Privacy policy for 42 Heilbronn gGmbH’s website

We are pleased about your visit to our website. In the following, we would like to inform you about how we handle your data in accordance with Art. 13 of the Basic Data Protection Regulation (GDPR). You can change your privacy settings anytime by using the fingerprint button.

Responsible for the data processing described below is

42 Heilbronn gGmbH
Weipertstr. 8-10
74076 Heilbronn

E-mail: datenschutz@42heilbronn.de

When you visit our web pages, so-called usage data is temporarily evaluated on our web server, in form of a protocol, for statistical purposes and in order to improve the quality of our web pages. This data record consists of

• the name and address of the requested content,
• the date and time of the query,
• the description of the web browser and operating system used,
• the referral link, which indicates from which page you reached our page,
• the IP address of the requesting computer, which is shortened in such a way that a personal reference can no longer be established.

The mentioned protocol data will only be evaluated anonymously.

Recipient of your data within the meaning of Art. 13 Para. 1 lit. e) GDPR is the Usercentrics GmbH. In the context of data processing, (YOUR COMPANY) transfers personal data (consent data) to the Usercentrics GmbH, Sendlingerstr. 7, 80331 Munich as the data processor. Consent data includes the following data: Consent ID, Consent Number, Timestamp of the Consent, implicit or explicit Consent, Opt-in or Opt-out, Banner Language, Customer Setting, Template Version and Device data includes: HTTP Agent and HTTP Referrer. The data is processed for the purpose of complying with legal obligations (obligation to provide proof in accordance with Art. 7 Para. 1 GDPR) and the associated documentation of consents and thus on the basis of Art. 6 Para. 1 s.1 lit. c) GDPR. Local Storage is used for the storage of the data. Consent data is stored for 3 years. The data will only be stored in the European Union. Further information on the data collected and contact details can be found at https://usercentrics.com/privacy-policy/.

In addition, we store the complete IP address transmitted by your web browser for a period of seven days to enable us to detect, limit and eliminate attacks on our website. After this period we delete or anonymise the IP address. The legal basis is Art. 6(1)(f) GDPR.

We take technical and organisational measures to protect your data as thoroughly as possible from unwanted access. We use an encryption procedure on our web pages. Your data is transferred from your computer to our server and vice versa via the Internet using TLS encryption. You can usually tell this by the fact that the lock symbol in the status bar of your browser is closed and the address line begins with https://.

Purpose of data processing/legal basis: We will of course treat personal details provided by you by e-mail/phone/mail confidentially. We use your data exclusively for the purpose of processing your enquiry. The legal basis for data processing is Art. 6(1)(f) GDPR. The justified interest here arises from the interest in answering your enquiries and thus in maintaining and promoting customer satisfaction.

Recipients/categories of recipients: As a matter of principle, we do not pass on data to third parties outside 42 Heilbronn gGmbH. Exceptionally, data will be processed on our behalf by data processors. These have been carefully selected in each case, are audited by us and are contractually bound by Art. 28 GDPR.

Duration of storage/criteria for determining the duration of storage: All personal data which you send us in connection with enquiries will be deleted or anonymised by us, provided that this data is no longer necessary and there are no legal obligations to store such data.

If you assert your rights as a data subject, your personal data will be stored for 3 years after the final reply in order to prove that we have provided you with comprehensive information and that the legal requirements have been met.

You have the possibility to contact us via our contact form. To use our contact form we require the data that is marked as mandatory fields. The legal basis for the processing of this data is, in accordance with Art. 6(1)(f) GDPR, our legitimate interest in ensuring the successful processing of your enquiry and to further optimise our service. Your data will be deleted after the final processing of your enquiry, provided that there are no legal storage obligations. With regard to processing in accordance with Art. 6(1)(f) GDPR, you have the right to object at any time. To do so, please contact the e-mail address given in the imprint.

You can order a newsletter on our website. Please note that we require certain data, at least your e-mail address and first name, in order to register you for the newsletter. We need your email address to send you the newsletter and your first name to address you personally and to personalise our emails.

The newsletter will only be sent if you have given us your express consent in accordance with Art. 6(1)(a) GDPR. After placing an order on our website, you will receive a confirmation e-mail to the e-mail address you have provided (so-called double opt-in). You can revoke your consent at any time. An easy way to revoke your consent is, for example, to use the unsubscribe link provided in every newsletter.

