REFINANCEMENT HYPOTHECAIRE (hereinafter “RF”) welcomes your visit to this website and your interest in our company and our services. The protection of personal data is important to us.

Use of our website is generally possible without providing any personal information. If the data subject wishes to use additional services (such as newsletters) of RF via our website, it may be necessary to process personal data. If the processing of personal data is necessary for the service and there is no legal basis for such processing, we usually obtain the consent of the data subject.

The processing of personal data, such as the name, address, e-mail address, or phone number of a data subject, is always in line with the General Data Protection Regulation and the country-specific privacy policy of RF. According to which, visitors of our website will be informed about the nature, scope and purpose of personal data collected, used and processed by us and we will inform individuals of the rights they are entitled to.

RF, as data controller and responsible party, has implemented technical and organizational measures to ensure the highest possible protection of personal data processed through this website. Nevertheless, data transmissions over the Internet can present security holes, so absolute protection cannot be guaranteed. For this reason, every data subject is free to provide us with personal data by other means.

 

Definitions of Terms Used

RF’s privacy policy is based on the terminology used in the General Data Protection Regulation (GDPR). To ensure understandability, we explain the terms used beforehand.

a) Personal data

Personal data is any information relating to an identified or identifiable individual (hereafter the “data subject”). An identifiable individual is one who, directly or indirectly, in particular by association with an identifier such as a name, an identification number, location data, an online identifier or one or more specific characteristics, expresses the physical, physiological, genetic, mental, economic, cultural or social identity of that individual.

b) Data subject

Data subject is any identified or identifiable individual whose personal data is processed by the controller.

c) Processing

Processing means any process or series of operations relating to personal data, such as collecting, organizing, storing, adapting or modifying, reading, querying, using, with or without the aid of automated processes; communicating by submission, dissemination or other form of making available, reconciling or combining, limiting, erasing or destroying.

d) Processing Restriction

Processing restriction is the labeling of stored personal data for the purpose of limiting its future processing.

e) Profiling

Profiling is any type of automated processing of personal data that involves the use of personal information to assess certain personal aspects relating to an individual in terms of that individual’s work performance, economic condition, health, personal preferences, interests, trustworthiness, behavior, location or position in order to analyze or predict them.

f) Pseudonymization

Pseudonymization is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the need for additional information, provided that this additional information is kept separate and is subject to technical and organizational measures to ensure that the personal data cannot be attributed to an identified or identifiable individual.

g) Data manager or controller

The data controller is the individual or legal entity, public authority, institution or other organization that alone or in cooperation with others determines the purposes and means of the processing of personal data. The purposes and means of such processing are determined by Union law or Member States’ law, the data controller or the specific criteria for its designation may be provided for by Union law or national law.

h) Subcontractor

The subcontractor is a physical or legal person, a public authority, a service or another organization that processes personal data on behalf of the controller.

i) Recipient

The recipient is a physical or legal person, agency or other entity to whom personal data are disclosed, whether or not it is a third party. However, authorities that may receive personal data under Union or national law in the context of a particular task are not considered recipients.

j) Third parties

A third party is a physical or legal person, a public authority, an institution, a body or other than the data subject, the controller, the processor and the persons authorized under the direct responsibility of the controller or the processor to process the personal data.

k) Consent

Consent is any statement voluntarily given and unambiguously expressed or any other form of unequivocal confirmatory act given by the data subject for the particular case, by which the data subject indicates his consent to the processing of his personal data.

If you have any questions or suggestions about data protection, you can contact our data protection officer directly.

 

Cookies

RF’s website uses cookies. Cookies are text files that are stored and saved on a computer system via an Internet browser.

Many websites and servers use cookies. Many cookies contain what is called a cookie ID. A cookie ID is a unique identifier for the cookie. It is a string of characters that allows web pages and servers to be assigned to the specific web browser in which the cookie was stored. This allows the Internet pages and servers visited to distinguish the individual’s browser from other Internet browsers that contain other cookies. A particular Internet browser can be recognized and identified by the unique ID of the cookie.

By using cookies, RF can provide users with more user-friendly features that would not be possible without the cookie setting.

