Cookies and other similar technologies” above.
Data processing in third countries:
Vimeo may also be used to process your data in countries outside the European Union (EU) and the European Economic Area (EEA) in third countries which do not offer an appropriate level of data protection, such as the USA in particular. If your data is transferred to third countries, there is a risk that authorities there may access your data for security and surveillance purposes without you being informed or having the right to appeal. To ensure an appropriate level of data protection when transferring your data to Vimeo.com, Inc., 555 West 18th Street, New York, NY 10011, USA, standard contractual clauses adopted by the European Commission pursuant to Article 46(2)(c), (5) sentence 2 GDPR have been agreed and other technical measures put in place.
Recipients/categories of recipients:
In the context of using the YouTube video platform, we transfer your data to the following recipients:
- Vimeo.com, Inc., 555 West 18th Street, New York, NY 10011, USA.
We generally have no control over any further data processing by the third-party provider. For further information on how Vimeo Inc. handles your personal data, see https://vimeo.com/privacy.
Storage time/criteria for determining storage time:
By integrating the Vimeo video platform on our website, data is transferred to the aforementioned recipients and stored there for as long as this is required to achieve the aforementioned purpose. We do not store the collected data separately.
3. Newsletter and newsletter tracking
Our website also offers you the opportunity to subscribe to our newsletter and other electronic communications. Whenever you submit your email address to us on a form contained on our website, we send you an email with a link asking you to confirm your email address and thus register to receive promotional emails. This allows us to ensure that only authorised persons use your email address to register to receive our promotional emails. The legal basis for sending such emails is Article 6(1) sentence 1 (f) GDPR.
In the context of registration, we process your email address, as required information, to inform you by email about our products, projects, events and promotions and to send you promotional news. Once your email address has been confirmed by activating the link, the promotional emails are sent the basis of your consent given pursuant to Article 6(1) sentence 1 (a) GDPR.
By giving us your consent, you also give us permission to process data about whether you received and opened our promotional emails, the extent to which you interacted with the content, in particular which links you clicked on and to what extent you read or skimmed our emails. For this purpose, we read data from your terminal device or store data there or use optional cookies and similar technologies in accordance with section 25 (1) TDDDG. Subsequent data processing is based on your consent given pursuant to Article 6(1) sentence 1 (a) GDPR.
Your consent is voluntary and may be withdrawn at any time with effect for the future pursuant to Article 7(3) GDPR. If you no longer wish to receive emails or electronic promotional communications in the future, you can unsubscribe at any time using the link provided in every newsletter email. Otherwise, you can withdraw your consent by sending an email to info@branicks.com.
Recipients/categories of recipients:
In the context of registering to receive our newsletter or other electronic promotional communications, and in sending them, we transfer your data to
- EQS Group AG, Karlstraße 47, 80333 Munich, Germany, which processes the data on our behalf strictly subject to our instructions and bound by contract and assists us with sending the newsletter and the data processing operations associated therewith.
Storage time/criteria for determining storage time:
We process your data for as long as this is necessary to achieve the aforementioned purposes or until you withdraw your consent.
3.1. Restricted access areas
Purposes and scope of the processing/legal bases:
Our website may provide restricted access areas where further information and documents can be made available to a certain group of users, such as our investors and their employees or other business partners. In this context, we only process the data that is required to log in to this area (user name and password). As a rule, the user name will be your email address.
The legal basis for the processing is Article 6(1) sentence 1 (b) GDPR or, in the case of employees of our investors or business partners, Article 6(1) sentence 1 (f) GDPR for the purposes of our legitimate interest in providing you with the information and documents in the restricted access area.
Storage time/criteria for determining storage time:
We process your data for as long as this is necessary to achieve the aforementioned purpose. Thereafter, we will delete your data unless processing, including in other systems where applicable, remains lawful on another legal basis or is obligatory for us (e.g., where statutory retention requirements exist).