As part of the newsletter registration process, we store further data in addition to the data already mentioned, insofar as this is necessary for us to prove that you have ordered our newsletter. This may include the storage of the complete IP address at the time of ordering or confirmation of the newsletter, as well as a copy of the confirmation e-mail sent by us. The corresponding data processing is carried out on the basis of Art. 6(1)(f) GDPR and is carried out in the interest of being able to account for the lawfulness of the newsletter dispatch.  

Our service provider Mailchimp (The Rocket Science Group LLC, 675 Ponce de Leon Ave, NE Suite 5000 Atlanta, GA 30308 USA) supports us in sending the newsletter. The privacy policy of Mailchimp and The Rocket Science Group LLC can be found here [LINK].

 

PROVIDER	TECHNICAL FUNCTION OR CONTENT	TRANSFERS TO THIRD COUNTRIES AS SPECIFIED BY THE PROVIDER AND ENSURING AN ADEQUATE LEVEL OF DATA PROTECTION	EXERCISE OF YOUR RIGHT OF OBJECTION
The Rocket Science Group LLC	Dispatch of the newsletter	Standard Contractual Clauses (SCC)	If you wish to object to the processing by our service provider, unsubscribe from the newsletter using the link in the newsletter.

You have the opportunity to apply for the positions we have listed. To process your application, we need your first and last name, e-mail address, the position you are interested in, a short letter of motivation and, as an attachment, your CV and a letter of application. We process your personal data in accordance with the applicable data protection regulations on the basis of Art. 88 (1) GDPR in conjunction with § 26(1) FDPA. We process the data you provide us with in the context of your application exclusively for the purpose of selecting applicants. Data processing for other purposes will not be carried out.

We process your personal data, which you provide in our admission questionnaire, primarily for the purpose of carrying out the application procedure and deciding on the admission to the study program. In this respect, data processing is carried out for the performance of pre-contractual measures that precede a contractually regulated business relationship. The data processing is therefore necessary for the execution of your application (Art. 6 (1)(b) GDPR).

Furthermore, during the application process, an individual email address is created using your profile name. This is created as follows: "firstname.lastname@student42heilbronn.de". This is done based on our legitimate interest in creating uniform email addresses and thus on the basis of Art. 6 (1)(f) GDPR.

If you give your express consent, we will send you an invitation to participate in our final survey by e-mail. This is done on the basis of Art. 6 (1)(a) DSGVO. You can revoke your consent at any time. You can easily revoke your consent, for example, by clicking on the unsubscribe link in the email.

We also use a bot resp. discord to get in touch with you, to keep you up to date on current topics and to support you with any problems that may arise in the course of your studies. We also use this to invite you to complete surveys. This is done on the basis of our legitimate interest in communicating with you and optimizing our offer (Art. 6 (1)(f) DSGVO).If your application is successful, we may require further personal data from you in addition to the data you provided in your application. We will then process your personal data primarily for the purpose of processing, concluding and executing the study contract concluded with you. The processing of your personal data may then arise on the one hand due to the performance of pre-contractual measures that precede a contractually regulated business relationship or on the other hand in the fulfillment of obligations arising from a concluded contract with you (Art. 6 (1)(b) GDPR).

Furthermore, it may be necessary to process your personal data to uphold legitimate interests (Art. 6(1)(f) GDPR). The legitimate interests comprise, in particular, the conclusion, processing and execution of the study contract. Additionally, legitimate interests include internal administrative purposes (e.g. accounting), communication with you, support in the context of your studies, ensuring IT security and IT operations, and enforcing, exercising or defending legal claims.
In addition, we are subject to various legal obligations that may require the processing of your personal data that you have provided to us as a (future) student (Art. 6(1)(c) GDPR). These legal obligations may arise, for example, from tax law (e.g. to comply with retention periods in relation to the tax office), commercial and foreign trade law or sanctions law.

Within the scope of our business relationship, you must provide the personal data that is required for the decision to conclude, perform and execute the study contract and to fulfill the associated obligations arising from the contract. We are required by law to collect this personal data or are entitled to do so on the basis of our legitimate interests. Without this data, we will generally not be able to contact you.