With the help of cookies, the information and other offers on our website can be optimized for the user. Cookies allow us, as already mentioned, to recognize users of our website. The purpose of this recognition is to make it easier for users to use our website.

The data subject can prevent the setting of cookies via our website at any time by means of a corresponding setting in the Internet browser used, and thus permanently prevent the setting of cookies. In addition, cookies already set can be deleted at any time via an Internet browser or other software. This should be possible in all common Internet browsers. If cookies are deactivated in the Internet browser, not all functions of our website may be available due to compatibility problems.

 

Collection of General Data and Information

RF’s website collects a series of general data and information each time the website is accessed by the data subject or by an automated system. This general data and information is stored in the server log files. It is possible to record (1) types and versions of browsers used, (2) the operating system used by the access system, (3) the website from which an access system accesses our website (so-called referrers), (4) the web subpages that (5) the date and time of access to the website, (6) an Internet Protocol address (IP address), (7) the Internet Service Provider of the access system, and (8) other similar data and information used in case of attacks on our computer systems.

By using this general data and information, RF does not draw any conclusions about the data subject. Instead, this information is necessary to (1) properly provide the content of our website, (2) optimize the content of our website and promote it, (3) ensure the continued operation of our website systems and technology, and (4) provide law enforcement authorities with the necessary information in the event of a cyber attack. Data and information collected is therefore subject to further statistical and evaluation by RF with the aim of increasing data protection and security in our company to ultimately ensure the highest possible level of protection for the personal data we process.

 

Newsletter Subscription

On the RF website, users have the option to subscribe to our newsletter. The personal data transmitted to the controller when ordering the newsletter results from the input mask used for this purpose.

RF informs its customers and business partners at regular intervals by means of a newsletter about enterprise offers. Our company’s newsletter can only be received by the data subject if (1) the data subject has a valid e-mail address and (2) the data subject has registered to receive the newsletter. For legal reasons, a confirmation e-mail will be sent to the e-mail address entered by the data subject for the first time for sending the newsletter according to the double opt-in procedure. This e-mail confirmation allows us to check whether the owner of the e-mail address is the same person as the one who is entitled to receive the newsletter.

When subscribing to the newsletter, we also store the IP address of the computer system used by the data subject at the time of registration, as well as the date and time of registration, as assigned by the Internet service provider (ISP). The collection of this data is necessary to understand the (possible) misuse of the data subject’s e-mail address at a later date and thus serves as a legal safeguard for the data controller.

Personal data collected within the framework of a newsletter subscription will only be used for sending our newsletter and related changes. Subscription to our newsletter can be terminated by the data subject at any time. The consent of the data subject to the storage of personal data for the purpose of sending the newsletter can be revoked at any time. For consent revocation, there is a corresponding link in each newsletter. It is also possible to unsubscribe at any time by contacting the data controller directly in any other way.

 

Deleting and Blocking Personal Data

The controller processes and stores personal data of the data subject only for the period necessary to achieve the purpose of the storage or as provided for by laws or regulations to which the controller is bound.

If the purpose of storage is omitted or if a legally prescribed retention period expires, personal data will be systematically blocked or deleted in accordance with the legal provisions.

 

Rights of the Data Subject

a) Right to Confirmation

Each data subject has the right to request confirmation from the controller as to whether the personal data concerned have been processed. If the data subject wishes to make use of this right of confirmation, they may at any time contact the data protection officer of the controller.

b) Right to Information

Any person affected by the processing of personal data has the right to obtain from the controller at any time free information about the personal data stored about them and a copy of this information. In addition, the data subject shall have the following information:

  • The purposes of the processing
  • The categories of personal data being processed
  • The recipients or categories of recipients to whom the personal data have been disclosed or are being disclosed, including recipients in third countries or international organizations
  • if possible, the period for which the personal data are to be kept or, if this is not possible, the criteria for determining this period
  • the right to rectification or erasure of personal data concerning them or the restriction of processing by the controller or a right to object to such processing
  • The existence of a right of recourse to a control authority
  • If the personal data are not collected from the data subject: all available information on the source of the data
  • The existence of automated decision-making, including profiling, in accordance with Article 22(1) and (4) of the GDPR and, at least in these cases, meaningful information about the logic involved, as well as the scope and expected impact of such processing on the data subject.