Recipients/categories of recipients:
For the purpose of operating and providing the restricted access area, we transfer your data to processors which process data on our behalf strictly subject to our instructions and bound by contract. Currently, these are processors which support us in operating and making our website available.
4. Enquiries and contact by post, telephone, fax and email
Purposes and scope of the processing/legal bases:
If you contact us directly by post, telephone, fax or email, we process personal data that you provide to us as well as data associated with your selected mode of communication (e.g., name, address, email address or fax or telephone number) for purposes of responding to your enquiry.
The legal basis for the processing is Article 6(1) sentence 1 (f) GDPR or Article 6(1) sentence 1 (b) GDPR if processing is necessary for the performance of a contract or in order to take steps prior to entering into a contract. We and you have a mutual (legitimate) interest in the processing of such data so that we can respond to your enquiries, resolve any problems that may exist, provide the requested information, etc., and thus maintain and promote your satisfaction as a (potential) client.
You are free to decide what other optional information or any special category of personal data you wish to provide to us. The legal basis for the processing is your consent given pursuant to Article 6(1) sentence 1 (a) GDPR. Your consent is voluntary and may be withdrawn at any time with effect for the future. Please use the controller’s contact details specified for this purpose.
Storage time/criteria for determining storage time:
We process your data for as long as this is necessary to achieve the aforementioned purpose. Thereafter, we will delete your data unless processing, including in other systems where applicable, remains lawful on another legal basis or is obligatory for us (e.g., where statutory retention requirements exist).
5. Data processing in the case of prospective clients, suppliers and business partners
5.1. General processing of business partners’ data
Controller:
Where applicable, instead of the controller cited in section 1 above, the respective company which you contact, in whose products and services you or your company are interested, or with which you or your company already have or plan to enter into a business relationship, will be the controller responsible for collecting and processing your data as a client, business partner, supplier or prospective client or contact person for a business partner, supplier or prospective client. Please contact that company at its stated address.
Purposes and scope of the processing/legal bases:
In the context of the business relationship with you as our clients, business partners, suppliers and prospective clients, we process personal data such as name, address, email address, telephone/fax number, tax ID, client number, bank account details and, where applicable, place of birth, date of birth, nationality if you have provided us with this data voluntarily, and creditworthiness data. The processing is carried out for the purposes of verifying identity, initiating, performing, managing and settling contracts, assessing creditworthiness and collateral and, in particular, preparing billing statements and credit notes or refunds, managing and enforcing claims, legal compliance, data security and in the interest of providing full customer service.
The legal basis for the processing is Article 6(1) sentence 1 (b) GDPR or, in the case of employees of prospective clients, suppliers and business partners, Article 6(1) sentence 1 (f) GDPR and Article 6(1) sentence 1 (c) GDPR.
Recipients/categories of recipients:
Your data will generally only be disclosed to third parties if you have expressly consented to the transfer in advance or we are obligated to do so by law. The legal basis for the processing is Article 6(1) sentence 1 (a) GDPR where consent has been given or Article 6(1) sentence 1 (c) GDPR where processing is necessary for compliance with a legal obligation. Within Branicks Group companies, your data will be disclosed to other entities for purposes including performing or initiating the business relationship. The legal basis for the processing is Article 6(1) sentence 1 (f) GDPR. The legitimate interest is to enable the other entities to perform or initiate contractual relations with you or your company.
In exceptional cases, data will be processed by processors on our behalf. These are carefully selected in each case and are also audited by us and bound by contract.
Storage time/criteria for determining storage time:
We store the data required in any given case for the duration of the business relationship with you and until expiry of the applicable limitation periods and any claims and statutory retention obligations arising therefrom.
5.2. Processing of contact persons’ data
Purposes and scope of the processing/legal bases:
We process the contact data of contact persons at clients, prospective clients, suppliers and other business partners to enable communication by email, telephone, fax and post. The legal basis for the processing is Article 6(1) sentence 1 (b) and (f) GDPR. In this respect, we have a legitimate interest in maintaining existing or initiating new business relationships with clients, prospective clients, suppliers and other business partners and in maintaining personal contact with contact persons in the process.
