Skip to Content

Privacy Policy

Lorem Ipsum

1. Description of the affected groups of people

The following personal data or data categories are collected, processed and used to fulfill the intended purpose.

Categories of data subjects affected by processing:

Customer data, in particular contact details such as telephone, fax and email data, contact history and other data necessary for contract fulfillment; prospective customer data, in particular contact details and other data; identification data and click paths; employee data:

Employees include in particular:

Employees, trainees, rehabilitation patients, persons who are considered to have employee-like status due to their economic dependence, applicants, former employees, and interns. Contractual and performance data are processed to the extent necessary for deciding on the establishment of an employment relationship or, after the establishment of the employment relationship, for its execution or termination.

Supplier data: Suppliers / service providers / intermediaries / brokers / agencies (in particular contact details such as telephone, fax and email data, contact and order history as well as other data necessary for contract fulfillment).

Visitors and users of the online service.

In the following, we will refer to the affected persons collectively as "users".

Types of data processed:

  • Inventory data (e.g., names, addresses).
  • Contact details (e.g., email, phone numbers).
  • Content data (e.g., text entries, photographs, videos).
  • Contract details (e.g., subject matter of the contract, term, customer category).
  • Usage data (e.g., websites visited, links clicked, interest in content, access times).
  • Metadata/communication data (e.g., device information, IP addresses).

2. Processing of special categories of data (Art. 9 para. 1 GDPR)

As a general rule, no special categories of data are processed, unless these are provided by the users of the processing, e.g. entered in online forms.

3. Purpose of data collection, processing or use

BEC offers inbound marketing services and keeps prospects, customers, and partners informed with constantly updated information from the world of robotics and automation. Where personal data (such as names or email addresses) is collected on our websites, this is done on a voluntary basis. For marketing and website optimization purposes, we collect navigation information from website visitors. This includes data about your computer and your visit to our website, specifically your IP address, referral source, the duration of your visit, and the pages you viewed.

Personal data is collected in connection with the following tasks:

  • Provision of the online service, its content and functions.
  • personalized display of website content
  • Maintenance of inventory and usage data
  • Acquiring new customers
  • Preparing and responding to contact requests and communicating with users.
  • Additional services for customers
  • Provision of contractual services, service and customer care.
  • Marketing, advertising, and market research.
  • Security measures.

As of June 23, 2023

4. Relevant legal bases

In accordance with Article 13 of the GDPR, we inform you of the legal bases for our data processing. Unless otherwise stated in the privacy policy, the following applies: The legal basis for obtaining consent is Article 6(1)(a) and Article 7 of the GDPR; the legal basis for processing data to fulfill our services and implement contractual measures, as well as to respond to inquiries, is Article 6(1)(b) of the GDPR; the legal basis for processing data to comply with our legal obligations is Article 6(1)(c) of the GDPR; and the legal basis for processing data to protect our legitimate interests is Article 6(1)(f) of the GDPR. In the event that processing personal data is necessary to protect the vital interests of the data subject or another natural person, Article 6(1)(d) of the GDPR serves as the legal basis.

5. Changes and updates to the privacy policy

We ask that you regularly review the content of our privacy policy. We will update the privacy policy as soon as changes to our data processing activities make this necessary. We will inform you if any changes require action on your part (e.g., consent) or any other individual notification.

6. Safety measures

  • In accordance with Article 32 of the GDPR, taking into account the state of the art, the costs of implementation, and the nature, scope, context, and purposes of processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons, we implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk. These measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling physical access to the data, as well as access to, input of, disclosure of, and ensuring the availability and separation of the data. Furthermore, we have established procedures that guarantee the exercise of data subject rights, the erasure of data, and the response to data breaches. We also consider the protection of personal data during the development and selection of hardware, software, and processes, in accordance with the principles of data protection by design and by default (Article 25 GDPR).
  • The security measures include, in particular, the encrypted transmission of data between your browser and our server or to the servers of our suppliers.

