Privacy policy

Responsible

The responsible party pursuant to Art. 4 (7) DSGVO and other data protection provisions, is the

42 Heilbronn gGmbH
Weipertstr. 8-10
74076 Heilbronn

Data Protection Officer

For questions and suggestions regarding data protection and the enforcement of your rights, you are also welcome to contact our data protection officer:

conreri digital development GmbH

Von-Kurtzrock-Ring 16
22391 Hamburg
Tel: 0151 61728308
E-Mail: support@conreri.de
Website: www.conreri.de

General

We collect data of various kinds on our websites. Some data is collected automatically by us when you use our services, for example through the use of so-called cookies. This automatically collected data is mostly of a general nature and mainly contains information about the access duration and the access location.

In addition, we collect personal data and data entered voluntarily by you after your consent if you wish to use certain services. It is possible to use our Internet pages without providing personal data, but the scope of such data may be limited, in some cases considerably.

You decide on your consent to the use of various purposes and service providers when you first access our website. Thereby, it is up to you - except for the processing absolutely necessary for the operation of the website - which data processing you allow.

Due to many regulatory changes, an extensive body of data protection legislation has emerged in recent years, which on the one hand is intended to ensure data security and strengthen users' rights, but on the other hand has produced a flood of relevant terms. In order to make the following more detailed explanations of collected data, legal regulations and rights more accessible, we have briefly summarized the most important of these terms for you below.

Definitions

In our privacy notices, we use terms that are used in the GDPR and defined there. So that you know what is meant by this, we would like to explain the most important terms.

Processor

A processor is a natural or legal person, authority, institution or other body that processes personal data on behalf of the controller in accordance with instructions.

Consent banner

As a user, you have the option to give your consent to processing requiring consent and to revoke this consent for the future. You make this decision via the so-called consent banner, which is automatically called up the first time you visit our website and contains the most important information about the data processing for you.

Cookies

Cookies are text files that contain data of visited websites or domains and are stored by a browser on users' devices. A cookie is primarily used to store information about a user during or after his visit within an online offer. Stored information may include, for example, language settings on a website, login status, a shopping cart, or video interactions. The term cookies also includes other technologies that perform the same functions as cookies (e.g. when user details are stored using pseudonymous online identifiers, also known as "user IDs"). Cookies are used to make websites more user-friendly. Since cookies are stored on the user's computer, you have control over them. You can make changes in the settings of the Internet browser regarding the use and storage of cookies. However, deactivating cookies in most cases leads to limited usability of our offer.

Third

A third party is a natural or legal person, public authority, agency or other body, other than the data subject, the controller, the processor and the persons authorized to process the personal data under the direct responsibility of the controller or the processor.

Consent

Consent is an expression of self-determination under data protection law. Consent is a voluntary, informed and unambiguous expression of intent in the form of a declaration or other unambiguous affirmative action by which the data subject indicates that he or she consents to the processing of personal data relating to him or her. Consent given may be revoked at any time for the future.

Receiver

The recipient is a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not a third party. However, public authorities that may receive personal data in the context of a specific investigation mandate under Union or Member State law shall not be considered as recipients.

Personal data

Personal data is any information relating to an identified or identifiable natural person (hereinafter "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. IP address or cookies) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Pseudonymization

Pseudonymization is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

Telecommunications Telemedia Data Protection Act (TTDSG)

The TTDSG is a law that is intended to protect the integrity of the end device and thus the privacy of the user. The legal basis for the storage and retrieval of information in the end user's terminal device is consent, according to Section 25 (1) sentence 1 TTDSG. This consent is requested when the website is called up.

According to Section 25 (2) No. 2 TTDSG, consent is not required if the storage of information in the end user's terminal equipment or the access to information already stored in the end user's terminal equipment is absolutely necessary in order for the provider of a telemedia service to provide a telemedia service expressly requested by the user. You can see from the cookie settings which cookies are to be classified as absolutely necessary (often also referred to as "technically necessary cookies"), and therefore fall under the exception of Section 25 (2) TTDSG and thus do not require consent.

Please note that the legal basis for the downstream processing of personal data, then results from the GDPR. You will find the relevant legal basis for the processing of personal data on this website in the further course of this data protection notice.

Processing

Processing means any operation or set of operations which is performed upon personal data, whether or not by automatic means. This basically includes any handling of personal data such as the collection, storage, modification, use, transmission, dissemination, erasure or destruction of personal data.