Also, the data subject has a right of access to know whether the personal data has been transferred to a third country or to an international organization. If this is the case, the data subject has the right to obtain information on the appropriate safeguards in connection with the transfer.

If the data subject wishes to make use of this right to information, they may contact the data protection officer of the controller at any time.

c) Right of Correction

Any person concerned by the processing of personal data has the right to demand the immediate rectification of incorrect personal data concerning them. Furthermore, the data subject has the right to request that incomplete personal data be completed, taking into account the purposes of the processing.

If the data subject wishes to exercise this right of correction, they may contact the data protection officer of the controller at any time.

d) Right to Erasure (Right to be Forgotten)

Any person affected by the processing of personal data has the right to demand that the controller immediately erase the personal data concerning them, provided that one of the following reasons is met and the processing is not necessary:

  • Personal data have been collected or otherwise processed for purposes for which they are no longer necessary.
  • The data subject revokes his or her consent on which the processing was based Art. 6 (1) (a) GDPR or Art. 9 (2) (a) GDPR and there is no other legal basis for the processing.
  • Pursuant to Art. 21 (1) GDPR, the data subject submits an objection against the processing and there are no legitimate grounds for the processing, or the data subject objects to the processing according to Art. 21, PARAGRAPH 2, GDPR.
  • The personal data have been processed unlawfully.
  • The erasure of personal data is necessary to fulfill a legal obligation under Union law or national law to which the controller is subject.The personal data have been collected in connection with information society services offered in accordance with Art. 8 (1) GDPR.
  • If one of the above reasons is valid and the data subject wishes to arrange for the erasure of personal data stored with RF, they may contact the Data Protection Officer of the controller at any time.
  • If personal data have been disclosed by RF and our company is responsible for the deletion of personal data as a controller in accordance with Art. 17 (1) GDPR, RF will take appropriate measures to inform other data controllers, taking into account the available technology and implementation costs that process the disclosed personal data.

e) Right to Restrict Processing

Any party affected by the processing of personal data has the right to request the controller to restrict the processing if any of the following conditions apply:

  • The accuracy of the personal data is challenged by the data subject for a period of time allowing the controller to verify the accuracy of the personal data.
  • The processing is unlawful, the data subject refuses to erase the personal data and instead requests the restriction of the use of the personal data.
  • The controller no longer needs the personal data for processing purposes, but the data subject needs it to assert, exercise or defend his rights.
  • The data subject objects to the processing in accordance with Art. Art. 21 para. 1 DSGVO and it is not yet clear whether the legitimate reasons of the controller outweigh those of the data subject.
  • If one of the conditions above is met and the data subject wishes to request the restriction of personal data stored by the ENE, they may at any time contact the data protection officer of the responsible person.

f) Data Transferability

Any data subject who is affected by the processing of personal data has the right to receive personal data relating to them provided to a controller by the data subject in a structured, common and machine-readable format. They also have the right to transfer such data to another party, provided that the processing is based on consent in accordance with Art. 6 (1) (a) GDPR or Art. 9 (2) (a) GDPR or on a contract in accordance with Art. 6 para. 1 (b) GDPR and processing by automated means, unless the processing is necessary for the performance of a task in the public interest or the exercise of public authority delegated to the controller.

Furthermore, in exercising his or her right to data portability under Article 20 (1) of the GDPR, the data subject has the right to have personal data transmitted directly from one controller to another, as far as technically possible and provided that this does not affect the rights and freedoms of other persons.

In order to assert the right to data portability, the data subject may at any time contact the Data Protection Officer of RF.

g) Right to Object

Any person concerned by the processing of personal data has the right at any time to object to the processing of his or her personal data pursuant to Article 6(1)(e) or (f) of the GDPR on grounds arising from his or her particular situation.

RF shall no longer process personal data in the event of an objection, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.

