In the following, we inform you about the collection of personal data when using our website(s). Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behavior. We have taken extensive technical and operational precautions to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorized persons. Our security procedures are regularly reviewed and adapted to technological progress.
Person responsible for data processing:
The responsible party pursuant to Art. 4 (7) EU General Data Protection Regulation (GDPR) is:
catworkx GmbH
Schellerdamm 16
21079 Hamburg
[email protected] (see imprint)
Contact option of the data protection officer:
You can reach our data protection officer at [email protected] as well as via our postal address with the addition "z.H.v. Datenschutzbeauftragter".
Your rights:
You have the following rights with respect to us regarding personal data concerning you:
General rights: if the legal requirements are met, you have a right to information (Art. 15 GDPR), rectification (Art. 16 GDPR), erasure (Art. 17 GDPR), restriction of processing (Art. 18 GDPR), objection to processing (Art. 21 GDPR) and data portability (ART. 20 GDPR). Insofar as processing is based on your consent, you have the right to revoke it vis-à-vis us with effect for the future.
Rights in case of data processing according to legitimate interest: Pursuant to Art. 21(1) GDPR, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of Art. 6(1)(e) GDPR (data processing in the public interest) or on the basis of Art. 6(1)(f) GDPR (data processing for the purposes of safeguarding a legitimate interest); this also applies to profiling based on this provision. In the event of your objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
Rights in case of direct marketing: If we process your personal data for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing pursuant to Art. 21(2) of the GDPR, including for profiling purposes, insofar as it is related to such direct marketing. In the event of your objection to processing for the purpose of direct marketing, we will no longer process your personal data for these purposes.
Right to complain to a supervisory authority: you also have the right to complain to a competent data protection supervisory authority about our processing of your personal data.
Collection of personal data when visiting our website:
In the case of purely informational use of the website, i.e. if you do not register or otherwise transmit information to us, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security. The legal basis for this is Art. 6(1)(f) GDPR:
IP address of your request, date and time of the request, time zone difference to Greenwich Mean Time (GMT), content of the request (specific page), access status/HTTP status code, amount of data transferred in each case, website from which the request comes, browser, operating system, and its interface, language and version of the browser software.
Contacting us by e-mail or contact form:
When you contact us by e-mail or via a contact form, the data you provide (your e-mail address, name and telephone number, if applicable) will be stored by us in order to answer your questions. The legal basis in this respect is Art. 6(1) p. 1 (f) GDPR. Our legitimate interest lies in the performance of our business activities. The information required to respond to your request is specially marked. Insofar as we request information via our contact form that is not absolutely necessary for processing your request, this information is used to specify your request and to improve the processing of your request. Communication of this information is expressly on a voluntary basis and with your consent, Art. 6(1)(a) GDPR. Insofar as this involves information on communication channels (for example, e-mail address, telephone number), you also consent to us contacting you via this communication channel, if necessary, in order to respond to your request. You can, of course, revoke this consent at any time for the future.
Your data that we have received in the course of contacting you will be deleted as soon as it is no longer required to achieve the purpose for which it was collected, your request has been fully processed and no further communication with you is necessary or desired by you.
Newsletter:
General Information:
We offer you the option of subscribing to a newsletter on our websites, with which we inform you about the activities of our company, current information about our services, special offers, promotions, events, etc. The legal basis for sending the respective newsletter is your consent, Art. 6(1)(a) GDPR. For the registration to our newsletters we use the so-called double opt-in procedure. This means that after your registration, we will send you an e-mail to the e-mail address you provided, in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm your registration, your information will be automatically deleted after 3 days. Mandatory data for sending the newsletter are only your e-mail address and the desired salutation and your last name. The provision of further data is voluntary: this data is used to address you personally. After your confirmation, we store your e-mail address for the purpose of sending the newsletter and until revoked. We also store your IP address current at the time of registration, the time of registration and confirmation for up to four years after revocation or objection (statute of limitations). The purpose of this procedure is to be able to prove your registration in case of doubt and, if necessary, to clarify any misuse of your personal data. The legal basis for logging your registration is our legitimate interest pursuant to Art. 6(1)(f) GDPR in proving that consent was previously given, see also Art. 7(1) GDPR. You can revoke your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can declare the revocation by clicking on the link provided in every newsletter email or by sending an email to [email protected].