Responsible

The controller is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. The controller must ensure the permissibility of the data processing through the use of technical and organizational measures that must be reviewed regularly.

Data transfer outside the EU

The GDPR ensures an equally high level of data protection within the European Union. When selecting our service providers, we therefore rely on European partners wherever possible when your personal data is to be processed. Only in exceptional cases will we have data processed outside the European Union in the context of using third-party services.

We only permit processing of your data in a third country if the special requirements of Art. 44 et seq. DSGVO are fulfilled. This means that the processing of your data may then only take place on the basis of special guarantees, such as the officially recognized determination by the EU Commission of a level of data protection corresponding to the EU or the observance of officially recognized special contractual obligations, the so-called "standard data protection clauses".

Data collected automatically when using our website

In the case of merely informational use of the website, i.e. if you do not register or otherwise transmit information to us, we only collect the personal data that your browser transmits to our server. A combination of this data with other data sources will not be made without your consent.

When you access our website, we collect the following data, which is technically necessary for us to present our website to you and to ensure stability and security:

the name and address of the requested content,
the date and time of the query,
the description of the web browser and operating system used,
the referral link, which indicates from which page you have reached ours,
the IP address of the requesting computer, which is shortened so that a personal reference can no longer be established.

The temporary storage of the IP address by our system is necessary to enable delivery of the website to the user's computer. For this purpose, the user's IP address must remain stored for the duration of the session.

Temporary storage or processing of this so-called server log data is absolutely necessary for reasons of ensuring the functionality or technical security, in particular for the defense against and defense of attack or damage attempts, and is carried out with our corresponding legitimate interest, according to Art. 6 para.1 lit. f) DSGVO.

Your (data subject) rights

According to the EU General Data Protection Regulation, you have various rights as a data subject, which you can exercise at datenschutz@42heilbronn.de. These are explained to you below:

Right to information

You may request confirmation from us as to whether personal data concerning you is being processed by us. If such processing is taking place, you can request the following information from us:

the purposes for which the personal data are processed;
the categories of personal data which are processed;
the recipients or categories of recipients to whom your personal data have been or will be disclosed;
the planned duration of the storage of your personal data or, if concrete information on this is not possible, criteria for determining the storage duration;
the existence of a right to rectification or erasure of your personal data, a right to restriction of processing by the controller or a right to object to such processing;
the existence of a right of appeal to a supervisory authority
any available information on the origin of the data, if the personal data are not collected from the data subject;
the existence of automated decision-making, including profiling, pursuant to Article 22(1) and (4) of the GDPR and, at least in these cases, meaningful information about the logic involved and the scope and intended effects of such processing for the data subject.

In addition, you have the right to request information about whether your personal data is transferred to a third country or to an international organization. In this context, you may request to be informed about the appropriate safeguards, according to Art. 46 DSGVO in connection with the transfer.

You also have a right of rectification and completion against us if your personal data is incorrect or incomplete.

Right of complaint to the supervisory authority

If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with the supervisory authority responsible for us:

The State Commissioner for Data Protection and Freedom of Information of Baden-Württemberg

Lautenschlagerstrasse 20
70173 Stuttgart

Tel.: 0711/615541-0

E-mail: poststelle@lfdi.bwl.de

Website: https://www.baden-wuerttemberg.datenschutz.de

The supervisory authority to which the complaint has been submitted will inform you about the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR.

Right to restriction of processing

Under the following conditions, you can request the restriction of the processing of your personal data:

if you dispute the accuracy of your personal data for a period of time that enables the controller to verify the accuracy of the personal data;
the processing is unlawful and you object to the erasure of the personal data and request instead the restriction of the use of the personal data;
we no longer need the personal data for the purposes of processing, but you need them for the assertion, exercise or defense of legal claims, or
if you have objected to the processing pursuant to Art. 21 (1) DSGVO and it has not yet been determined whether our legitimate grounds override your grounds.

If the processing of your personal data has been restricted, this data - apart from its storage - may only be processed with your consent or for the assertion, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the Union or a Member State. If the processing has been restricted in accordance with the above conditions, you will be informed by us before the restriction is lifted.