In order to exercise the right to object, the data subject may contact the data protection officer of RF directly. The data subject is also free, in the context of the use of information society services, notwithstanding Directive 2002/58/EC, to exercise the right to object by means of automated procedures using technical specifications.

h) Automated Decisions in Individual Cases

Any person concerned by the processing of personal data has the right not to be subject to a decision based solely on automated processing which has legal effect or which substantially affects its performance, unless the decision (1) applies to the conclusion or (2) is authorized by the legislation of the Union or of the Member States to which the controller is subject, and if such legislation provides for appropriate measures to safeguard the rights and freedoms and the legitimate interests of the data subject or (3) with the express consent of the data subject.

If the decision (1) is necessary for the conclusion or performance of a contract between the data subject and the controller or (2) takes place with the express consent of the data subject, RF shall take appropriate steps to safeguard the rights and freedoms and legitimate interests of the data subjects, including at least the right to obtain the intervention of a person of the controller, to express their own position and to contest the decision.

If the data subject wishes to assert their rights with regard to automated decisions, they may at any time contact the data protection officer of the controller.

As a responsible company, we refrain from automatic decision making or profiling.

i) Right to Revoke Data Protection Consent

Any person affected by the processing of personal data has the right to withdraw their consent to the processing of personal data at any time.

If the data subject wishes to exercise the right to withdraw consent, they may contact the data protection officer of the controller at any time.

 

Data Protection in Applications and in the Application Process

The responsible person collects and processes the personal data of applicants for the purpose of processing the application process. The processing can also be carried out electronically. This is especially the case if an applicant submits the relevant application documents to the controller electronically, for example by e-mail or via a web form available on the website. If the controller concludes an employment contract with an applicant, the data transmitted will be stored for the purposes of the employment relationship in accordance with the law. If no employment contract is concluded with the applicant by the controller, the application documents will be automatically deleted three months after the announcement of the rejection decision, unless the deletion conflicts with other legitimate interests of the controller or the data subject has consented to a longer storage period. Another legitimate concern in this sense, for example, is the burden of proof in a procedure under the principle of equal treatment and the respective national legal implementation.

 

Privacy Policy for the Operation and Use of Facebook

The person responsible has integrated components of the company Facebook on this website. Facebook is a social network.

A social network is an Internet-based online social networking community that generally allows users to communicate and interact with each other in a virtual space. A social network can serve as a platform to exchange views and experiences, or allow the Internet community to provide personal or professional information. Facebook allows users of the social network to create private profiles, upload photos and socialize via friend requests.

The operating company of Facebook is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. The persons responsible for processing personal data, if the data subject lives outside the United States or Canada, can be reached at Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland.

Each time you visit one of the individual pages of this website, which is operated by the data controller and on which a Facebook component (Facebook plug-in) has been integrated, the Internet browser on the data subject’s information technology system automatically causes the respective Facebook component to be displayed for download. An overview of all Facebook plug-ins can be found at https://developers.facebook.com/docs/plugins/?locale=en_US. As part of this technical process, Facebook receives information about the specific subpage of our website that is visited by the data subject.

If the data subject is simultaneously logged in to Facebook, Facebook recognizes which specific sub-page of our website the data subject visits during the respective stay on our website. This information is collected by the Facebook component and assigned by Facebook to the respective Facebook account of the data subject. If the data subject activates one of the Facebook buttons integrated on our website, e.g. the “Like” button, or if the data subject makes a comment, Facebook assigns this information to the data subject’s personal Facebook user account and stores this personal data.

Facebook always obtains information via the Facebook component that the data subject has visited our website if the data subject is logged in to Facebook at the same time as accessing our website; this occurs regardless of whether the data subject clicks on the Facebook component. If such transfer of information to Facebook is not desired by the data subject, they may prevent such transfer by logging out of his or her Facebook account before visiting our website.

Facebook’s published data policy, which is available at https://de-de.facebook.com/about/privacy/, provides information about how Facebook collects, processes and uses personal data. It also explains what options Facebook offers to protect an individual’s privacy. In addition, other apps allow the transmission of data to Facebook to be suppressed. These apps can be used by the data subject to suppress the transmission of data to Facebook.

