Privacy policy

Controller

Responsible for the processing of your personal data is

Piline GmbH & Co. KG
Kolumbusstrasse 27
71063 Sindelfingen
Phone +49 (0) 7031 41037-30
info@piline.com.

Data Protection Officer

You can reach the data protection officer as follows

Ms. Iris Lehmann
Piline Engineering GmbH & Co. KG
Kolumbusstraße 27
71063 Sindelfingen

Processing of data

We process your data as part of our service provision in development projects in the manufacturing industry as well as in personnel consulting and commercial services. We receive the data that we collect and process directly from you. We do not receive any data about you from third parties.

We store the names, addresses and contact details of our customers and suppliers (legal basis Art. 6 para. 1 lit. b) GDPR) in order to be able to contact you. For applicants, we also store all information that you provide to us via the application form or email. This information is necessary in order to successfully complete the application process (legal basis Art. 6 para. 1 lit. f) GDPR).

f we already have an existing contract or it is the initiation of a contractual relationship, the provision of the data is necessary for the fulfillment of our (future) contract. Failure to provide the data would restrict or make it impossible to provide the agreed services.

Your personal data is stored on specially protected computers. The reading and further processing of your data is subject to strict internal regulations and is carried out exclusively for the purpose for which you have provided us with this data. We do not sell any personal data to third parties. All our employees and all those involved in data processing are obliged to comply with the General Data Protection Regulation and to handle personal data confidentially. Our security measures are continuously revised in line with technological developments.
 

Disclosure of data

Data is passed on within the scope of the contractually agreed purposes. This includes, for example, the transfer of personal data to public authorities due to legal requirements (tax office, social security institutions, ...) and the transfer of data to external service providers (banks, insurance companies, payroll accounting, tax consultants, ...).

If you use our links to social media or take part in a video conference, data may also be passed on. For more information, please refer to the relevant sections below.

Deletion of the data

The data would be deleted as soon as the reason why we process the data no longer applies. For most data, however, there are legal or contractual retention periods that prevent this. For the former, for example, we must retain business communications for six years in accordance with the German Commercial Code (HGB) and tax documentation for ten years in accordance with the German Tax Code (AO). If the purpose of processing has been fulfilled during this period, the data will be blocked for further processing and deleted after the retention periods have expired.
(* In the following, the terms also refer to both genders).

Contact via the contact form

It is possible to visit our website without providing personal data. Only if you contact us via the contact form will the information you provide be stored and used to process your request. Any further use or disclosure to third parties is excluded. We have a legitimate interest in responding to your contact (legal basis Art. 6 para. 1 lit. f) GDPR).

We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Mandatory statutory provisions - in particular retention periods - remain unaffected.

Inquiries by e-mail, telephone or fax

If you contact us by e-mail, telephone or fax, we will store and process your inquiry, including all personal data (name, inquiry), for the purpose of processing your request. We will not pass on this data without your consent. This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your request is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the inquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested. The data you send to us via contact requests will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.

Communication via webex

We use the online conferencing tool Webex to communicate with our customers. If you communicate with us by video or audio conference via the Internet, your personal data will be collected and processed by us and the provider. Webex collects all data that you provide/enter to use the tool (e-mail address and/or your telephone number). The conference tool also processes the duration of the conference, the start and end (time) of participation in the conference, the number of participants and other “context information” in connection with the communication process (metadata). Furthermore, the provider of the tool processes all technical data that is required to process the online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or loudspeaker and the type of connection. If content is exchanged, uploaded or provided in any other way within the tool, this is also stored on the tool provider's server. Such content includes, in particular, cloud recordings, chat/instant messages, voicemails, uploaded photos and videos, files, whiteboards and other information shared while using the service. Please note that we do not have full control over the data processing operations of Webex have. Our options are largely determined by the provider's company policy. Further information on data processing by the conference tool can be found in Webex's privacy policy, which we have listed below this text.

Purpose and legal basis: The conference tool is used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6 para. 1 lit. b GDPR). Furthermore, the use of the tool serves the general simplification and acceleration of communication with us or our company (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). If consent has been requested, Webex is used on the basis of this consent; consent can be withdrawn at any time with effect for the future.

Storage period: The data collected directly by us via the video and conference tool will be deleted from our systems as soon as you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Stored cookies remain on your end device until you delete them. Mandatory statutory retention periods remain unaffected. We have no influence on the storage period of your data that is stored by the operator of the conference tool for its own purposes. For details, please contact the operator of the conference tool directly.