Right to deletion

You may request that we delete your personal data without undue delay, and we are obliged to delete such data without undue delay, if one of the following reasons applies:

Your personal data is no longer necessary for the purposes for which it was collected or otherwise processed;
You revoke your consent on which the processing was based pursuant to Art. 6 (1) a) or Art. 9 (2) a) DSGVO and there is no other legal basis for the processing;
You object to the processing pursuant to Art. 21 (1) DSGVO and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 (2) DSGVO;
Your personal data have been processed unlawfully;
The deletion of your personal data is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject;
Your personal data was collected in relation to information society services offered pursuant to Art. 8 (1) DSGVO.

The right to erasure does not exist insofar as the processing is necessary:

to exercise the right to freedom of expression and information;
for compliance with a legal obligation which requires processing under Union or Member State law to which the controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
for reasons of public interest in the area of public health pursuant to Art. 9(2)(h) and (i) and Art. 9(3) DSGVO;
for archiving purposes in the public interest, scientific or historical research purposes, or for statistical purposes pursuant to Article 89(1) of the GDPR, insofar as the right referred to in Section a) is likely to render impossible or seriously prejudice the achievement of the purposes of such processing, or for the establishment, exercise or defense of legal claims.

If you have asserted the right to rectification, erasure or restriction of processing against us, we are obliged to notify all recipients to whom your personal data have been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.

Right to data portability

You have the right to receive your personal data that you have provided to us in a structured, common and machine-readable format. In addition, you have the right to transfer this data to another controller without hindrance from us, provided that

the processing is based on consent pursuant to Art. 6 (1) a) DSGVO or Art. 9 (2) a) DSGVO or on a contract pursuant to Art. 6 (1) b) DSGVO and
the processing is carried out with the help of automated procedures.

In exercising this right, you also have the right to have your personal data transferred directly from us to another controller, insofar as this is technically feasible. Freedoms and rights of other persons must not be affected by this. The right to data portability does not apply to processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

Use of our website

In this section, we have prepared the data protection information that is important for you in the context of using our website.

Applications

You have the opportunity to apply for the positions we advertise. To process your application, we need your first and last name, email address, the function in which you are interested, a short letter of motivation and, as an attachment, your CV and a letter of application. We process your personal data in accordance with the applicable data protection regulations on the basis of Art. 88 (1) DSGVO in conjunction with. § 26 para. 1 p. 1 BDSG. We process the data that you disclose to us as part of your application solely for the purpose of selecting applicants. Data processing for other purposes does not take place.

Your information will be treated confidentially in our company. If your application is unsuccessful, your documents will be deleted 4 months after the end of the application process.

In the event that we would also like to consider your application for other or future job postings, we will explicitly ask you to provide your consent.

Application for studies and admission to studies

We process your personal data, which you provide in our admission questionnaire, primarily to carry out the application process and to decide on admission to the study program. In this respect, the data processing is carried out for the implementation of pre-contractual measures that precede a contractually regulated business relationship. The data processing is therefore necessary for the implementation of your application (Art. 6 para. 1 lit. b DSGVO). In the application process, an individual email address is also created using your profile name. This is formed as follows: "vorname.nachname@student42heilbronn.de". This is done in our legitimate interest in the creation of uniform email addresses and thus on the basis of Art. 6 para. 1 p. 1 lit. f DSGVO.

If you give your express consent, we will send you an invitation to participate in our final survey by e-mail. This is done on the basis of Art. 6 para. 1 p. 1 lit. a DSGVO. You can revoke your consent at any time. You can easily revoke your consent, for example, by clicking on the unsubscribe link in the e-mail.

We also use a bot, or Discord, to connect with you, keep you up to date on current issues, and to assist you with any problems that may arise during your studies. We also use this to invite you to complete surveys. This is done on the basis of our legitimate interest in communicating with you and optimizing our offer (Art. 6 para. 1 p. 1 lit. f DSGVO).

If your application is successful, we may require further personal data from you in addition to the data you provided in your application. We will then process your personal data primarily for the purpose of processing, concluding and implementing the study contract concluded with you. The processing of your personal data may then arise on the one hand due to the implementation of pre-contractual measures that precede a contractually regulated business relationship or on the other hand in the fulfillment of obligations arising from a concluded contract with you (Art. 6 para. 1 sentence 1 lit. b DSGVO).