 

Privacy Statement for the Use of HubSpot

Our website uses HubSpot, a software from HubSpot Inc. in the United States. This software is used in the field of inbound marketing and helps us, among other things, by means of statistical analysis and evaluation of the behavior of registered users, to better coordinate and optimize our marketing strategy. Cookies are used (see below). You can prevent the storage of cookies at any time by adjusting your browser settings accordingly or by deleting cookies that have already been stored. Please note that if you block cookies, you may not be able to fully use our features. For more information, see HubSpot Inc.’s Terms of Use and Data Protection Guidelines at https://legal.hubspot.com/fr/terms-of-service and https://legal.hubspot.com/fr/privacy-policy. All information we collect is subject to this data protection policy. HubSpot is subject to the TRUSTe Privacy Seal and the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1.

 

Privacy Policy on the Operation and Use of Twitter

The data controller has integrated Twitter components into this website. Twitter is a publicly available multilingual microblogging service where users can publish and distribute tweets, limited to 280 characters. These short messages are accessible to everyone, including non-subscribers to Twitter. Tweets are also posted to followers of the user concerned. Followers are other Twitter users who follow a user’s tweets. Twitter also allows you to reach a wide audience through hashtags, links or retweets.

Twitter’s operating company is Twitter, Inc. 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.

Each time a visitor visits one of the individual pages of this website, which is operated by the data controller and on which a Twitter component (Twitter button) has been integrated, the Internet browser on the data subject’s information technology system is automatically activated by the respective Twitter component causes a presentation of the corresponding Twitter component to be downloaded from Twitter. Further information on the Twitter buttons can be found at https://about.twitter.com/en/resources/buttons. As part of this technical process, Twitter receives information about the specific subpage of our website that is visited by the data subject. The purpose of integrating the Twitter component is to enable our users to redistribute the contents of this website, to promote this website in the digital world and to increase the number of our visitors.

If the data subject is simultaneously logged into Twitter, Twitter recognizes which specific sub-page of our website the data subject visits during the respective stay on our website. This information is collected via the Twitter component and assigned by Twitter to the Twitter account of the data subject. If the data subject activates one of the Twitter buttons integrated on our website, the data and information transmitted with it is assigned to the data subject’s personal Twitter user account and stored and processed by Twitter.

Twitter always receives information via the Twitter component that the data subject has visited our website if the data subject is logged into Twitter at the same time as accessing our website; this occurs regardless of whether the data subject clicks on the Twitter component. If the data subject does not want such transfer of information to Twitter, they can prevent it by logging out of their Twitter account before visiting our website.

Twitter’s applicable privacy policies are available at https://twitter.com/privacy?lang=fr.

 

Privacy Policy for the Operation and Use of LinkedIn

The data controller has integrated components of the company LinkedIn on this website. LinkedIn is a web-based social network that allows users to connect with existing business contacts and make new business contacts. More than 400 million registered users use LinkedIn in over 200 countries. This makes LinkedIn currently the largest platform for professional contacts and one of the most visited websites in the world.

LinkedIn’s operating company is LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA. Privacy policy outside the United States is managed by LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

Each visit to an individual page on this website that contains a LinkedIn component (LinkedIn plug-in) causes the browser used by the person concerned to download a corresponding representation of the LinkedIn component. Further information on LinkedIn plug-ins can be found at https://developer.linkedin.com/plugins. As part of this technical process, LinkedIn receives information about the specific subpage of our website that is visited by the data subject.

If the data subject is simultaneously connected to LinkedIn, each time the data subject visits our website, LinkedIn recognizes which specific sub-page of our website the data subject visits during the respective stay on our website. This information is collected via the LinkedIn component and assigned by LinkedIn to the data subject’s LinkedIn account. If the data subject activates one of the LinkedIn buttons integrated on our website, the data and information transmitted with it is assigned to the data subject’s personal LinkedIn user account and stored and processed by LinkedIn.

LinkedIn always receives information via the LinkedIn component that the data subject has visited our website if the data subject is connected to LinkedIn at the same time as accessing our website; this occurs regardless of whether the data subject clicks on the LinkedIn component. If such transfer of information to LinkedIn is not desired by the data subject, they may prevent such transfer by logging out of their LinkedIn account before visiting our website.

LinkedIn offers the ability to opt out of emails, text messages and targeted ads, as well as manage ad settings, at https://www.linkedin.com/psettings/guest-controls. LinkedIn also uses partners such as Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua and Lotame, which may set cookies. These cookies can be declined at https://www.linkedin.com/legal/cookie-policy. LinkedIn’s privacy policy is available at https://www.linkedin.com/legal/privacy-policy. LinkedIn’s cookie policy is available at https://www.linkedin.com/legal/cookie-policy.