Use of video conferencing systems (Zoom and Google.Meet)

Description of data processing, purposes and types of data

We use the tools "Zoom" and "Google.Meet" to conduct telephone conferences, online meetings and video conferences (hereinafter: "online meetings") as part of the application and the study program itself. Depending on the type and scope of use, various types of data are collected or processed. This includes in particular

• Personal information (e.g. first and last name, e-mail address, profile picture)
• Meeting metadata (e.g. date, time and duration of communication, meeting name, participant IP address).
• Device/hardware data (e.g. IP addresses, MAC addresses, Clint version)
• Text, audio, and video data (e.g. chat histories, video, audio, and presentation recordings)
• Connection data (e.g. phone numbers, country names, start and end times, IP addresses)

Required data and functions

You will receive an access link from the host by e-mail. When you register for the online meeting, you must then enter your name and, if applicable, your e-mail address. As a participant, you can join meetings directly via the browser without having to install the Zoom or Google.Meet client.

In addition, the tools collect user data that is necessary for the supply, technical and operational support and improvements of the services provided. This includes, in particular, technical data about your devices, network and internet connection, such as IP address, MAC address, other device IDs (UDID), device type, operating system type and version, client version, camera type, microphone or speaker, type of connection).

Voluntary information and functions

You can provide further information about yourself, but you do not have to. You are also free to use the chat, question or survey functions during the online meeting. You can also switch your camera and microphone on, off or mute yourself.

If you use the chat, question or survey function, the text entries you make will be processed in order to display them in the "online meeting" and log them if necessary. If you turn on your camera or microphone, the data from the microphone of your end device and from any video camera of the end device will be processed for the duration of the meeting. At the start of online meetings, your camera image and microphone are turned off by default.

Please note that any information you or others upload, provide, or create during an online meeting will be processed at least for the duration of the meeting. This includes, in particular, chat/instant messages, files, whiteboards, and other information shared while using the service.

Other functions

If required for the purposes of logging the results of an online meeting, chat content may be logged. However, this only applies to "public" chats and messages addressed directly to the hosts. Contents of private chats are not logged.

If we wish to record online meetings, we will inform you in advance and - if necessary - ask for your consent. If a recording takes place, the participants of the online meeting will be informed of this by the system both via video and audio.

"Zoom" has the option of software-based "attention monitoring" ("attention tracking"). However, this is not used by us and has therefore been deactivated.

More information on the processing of your data when using "Zoom", is provided via a detailed list of the data collected and processed by "Zoom" as well as the "Zoom" privacy policy which can be found at: https://zoom.us/de-de/privacy.html.

Further information on the processing of user data when using Google Meet can be found here: https://support.google.com/meet/answer/9852160 "

Legal basis for data processing

The processing of your data is based on Art. 6(1)(b) GDPR, if your participation in the online meeting is necessary for the fulfillment of a contract concluded with you. The same applies if the holding of the online meeting is necessary for the performance of pre-contractual measures that take place at your request.

If the data processing in connection with the use of the online conference systems is not necessary for the fulfillment of a contract concluded with you or for the performance of pre-contractual measures, it is carried out on the basis of Art. 6 (1)(f) GDPR. Our legitimate interest is the ability to maintain location-independent communication, the maintenance of business contacts and the provision of outstanding services.

If you voluntarily provide personal information when using the tools or voluntarily use functions that are not mandatory, the associated data processing is based on your revocable consent in accordance with Art. 6 (1)(a), 7 GDPR. You can revoke your consent at any time with effect for the future. Please note that processing that took place before the revocation is not affected by this.

Sharing your data

In principle, we do not transfer your data to third parties. Data is only passed on if it is intended to be passed on, if you have expressly consented to the transfer in advance, or if we are obliged or authorized to do so by law. Please note that content from "online meetings" as well as personal meetings is often used to communicate information with customers, interested parties or third parties and is therefore intended for disclosure.

When processing your data, Zoom Video Communications Inc. supports us as an external service provider and processor within the meaning of Art. 28 GDPR. As a processor, Zoom Video Communications Inc. processes your data strictly in accordance with instructions and on the basis of a separately concluded data processing agreement. When using Google Meet, we receive support from the US service provider Google LLC. Google LLC that also supports us as a processor according to Art. 28 GDPR. We have also concluded a data processing agreement with Google LLC in accordance with Art. 28 GDPR. The data processing may thereby also take place outside the EU or the EEA. The transfer of data to the USA is subject to appropriate safeguards within the meaning of Art. 46 GDPR through the use of standard data protection clauses as well as additional measures."