Furthermore, it may be necessary for the processing of your personal data to protect legitimate interests (Art. 6 para. 1 p. 1 lit. f DSGVO). The legitimate interests are in particular the conclusion, processing and implementation of the study contract. Furthermore, legitimate interests include internal administrative purposes (e.g. for accounting), communication with you, support in the context of the study program, ensuring IT security and IT operations, as well as the assertion, exercise or defense of legal claims.
In addition, we are subject to various legal obligations that may make it necessary to process your personal data that you have provided to us as a (prospective) student (Art. 6 para. 1 p. 1 lit. c DSGVO). These legal obligations may arise, for example, from tax law (e.g. to comply with withholding periods vis-à-vis the tax office), commercial and foreign trade law or sanctions law.

Within the scope of our business relationship, you must provide those personal data that are required for the decision of the conclusion, the implementation and the execution of the study contract as well as for the fulfillment of the associated obligations arising from the contract, the collection of which we are obliged to do by law or are entitled to do on the basis of legitimate interests. Without this data, we will generally not be able to contact you.

Consent Banner with Usercentrics

The recipient of your data within the meaning of Art. 13 (1) e) DSGVO is Usercentrics GmbH (Usercentrics). In the course of data processing, we transmit personal data (consent data) to Usercentrics GmbH, Sendlingerstr. 7, 80331 Munich, who support us as a processor. Consent data includes the following data: Consent ID, consent number, consent timestamp, implicit or explicit consent, opt-in or opt-out, banner language, customer preference, template version and device data: HTTP agent and HTTP referrer. The data is processed for the purpose of fulfilling legal obligations (obligation to provide evidence according to Art. 7 para. 1 DSGVO) and the associated documentation of consent and thus on the basis of Art. 6 para. 1 s.1 lit. c) GDPR. Local Storage is used for the storage of the data. The consent data is stored for 3 years. Userscentrics uses the Google Cloud Platform from Google Ireland Limited with servers in Frankfurt and Belgium. The data is therefore only stored in the European Union. However, it cannot be ruled out that data is also transferred to the USA. In the case of such transfers, there is a risk that authorities there will access your data for security and monitoring purposes without you being informed or being able to appeal. For more information about the data collected and how to contact us, please visit https://usercentrics.com/privacy-policy/.

Use of video conferencing systems (ZOOM and Google Meet)

To conduct conference calls, online meetings and video conferences (hereinafter: "Online Meetings") in the context of the Appliccation and the Study, we use theTools "Zoom". And "Google.Meet" Depending on the type and scope of use, various types of data are collected or processed. This includes in particular

Personal information (e.g. first and last name, e-mail address, profile picture)
Meeting metadata (e.g. date, time and duration of communication, meeting name, participant IP address).
Device/hardware data (e.g. IP addresses, MAC addresses, Clint version)
Text, audio and video data (e.g. chat histories, video, audio and presentation recordings)
Connection data (e.g., phone numbers, country names, start and end times, IP addresses)

Required data and functions

You will receive an access link from the host by e-mail. When you register for the online meeting, you must then enter your name and, if applicable, your e-mail address. As an attendee, you can participate in meetings directly through the browser without installing the Zoom or Google.Meet client. In addition, the tools collect user data that is necessary for the provision as well as technical and operational support and improvements of the services provided. In particular, this includes technical data about your devices, network and internet connection, such as IP address, MAC address, other device IDs (UDID), device type, operating system type and version, client version, camera type, microphone or speaker, type of connection).

Voluntary information and functions

You can provide further information about yourself, but you do not have to. You are also free to use the chat, question or survey functions during the online meeting. You can also turn your camera and microphone on, off, or mute yourself. If you use the chat, question or survey function, the text entries you make will be processed in order to display them in the "Online Meeting" and to log them if necessary. If you turn on your camera or microphone, data from your end device microphone and any end device video camera will be processed for the duration of the meeting. At the start of online meetings, your camera image and microphone are turned off by default.

Please note that any information you or others upload, provide, or create during an online meeting will be processed at least for the duration of the meeting. This includes, in particular, chat/instant messages, files, whiteboards, and other information shared while using the service.

Other functions

If required for the purposes of logging the results of an online meeting, chat content may be logged. However, this only applies to "public" chats and messages addressed directly to the hosts. Contents of private chats are not logged.

If we wish to record online meetings, we will inform you of this in advance and - where necessary - ask for your consent. If a recording takes place, the participants of the online meeting will be informed of this by the system both via video and audio.

