Data Protection Information of
Etribes Connect GmbH

Data Protection Information of Etribes Connect GmbH

We comply with the applicable data protection regulations, in particular the requirements of the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (Bundesdatenschutzgesetz (BDSG). We only process your personal data if the law permits the data processing or if you have given your consent to the processing of your data. The transparency of data processing is an important concern for us, so that we would like to inform you comprehensively with the following notes on data protection.

Overview

1. Responsibility

Responsible for processing your personal data on this website is:

Etribes Connect GmbH
Gänsemarkt 43
20355 Hamburg
Germany
[email protected]

2. Data protection officer

You can reach our data protection officer at:

[email protected]

3. General information on data processing

a. Scope & purpose of the processing of personal data

We process your personal data as a user of this website only for the purposes described in more detail under 4.

b. Legal bases for the processing of personal data

We process your personal data on the following legal bases:

Insofar as we obtain your consent for the processing of personal data, Article 6 (1) a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.

If the processing of your data is necessary for the performance of a contract to which you are a party, Art. 6 (1) b) GDPR serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures that are carried out at your request.

Insofar as processing of your personal data is necessary for compliance with a legal obligation to which we are subject, Art. 6 (1) c) GDPR serves as the legal basis.

If the processing is necessary to protect a legitimate interest of our company or a third party and if your interests as well as your fundamental rights and freedoms do not override the first-mentioned interest, Art. 6 (1) f) GDPR serves as the legal basis for the processing.

c. Data deletion and storage period

Your personal data will be deleted or blocked as soon as the purpose of storage no longer applies. A storage can take place beyond that, if this is provided by laws or other legal regulations binding for us. Data will also be blocked or deleted if a storage period prescribed by the aforementioned legal provisions expires, unless the continued storage of the data is necessary for the conclusion or performance of a contract.

4. Purposes of data processing

a. Logfiles

In the case of purely informational use of the website, i.e. if you do not register or otherwise transmit information to us, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security (legal basis is Art. 6 para. 1 p. 1 f) GDPR):
  • IP address
  • date and time of the retrieval,
  • Name of the pages accessed,
  • referrer URL (origin URL from which visitors came to our web pages),
  • the amount of data transferred,
  • loading time,
  • Browser type, language & version,
  • name of the visitor’s access provider,
  • operating system and its interface.

b. Data processing for advertising purposes

We process your data for marketing purposes only on the basis of explicit consent for these purposes pursuant to Art. 6 (1) (a) GDPR.

Proper order processing agreements have been concluded with service providers that we use for the purpose of supplying advertising and who process data on our behalf strictly in accordance with our instructions.

Reference to the right of objection

You can object to the use of your personal data for advertising purposes at any time, free of charge and with effect for the future, by using the contact options given in section 1.

If you object, your data will be blocked for further data processing for advertising purposes.

c. Contacting us

Contacting us by email, mail and phone

You have the possibility to contact us in several ways. By e-mail, by telephone or by mail. When you contact us, we use the personal data that you voluntarily provide to us in this context solely for the purpose of processing your request.

The legal basis for this data processing is Art. 6 (1) b) GDPR. Your data will be deleted when it is no longer needed for the purpose of processing and there is no legal obligation to store it.

Contact form

Our website contains a contact form that can be used to contact us electronically. If a user takes advantage of this option, the data you enter in the input mask will be transmitted to us in encrypted form and stored.

The legal basis for the processing of your data is Art. 6 para. 1 b) GDPR. The processing of the personal data from the input mask serves us solely for the processing of the contact.

d. Applicant data

We process the personal data of applicants for the purpose of carrying out the application procedure. The legal basis for this processing is Art. 6 para. 1 p. 1 letter b) GDPR (pre-contractual processing at the request of the data subjects).

The processing may also be carried out electronically. This is particularly the case if applicants send us the relevant application documents electronically, for example by e-mail. If an employment contract is concluded with an applicant, the transmitted data will be stored for the purpose of fulfilling the employment relationship in compliance with the statutory provisions. If no employment contract is concluded, the application documents are automatically deleted six months after notification of the rejection decision.

5. Use of cookies

In addition to the previously mentioned data, cookies may be stored on your computer when you use our website. However, this only happens if you give your consent to the storage of cookies. This does not apply to cookies that are technically necessary for the operation of our website and the functionalities provided therein.