Newsletter Tracking:
We would like to point out that when we send out the newsletter, we evaluate the open rate, the click rate and the click-through rate to determine whether and when a newsletter was opened. For this evaluation, the emails sent contain so-called web beacons or tracking pixels that are stored on our server and loaded when the newsletter is opened. Technical information such as browser type, time of opening and IP address is transmitted. Opening rates or click rates are not linked to individual e-mail addresses. Opening and click rates are not assigned by us to individual recipients, so that we are not able, for example, to evaluate them according to e-mail addresses. The legal basis for this data processing is your consent Art. 6 (1)(a) GDPR. You can revoke your consent at any time with effect for the future. In this case, the revocation includes the entire newsletter, as a separate revocation of the tracking is unfortunately not technically possible. To do so, simply click the unsubscribe link provided in each email. The information from the tracking will be stored as long as you are subscribed to the newsletter. After unsubscribing, the data is anonymized and used for purely statistical purposes. The data you provide for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted after you unsubscribe from the newsletter. Data that is required to prevent you from still receiving newsletters from us after you have unsubscribed will be stored by us even after you have unsubscribed. Data that has been stored by us for other purposes remains unaffected by this.
Sendinblue:
For the dispatch and analysis of newsletters, we use Sendinblue (formerly Newsletter2Go). The provider is Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany. Sendinblue is a service with which, among other things, the sending of newsletters can be organized and analyzed. The data collected from you for the purpose of sending newsletters is stored on Sendinblue's servers in Germany. For this purpose, an order processing agreement has been concluded with Sendinblue.
Provision of technical articles and initial consultation:
As part of our company presence on various platforms (e.g. LinkedIn or Xing), we occasionally provide specialist contributions or offer initial consulting on specialist topics. In order to be able to offer these technical articles and consulting services profitably, we collect certain personal data from you in return, which we use for advertising purposes. In this context, you are required to give your consent for us to contact you for advertising purposes (by e-mail or direct message on a profession-related network such as LinkedIn or Xing). If you do not wish to provide us with your personal data and consent to promotional contact, you are free not to make use of our offers. Your consent is voluntary and can be revoked at any time with effect for the future. You can send your revocation to the following e-mail address: [email protected]. We will implement your advertising revocation without delay. The legal basis for the processing of your personal data is your consent (Art. 6(1)(a) GDPR). We will store your data collected in this way until you revoke your consent to us.
Events (Events, Trainings & Webinars)
General Information:
You have the option to register for various events (webinars, trainings, events, etc.) through our website. Certain personal information is required for registration. When you register for an event via our website, we collect those personal data from you that are required for registration and implementation of the respective event.
The legal basis for the processing of your personal data results from the implementation of the event, Art. 6 para. 1 p.1 lit. b) DSGVO.
Following the event, you will receive a one-time follow-up e-mail to provide you with helpful, further information and links as well as the recording of the event. After the one-time follow-up e-mail has been sent, your data will be deleted after 90 days, provided that no further business contact has resulted from this and there are no statutory retention obligations to the contrary. The legal basis for sending the one-time e-mail results from Art. 6 para. 1 p. 1 lit. b) DSGVO as part of the booked event.
In addition, following the event, we may send you emails with similar offers that may also be of interest to you based on your participation in our event and offer you the contact option of a personal contact. We will delete your data after three contact requests without any feedback from you, but at the latest after 90 days. The legal basis for sending these e-mails is Art. 6 para. 1 p. 1 lit. f) DSGVO in conjunction with. § 7 para. 3 UWG. You have the option to object to the use of your e-mail address at any time without incurring any costs other than the transmission costs according to the prime rates.
Insofar as we request information during the registration process that is not absolutely necessary for processing your request, this information is used for the better organization, implementation and improvement of our events. Communication of this information is expressly on a voluntary basis and with your consent, Art. 6 para.1 p. 1 lit. a) DSGVO. You can revoke your consent at any time with effect for the future.
We will subsequently no longer store your personal data, unless storage is required to comply with statutory retention obligations or to defend, assert or defend legal claims during the current limitation periods.
Supplementary information on digital events
We use external services (e.g. the Zoom video conferencing service) to hold webinars. The privacy notices of the respective service are usually made available to you as part of the registration process for our events and webinars on the provider's registration pages.
The provider Zoom Video Communications, Inc. has its registered office in the USA. Personal data may also be transferred to the USA. In the USA, the protection of your personal data is not subject to the same high requirements as in the EU or the EEA. The use of services that process personal data in the USA may be necessary to offer our webinars in a stable format. In this case, the data processing is necessary for the implementation of the respective event or webinar (Art. 49 para. 1 b DSGVO).
In order to enable and promote the exchange between participants in our digital events and webinars, we sometimes offer the possibility for you to actively participate in our events. In this case, your name and possibly your picture are visible to the other participants. We explicitly point out this possibility before the respective event. In addition, we obtain your consent for your data to be temporarily shared with other participants. To the extent that we publish a digital event via our YouTube channel, we will remove discussions and exchanges with participants beforehand so that your personal data is not shared via YouTube. We will forward the link to the video to you by email following the respective event. The legal basis for the processing of your personal data is your consent, Art. 6 para. 1 p. 1 lit. a) DSGVO. Your consent is voluntary and can be revoked at any time with effect for the future. As a rule, you are free to continue to passively participate in our events. In this case, your name and, depending on the setting, your picture will not be visible to other participants.