7. Cooperation with processors and third parties

  • If, in the course of our processing, we disclose data to other persons and companies (processors or third parties), transmit it to them or otherwise grant them access to the data, this is done only on the basis of a legal permission (e.g., if the transfer of data to third parties, such as payment service providers, is necessary for the performance of a contract pursuant to Art. 6 para. 1 lit. b GDPR), if you have given your consent, if a legal obligation requires it, or on the basis of our legitimate interests (e.g., when using agents, web hosts, etc.).
  • If we commission third parties to process data on the basis of a so-called "data processing agreement", this is done on the basis of Art. 28 GDPR.

8. Transfers to third countries

If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)), or if this occurs in the context of using third-party services or disclosing or transferring data to third parties, this will only be done if it is necessary for the performance of our (pre-)contractual obligations, based on your consent, due to a legal obligation, or based on our legitimate interests. Subject to legal or contractual permissions, we will only process or have data processed in a third country if the special requirements of Articles 44 et seq. of the GDPR are met. This means that processing takes place in compliance with officially recognized specific contractual obligations (so-called "standard contractual clauses").

9. Rights of data subjects

  • You have the right to request confirmation as to whether data concerning you is being processed, and to access this data as well as further information and a copy of the data in accordance with Article 15 GDPR.
  • In accordance with Article 16 of the GDPR, you have the right to request the completion of your personal data or the rectification of inaccurate personal data concerning you.
  • In accordance with Article 17 GDPR, you have the right to request that the data in question be deleted without undue delay, or alternatively, in accordance with Article 18 GDPR, to request a restriction of the processing of the data.
  • You have the right to request access to the data concerning you that you have provided to us in accordance with Article 20 GDPR and to request its transmission to other controllers.
  • Furthermore, pursuant to Article 77 GDPR, you have the right to lodge a complaint with the competent supervisory authority.

10. Right of withdrawal

You have the right to withdraw your consent pursuant to Art. 7 para. 3 GDPR with effect for the future.

11. Right to object

You can object to the future processing of your personal data at any time in accordance with Article 21 of the GDPR. This objection can be made, in particular, against processing for direct marketing purposes. 

12. Access to and storage of information in terminal equipment

By using our website, information (e.g., IP address) may be accessed or stored (e.g., cookies) on your device. This access or storage may involve further processing of personal data as defined by the GDPR.

In cases where such access to information or such storage of information is absolutely necessary for the technically flawless provision of our services, this is done on the basis of Section 25 Paragraph 1 Sentence 1, Paragraph 2 No. 2 TTDSG.

In cases where such a process serves other purposes (e.g., the needs-based design of our website), it is carried out on the basis of Section 25 Paragraph 1 of the German Telecommunications and Telemedia Data Protection Act (TTDSG) only with your consent in accordance with Article 6 Paragraph 1 Letter a of the GDPR. This consent can be revoked at any time for the future.

Further information on the processing of your personal data and the relevant legal bases in this context can be found in the following sections on the specific processing activities on our website.

13. Cookies and the right to object to direct marketing

We use temporary and permanent cookies, i.e., small files that are stored on users' devices (for an explanation of the term and function, see the last section of this privacy policy). Some of these cookies are used for security purposes or are necessary for the operation of our online services (e.g., for displaying the website) or to save the user's decision when confirming the cookie banner. In addition, we or our technology partners use cookies for audience measurement and marketing purposes, about which users are informed in the course of this privacy policy.

You can generally object to the use of cookies for online marketing purposes with many services, especially in the case of tracking, via the US website http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/ . Furthermore, you can prevent the storage of cookies by disabling them in your browser settings. Please note that this may prevent you from using all the features of this website.