"Zoom" has the option of software-based "attention monitoring" ("attention tracking"). However, this is not used by us and has therefore been deactivated.

For more information on the processing of your data when using "Zoom", a detailed list of the data collected and processed by "Zoom" and the "Zoom" privacy policy, please visit: https://zoom.us/de-de/privacy.html.

Further information on the processing of user data when using Google Meet can be found here: https://support.google.com/meet/answer/9852160

Legal basis

The processing of your data is based on Art. 6 para. 1 p. lit. b. DSGVO, if your participation in the online meeting is necessary for the fulfillment of a contract concluded with you. The same applies if the implementation of the online meeting is necessary for the implementation of pre-contractual measures, which are carried out at your request. If data processing in connection with the use of the online conference systems is not necessary for the fulfillment of a contract concluded with you or for the implementation of pre-contractual measures, it is carried out on the basis of Art. 6 (1) sentence 1 lit. f DSGVO. Our legitimate interest here is the maintenance of location-independent communication, the maintenance of business contacts and the provision of owed services. If you also voluntarily provide personal information when using the tools or voluntarily use functions that are not mandatory, the associated data processing is based on your revocable consent in accordance with Art. 6 para. 1 sentence 1 lit. a, 7 DSGVO. You can revoke your consent at any time with effect for the future. Please note that processing that took place before the revocation is not affected by this.

Sharing your data

As a matter of principle, we do not transfer your data to third parties. Data is only passed on if it is intended to be passed on, if you have expressly consented to the transfer in advance, or if we are obliged or authorized to do so by law. Please note that the content of "online meetings" and personal meetings is often used to communicate information with customers, interested parties or third parties and is therefore intended to be passed on. When processing your data, Zoom Video Communications Inc. supports us as an external service provider and processor within the meaning of Art. 28 DSGVO.

As a processor, Zoom Video Communications Inc. processes your data strictly in accordance with instructions and on the basis of a separately concluded order processing agreement. When using Google Meet, we receive support from the US service provider GoogleLLC. Google LLC also supports us as a processor according to Art. 28 DSGVO. We have also concluded an order processing contract with Google LLC in accordance with Art. 28 DSGVO.The data processing may thereby also take place outside the EU or the EEA. The transfer of data to the USA takes place subject to appropriate safeguards within the meaning of Art. 46 DSGVO through the use of standard data protection clauses and additional measures taken."

Contact

If you contact us, a contact form is available on our website, which you can use for electronic contact. The data entered in the input mask will be transmitted to us and stored. These data are:

First name
Name
E-mail address
Inquiry contents

The following data is also stored at the time the message is sent:

The IP address of the user
User agent

Furthermore, it is possible to contact us via the e-mail address provided. In this case, the personal data of the user transmitted with the e-mail will be stored. Your data will not be passed on to third parties in this context, the data will be used exclusively for processing the communication.

The processing of personal data in this context serves solely to process the contact. The legal basis for the processing of the contact request and its handling is regularly Art. 6 para. 1 sentence 1 lit. b) DSGVO, additionally Art. 6 para. 1 sentence 1 lit. f) DSGVO.

Your data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is ended when it is clear from the circumstances that the matter in question has been conclusively clarified.

NEWSLETTER REGISTRATION AND SENDING (SUBSCRIBE)

You can order a newsletter on our website. Please note that we require certain data, at least your email address and first name, to subscribe to the newsletter.We need your email address to send you the newsletter and your first name to address you personally and to personalize our emails.

The newsletter will only be sent if you have given us your express consent pursuant to Art. 6 (1) p. 1 lit. a) DSGVO.After placing an order on our websites, you will receive a confirmation e-mail to the e-mail address you provided (so-called double opt-in).You can revoke your consent at any time. You can easily revoke your consent, for example, by clicking on the unsubscribe link in every newsletter.

As part of the newsletter registration, we store additional data beyond the data already mentioned, insofar as this is necessary for us to prove that you have ordered our newsletter. This may include the storage of the full IP address at the time of the order or the confirmation of the newsletter, as well as a copy of the confirmation email sent by us. The corresponding data processing is based on Art. 6 para. 1 p. 1 lit. f) DSGVO and is done in the interest of being able to account for the legality of the newsletter dispatch.