We process the personal data you provide in our scholarship form primarily for the purpose of conducting the selection process and deciding whether or not to offer you a scholarship contract. Therefore, data processing is carried out for the implementation of pre-contractual measures that precede a contractually agreed business relationship. Data collection is thus necessary for the execution of your scholarship application (Art. 6 (1)(b) GDPR). For this purpose, in addition to your first and last name, we also require an e-mail address in order to be able to categorize you and communicate with you. We also ask for information about your financial situation and, if applicable, any other forms of support in order to be able to determine whether you can be considered as a scholarship candidate. We also ask you to confirm that you have understood the fundamental principles of the scholarship and that the information you have provided is true.

We offer the possibility to leave further remarks in optional text fields. This processing is based on Art. 6 (1)(f) GDPR.

After a successful application, we may send you a scholarship contract. To this purpose, we request and process the data necessary for the fulfillment of the contractual obligations mentioned therein on the basis of Art. 6 (1)(b) GDPR, such as your bank data as well as actual evidence to substantiate a need for financial support as well as a copy of your rental contract.

Furthermore, it may be necessary to process your personal data to safeguard legitimate interests (Art. 6 (1)(f) GDPR). These legitimate interests are in particular the conclusion, processing and execution of the scholarship contract. This also includes, if necessary, random checks to ensure that the obligations stipulated in the scholarship contract are being complied with and, if necessary, a more in-depth examination if there are actual indications giving rise to a suspected breach of contract. Further legitimate interests include internal administrative purposes (e.g. accounting), ensuring IT security and IT operations, and enforcing, exercising or defending legal claims. In addition, we are subject to various legal obligations that may require us to process your personal data that you have provided to us as a (future) scholarship holder (Art. 6 (1)(c) GDPR). These legal obligations may arise, for example, from tax law (e.g. to comply with retention periods in relation to the tax office), commercial and foreign trade law, or sanctions law.

As part of the implementation of the scholarship contract, it may also be necessary for us to process your health data if you interrupt your studies for health reasons. The legal basis is your consent to the processing of health data in accordance with Art. 9 (2) a) GDPR.

Within the scope of our business relationship, you must provide the personal data that is required for the decision to conclude, perform and execute the scholarship contract and to fulfill the associated obligations arising from the contract. We are required by law to collect this personal data or are entitled to do so on the basis of our legitimate interests. Without this data, we will generally not be able to contact you.

For the design of our websites, we use the web analysis tool "Google Analytics" from Google Ireland Limited (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4). Google Analytics creates user profiles on the basis of pseudonyms. For this purpose, permanent cookies are stored on your end device and read by us. This enables us to identify recurring visitors and register them as visitors.

Insofar as you have given your consent in accordance with Art. 6(1)(a) GDPR within the framework of the banner, we use cookies from Google Analytics to differentiate, identify and track visitors and to analyse user behaviour.

However, we have activated IP anonymisation on our websites, which means that, within the member states of the European Union, your IP address will be shortened before by Google.

NAME OF THE COOKIE	CATEGORY (E.G. GENERALLY REQUIRED, ANALYSIS, SOCIAL MEDIA, ADVERTISING)	MANUFACTURER / PROVIDER (E.G. GOOGLE, FACEBOOK)	PURPOSE / DESCRIPTION (WHAT ARE THE COOKIES USED FOR?)	STORAGE DURATION
_ga	analysis	Google	Visitor tracking. The cookie collects anonymous information about how users use this website for analysis purposes.	2 years
_gid	analysis	Google	The cookie is used in conjunction with _ga to differentiate users.	24 hours
_gat	analysis	Google	Limiting the query rate to increase the efficiency of network traffic	10 minutes

 

You can revoke your consent at any time. Please follow this link and make the appropriate settings via our banner.  

You can read more about how to prevent data transmissions to Google here:

You have the possibility to prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link (http://tools.google.com/dlpage/gaoptout?hl=de).

You can also prevent a detection by Google Analytics by clicking on the following link. An opt-out cookie is set, which permanently prevents the future collection of your data when visiting these websites:

<a href="javascript:gaOptout()"> Click here to object to the processing of your data by Google Analytics </a>

Google's terms of use: http://www.google.com/analytics/terms/de.html, overview of data protection: http://www.google.com/intl/de/analytics/learn/privacy.html,  and the data protection declaration: http://www.google.de/intl/de/policies/privacy.