Cookies are small text files that are stored on your hard drive by the browser you are using. Cookies cannot execute programs or transfer viruses to your computer.

This website uses the following types of cookies, the scope and functionality of which are explained below:

a. Storage period of the cookies

We sometimes use temporary cookies. These cookies are automatically deleted when you close the browser. These include in particular the session cookies. These store a so-called session ID, with which various requests of your browser can be assigned to the common session. This allows your computer to be recognized when you return to our website during a session. The session cookies are deleted when you log out or close the browser. The temporary cookies that we set on our website are technically necessary for you to be able to use our website, so no explicit consent is required from you (Section 25 (2) No. 1 TTDSG).

In addition, some cookies have a storage period of one day up to two years. As a matter of principle, we only set these cookies with your consent (Section 25 (1) TTDSG), unless the cookies are technically necessary to be able to use our website.

You can find out which cookies are set in detail and how long they are stored under “Cookie information” in our cookie banner.

b. Statistics Cookies

aa. LinkedIn

We maintain an online presence on LinkedIn to which we link. LinkedIn is a service of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (hereinafter: LinkedIn). Please note that you use the LinkedIn service and its functionalities on your own responsibility. This applies in particular to the use of interactive functions, such as sharing.

LinkedIn is the sole responsible party for the processing of personal data when you visit our LinkedIn page. For more information about the processing of personal data by LinkedIn, please visit https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy.

When you visit, follow or engage with our LinkedIn page, LinkedIn processes personal data to provide us with anonymized statistics and insights. This provides us with insights into the use of our LinkedIn page (so-called page insights). For this purpose, LinkedIn processes in particular data that you have already provided to LinkedIn via the information in your profile, such as data on function, country, industry, seniority, company size and employment status. In addition, LinkedIn will process information about how you interact with our LinkedIn company page, such as whether you are a follower of our LinkedIn company page. LinkedIn does not provide us with any personal data from you in this context. This processing of personal data in the context of page insights is carried out by LinkedIn and us as joint controllers. The processing serves our legitimate interests in knowing about the use of our LinkedIn page. The legal basis for this processing is Art. 6 (1) (f) GDPR. As we are jointly responsible with LinkedIn for this processing, we have entered into an agreement on processing as joint controllers, which sets out the distribution of data protection obligations between us and LinkedIn. The agreement is available at: https://legal.linkedin.com/pages-joint-controller-addendum. You can exercise your rights under the GDPR against LinkedIn via the following link ( https://www.linkedin.com/help/linkedin/ask/PPQ?lang=de) online or via the contact details in LinkedIn’s Data Protection Policy. You can reach the Data Protection Officer at LinkedIn Ireland via the following link:  https://www.linkedin.com/help/linkedin/ask/TSO-DPO. You can also contact us at any time at our contact details provided regarding the exercise of your rights. In such a case, we will forward your request to LinkedIn. Under the Joint Responsibility Agreement (see above), the Irish Data Protection Commission is the lead supervisory authority overseeing processing for Page Insights. You may lodge a complaint with the Irish Data Protection Commission (see www.dataprotection.ie) or with any other supervisory authority at any time.

Please note that according to the LinkedIn Privacy Policy, personal data is also processed by LinkedIn in the USA or other third countries. According to its own information, LinkedIn only transfers personal data to countries for which an adequacy decision of the European Commission according to Art. 45 GDPR is available or on the basis of appropriate guarantees according to Art. 46 GDPR.

bb. Google Analytics

If you have expressly consented (Section 25 (1) TTDSG), we use Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”), for the purpose of demand-oriented design and ongoing optimization of our pages. If personal data is collected in the process, the legal basis for the processing is Art. 6 para. 1 p. 1 letter a) GDPR (consent).

Google Analytics uses cookies that are stored on your computer and that enable an analysis of your use of the website. The data collected in this process is essentially as follows:

  • Browser type/version,
  • operating system used,
  • Referrer URL (the previously visited page),
  • Host name oft he accessing computer (IP address),
  • time of the server request

Google uses this data to evaluate your use of our website on our behalf, to compile reports on website activity and to provide us with other services related to website activity and internet usage. The IP address transmitted by your browser will not be merged with other data from Google.

You can revoke your consent to the use of Google Analytics at any time and thus prevent the further collection of data by Google Analytics.