The provider of this service is Webex Communications Deutschland GmbH, Hansaallee 249 c/o Cisco Systems GmbH, 40549 Düsseldorf, Germany. It cannot be ruled out that the data processed with WebEx will be transferred to third countries (e.g. the USA). Webex has Binding Corporate Rules (BCR) that have been approved by Dutch, Polish, Spanish and other relevant European data protection regulatory authorities. These are binding corporate rules that legitimize the internal transfer of data to third countries outside the EU and EEA.

Details can be found here:
https://www.cisco.com/c/de_de/about/trust-center/data-protection-and-privacy-policy.html and https://konferenzen.telekom.de/fileadmin/Redaktion/conference/ciscowebex/Webex_Compliance_Deutsch_V1.0.pdf.

Details on data processing can be found in Webex's privacy policy:
https://www.cisco.com/c/de_de/about/legal/privacy-full.html.

Order processing: We have concluded an order processing contract (AVV) with the above-mentioned provider. This is a contract prescribed by data protection law, which ensures that the provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.

You have the right to obtain information from us as to which of your personal data we have stored. You have the right to rectification of incorrect personal data, erasure of your personal data, data portability and restriction of the processing of your personal data.

In the event of improper processing of your personal data, you can contact the supervisory authority.

If you have any questions about data protection or would like to exercise your rights, please contact: datenschutz@piline.com

Withdrawal of your consent to data processing: If you have given us your consent, you have the right to object to the processing of your personal data. The processing of your personal data will then be blocked at the time of receipt of the objection. The objection does not affect the data that has been processed up to the time of receipt of the objection. Once the objection has been examined, we will inform you of the other options available to you.

Right to object to the collection of data in special cases and to direct advertising (art. 21 gdpr)
If the data processing is based on art. 6 abs. 1 lit. E or f gdpr, you have the right to object to the processing of your personal data at any time on grounds relating to your particular situation; this also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this privacy policy. If you object, we will no longer process your personal data concerned unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defense of legal claims (objection pursuant to art. 21 para. 1 gdpr). If your personal data are processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling to the extent that it is related to such direct marketing. If you object, your personal data will subsequently no longer be used for the purpose of direct marketing (objection pursuant to art. 21 para. 2 gdpr)
 

Piline stores, collects, processes and uses the information and application documents sent as well as all information and data provided therein, insofar as they are necessary for the implementation and processing of the application procedure, automatically by machine and manually in accordance with the provisions of the General Data Protection Regulation. The storage of your data is based on our legitimate interest in successfully completing the application process (legal basis Art. 6 para. 1 lit. f) GDPR).

Applicant data is stored by us in an applicant management system. The operator of this management system is the company Coveto. The responsible body there is Pia Tischer, arsmedia, Gutleutstraße 12, 63667 Nidda. You can view coveto's privacy policy at: www.coveto.de/datenschutz

The applicant has the right to withdraw his/her application and consent to the storage of his/her data and/or to object to further storage/processing of the applicant data at any time. Furthermore, the applicant is entitled to all the rights of the data subject described above.

We have taken technical and organizational measures to ensure that your data is safe with us. Our employees have committed themselves in writing to the careful handling of personal data in accordance with the GDPR.

You can share our job advertisements in the following social media: Facebook, X (formerly Twitter), Whatsapp, Xing and LinkedIn.

The corresponding buttons are integrated using the Shariff solution:

Social plugins (“plugins”) from social networks are used on our website. In order to increase the protection of your data when you visit our website, the plugins are not integrated into the page without restrictions, but only using an HTML link (so-called “Shariff solution”). This integration ensures that no connection is established with the servers of the provider of the respective social network when a page of our website containing such plugins is accessed. If you click on one of the buttons (consent), a new window of your browser opens and calls up the page of the respective service provider, where you can (if necessary after entering your login data) e.g. press the Like or Share button.

Activating the plugin constitutes consent within the meaning of Art. 6 para. 1 lit. a GDPR and Section 25 para. 1 TDDDG. You can revoke this consent at any time with effect for the future.

The service is used to obtain the legally required consent for the use of certain technologies. The legal basis for this is Art. 6 para. 1 lit. c GDPR.

The purpose and scope of the data collection and the further processing and use of the data by the providers on their pages as well as your rights in this regard and setting options to protect your privacy can be found in the  privacy policies of the providers:

XING: www.xing.com/privacy
LinkedIn: www.linkedin.com/legal/privacy-policy
facebook: www.facebook.com/policy.php
twitter: www.twitter.com/de/privacy
Whatsapp: www.whatsapp.com/legal/

Facebook Plugins (Like & Share-Button)

Plugins from the social network Facebook are integrated on this website. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected is also transferred to the USA and other third countries. You can recognize the Facebook plugins by the Facebook logo or the “Like” button on this website. You can find an overview of the Facebook plugins here: https://developers.facebook.com/docs/plugins/?locale=de_DE.