Within the framework of Google Analytics, Google supports us as a processor in accordance with Art. 28 GDPR. The data processing can also take place outside the EU or the EEA. With regard to Google, an appropriate level of data protection can be assumed in accordance with Art. 46(2)(c) GDPR through the use of EU standard contract clauses.

On our web pages we integrate the "Google Tag Manager" of Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA.

In the European Union (EU) and European Economic Area (EEA), Google Tag Manager is offered as a service by Google Ireland Limited Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a tag management system (TMS) that allows us to integrate and manage additional website content in JavaScript or HTML code.

In particular, it can be used to integrate and manage so-called tags into our website. Tags are small code fragments or markings (web beacons, tracking pixels or similar markings) that enable services for website analysis or user tracking to differentiate or identify users.

The analysis of website visits or user tracking is not carried out by the Google Tag Manager, but by the services used for these purposes, such as Google Analytics or other third-party solutions. Rather, the Google Tag Manager is only used to integrate and manage the markers necessary for analysis or tracking on our website.

As the Google Tag Manager is provided by Google and is reloaded from its servers when the page is called up, the usage data technically required for calling up the page is also transmitted. In this respect, Google also receives your IP address, which for technical purposes, is required to retrieve the content.

The data processing is based on Art. 6(1)(f) GDPR. The purpose and our legitimate interest is to make the administration of our website content efficient.

Data processing may also take place outside the EU or the EEA in third countries. We then take measures in accordance with Art. 44 GDPR to ensure an adequate level of data protection.

You can find further information on the handling of personal data by Google at https://policies.google.com/privacy?hl=de.

We use Google remarketing technologies from Google so that targeted advertising can be displayed on other websites based on your visit to our website. The data processing takes place on the basis of your consent in accordance with 6(1)(a) GDPR.

If you give your consent, you allow Google to obtain recognition features for your browser or end device (e.g. to create a so-called browser fingerprint), to evaluate your IP address or to save a recognition feature in the form of a small text file on your end device (e.g. a so-called third-party cookie).  It is also possible that Google may link your visit to our website to one or more of these recognition features and store them in order to display our advertising to you on other pages on the Internet. The recognition features described above are designed as pseudonyms and can be used by Google to recognise your end device on other Internet pages. For example, if you visit a page that participates in Google's display advertising network (i.e. displays advertising on behalf of Google), Google may recognise your end device and browser based on the above-mentioned features. We may also add so-called "remarketing tags" to our websites. This means that we can include keywords in our web pages that contain statements about the content of the page displayed (such as product or service categories). The keywords that we use do not contain any personal or sensitive information. Google receives and stores these keywords for the above-mentioned recognition features. This means that when you visit a page that we have tagged with a particular product category, Google stores that tag and associates it with your recognition features. This enables us to instruct Google to place advertisements on other websites based on the pages you visit on our site. So if you visit another website that is part of Google's display advertising network, Google can use the recognition features and the keywords stored for these recognition features to determine whether and, if so, which of our ads should be displayed to you. For more information on how Google remarketing technologies work, please visit https://www.google.com/policies/technologies/ads/.

Data processing may also take place outside the EU or the EEA in third countries. We take measures according to Art. 44 GDPR to ensure an adequate level of data protection.

In principle, we have no influence over further data processing by the third-party provider.

You have the option of selecting settings for advertising. You can object to this form of advertising at any time. To do so, please call up this page at https://support.google.com/ads/answer/2662922 and deactivate personalised advertising. Please note that these settings may not affect all end devices and browsers. Further information is also available at https://support.google.com/ads/answer/2662922.

On our websites, we integrate the "Microsoft Advertising" of Microsoft Corporation, One Microsoft Way, Redmond WA 94043, USA. In the European Union (EU) and the European Economic Area (EEA), Microsoft Advertising is offered as a service by Microsoft Ireland Operations, Ltd, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland. If an ad placed by us via Microsoft Advertising is displayed on other websites or if you click on it, these other websites store a Microsoft Advertising conversion tracking cookie with a pseudonym assigned to us in your terminal device on the basis of your consent given there.