14. Deletion of data

  1. The data we process will be erased or its processing restricted in accordance with Articles 17 and 18 of the GDPR. Unless expressly stated otherwise in this privacy policy, the data stored by us will be erased as soon as it is no longer required for its intended purpose and there are no legal obligations to retain it. If the data is not erased because it is required for other legally permissible purposes, its processing will be restricted. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons.
  2. According to legal requirements, records must be retained for 6 years in particular pursuant to Section 257 Paragraph 1 of the German Commercial Code (HGB) (commercial books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting documents, etc.) and for 10 years pursuant to Section 147 Paragraph 1 of the German Fiscal Code (AO) (books, records, management reports, accounting documents, commercial and business letters, documents relevant for taxation, etc.).

15. Performance of contractual services

  1. We process inventory data (e.g., names, addresses, and contact details of users) and contract data (e.g., services used, names of contact persons, payment information) for the purpose of fulfilling our contractual obligations and providing services in accordance with Article 6 Paragraph 1 Letter b of the GDPR. Entries marked as mandatory in online forms are required for the conclusion of the contract.
  2. Users can optionally create a user account, which allows them to view their orders. During registration, users will be informed of the required mandatory information. User accounts are not public and cannot be indexed by search engines. If users terminate their user account, their data relating to the user account will be deleted, unless its retention is necessary for commercial or tax law reasons in accordance with Art. 6 para. 1 lit. c GDPR. It is the users' responsibility to back up their data before the end of the contract if they have terminated their account. We are entitled to irretrievably delete all user data stored during the contract period.
  3. As part of the registration and subsequent login processes, as well as the use of our online services, we store the IP address and the time of each user action. This storage is based on our legitimate interests, as well as the user's interest in protection against misuse and other unauthorized use. This data is generally not shared with third parties, unless it is necessary for the enforcement of our claims or there is a legal obligation to do so pursuant to Art. 6 para. 1 lit. c GDPR.
  4. We process usage data (e.g., the websites of our online service visited, interest in our products) and content data (e.g., entries in the contact form or user profile) for advertising purposes in a user profile in order to show the user, for example, product recommendations based on their previously used services.
  5. Data is deleted after the expiry of statutory warranty periods and comparable obligations; the necessity of retaining the data is reviewed every three years; in the case of statutory archiving obligations, deletion occurs after their expiry (end of commercial (6 years) and tax (10 years) retention periods); information in the customer account remains until the account is deleted.

16. Making contact

  1. When you contact us (via contact form, hotline or e-mail), the information you provide will be processed in accordance with Art. 6 para. 1 lit. b) GDPR for the purpose of processing and handling your contact request.
  2. User data may be stored in our Customer Relationship Management System and Marketing Automation Platform ("CRM & Marketing System") or similar inquiry management system.
  3. We use the CRM, registration, and marketing automation system "HubSpot" from HubSpot Inc. (25 First Street, 2nd Floor, Cambridge, MA 02141, USA) with offices in Ireland (One Dockland Central, Dublin 1, Ireland) and Germany (Am Postbahnhof 17, 10243 Berlin) based on our legitimate interests (efficient and fast processing of user inquiries and applications, and optimization of our online services). For this purpose, we have concluded a contract with HubSpot containing standard contractual clauses, in which HubSpot commits to processing user data only in accordance with our instructions and to complying with EU data protection standards. Further information on HubSpot's privacy policy can be found here: https://legal.hubspot.com/de/dpa and  https://legal.hubspot.com/de/privacy-policy
  4. Our registration service allows visitors to our website to learn more about our company, download content, and provide their contact information and other demographic data. This information is stored on the servers of our software partner, HubSpot . We may use it to contact visitors to our website and to determine which of our company's services are of interest to them. All information we collect is subject to this privacy policy. We use all collected information solely to optimize our marketing.
  5. We delete inquiries when they are no longer needed. We review the necessity of retaining inquiries every two years; inquiries from customers with a customer account are stored permanently, and for deletion, customers are directed to their account information. In the case of statutory archiving obligations, deletion occurs after these obligations expire (end of the commercial (6 years) and tax-related (10 years) retention periods). 