 

Privacy Policy for the Operation and Use of Xing

The data controller has integrated components of Xing on this website. Xing is a web-based social network that allows users to connect with existing business contacts and make new business contacts. Individual users can create a personal profile on Xing. Companies can, for example, create company profiles or post job offers on Xing.

The operating company of Xing is XING SE, Dammtorstraße 30, 20354 Hamburg, Germany.

Each visit to an individual page of this website that contains a Xing component (Xing plug-in) causes the browser used by the person concerned to download a corresponding representation of the Xing component.

You can find more information about Xing plug-ins at https://dev.xing.com/plugins.

As part of this technical process, Xing receives information about the specific subpage of our website that is visited by the data subject.

If the data subject is simultaneously logged into Xing, each time the data subject visits our website, Xing recognizes which specific sub-page of our website the data subject visits during the respective stay on our website. This information is collected by the Xing component and assigned by Xing to the data subject’s Xing account. If the data subject activates one of the Xing buttons integrated on our website, the data and information transmitted with it are assigned to the data subject’s personal Xing user account and stored and processed by Xing.

Xing always receives the information that the data subject has visited our website via the Xing component, if the data subject is logged into Xing at the same time as accessing our website; this occurs regardless of whether the data subject clicks on the Xing component. If the data subject does not want this information transferred to Xing, they can prevent this transfer by logging out of their Xing account before visiting our website.

Xing’s privacy policy, available at https://www.xing.com/privacy, provides information about Xing’s collection, processing and use of personal information. In addition, Xing has published privacy notices for the XING Share button on https://www.xing.com/app/share?op=data_protection.

 

Privacy Policy for the Operation and Use of YouTube

The data controller has integrated YouTube components on this website. YouTube is a video portal on the Internet that allows video publishers to freely view video clips and other users to freely view, rate and comment on them. YouTube allows the publication of all types of videos,

Therefore, complete film and television programs, but also music videos, trailers or videos made by the users themselves are available on the Internet portal.

The operating company of YouTube is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc, 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, USA.

Each visit to an individual page of this website that contains a YouTube component (YouTube plug-in) causes the browser used by the person concerned to download a corresponding representation of the YouTube component.

You can find more information on YouTube at https://www.youtube.com/yt/about/en/.

As part of this technical process, YouTube and Google receive information about the specific subpage of our website that is visited by the data subject.

If the data subject is simultaneously logged in to YouTube, then each time they visit our website, YouTube recognizes which specific subpage of our website the data subject visits. This information is collected via the YouTube component and assigned by YouTube and Google to the data subject’s YouTube and Google account. If the data subject activates one of the YouTube or Google buttons integrated on our website, the data and information transmitted with it are assigned to the data subject’s personal YouTube and Google user account and stored and processed by YouTube.

YouTube and Google always receive the information that the data subject has visited our website via the YouTube component if the data subject is logged in to YouTube at the same time as accessing our website; this occurs irrespective of whether the data subject clicks on the YouTube video component or not. If such transfer of information to YouTube and Google is not desired by the data subject, they can prevent it by logging out of their YouTube account before visiting our website.

YouTube’s Privacy Policy, available at https://www.google.com/intl/en/policies/privacy/, identifies the collection, processing and use of personally identifiable information by YouTube and Google.

 

Privacy Policy for the Use of WhatsApp

The person responsible has integrated components of WhatsApp on this website. WhatsApp is a messaging service. In this context, we offer our candidates the possibility to contact us via WhatsApp.

If you use this option, it will automatically send us your phone number. What do you need to consider when applying via WhatsApp?

WhatsApp’s Terms of Use and Privacy Policy apply. WhatsApp’s published data policy, available at https://www.whatsapp.com/legal/, provides information about the collection, processing and use of personal data by WhatsApp.

It also explains the settings that WhatsApp offers to protect the privacy of the data subject.

WhatsApp Inc. Operating Company, Arbitration Opt-Out, 1601 Willow Road, Menlo Park, CA 94025, USA.