If you subsequently visit our websites within the storage period of this cookie, this cookie will be read by Microsoft Advertising Conversion Tracking on our website. In this way, Microsoft can determine that you were shown an advertisement placed by us or that you clicked on it and subsequently visited our websites and, if applicable, how you subsequently used our websites. The conversion of an advertisement into an action by the website visitor is called a conversion. From this information, Microsoft compiles statistics for us from which we can see how many users have responded to our advertisements and in what way. Based on these statistics, we can optimize the effectiveness of our advertising and control our advertising strategy. The data processing is based on your consent pursuant to Art. 6 para. 1 p. 1 lit a DSGVO, provided that you have given your consent via our Consent Banner.

Your consent is voluntary and can be freely revoked at any time with effect for the future pursuant to Art. 7 (3) DSGVO. To do so, please click on "Open settings" and make the appropriate decisions via our banner at the very top of this privacy policy. The processing of your data may thereby also take place in states outside the European Union (EU) and the European Economic Area (EEA) in third countries without an adequate level of data protection, in particular in the USA. If your data is transferred to third countries, there is a risk that authorities there may access your data for security and monitoring purposes without you being informed or being able to appeal.

In the context of Microsoft conversion tracking, Microsoft supports us as a processor in accordance with Art. 28 DSGVO. With regard to Microsoft, an adequate level of data protection pursuant to Art. 46 (2) c) DSGVO can be assumed through the use of EU standard contractual clauses. In principle, we have no influence on further data processing by the third-party provider. Further information on the handling of personal data by Microsoft can be found at https://privacy.microsoft.com/de-de/privacystatement.

Within our website, so-called "Facebook pixels" of the social network Facebook, which is operated by Facebook Inc, 1 Hacker Way, Menlo Park, CA 94025, USA, or if you are resident in the EU, Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook"), are used. However, this will only be done if you agree to this via the consent banner. In this case, the data processing associated with the pixel is based on your consent in accordance with Art. 6(1)(a) GDPR.

With the help of the Facebook pixel, Facebook is able to determine the visitors of our offering as a target group for the presentation of ads, so-called "Facebook ads". Accordingly, we use the Facebook Pixel in order to display the Facebook Ads placed by us only to those Facebook users who have also shown an interest in our internet offer. In other words, with the help of the Facebook Pixel we want to ensure that our Facebook-Ads correspond to the potential interest of the users and do not appear bothersome. The Facebook Pixel also enables us to track the effectiveness of Facebook ads for statistical and market research purposes by seeing whether users have been directed to our website after clicking on a Facebook ad.

The Facebook pixel is integrated directly by Facebook when you call up our websites and can store a cookie on your device. If you then log in to Facebook or visit Facebook when logged in, the visit to our offer will be noted in your profile. The data collected about you is anonymous to us, so we cannot draw any conclusions about the identity of the user. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible. The processing of the data by Facebook is carried out within the framework of Facebook's Data Usage Policy. Correspondingly, you can obtain further information from the third party provider on how the remarketing pixel works and generally on the display of Facebook Ads: https://www.facebook.com/policy.php.

Data processing may also take place outside the EU or the EEA in third countries. We take measures according to Art. 44 GDPR to ensure an adequate level of data protection.

In principle, we have no influence over further data processing by the third-party provider.

You can revoke your consent to the collection of your personal data by the Facebook pixel and use of your data for the display of Facebook ads [here].

We use conversion tracking technology on our website and the retargeting feature of the LinkedIn Corporation. The LinkedIn Insight tag creates a unique LinkedIn browser cookie in a visitor's browser and allows the following information to be collected for that cookie: metadata such as IP address, timestamp and page events (e.g., page views). However, this only takes place if you agree to it via the consent banner. In this case, the data processing associated with the pixel is based on your consent in accordance with Art. 6(1)(a) GDPR.

You can find further information on this at: https://www.linkedin.com/help/linkedin/answer/65521.

This technology allows visitors to this website to receive personalised advertisements on LinkedIn. It also provides the ability to generate anonymous reports on ad performance and website interaction information. LinkedIn Insight tag is embedded in this website, which connects to the LinkedIn server when you visit this website and are logged into your LinkedIn account.

Data processing may also take place outside the EU/EEA in third countries.

We take measures according to Art. 44 GDPR to ensure an adequate level of data protection.

In principle, we have no influence over further data processing by the third-party provider.