17. Support form

BEC provides a web form for processing support requests. When using this form, your personal data will be processed if necessary for handling your support request. Processing your support request requires the processing of your contact details (email address), as well as the subject of the request, the request category, and the content of the request (ticket description). If necessary, any file attachments you provide (usually screenshots) will also be processed. Furthermore, due to technical reasons, certain personal data is transmitted to the provider HubSpot through interaction with the HubSpot support form (your IP address and other technical data such as the HTTP referrer, date and time of the request, accessed file, etc.).

Additionally, with your consent, personal data may be processed that is not necessary for processing support requests but facilitates or speeds up the process in your interest. This primarily includes your telephone number and potentially also files attached to the support request, provided these contain personal data about you whose processing is not required for the purpose of the support request.

Please ensure that attached files, especially screenshots, do not contain any personal data of third parties.

If you only submit data whose processing is necessary for handling your support request, this data processing is based on our contractual obligation to you to provide the relevant support services (Art. 6 para. 1 sentence 1 lit. b GDPR). If you voluntarily provide additional, non-essential data, this data processing is based on your consent (Art. 6 para. 1 sentence 1 lit. a GDPR).

In connection with processing your support request, the aforementioned personal data will be transferred to the USA. The recipient of the data is HubSpot (HubSpot, Inc., 25 First St., 2nd floor, Cambridge, Massachusetts 02141, USA). Further information on data protection at HubSpot can be found at: https://legal.hubspot.com/de/privacy-policy

Since personal data is transferred to the USA, additional safeguards are required to ensure the level of data protection guaranteed by the GDPR. To guarantee this, we have agreed to standard contractual clauses with the provider in accordance with Article 46(2)(c) GDPR. These clauses oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases where this cannot be guaranteed even with this contractual extension, we take additional safeguards to protect the personal data of our customers.

18. Aircall

We use the software "AirCall" (Aircall SAS, 11-15 rue Saint Georges, 75009 Paris) for telephone communication. AirCall is a software-based telephone system used in conjunction with HubSpot.

The following categories of personal data are processed: metadata (call forwarding, time and date, recipient and caller ID, duration, employee you are communicating with); and content data (recordings of telephone calls, voice messages). However, telephone calls are only recorded and stored if you have given your explicit consent. In addition, log files relating to communication (calls) are processed for technical security purposes; these contain pseudonymized identifiers.

When you contact us by telephone, we process the aforementioned categories of personal data in accordance with the provisions of the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG), insofar as this is necessary for establishing, executing, and fulfilling a contract, as well as for carrying out pre-contractual measures. Where personal data is required for initiating or executing a contractual relationship or within the framework of carrying out pre-contractual measures, processing is lawful pursuant to Article 6(1)(b) GDPR.

If you give us your explicit consent to process personal data for specific purposes (e.g., disclosure to third parties, evaluation for marketing purposes, or promotional contact via email), the lawfulness of this processing is based on your consent pursuant to Article 6(1)(a) GDPR.

Similarly, recording of conversations is based on your consent. You can withdraw your consent at any time with effect for the future (see section 10 of this privacy policy).

Where necessary and legally permissible, we process your data beyond the actual contractual purposes to fulfill legal obligations pursuant to Article 6(1)(c) GDPR. Furthermore, processing may occur to protect our legitimate interests or those of third parties (such as answering general telephone inquiries that do not fall under the aforementioned cases) and to defend against and assert legal claims in accordance with Article 6(1)(f) GDPR. Where legally required, we will inform you separately about the legitimate interest.

We have concluded a data processing agreement with the service provider, obligating them to protect our customers' data and not to disclose it to third parties.

Since personal data may be transferred to the USA, additional safeguards are necessary to ensure the level of data protection required by the GDPR. To guarantee this, we have agreed upon standard contractual clauses with the provider in accordance with Article 46(2)(c) GDPR. These clauses oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases where this cannot be ensured even by this contractual extension, we will seek further agreements and commitments from the recipient in the USA.