When sending the newsletter, we are supported by our service provider Mailchimp (The Rocket Science Group LLC, 675 Ponce de Leon Ave, NE Suite 5000 Atlanta, GA 30308 USA), which is strictly bound by instructions and contractually obligated to us accordingly. You can find the privacy policy of Mailchimp and Rocket Science Group LLC here.

Scholarship Application Form and Scholarship

We process the personal data you provide in our scholarship form primarily for the purpose of conducting the selection process and deciding whether to offer you the conclusion of a scholarship contract. In this respect, data processing is carried out for the implementation of pre-contractual measures that precede a contractually regulated business relationship. The data processing is therefore necessary for the implementation of your scholarship application (Art. 6 para. 1 p. 1 lit. b DSGVO). For this purpose, in addition to your first and last name, we also require an e-mail address in order to be able to assign you and communicate with you. In addition, we ask for information about your financial situation and, if applicable, other support in order to be able to determine whether a need for support can be assumed and you can be considered as a scholarship candidate in this respect. We also ask you to confirm that you have understood the basic principles of the scholarship and that the information you have provided is true.

We offer the possibility to leave further explanations in free text fields. This processing is based on Art. 6 para. 1 p. 1 lit. f DSGVO.

After a successful application, we may send you a scholarship contract. In this context, we request and process the data required for the fulfillment of the contractual obligations mentioned therein on the basis of Art. 6 (1) p. 1 lit. b DSGVO, such as your bank data as well as actual evidence to substantiate a need for financial support, such as a copy of your rental contract.

Furthermore, it may be necessary to process your personal data to protect legitimate interests (Art. 6 para. 1 p. 1 lit. f DSGVO). The legitimate interests are in particular the conclusion, processing and implementation of the scholarship contract. This also includes, if necessary, random checks to ensure that the obligations stipulated in the scholarship contract are being complied with and, if necessary, an in-depth examination if there are actual indications that give rise to the suspicion of conduct in breach of the contract. Furthermore, legitimate interests include internal administrative purposes (e.g. for accounting), ensuring IT security and IT operations, and asserting, exercising or defending legal claims. In addition, we are subject to various legal obligations that may make it necessary to process your personal data that you have provided to us as a (future) scholarship holder (Art. 6 para. 1 p. 1 lit. c DSGVO). These legal obligations may arise, for example, from tax law (e.g. to comply with withholding periods vis-à-vis the tax office), commercial and foreign trade law or sanctions law.

As part of the implementation of the scholarship contract, it may also be necessary for us to process your health data if you interrupt your studies for health reasons. The legal basis is your consent to the processing of health data in accordance with Art. 9 (2) a) DSGVO.

Within the scope of our business relationship, you must provide those personal data that are required for the decision of the conclusion, the implementation and the settlement of the scholarship contract as well as for the fulfillment of the related obligations arising from the contract, the collection of which we are obliged to do by law or are entitled to do on the basis of legitimate interests. Without this data, we will generally not be able to contact you.

Advertising by e-mail, telephone and letter

We use your contact data for advertising if you have consented to this (Art. 6 para. 1 lit. a) DSGVO), as well as for legally permissible direct advertising for our own and related products if you have indicated this when placing your order or registering (Art. 6 para. 1 lit. f) DSGVO in conjunction with. § 7 para. 3 UWG).

If you no longer wish to receive advertising, you can revoke your consent or object to direct advertising at any time

by clicking on the unsubscribe link at the bottom of the email
by e-mail to hello@42heilbronn.de
in writing to our company address mentioned at the beginning (please include your name and contact details)
or by telephone via the telephone number mentioned at the beginning

Your personal data will be passed on to our external and group-internal marketing and newsletter service providers and sweepstake partners if they support us in data processing. These are contractually obligated by us neither to use data for their own purposes nor to pass it on to others. We will not pass on your data to third parties for promotional use without your express consent. The data processed by us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations.

Third-party content integration

We integrate content from other websites on various article pages and sub-pages based on your consent (according to Art. 6 para. 1 lit. a) DSGVO). This content is inactive by default, but you can activate it. Through this integration, it is possible to call up the clippings, articles and especially videos directly on our website.

Even if you have not consented to the use of the respective provider of the External Content, you have the option to give direct consent for the respective content with each embedded post or video. You can cancel this consent at any time in our privacy settings.