Please refer to the LinkedIn Privacy Policy at https://www.linkedin.com/legal/privacy-policy for more information about data collection and use, and the choices and rights you have to protect your privacy. You can withdraw your consent to the collection of your personal information by using the Linkedin Insight tag [here].

We use the conversion tracking technology on our website as well as the retargeting function of Reddit, Reddit Inc., 520 Third Street, Suite 305, San Francisco, CA 94107, USA ("Reddit"). This creates a Reddit browser cookie when you come to our site via a Reddit ad and allows the following data to be collected for this cookie: metadata such as IP address, timestamp, and page events (e.g., page views). This allows us to track the behavior of our site visitors through anonymized reports and also to evaluate the effectiveness of Reddit ads and optimize future advertising efforts. Furthermore, as a visitor to this website, you may be served personalized advertisements on Reddit (remarketing or retargeting). For us, the operators of this website, the processed data are anonymous, we can not draw any conclusions about the identity of the users. In principle, we have no influence on further data processing by the third-party provider. You can find out about further data processing by Reddit at https://www.reddit.com/help/privacypolicy/.

If you are logged in to Reddit, you can deactivate the remarketing function there in the account settings at https://www.reddit.com/personalization/. The data processing on our website is based on your consent pursuant to Art. 6 para. 1 p. 1 lit a DSGVO, provided that you have given your consent via our Consent banner. Your consent is voluntary and can be freely revoked at any time with effect for the future pursuant to Art. 7 (3) DSGVO. To do so, please click on "Open settings" and make the appropriate choices via our banner at the very top of this privacy policy.

Data processing may also take place outside the EU or EEA in third countries. If your data is transferred to third countries, there is a risk that authorities there may access your data for security and monitoring purposes without you being informed or having the right to appeal. We take measures in accordance with Art. 44 et seq. DSGVO to ensure an adequate level of data protection.

For analysis and optimization purposes, the website uses the so-called "Snap Pixel" from Snapchat, which is operated by Snap Inc., 2772 Donald Douglas, Loop North Santa Monica, CA 90405, USA. With the help of the Snap Pixel, it is possible for Snapchat, on the one hand, to determine the visitors to the website as a target group for the display of advertisements (so-called "Snapchat Ads"). Accordingly, Snapchat Pixel is used to display the switched Snapchat Ads only to those Snapchat users who have also shown an interest in the website or who have certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited) that 42HeilbonngGmbH transmits to Snapchat (so-called "Custom Audiences").With the help of the Snap Pixel, we want to ensure that the Snapchat Ads of 42HeilbonngGmbH correspond to the potential interest of the users and do not have a harassing effect. In addition, with the help of the Snap Pixel, the effectiveness of the Snapchat ads can be tracked for statistical and market research purposes, in which we see whether users were redirected to the website after clicking on a Snapchat ad (so-called "conversion"). The storage period of these cookies is 30 days.

Our website uses the conversion tracking technology of the social network Pinterest (Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland), which enables us to show our website visitors who have already taken an interest in our website and our content/offers and who are Pinterest members, advertisements and offers on Pinterest that are relevant to them. For this purpose, a so-called conversion tracking pixel from Pinterest is integrated on our pages, via which Pinterest is informed when you visit our website that you have called up our website and in which parts of our offer you were interested.

 

You can object to the collection of data for the display of interest-based advertising on Pinterest at any time in your account settings on Pinterest at https://www.pinterest.de/settings (there, under "Individual customization", deactivate the button "Use info from our partners to better tailor recommendations and ads on Pinterest to you") or at https://help.pinterest.com/de/article/personalization-and-data#info-ad (there, deactivate the checkbox under "Disable individual customization").

 

The data processing is based on your consent, according to Art. 6 para. 1 lit. a) GDPR.

Our website may contain links to other websites over which we have no control. For example, there are links to Instagram, Facebook and Linkedin on various sub-pages. The link alone does not create a direct connection to your respective account.

We use the font libraries of Adobe Fonts (Adobe Systems Incorporated, 345 Park Avenue, San Jose, CA 95110-2704, USA (Adobe)) to display our web pages.

Calling up our pages leads to the downloading of content from the third-party providers who provide these functions and content. The third party provider is thereby informed that you have called up our site and receives the usage data that is required for technical purposes.

We have no influence over further data processing by the third-party provider.