More information about data protection at AirCall can be found at https://aircall.io/privacy-faqs/ and at https://aircall.io/privacy/

19. Cookies & Audience Measurement

  1. Cookies are pieces of information that are transferred from our web server or third-party web servers to users' web browsers and stored there for later retrieval. Cookies can be small files or other types of information storage.
  2. We use "session cookies," which are only stored for the duration of your current visit to our website (e.g., to enable the use of our online services). A session cookie contains a randomly generated, unique identification number, a so-called session ID. It also contains information about its origin and its expiration date. These cookies cannot store any other data. Session cookies are deleted when you finish using our online services, for example, by logging out or closing your browser.
  3. Users are informed about the use of cookies for pseudonymous audience measurement within the framework of this privacy policy.
  4. If users do not wish to have cookies stored on their computer, they are asked to deactivate the corresponding option in their browser's system settings. Stored cookies can be deleted in the browser's system settings. Disabling cookies may lead to functional limitations of this online service.
  5. You can object to the use of cookies for audience measurement and advertising purposes via the deactivation page of the Network Advertising Initiative ( http://optout.networkadvertising.org/ ) and additionally the US website ( http://www.aboutads.info/choices ) or the European website ( http://www.youronlinechoices.com/uk/your-ad-choices/ ).

20. HubSpot

  1. We use HubSpot for marketing activities on our website. HubSpot is a software company from the USA with a branch office, HubSpot Ireland Limited, located at 2nd Floor, 30 North Wall Quay, Dublin 1, Ireland.
  2. We use this integrated software solution for our own marketing, lead generation, and customer service purposes. This includes email marketing, which manages the sending of newsletters and automated mailings, social media publishing and reporting, contact management such as user segmentation and CRM, landing pages, and contact forms.
  3. HubSpot uses cookies, small text files that are stored locally in your web browser's cache on your device and allow us to analyze your use of the website. The information collected (e.g., IP address, geographic location, browser type, duration of visit, and pages viewed) is analyzed by HubSpot on our behalf so that we can generate reports about the visit and the pages viewed.
  4. Information collected via HubSpot, as well as the content of our website, is stored on servers of HubSpot's service providers. If you have given your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, this processing on this website is carried out for the purpose of website analysis.
  5. Since personal data is transferred to the USA, additional safeguards are required to ensure the level of data protection guaranteed by the GDPR. To guarantee this, we have agreed to standard contractual clauses with the provider in accordance with Article 46(2)(c) GDPR. These clauses oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases where this cannot be guaranteed even with this contractual extension, we strive to obtain further agreements and commitments from the recipient in the USA.
  6. The data will be deleted as soon as it is no longer required for the purpose for which it was collected.
  7. You can permanently object to the collection of data by HubSpot and the setting of cookies by preventing the storage of cookies through your browser settings. You can object to the processing of your personal data at any time with effect for the future.