The person responsible for processing personal data is WhatsApp Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland, if the data subject resides outside the United States or Canada.

We will not keep your phone number or personal information contained in the message for any purpose other than WhatsApp chat.

Please do not send us any photos or videos for communication purposes.

The chat will be deleted at the latest 3 months after the last contact with the person.

 

Privacy Policy for the Operation and Use of Google Analytics (with Anonymization Feature)

The controller has integrated the Google Analytics component (with anonymization function) on this website. Google Analytics is a web analysis service. Web analysis is the collection and analysis of data about the behavior of visitors to websites. A web analytics service collects, among other things, data about the website a person visited (so-called referrers), which sub-pages of the website were visited or how often and for how long a sub-page was visited. A web analysis is mainly used to optimize a website and for a cost-benefit analysis of internet advertising.

The company operating the Google Analytics component is Google Inc. 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, USA.

The data controller uses the add-on “_gat._anonymizeIp” for web analysis via Google Analytics. By means of this add-on, the IP address of the data subject’s Internet access is shortened and anonymized by Google if our website is accessed from a member state of the European Union or from another state party to the Agreement on the European Economic Area.

The purpose of the Google Analytics component is to analyze visitor flows on our website. Google uses the data and information obtained, among other things, to evaluate the use of our website, to compile online reports showing the activities on our websites and to provide other services related to the use of our website.

Google Analytics uses cookies on the computer system of the data subject. Cookies have already been explained above.

The use of cookies allows Google to analyze the use of our website.

Each time an individual page of this website is visited, where the Google Analytics component has been integrated by the data collector, the Internet browser of the data subject’s computer system is automatically initiated by the respective Google Analytics component to submit data to Google for online analysis. In the course of this technical process, Google acquires personal data, such as the IP address of the data subject, which is used by Google, among other things, to track the origin of visitors and clicks and subsequently make it possible to pay commissions.

Cookies store personally identifiable information, such as the time of access, the location from which the access was made, and the frequency of visits to the site by the individual. Each time you visit our website, your personal information, including the IP address of the Internet connection used by the individual, is transmitted to Google in the United States of America. This personal information is stored by Google in the United States of America. Google may pass on this personal data collected as part of the technical process to third parties.

The data subject may prevent cookies from being set via our website at any time, as described above, by means of a corresponding setting in the Internet browser used and thus permanently override the cookie setting. Such a setting in the Internet browser used would also prevent Google from placing a cookie on the data subject’s information technology system. Furthermore, cookies that have already been set by Google Analytics can be deleted at any time via the Internet browser or other software.

Additionally, the data subject has the opportunity to object to and prevent the collection of data generated by Google Analytics for the use of this website and the processing of such data by Google. To do this, the person must download and install a browser add-on at https://tools.google.com/dlpage/gaoptout.

This browser add-on informs Google Analytics via JavaScript that no data and information about visits to the website can be transmitted to Google Analytics. The installation of the browser add-on is considered by Google as a contradiction. If the data subject’s computer system is subsequently deleted, formatted or reinstalled, the data subject must reinstall the browser add-on to deactivate Google Analytics. If the browser add-on is uninstalled or deactivated by the data subject or any other person within his or her sphere of control, it is possible to reinstall or reactivate the browser add-on.

Additional information and Google’s privacy policy are available at https://www.google.com/intl/en/policies/privacy and https://marketingplatform.google.com/about/analytics/terms/fr/. Google Analytics is explained in more detail at https://www.google.com/intl/de_de/analytics.

 

Privacy Policy for the Operation and Use of Google AdWords

The controller has integrated Google AdWords on this website. Google AdWords is an Internet advertising service that allows advertisers to leverage the search engine results of Google and the Google Network. Google AdWords allows an advertiser to predefined keywords that will display an ad on Google’s search engine results only when the search engine retrieves a search result related to the keyword. In the Google Network, ads are served on thematic web pages using an automated algorithm and based on predefined keywords.

The company operating the Google AdWords services is Google Inc, 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, USA.

The purpose of Google AdWords is to promote our website by displaying interest-based ads on third-party websites and in Google’s search engine results and by displaying ads on our website.