When you click on the button on our website, a direct connection is established between your browser and the Facebook server via the plugin. Facebook receives the information that you have visited this website with your IP address. If you click on the Facebook “Like” button while you are logged into your Facebook account, you can link the content of this website to your Facebook profile. This allows Facebook to associate your visit to this website with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Facebook. Further information on this can be found in Facebook's privacy policy at: https://de-de.facebook.com/privacy/explanation.

If you do not want Facebook to be able to associate your visit to this website with your Facebook user account, please log out of your Facebook user account.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. You can revoke your consent at any time.

Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 GDPR). The joint responsibility is limited exclusively to the collection of the data and its transfer to Facebook. The processing carried out by Facebook after forwarding is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in an agreement on joint processing. You can find the wording of the agreement at: https://www.facebook.com/legal/controller_addendum.

According to this agreement, we are responsible for providing data protection information when using the Facebook tool and for the secure implementation of the tool on our website in accordance with data protection law. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g. requests for information) regarding the data processed by Facebook directly with Facebook. If you assert your data subject rights with us, we are obliged to forward them to Facebook.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: 

https://www.facebook.com/legal/EU_data_transfer_addendum
https://de-de.facebook.com/help/566994660333381
https://www.facebook.com/policy.php

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt0000000GnywAAC&status=Active.

X (formerly Twitter)

Functions of the X (formerly Twitter) service are integrated on this website. These functions are offered by the parent company X Corp, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. The Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland, is responsible for the data processing of persons living outside the USA.

When the social media element is active, a direct connection is established between your end device and the X server. X (formerly Twitter) thereby receives information about your visit to this website. By using X (formerly Twitter) and the “Re-Tweet” or “Repost” function, the websites you visit are linked to your X (formerly Twitter) account and made known to other users. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by X (formerly Twitter). Further information on this can be found in the privacy policy of X (formerly Twitter) at:https://twitter.com/de/privacy.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission.

You can find details here: https://gdpr.twitter.com/en/controller-to-controller-transfers.html.

You can change your data protection settings at X (formerly Twitter) in the account settings at twitter.com/account/settings.
 

LinkedIn Plugin

Diese Website nutzt Funktionen des Netzwerks LinkedIn. Anbieter ist die LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Irland.

Wenn Sie den Button auf unserer Webseite anklicken, wird über das Plugin eine direkte Verbindung zwischen Ihrem Browser und dem LinkedIn-Server hergestellt. LinkedIn wird darüber informiert, dass Sie diese Website mit Ihrer IPAdresse besucht haben. Wenn Sie den „Recommend-Button“ von LinkedIn anklicken und in Ihrem Account bei LinkedIn eingeloggt sind, ist es LinkedIn möglich, Ihren Besuch auf dieser Website Ihnen und Ihrem Benutzerkonto zuzuordnen. Wir weisen darauf hin, dass wir als Anbieter der Seiten keine Kenntnis vom Inhalt der übermittelten Daten sowie deren Nutzung durch LinkedIn haben.

Die Nutzung dieses Dienstes erfolgt auf Grundlage Ihrer Einwilligung nach Art. 6 Abs. 1 lit. a DSGVO und § 25 Abs. 1 TDDDG. Die Einwilligung ist jederzeit widerrufbar.

Die Datenübertragung in die USA wird auf die Standardvertragsklauseln der EU-Kommission gestützt.

Details finden Sie hier:
https://www.linkedin.com/help/linkedin/answer/62538/datenubertragung-aus-der-eu-dem-ewr-und-derschweiz?lang=de

Weitere Informationen hierzu finden Sie in der Datenschutzerklärung von LinkedIn unter:
https://www.linkedin.com/legal/privacy-policy.

Das Unternehmen verfügt über eine Zertifizierung nach dem „EU-US Data Privacy Framework“ (DPF). Der DPF ist ein Übereinkommen zwischen der Europäischen Union und den USA, der die Einhaltung europäischer Datenschutzstandards bei Datenverarbeitungen in den USA gewährleisten soll. Jedes nach dem DPF zertifizierte Unternehmen verpflichtet sich, diese Datenschutzstandards einzuhalten. Weitere Informationen hierzu erhalten Sie vom Anbieter unter folgendem Link:
https://www.dataprivacyframework.gov/participant/5448.