Recipients/categories of recipients:
Your data will only be disclosed to third parties if you have expressly consented to the transfer in advance or we are obligated to do so by law. The legal basis for the processing is Article 6(1) sentence 1 (a) GDPR where consent has been given or Article 6(1) sentence 1 (c) GDPR where processing is necessary for compliance with a legal obligation. Within Branicks Group companies, your data will be disclosed to other entities for purposes including performing or initiating the business relationship. The legal basis for the processing is Article 6(1) sentence 1 (f) GDPR. The legitimate interest is to enable the other entities to perform or initiate contractual relations with you or your company.
In exceptional cases, data will be processed by processors on our behalf. These are carefully selected in each case and are also audited by us and bound by contract.
Storage time/criteria for determining storage time:
Personal data will be stored for the purpose of performing business relationships for as long as a legitimate interest therein exists.
5.3. Data processing for marketing purposes
Purposes and scope of the processing/legal bases:
Branicks Group companies use personal data for marketing purposes, in particular for advertising by email, telephone and post. The purpose of data processing in connection with marketing activities is to inform data subjects about the products and services offered by the Branicks Group. The legal basis for sending advertising material by post is Article 6(1) sentence 1 (f) GDPR. In this respect, we have a legitimate interest in sending (prospective) clients information about products and services. The legal basis for email and telephone marketing activities is generally Article 6(1) sentence 1 (a) GDPR and a separate declaration of consent given by you. Specific provisions may additionally apply in the case of marketing activities aimed at existing clients.
You may object to the receipt of advertising material at any time with effect for the future or withdraw any consent given by sending a message to info@branicks.com.
Recipients/categories of recipients:
No data is disclosed to third parties outside the Branicks Group. Whenever external processors are used to send advertising material, they are bound by contract and audited to ensure that appropriate organisational and technical security measures are in place. Within Branicks Group companies, your data may be disclosed to other entities for marketing purposes. The legal basis for the processing is Article 6(1) sentence 1 (f) GDPR. The legitimate interest is to enable the other entities to perform or initiate contractual relations with you or your company.
Storage time/criteria for determining storage time:
If you object to the receipt of advertising material, your data will be blocked immediately and then deleted, unless it is also stored for other purposes.
6. Data processing in the employment application process
Controller:
Where applicable, instead of the controller cited in section 1 above, the respective company to which you have applied for employment will be the controller responsible for collecting and processing your data in the context of the application process. Please contact that company at its stated address.
Purposes and scope of the processing/legal bases:
In the context of your application, we process data from you that we require as part of the application process so that we can make a decision on potentially hiring you (establishing an employment relationship). This may include contact details, all data associated with the application (CV, references, qualifications, responses to questions, etc.) and, where applicable, data on bank account details (for reimbursing travel expenses). The legal basis for the processing is section 26 (1) of the German Federal Data Protection Act (Bundesdatenschutzgesetz, “BDSG”) in conjunction with Article 6(1) sentence 1 (b) GDPR and Article 88 GDPR.
Storage time/criteria for determining storage time:
Insofar as we are not subject to any statutory retention requirements, the data will be deleted as soon as storage is no longer necessary or the legitimate interest in storage no longer exists. As a rule, this will be within six months after the application process is concluded, assuming that no employment relationship is established. In individual cases, specific data may be stored for a longer period (e.g., travel expenses statement). The storage time then depends on the statutory retention requirements, for example under the German Fiscal Code (Abgabenordnung, “AO”) (6 years) or the German Commercial Code (Handelsgesetzbuch, “HGB”) (10 years).
If you were not hired but your application is still of interest to us, we will ask you separately for your permission to keep your application on file for future job openings.