21. Facebook, Custom Audiences and Facebook Marketing Services

  1. We use "Facebook Custom Audiences" on our website, a remarketing tool provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (hereinafter referred to as "Facebook").
  2. Facebook Custom Audiences allows us to display interest-based advertisements, so-called "Facebook Ads," to visitors of our website when they visit the social network Facebook or other websites that also use Facebook Custom Audiences. For this purpose, a pixel (Facebook Pixel) from the provider Facebook (see above) is used.
  3. The Facebook Pixel allows Facebook to display our ads on Facebook, so-called "Facebook Ads," only to Facebook users who have visited our website, particularly those who have shown interest in our online offerings. In this case, the Facebook Pixel also allows us to verify whether a user was redirected to our website after clicking on one of our Facebook Ads. The Facebook Pixel uses cookies, which are small text files stored locally in your web browser's cache on your device. If you are logged into your Facebook account, your visit to our website will be recorded in your account. The data collected about you is anonymous to us and does not allow us to draw any conclusions about your identity. However, this data can be linked by Facebook to your account there. If you have a Facebook account and are logged in, Facebook can associate your visit with your account.
  4. By using “Facebook Custom Audiences” in conjunction with the Facebook Pixel, your web browser automatically establishes a direct connection to Facebook's server. We have no control over the scope and further use of the data collected by Facebook through the use of Facebook Custom Audiences. To our knowledge, Facebook receives information that you have accessed the relevant part of our website or clicked on one of our ads. If you have a Facebook account and are logged in, Facebook can associate your visit with your account. Even if you are not registered with Facebook or are not logged in, Facebook may still obtain and store your IP address and potentially other identifying information.
  5. We use Facebook Custom Audiences for marketing and optimization purposes, in particular to show you relevant and interesting ads and thus improve our services and make them more appealing to you as a user. The legal basis for Facebook Custom Audiences and the Facebook Pixel is Article 6(1)(a) GDPR (consent).
  6. We have entered into a data processing agreement with our service provider Facebook, in which we oblige them to protect our customers' data and not to pass it on to third parties.
  7. Since personal data is transferred to the USA, additional safeguards are required to ensure the level of data protection guaranteed by the GDPR. To guarantee this, we have agreed to standard contractual clauses with the provider in accordance with Article 46(2)(c) GDPR. These clauses oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases where this cannot be guaranteed even with this contractual extension, we strive to obtain further agreements and commitments from the recipient in the USA.
  8. Further information from Facebook regarding data protection can be found on the following Facebook website: https://www.facebook.com/about/privacy
  9. Information about Facebook Pixel can be found on the following Facebook website: https://www.facebook.com/business/help/651294705016616
  10. Logged-in users can deactivate Facebook Custom Audiences via Pixel at https://www.facebook.com/settings/?tab=ads# .
  11. Furthermore, you can deactivate cookies used for audience measurement and advertising purposes via the following websites: http://optout.networkadvertising.org/
    http://www.aboutads.info/choices
    http://www.youronlinechoices.com/uk/your-ad-choices/
    Please note that this setting will also be deleted if you delete your cookies.

22. Facebook Pixel

  1. We use “Facebook Pixel” on our website, a service provided by Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA (hereinafter referred to as: “Facebook”). We have concluded a data processing agreement with the provider in accordance with Article 28 GDPR.
  2. If you have given us your consent in accordance with Art. 6 para. 1 lit. a GDPR, we use Facebook Pixel for marketing and optimization purposes, in particular to display relevant and interesting ads for you on Facebook and thus improve our offer, make it more interesting for you as a user and avoid annoying ads.
  3. The Facebook Pixel allows Facebook to display our ads on Facebook, so-called "Facebook Ads," only to Facebook users who have visited our website, particularly those who have shown interest in our online offerings. In this case, the Facebook Pixel also allows us to verify whether a user was redirected to our website after clicking on one of our Facebook Ads. The Facebook Pixel uses cookies, which are small text files stored locally in your web browser's cache on your device. If you are logged into your Facebook account, your visit to our website will be recorded in your account. The data collected about you is anonymous to us and does not allow us to draw any conclusions about your identity. However, this data can be linked by Facebook to your account there. If you have a Facebook account and are logged in, Facebook can associate your visit with your account.
  4. Since personal data is transferred to the USA, additional safeguards are required to ensure the level of data protection guaranteed by the GDPR. To guarantee this, we have agreed to standard contractual clauses with the provider in accordance with Article 46(2)(c) GDPR. These clauses oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases where this cannot be guaranteed even with this contractual extension, we strive to obtain further agreements and commitments from the recipient in the USA.
  5. Further information on data protection from the third-party provider can be found on the following Facebook website: https://www.facebook.com/about/privacy.
  6. Information about Facebook Pixel can be found on the following Facebook website: https://www.facebook.com/business/help/651294705016616
  7. You can adjust the settings regarding which types of advertisements are displayed to you within Facebook on the following Facebook website: https://www.facebook.com/settings?tab=ads.
  8. Please note that this setting will be deleted if you clear your cookies. Furthermore, you can deactivate cookies used for audience measurement and advertising purposes via the following websites: http://optout.networkadvertising.org/
    http://www.aboutads.info/choices
    http://www.youronlinechoices.com/uk/your-ad-choices/
  9. Please note that this setting will also be deleted if you delete your cookies.