Further information on data protection in connection with Google Analytics can be found on the web pages of Google.

c. Marketing Cookies

Google Tag Manager

With your express consent, we also use the Tag Manager for the Google service Google Analytics. The Google Tag Manager itself does not collect any personal data. The Tag Manager makes it easier for us to integrate and manage our tags. Tags are small code elements that are used, among other things, to measure traffic and visitor behavior, to record the impact of online advertising and social channels, to set up remarketing and targeting, and to test and optimize websites. The service provider of the Google Tag Manager is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, website: https://marketingplatform.google.com, whose privacy policy you can access via https://policies.google.com/privacy. For further information on Google Tag Manager, please refer to https://www.google.com/intl/de/tagmanager/use-policy.html.

d. External media

aa. Google Maps

We may integrate maps from the Google Maps service of the provider Google. The processed data may include, in particular, IP addresses and location data of users, which, however, are not collected without their consent (usually executed in the context of the settings of their mobile devices). The data may be processed in the USA. Its data protection information can be found at: https://www.google.com/policies/privacy/

Your consent is also required for the integration of Google Maps in accordance with Section 25 (1) TTDSG.

aa. YouTube

We may integrate videos from the “YouTube” platform of the provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (Google). You can find their data protection information at: https://www.google.com/policies/privacy/

The prerequisite for the integration is your consent in accordance with § 25 para. 1 TTDSG.

6. Dicslosure of data

The transfer of personal data to service providers subject to instructions only takes place on the basis of a proper agreement on commissioned processing in accordance with Art. 28 GDPR.

The processing mentioned under 5. and 6. causes a data transfer to the servers of the providers of tracking or targeting technologies commissioned by us. These servers may be located in the USA. The data transfer takes place on the basis of so-called standard contractual clauses of the EU Commission. With the exception of the processing described above, we do not pass on your data to recipients based outside the European Union or the European Economic Area.

7. Your rights

When processing your personal data, you have the following rights, which we are happy to inform you about below. For this purpose, you can contact us as the data controller or the data protection officer. You can find the contact details above under 1. and 2.

a. Rights according to Art. 15 – 18, 20 GDPR

You have the right to request information about your stored personal data from us at reasonable intervals (Art. 15 GDPR). This information extends to the question of whether we have stored personal data of you and, among other things, what data is involved and for what purposes the data is processed. Upon request, we will provide you with a copy of the data that is the subject of the processing.

In addition, you have the right to request that we correct incorrectly stored data (Art. 16 GDPR).

You also have the right to request that we delete your personal data, provided that the legal requirements for the right to erasure are met (Art. 17 GDPR). Among other things, we are obligated to delete your personal data if it is no longer necessary for the purposes for which it was collected or otherwise processed, if you have revoked consent once given and there is no other legal basis for its continued storage, or if the data was processed unlawfully.

Under certain conditions, you have the right to restrict the processing of your personal data (Art. 18 GDPR). This includes if you dispute the accuracy of your personal data and we have to verify your objection. In this case, your data may not be further processed by us, with the exception of storage, until the issue of correctness has been resolved.

b. No contractual or legal obligation to provide the data / Consequences of not providing the data

You are under no contractual or legal obligation to provide us with your personal data. Please note, however, that we will not be able to respond to your inquiries or you will not be able to conclude a contract with us for the use of our services if we are not allowed to collect and process the data that we need for the stated purposes (see → Purposes of data processing).

c. Right to object at any time according to Art. 21 GDPR

You have the right to object to the processing of your personal data at any time. We will then terminate the processing unless we can demonstrate compelling legitimate grounds for the processing which override your interests in the termination of the processing. The objection to the processing of your personal data for direct marketing purposes is possible at any time without restrictions.

d. Right to withdraw consent at any time

If the data processing by us is based on your consent, you have the right to revoke your consent at any time. The lawfulness of the processing carried out on the basis of the consent until the revocation remains unaffected by the revocation.

e. Right of complaint to a supervisory authority

You have the right to complain to a supervisory authority. You can reach the supervisory authority responsible for us at the following address:

The Hamburg Commissioner for Data Protection and Freedom of Information (Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit)
Ludwig-Erhard-Straße 22
20459 Hamburg
Germany
https://www.datenschutz-hamburg.de

Status: October 2023