Recipients/categories of recipients:
Your data will of course be treated confidentially and will not be disclosed to third parties. When you use the career portal, we transfer your data solely to processors which process data on our behalf strictly subject to our instructions and bound by contract:
- HRworks GmbH, Waldkircher Str. 28, 79106 Freiburg, Germany.
7. Data processing on our social media sites
Joint controllers:
Where applicable, instead of the controller cited in section 1 above, the respective company specified in the legal information section on our respective social media site is the controller responsible for collecting and processing your data on our social media sites. Please contact that company at its stated address.
Social media sites may, for example, be operated on the following platforms:
The information on data processing on our social media sites also applies to other sites on other platforms, insofar as they are linked to this Privacy Policy. In addition to the company specified in the legal information section on our respective social media site, the operator of the respective social media platform also acts as controller responsible for processing your personal data (joint controllers). Insofar as we are able to influence this and parameterise the data processing, we work within the scope of our available options to ensure that the operator of the social media platform handles the data in a manner consistent with the requirements of data protection law. In this context, please also refer to the privacy policies of the respective social media platform.
Purposes and scope of the processing by us/legal bases:
Any data that you enter or post on our social media sites, such as user names, comments, videos, images, likes, public messages, etc., is published by the social media platform and is at no time processed by us for other purposes. We merely reserve the right to delete content should this be necessary. In some cases, we share your content on our site if this is a feature of the social media platform and we communicate with you via the social media platform. If you send us an enquiry via the social media platform, depending on the content, we may also refer you to other more secure communication channels that guarantee confidentiality. For example, you can always send your enquires to us using the contact addresses specified in the legal information section on our respective social media site. In this respect, you are responsible for choosing the appropriate communication channel.
The legal basis for processing your data is Article 6(1) sentence 1 (f) GDPR. We have a legitimate interest in processing the data for our corporate public relations purposes and being able to communicate with you.
Some social media platforms generate statistics based on usage data and contain information about your interaction with our social media site. We cannot influence or prevent such statistics from being generated and made available. However, we do not utilise optional statistics from the social media platform. We process this information on the basis of Article 6(1) sentence 1 (f) GDPR and our legitimate interest in validating the use of our social media sites and better tailoring our content to the respective target audience.
We also occasionally use those social media platforms to display targeted ads. For this purpose, we use target group definitions made available to us by the social media provider. We only use anonymous target group definitions, defining attributes based for example on general demographics, behaviour, interests and connections. The social media platform operator uses these to display ads targeted to its users. The legal basis for this is the consent given to the social media platform operator by its users. Should you wish to withdraw your consent, please avail yourself of the options furnished for this purpose by the provider of the social media platform, as the social media platform operator is the controller responsible for the processing in this case.
Occasionally, we or the provider of the social media platform also use publicly available data for the purposes of defining target groups. The legal basis for the processing in that case is Article 6(1) sentence 1 (f) GDPR. In this respect, we have a legitimate interest in defining a target group as accurately as possible. Under no circumstances do we ever use sensitive categories of personal data (as referred to in Articles 9 and 10 GDPR) for the purposes of defining target groups.
We do not use any target group definitions based on location data. We do not disclose any personal data to the social media platform operator in the context of defining target groups.
Occasionally, we also use information about visits to or interaction with other sites (remarketing) to define target groups. We also use cookies for this purpose, among other things. However, in such cases we use a consent banner on those other sites to first obtain the user’s consent and then provide information about the data processing. You may withdraw that consent at any time by re-selecting the consent banner (consent management platform) for the relevant website. If you wish to object to a particular data processing operation over which we have control, please use the contact details provided in the legal information section on our respective social media site.
Storage time/criteria for determining storage time:
We delete your personal data when the data is no longer required for the aforementioned purposes of processing and no statutory retention requirements exist that would prevent us from so doing.