23. Newsletter & Email Marketing Automation

  1. The newsletter is sent and its success is measured on the basis of the recipients' consent pursuant to Art. 6 para. 1 lit. a, Art. 7 GDPR in conjunction with § 7 para. 2 no. 3 UWG or on the basis of the legal permission pursuant to § 7 para. 3 UWG.
  2. The logging of the registration process is based on our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR and serves as proof of consent to receive the newsletter.
  3. Cancellation/Revocation - You can unsubscribe from our newsletter at any time, i.e., revoke your consent. You will find an unsubscribe link at the end of each newsletter. If users have only subscribed to the newsletter and then cancelled their subscription, their personal data will be deleted.

24. HRworks

We use the software HRworks (HRworks GmbH, Waldkircher Str. 28, 79106 Freiburg im Breisgau, Germany, "HRworks") to process applicant data within the framework of the online application process. This also includes an application form embedded in our website.

  1. If you apply to us by email or via our application form, we will process your personal data for the purpose of carrying out the application process and pre-contractual measures. This processing of your personal data is based on Section 26 Paragraph 1 of the German Federal Data Protection Act (BDSG) in conjunction with Article 88 of the GDPR. Your personal data will be deleted by us no later than 6 months after the application process has been completed.
  2. If you also give us your consent to be included in our talent pool, the processing of your personal data for this purpose is based on Article 6 Paragraph 1 Sentence 1 Letter a GDPR. You have the right to withdraw your consent at any time with effect for the future. If personal data is stored for the purpose of the talent pool, it will be deleted after one year.
  3. The data you provide or that is collected from you will also be used by HRworks in anonymized form for statistical purposes.
  4. HRworks processes all categories of personal data that you provide in connection with the application process. This includes, in particular, your name, email address, telephone number, salary expectations, and desired start date, as well as all documents you provide for this purpose, such as cover letters, CVs, certificates, and photos.
  5. Furthermore, your personal data is processed by HRworks with regard to so-called server log files. This includes data such as the website domain name, web browser and web browser version, operating system, IP address, and the timestamp of access to the software, whereby the scope of this logging does not exceed that of other common websites. In the event of technical errors, additional data such as the website domain name, web browser and web browser version, operating system, IP address, and the timestamp of the corresponding error message/specification are processed.
  6. We have concluded a data processing agreement with the service provider, in which we oblige them to protect our customers' data and not to pass it on to third parties.
  7. Since personal data may be transferred to the USA, additional safeguards are required to ensure the level of data protection guaranteed by the GDPR. To guarantee this, we have agreed to standard contractual clauses with the provider in accordance with Article 46(2)(c) GDPR. These clauses oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases where this cannot be guaranteed even with this contractual extension, we strive to obtain further agreements and commitments from the recipient in the USA.
  8. More information about data protection at HRworks can be found at: https://www.hrworks.de/unternehmen/datenschutz/

25. Integration of third-party services and content

  1. Within our online services, we use content or service offerings from third-party providers based on our legitimate interests (i.e., our interest in analyzing, optimizing, and operating our online services economically, in accordance with Article 6(1)(f) of the GDPR) to integrate their content and services, such as videos (hereinafter referred to collectively as "Content"). This always requires that the third-party providers of this Content are aware of the users' IP addresses, as they cannot send the Content to their browsers without the IP address. The IP address is therefore necessary for displaying this Content. We strive to use only Content from providers who use the IP address solely for delivering the Content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. These pixel tags allow information such as visitor traffic on the pages of this website to be evaluated. The pseudonymous information can also be stored in cookies on the user's device and may include, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our online service, as well as be combined with such information from other sources.