If you have consented to the display of the external content or use a social media button, the provider may set cookies and collect data for statistical analysis. When embedding content from Facebook, the IP address is anonymized immediately after collection, according to the respective providers in Germany. Youtube uses the cookies thereby, among other things, to collect reliable video statistics, to prevent fraud and to improve the user experience. By activating the external content, either directly when calling up the page or directly with the respective post, personal data is transmitted to the respective provider and stored there (in the case of US providers in the USA).

We have no influence on the collected data and data processing operations, nor are we aware of the full scope of data collection, the purposes of processing, the storage periods. We also have no information about the deletion of the collected data by the plug-in provider.

If content is integrated via a social media provider or you use the respective social media button, the data collected about you will be stored as a usage profile and used for the purposes of advertising, market research and / or demand-oriented design of the social media site. Such an evaluation is carried out in particular (also for users who are not logged in) for the display of tailored advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact the respective provider to exercise this right. The data transfer takes place regardless of whether you have an account with the social media provider and are logged in there.

Disable loading of external content

We integrate content from the following external providers. Under the following links, you can find out about the privacy policies of the individual third-party providers:

Content from Twitter: We integrate Twitter content into the website via the Tweet plugin. To the privacy policy of Twitter: https://twitter.com/de/privacy
Content from Facebook: We integrate Facebook content into the website via the Facebook plugin. To the privacy policy of Facebook: https://www.facebook.com/privacy/explanation
Content from YouTube: We use the YouTube player to integrate videos from its YouTube channels or videos from other providers into the Internet offering. To the data protection information of Google: https://support.google.com/youtube/answer/2801895?hl=de
Content from Instagram: The "Embed" function of Instagram allows us to integrate images and videos from Instagram into our offer. To the privacy policy of Instagram: https://www.instagram.com/legal/privacy/
Content TikTok: We use the TikTok plugin to integrate videos from TikTok. To the privacy policy of TikTok: https://www.tiktok.com/legal/privacy-policy?lang=de

Presence in social media

We maintain presences in the "social media". Insofar as we have control over the processing of your data, we ensure that the applicable data protection provisions are complied with. Below you will find the most important information on data protection with regard to our corporate presences.

Responsible for the company appearances in the sense of the EU General Data Protection Regulation (DSGVO) as well as other data protection regulations are besides us:

Meta Platforms (Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
Instagram (Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
Twitter (Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland)
LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland)
Xing (New Work SE, Am Strandkai 1, 20457 Hamburg)
TikTok (TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Irland)

You use these platforms and their functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g. commenting, sharing, rating). We would like to point out that your personal data may be processed outside the European Union.

The processing of your personal data by us is based on our legitimate interests in effective information and communication pursuant to Art. 6 para. 1 p. 1 lit. f) DSGVO.

Since we do not have complete access to your personal data, you should contact the providers of the social media directly when asserting your data subject rights, as they each have access to the personal data of their users and can take appropriate measures and provide information.

If you still need help, we will of course try to support you.

Analytics, tracking, online advertising and third-party providers

We and our partners use certain cookies and similar technologies in order to offer our digital services, to provide you with the content technically on the website, to ensure the security of the website, to correct possible errors, to carry out analyses and to play out target group-specific advertising.

For this purpose, we and our partners ("providers") process personal data such as your IP address or ID and browser information. The legal basis for this processing is your voluntary consent, which can be revoked at any time, pursuant to Art. 6 (1) p. 1 lit. a) DSGVO.

In some cases, we or our partners ("providers") process your data on the legal basis of legitimate interest, according to Art. 6 (1) p. 1 lit. f) DSGVO. Here, our legitimate interests lie, among other things, in session-based reach measurement, as well as in the playout of payment barriers, which are absolutely necessary for the operation and refinancing of our digital offer.

Purposes of the data processing

Within the scope of our web offer, we and our partners ("Provider") pursue the purposes described below:

Marketing: These technologies are used by advertisers to serve ads that are relevant to your interests.
Functional: These technologies allow us to analyze website usage in order to measure and improve performance.
Essential: These technologies are required to enable the core functionality of the website.

Information on the tools used for the purposes presented can be found directly in our privacy settings.

Privacy settings

You can revoke your consent to data processing requiring consent, for example to advertising tracking, at any time. You can obtain an overview of all the services we use, as well as the option to revoke consent. You can do this by clicking on the fingerprint button in the bottom left corner.