If a data subject visits our website via a Google ad, a so-called conversion cookie will be stored by Google in his or her computer system.

Cookies have already been explained above.

A conversion cookie expires after thirty days and is not used to identify the person concerned. With regard to the conversion cookie, if the cookie has not yet expired on our website, it can be tracked on certain sub-pages such as the shopping cart of an online store system. The conversion cookie allows us and Google to understand whether a data subject who came to our website via an AdWords ad generated revenue, i.e. completed or canceled a purchase.

The data and information collected through the use of the conversion cookie is used by Google to create statistics about visitors to our website. These traffic statistics are then used by us to determine the total number of users referred to us through AdWords ads, to determine the success or failure of each AdWords ad, and to optimize our AdWords ads for the future.

Neither our company nor any other Google AdWords advertiser receives any personally identifiable information from Google.

Conversion cookies store personally identifiable information, such as the web pages visited by the data subject. Each time you visit our website, your personal information, including the IP address of the Internet connection used by the data subject, is transmitted to Google in the United States of America. This personal information is stored by Google in the United States of America. Google may pass on this personal data collected as part of the technical process to third parties.

The data subject can prevent cookies from being set via our website at any time, as described above, by means of a corresponding setting in the Internet browser used and thus permanently prevent the setting of cookies. Such a setting in the Internet browser used would also prevent Google from placing a conversion cookie on the data subject’s information technology system. Furthermore, a cookie that has already been set by Google AdWords can be deleted at any time via the Internet browser or other software.

In addition, the data subject has the opportunity to object to interest-based advertising by Google. To do so, the data subject must access the link www.google.com/settings/ads from any Internet browser he or she uses and make the desired settings there.

Additional information and Google’s privacy policy are available at https://www.google.com/intl/en/policies/privacy/.

 

Legal Basis for Processing

Art. 6 I lit. A GDPR serves our company as the legal basis for processing operations in which we obtain consent for a particular processing purpose.

If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, as is the case, for example, in processing operations necessary for the supply of goods or the provision of any other service or consideration, the processing is based on Art. 6 I lit b DSGVO.

The same applies to processing necessary for the execution of pre-contractual measures, for example in the case of inquiries about our products or services. If our company is subject to a legal obligation that requires the processing of personal data, such as the fulfillment of tax obligations, the processing is based on Art. 6 I lit. c DSGVO.

In rare cases, processing of personal data may be necessary to protect the vital interests of the data subject or another individual. This would be the case, for example, if a visitor to our premises were injured and his or her name, age, health insurance or other vital information had to be passed on to a doctor, hospital or other third party. The processing would then be based on Art. 6 I lit. d DSGVO.

As a last resort, processing operations could be based on Art. 6 I lit. f DSGVO. On this legal basis, processing operations that are not covered by one of the above legal bases are required if the processing is necessary to safeguard the legitimate interests of our company or a third party, unless the interests, fundamental rights and fundamental freedoms of the data subject prevail. Such processing is particularly permissible for us because it has been specifically mentioned by the European legislator. In this regard, it is considered that a legitimate interest could be presumed if the data subject is a customer of the controller (Recital 47, second sentence, DSGVO).

The processing of personal data based on Article 6 I lit. f DSGVO is our legitimate interest to conduct our business in the interest of all our employees and shareholders.

 

Duration of Retention of Personal Data

The standard for the retention of personal data is the applicable legal retention period. After this period has elapsed, the relevant data will be systematically deleted if it is no longer required for the execution of the contract or the initiation of a contract.

Legal or contractual provisions for the provision of personal data; Necessity for the conclusion of the contract; Obligation of the data subject to provide personal data; Possible consequences of non-provision

Please note that the provision of personal data is in part required by law (such as tax regulations) or may result from contractual agreements (such as contractor details). Occasionally, it may be necessary for the conclusion of a contract for a data subject to provide us with personal data that must then be processed by us. For example, the data subject is required to provide us with personal information when signing an employment contract with us. Failure to provide the personal data would mean that the contract with the data subject could not be finalized. Before the data subject provides personal data, they must contact one of our employees. Our employee will inform the person on a case-by-case basis whether the provision of personal data is required by law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide personal data and the consequences of not providing personal data.