  2. The following overview lists third-party providers and their content, along with links to their privacy policies, which contain further information on data processing and, in some cases, the opt-out options already mentioned here:

    1. Videos from the platform “YouTube” of the third-party provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Privacy policy: https://policies.google.com/privacy , Opt-out: https://adssettings.google.com/authenticated .
    2. Our website integrates features of the Instagram service. These features are provided by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA. If you are logged into your Instagram account, you can link the content of our pages to your Instagram profile by clicking the Instagram button. This allows Instagram to associate your visit to our pages with your user account. Please note that as the provider of these pages, we have no knowledge of the content of the transmitted data or its use by Instagram. Instagram's privacy policy can be found here: http://instagram.com/about/legal/privacy/ .
    3. Within our online services, we use the marketing functions (so-called "LinkedIn Insight Tag") of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Each time you access one of our pages that contains LinkedIn functions, a connection to LinkedIn's servers is established. LinkedIn is informed that you have visited our website with your IP address. With the help of the LinkedIn Insight Tag, we can, in particular, analyze the success of our campaigns within LinkedIn or define target groups for these campaigns based on user interaction with our online services. If you are registered with LinkedIn, LinkedIn can associate your interaction with our online services with your user account. Even if you click the LinkedIn "Recommend" button and are logged into your LinkedIn account, LinkedIn can associate your visit to our website with you and your user account. Since personal data is transferred to the USA, further safeguards are required to ensure the level of data protection required by the GDPR. To ensure this, we have agreed to standard data protection clauses with the provider in accordance with Article 46(2)(c) GDPR. These clauses oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases where this cannot be guaranteed even with this contractual extension, we strive to obtain further agreements and commitments from the recipient in the USA. Privacy policy: https://www.linkedin.com/legal/privacy-policy , Opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out .
    4. Our website may include features of the Twitter service or platform (hereinafter referred to as "Twitter"). Twitter is a service provided by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. These features include displaying our Twitter posts within our website, linking to our Twitter profile, and enabling interaction with Twitter posts and features. They also allow us to measure whether users access our website via advertisements we place on Twitter (so-called conversion tracking). Because personal data is transferred to the USA, additional safeguards are required to ensure compliance with the GDPR. To guarantee this, we have agreed to standard contractual clauses with Twitter in accordance with Article 46(2)(c) GDPR. These clauses obligate the recipient of the data in the USA to process the data in accordance with the European level of data protection. In cases where this cannot be guaranteed even through this contractual extension, we strive to obtain further agreements and commitments from the recipient in the USA. Privacy policy: https://twitter.com/de/privacy , Opt-out: https://twitter.com/personalization .
    5. We use features of the XING network. The provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. Each time you access one of our pages that includes XING features, a connection to XING's servers is established. To our knowledge, no personal data is stored in this process. In particular, no IP addresses are stored, nor is user behavior analyzed. Privacy policy : https://www.xing.com/app/share?op=data_protection
    6. Web analytics and optimization are performed using the Hotjar service, provided by the third-party company Hotjar Ltd., Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe. Hotjar allows us to track user movements on websites where it is implemented (so-called heatmaps). This reveals, for example, how far users scroll and which buttons they click and how often. Technical data such as language, operating system, screen resolution, and browser type are also collected. This allows us to create user profiles, at least temporarily, during visits to our website. Furthermore, Hotjar enables us to collect feedback directly from website users. This provides us with valuable information to make our websites even faster and more user-friendly. Privacy policy: https://www.hotjar.com/privacy . Opt-out: https://www.hotjar.com/opt-out .
    7. External code from the JavaScript framework “jQuery”, provided by the third-party jQuery Foundation, https://jquery.org.