Data processing by the social media platform operator:
The social media platform operator employs web tracking technologies. Web tracking may take place regardless of whether you are logged in to or registered with the social media platform. Therefore, please be advised that the provider of the social media platform may use your profile and browsing data to analyse your habits, personal relationships, preferences, etc. We have no influence on the processing of your data by the social media platform provider in this respect. Therefore, use of the social media platform is at your own risk.
For more detailed information on data processing by the social media platform provider, configuration options to protect your privacy, further opt-out options and any data processing agreement entered into pursuant to Article 26 GDPR, see the privacy policies of the specified providers:
- Kununu
- LinkedIn and LinkedIn Controller Addendum
- Facebook and Facebook Controller Addendum
Insofar as the aforementioned privacy policies are also linked on other social media sites on other platforms, see the privacy policy of the respective provider for more detailed information on data processing by the social media platform provider, configuration options to protect your privacy, further opt-out options and any data processing agreement entered into pursuant to Article 26 GDPR.
8. Voluntary provision of your data
You are under no contractual or legal obligation to provide your personal data. However, in certain cases this is necessary to allow us to respond to your enquiry or so that you can use or access the services we offer. If you do not provide your personal data, we may not be able to respond to your enquiry, you may not be able to use the services offered, or we may not be able to process your application. Excepted herefrom are, of course, those data processing operations that are based solely on your consent, which is always freely given. You may withdraw any consent you have given at any time with effect for the future.
9. Your rights
You have certain rights under the GDPR with respect to the processing of your personal data:
9.1. Right of access (Article 15 GDPR)
You have the right to request confirmation as to whether personal data concerning you is being processed; if this is the case, you have a right to obtain information about such personal data and to the specific information set out Article 15 GDPR.
9.2. Right to rectification (Article 16 GDPR)
You have the right to have any inaccurate personal data be corrected without undue delay and to have any incomplete personal data completed.
9.3. Right to erasure (Article 17 GDPR)
You also have the right to have your personal data erased without undue delay where one of the grounds set out in Article 17 GDPR applies, e.g., where the personal data is no longer required for the purposes for which it was collected or processed.
9.4. Right to restriction of processing (Article 18 GDPR)
You have the right to have processing restricted where one of prerequisites set out in Article 18 GDPR applies, e.g., where you have objected to the processing pursuant to Article 21 GDPR or pending verification of whether our legitimate interests override your interests as the data subject.
9.5. Right to data portability (Article 20 GDPR)
In certain cases specified in detail in Article 20 GDPR, you have the right to receive your personal data in a structured, commonly used and machine-readable format and to have that data transferred to a third party.
9.6. Right to object (Article 21 GDPR)
Where data is collected on the basis of Article 6(1) sentence 1 (f) GDPR (processing necessary for legitimate interests), you have the right to object to the data processing at any time on grounds relating to your particular situation. In such case, we will no longer process the personal data unless there are demonstrably compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
9.7. Right of withdrawal (Article 7(3) sentence 1 GDPR)
If your personal data is processed on the basis of consent given pursuant to Article 6(1) sentence 1 (a) GDPR, you have the right to withdraw your consent pursuant to Article 7(3) sentence 1 GDPR. You may withdraw your consent at any time with effect for the future.
9.8. Right to lodge a complaint with a supervisory authority (Article 77 GDPR)
Under Article 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of personal data relating to you infringes data protection law. The right to lodge a complaint with a supervisory authority may be exercised in particular in the member state of your habitual residence, place of work or place of the alleged infringement. The competent supervisory authority for us is .
10. Contact details of the data protection officer
Our company data protection officer will be happy to provide you with information or suggestions on the subject of data protection and may be contacted at:
datenschutz süd GmbH
Subject: “Branicks Group”
Wörthstraße 15
97082 Würzburg, Germany
Email: office@datenschutz-sued.de
Telephone: +49 (0)931 304 976 0
Web: www.dsn-group.de
11. Amendment of this Privacy Policy
This Privacy Policy was last updated on 15.08.2024.