The integration takes place on the basis of Art. 6(1)(f) GDPR and in the interest of making our site as attractive and informative as possible. If you wish to object to the processing, please do not use our site any longer.

PROVIDER	TECHNICAL FUNCTION OR CONTENT	TRANSFERS TO THIRD COUNTRIES AS SPECIFIED BY THE PROVIDER AND ENSURING AN ADEQUATE LEVEL OF DATA PROTECTION	EXERCISE OF YOUR RIGHT OF OBJECTION
Adobe Systems Incorporated	Adobe Fonts	Standard Contractual Clauses (SCC)	If you wish to object to the processing, please do not use our site anymore.

The data processing also takes place outside the EU or EEA. An adequate level of data protection in accordance with Art. 46(2(c) GDPR can be assumed through the use of EU standard contractual clauses. For further information please follow this link: https://www.adobe.com/privacy/eudatatransfers.html.

Unless we have already informed you in detail about the storage period, we delete personal data if they are no longer required for the aforementioned processing purposes and no legal storage obligations prevent deletion.

We pass on your data to service providers who support us in the operation of our websites and related processes on the basis of a data processing agreement in accordance with Art. 28 GDPR. This concerns the hosting service provider Von Helden und Gestalten GmbH (Von Helden und Gestalten GmbH, Rotebühlstraße 44, 70178 Stuttgart) for our website. Our service providers are strictly bound by our instructions and are correspondingly also contractually bound to us.

PROCESSOR	PURPOSE	ADEQUATE LEVEL OF DATA PROTECTION
Von Helden und Gestalten GmbH	Webhosting and support	Where processing also takes place outside the EU/EEA as part of subcontracting, EU standard contractual clauses have been concluded.

In order to protect your data as thoroughly as possible from unwanted access, we take technical and organisational security measures. In addition to securing the operating surroundings, we use an encryption procedure on our website. Your data is transferred from your computer to our server and vice versa via the Internet using TLS (Transport Layer Security) encryption and is checked for authenticity to prevent misuse of the data by third parties. You can tell this by the fact that the lock symbol in the status bar of your browser is closed and the address line begins with "https://".

When processing your personal data, the GDPR grants you, as a data subject, certain rights:

Right of access (Art. 15 GDPR)

You have the right to obtain confirmation as to whether personal data concerning you is being processed; if this is the case, you have the right to be informed of this personal data and to receive the information specified in Art. 15 GDPR.

Right to rectification (Art. 16 GDPR)

You have the right to request immediately the rectification of incorrect personal data concerning you and, if necessary, the completion of incomplete data.

Right to erasure (Art. 17 GDPR)

You have the right to demand that personal data concerning you be deleted immediately if one of the reasons listed in Art. 17 GDPR applies.

Right to restriction of processing (Art. 18 GDPR)

You have the right to demand that the processing be restricted if one of the conditions listed in Art. 18 GDPR is met, e.g. if you have lodged an objection to the processing, for the duration of the examination by the controller.

Right to data portability (Art. 20 GDPR)

In certain cases, which are listed in detail in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format or to request the transfer of such data to a third party.

Right of withdrawal (Art. 7(3) GDPR)

If the processing of data is based on your consent, you are entitled to revoke your consent to the use of your personal data at any time in accordance with Art. 7(3) GDPR. Please note that the revocation is only effective for the future. Processing that took place before the revocation is not affected by this.

Right to object (Art. 21 GDPR)

If data is collected on the basis of Art. 6(1)(f) GDPR (data processing to safeguard legitimate interests) or on the basis of Art. 6(1)(e) GDPR (data processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority) you have the right to object to the processing at any time for reasons arising from your particular situation. We will then no longer process the personal data unless there are compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.

Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

Under Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of data concerning you is in breach of the GDPR. The right of complaint may be asserted in particular before a supervisory authority in the Member State of your habitual residence, your place of work or the place of the suspected infringement.

Exercise of your rights

Unless described otherwise above, please contact the department stated in the imprint to exercise your rights.

Our external data protection officer will be happy to provide you with information on data protection under the following contact details:

conreri digital development GmbH
Von-Kurtzrock-Ring 16
22391 Hamburg
Tel: 0151 61728308
E-Mail: privacy@conreri.de
Website: www.conreri.de

If you contact our data protection officer, please also indicate the responsible office named in the imprint.