XING Plugin

This website uses functions of the XING network. The provider is New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany.

If you click on the button on our website, a connection to XING servers is established via the plugin. To the best of our knowledge, no personal data is stored in the process. In particular, no IP addresses are stored or usage behavior evaluated.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time.

Further information on data protection and the XING Share button can be found in XING's privacy policy at
https://www.xing.com/app/share?op=data_protection.
 

WhatsApp

This website uses functions of the WhatsApp messaging service. The provider is WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

Communication takes place via end-to-end encryption (peer-to-peer), which prevents WhatsApp or other third parties from gaining access to the communication content. However, WhatsApp receives access to metadata that is created in the course of the communication process (e.g. sender, recipient and time). We would also like to point out that WhatsApp states that it shares personal data of its users with its parent company Facebook, which is based in the USA. Further details on data processing can be found in WhatsApp's privacy policy at
https://www.whatsapp.com/legal/#privacy-policy.

WhatsApp is used on the basis of our legitimate interest in communicating as quickly and effectively as possible with customers, interested parties and other business and contractual partners (Art. 6 para. 1 lit. f GDPR). If a corresponding consent has been requested, the data processing takes place exclusively on the basis of the consent; this can be revoked at any time with effect for the future.
The communication content exchanged between you and us on WhatsApp will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions - in particular retention periods - remain unaffected.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link:
https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt00000011sfnAAA&status=Active.

We have concluded an order processing contract (AVV) with the above-mentioned provider.

External host

We host our website with Profihost. The provider is Profihost GmbH, Expo Plaza 1, 30539 Hanover (hereinafter referred to as “Profihost”). When you visit our website, Profihost collects various log files including your IP addresses.

Further information can be found in Profihost's privacy policy:
Privacy Policy - Profihost AG.

Profihost is used on the basis of Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in ensuring that our website is displayed as reliably as possible. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

Order processing: We have concluded an order processing contract (AVV) with the above-mentioned provider. This is a contract prescribed by data protection law, which ensures that the provider processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

Server-logfiles

You can use this website without providing any personal data.  The website operator only collects the information required to establish a connection:

• IP address
• the names of the pages accessed
• browser used
• the operating system used
• Date and time of access
• search engines used
• names of downloaded files
• the address of the website from which you came
• the pages you visit on our website.

 
This data is evaluated exclusively for statistical purposes in order to optimize the technical and content quality of our website. We have no way of assigning this data to a specific person. This data is not merged with other data sources. However, the provider reserves the right to check the log data retrospectively if there is a justified suspicion of unlawful use based on concrete evidence.

This data is collected on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website.

SSL encryption

This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as the inquiries you send to us. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL encryption is activated, the data you send to us cannot be read by third parties.

Cookies

Our website does not use cookies in the public area. A session cookie is only placed when you log in to the internal area as an employee.  Session cookies are small pieces of information that a provider stores in the working memory of the visitor's computer. A randomly generated unique identification number, a so-called session ID, is stored in a session cookie. A cookie also contains information about its origin and the storage period. These cookies cannot store any other data. They are only used to enable employees to log in.

If you click on a social media button, watch our YouTube videos or use the Google Maps map service, cookies are set or used by these services. You can find more detailed information on this in the descriptions of the individual services.

Links

If you use external links that are offered on our website, this data protection declaration does not extend to these links. Insofar as we offer links, we assure you that no violations of applicable law were recognizable on the linked websites at the time the link was created. However, we have no influence on compliance with data protection and security regulations by other providers. Therefore, please also inform yourself about the data protection declarations provided on the websites of other providers.

Google Maps

We have included a link to Google Maps on our website. If you click on this link, you will be taken to the provider's website (Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland). Information on the handling of user data can be found in Google's privacy policy:
https://policies.google.com/privacy?hl=de. 

Youtube with extended data protection

This website embeds videos from YouTube. The operator of the pages is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube in extended data protection mode. According to YouTube, this mode means that YouTube does not store any information about visitors to this website before they watch the video. However, the transfer of data to YouTube partners is not necessarily excluded by the extended data protection mode. For example, YouTube establishes a connection to the Google DoubleClick network regardless of whether you watch a video.
As soon as you start a YouTube video on this website, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

Furthermore, YouTube can store various cookies on your end device after starting a video or use comparable recognition technologies (e.g. device fingerprinting). In this way, YouTube can obtain information about visitors to this website. This information is used, among other things, to record video statistics, improve user-friendliness and prevent fraud attempts.

If necessary, further data processing operations may be triggered after the start of a YouTube video, over which we have no influence.

The use of YouTube is in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

Further information about data protection at YouTube can be found in their privacy policy at
https://policies.google.com/privacy?hl=de.

AWStats

We use the AWStats program to evaluate our website statistically. The program is a free web analysis software. It is used to analyze log files that web servers create on the basis of visitor requests. The program does not use cookie files for the analysis. The statistical analysis is carried out via the log files, which also contain IP addresses. The IP address is anonymized during the analysis and can therefore generally not be assigned to specific persons. This data is not merged with other data sources, and the data is deleted after statistical analysis.

In contrast to other statistics programs, AWStats does not transmit any data to a third-party server. The program is installed on our own hosting package. This also prevents data from being transferred abroad, for example, as our server is localized in Germany.

[Translate to Englisch:]

This privacy policy applies to the following social media sites

https://www.xing.com/pages/pilineservicesgmbh-co-kg
https://www.linkedin.com/company/piline-services-gmbh-&-co--kg/mycompany/verification/
 

Data processing by social networks

We maintain publicly accessible profiles on social networks. The individual social networks we use are listed below.

Social networks such as Facebook, X etc. can generally analyze your user behavior comprehensively when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). Visiting our social media presences triggers numerous data protection-relevant processing operations. In detail:

If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies that are stored on your device or by recording your IP address.

With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-based advertising can be displayed to you inside and outside the respective social media presence. If you have an account with the respective social network, the interest-based advertising can be displayed on all devices on which you are logged in or have been logged in.

Please also note that we cannot track all processing operations on the social media portals. Depending on the provider, further processing operations may therefore be carried out by the operators of the social media portals. For details, please refer to the terms of use and data protection provisions of the respective social media portals.

Legal basis

Our social media presence is intended to ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. The analysis processes initiated by the social networks may be based on different legal bases, which must be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 para. 1 lit. a GDPR).

Controller and assertion of rights

If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. You can assert your rights (information, rectification, erasure, restriction of processing, data portability and complaint) both against us and against the operator of the respective social media portal (e.g. Facebook).

Please note that, despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options depend largely on the company policy of the respective provider.

Storage duration

The data collected directly by us via the social media presence will be deleted from our systems as soon as you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Stored cookies remain on your end device until you delete them. Mandatory statutory provisions - in particular retention periods - remain unaffected.

We have no influence on the storage period of your data that is stored by the operators of social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their privacy policy, see below).

Your rights

You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to object, the right to data portability and the right to lodge a complaint with the competent supervisory authority. Furthermore, you can request the rectification, blocking, erasure and, under certain circumstances, the restriction of the processing of your personal data.

Social networks in detail

Facebook

We have a profile on Facebook. The provider of this service is Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland (hereinafter referred to as Meta). According to Meta, the data collected is also transferred to the USA and other third countries.

We have concluded an agreement with Meta on joint processing (Controller Addendum). This agreement specifies which data processing operations we or Meta are responsible for when you visit our Facebook page. You can view this agreement at the following link: https://www.facebook.com/legal/terms/page_controller_addendum.

You can adjust your advertising settings yourself in your user account. To do this, click on the following link and log in:https://www.facebook.com/settings?tab=ads.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.

Details can be found in Facebook's privacy policy: https://www.facebook.com/about/privacy/.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/4452

X (formerly Twitter)

We use the short message service X (formerly Twitter). The provider is the parent company X Corp, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. The Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland, is responsible for the data processing of persons living outside the USA.

You can adjust your X privacy settings yourself in your user account. To do this, click on the following link and log in:https://x.com/settings/account/personalization.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://gdpr.x.com/en/controller-to-controller-transfers.html.

Details can be found in the privacy policy of X (formerly Twitter): https://x.com/de/privacy.

XING

We have a profile on XING. The provider is New Work SE, Am Strandkai 1, 20457 Hamburg, Germany. Details on how they handle your personal data can be found in XING's privacy policy: https://privacy.xing.com/de/datenschutzerklaerung.

LinkedIn

We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.

If you wish to deactivate LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: www.linkedin.com/legal/l/dpa and www.linkedin.com/legal/l/eu-sccs.
Details on how they handle your personal data can be found in LinkedIn's privacy policy: https://www.linkedin.com/legal/privacy-policy.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/5448

YouTube

We have a profile on YouTube. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Details on how they handle your personal data can be found in YouTube's privacy policy: https://policies.google.com/privacy?hl=de.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780