Supplementary information on Atlassian trainings
In the context of Atlassian trainings, for the provision of the virtual test environment and the creation of the participant certificates, it is necessary to send the personal data of the participants (name, first name and e-mail address) to Atlassian. Pty Ltd, Level 6, 341 George Street, Sydney NSW 2000, Australia. Atlassian is also likely to process your personal data in countries outside the EU or EEA. The protection of your personal data may not be subject to the same high standards outside the EU or EEA. The transfer of data to Atlassian is necessary for the performance of the Atlassian Training you have booked (Art. 49 para. 1 lit. b DSGVO).
catworkx Ticket System - https://jira.catworkx.de:
As a customer, you have the option to register with us and create a customer account. The customer account gives you access to our support system. For the registration we collect and store the following data from you: Salutation, first name, last name, e-mail (user name), password. We use the so-called double-opt-in procedure for the registration, i.e. your registration is only completed if you have previously confirmed your registration via a confirmation e-mail sent to you for this purpose by clicking on the link contained therein. The provision of the aforementioned data is mandatory; you can provide all other information voluntarily by using our portal.
After registration, you will receive personal, password-protected access and will be able to view and manage the data you have provided. Registration is voluntary but may be a prerequisite for using our services.
If you use our portal, we store your data required for the fulfillment of the contract, if necessary, also information on the method of payment, until you finally delete your access. Furthermore, we store the voluntary data you provide for the duration of your use of the portal, unless you delete it beforehand. You can manage and change all information in the protected customer area. The legal basis is Art. 6(1) a, b and f GDPR.
catworkx Project System - https://confluence.catworkx.de:
As a customer, you have the option to register with us and create a customer account. The customer account gives you access to our Wiki system. For the registration we collect and store the following data from you: Salutation, first name, last name, e-mail (user name), password.
We use the so-called double-opt-in procedure for registration, i.e. your registration is not completed until you have confirmed your registration by clicking on the link contained in a confirmation e-mail sent to you for this purpose. The provision of the aforementioned data is mandatory; you can provide all other information voluntarily by using our portal.
After registration, you will receive personal, password-protected access and will be able to view and manage the data you have provided. Registration is voluntary but may be a prerequisite for using our services.
If you use our portal, we store your data required for the fulfillment of the contract, if necessary, also information on the method of payment, until you finally delete your access. Furthermore, we store the voluntary data you provide for the duration of your use of the portal, unless you delete it beforehand. You can manage and change all information in the protected customer area. The legal basis is Art. 6(1) a, b and f GDPR.
catworkx Documentations - https://documentation.catworkx.com:
This website does not offer a customer-related login. For this reason, the website is used purely for information purposes. Therefore, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security. The legal basis for this is Art. 6(1)(f) GDPR: IP address of your request, date and time of the request, time zone difference to Greenwich Mean Time (GMT), content of the request (concrete page), access status/HTTP status code, amount of data transferred in each case, website from which the request comes, browser, operating system, and its interface, language and version of the browser software.
catworkx Helpdesk - https://servicedesk.catworkx.com:
If you use an application developed by us for the Atlassian environment (Marketplace Apps), you have the option to contact our helpdesk at any time if you encounter technical problems while using our application or if you need other support. Following a request to our helpdesk, a Jira ticket is usually created automatically with your concern, which is then processed by us. Via our helpdesk, we only process the information that is required to process your request. Your personal data is not passed on to third parties. The legal basis for data processing is Art. 6(1)(b) GDPR. Your data will be deleted three years after a final response to your request.
Applications:
You can apply to us online via our website. If you nevertheless apply to us by e-mail, we expressly point out that sending unencrypted e-mails or e-mail attachments is not secure.
Your information will be processed for the purpose of carrying out the application process. The legal basis for data processing is Section 26(1) in conjunction with. Abs. 8 S.2 Federal Data Protection Act. Furthermore, your personal data may be processed insofar as this should be necessary for the defense of asserted legal claims against us arising from the application process. The legal basis for this is Art. 6(1)(1)(f) GDPR. The stated purposes also constitute the legitimate interest in the processing. Insofar as an employment relationship between you and us is established, we may further process the personal data already received from you for the purposes of the employment relationship in accordance with Section 26 (1) Federal Data Protection Act.
With your consent, we will also pass on your application data to affiliated companies or store your application data for a longer period of time if we consider your application suitable but are nevertheless unable to offer you a position. The legal basis for data processing is Art. 6(1)(a) GDPR. You can revoke your consent at any time with effect for the future.
There will be no processing of your application data beyond the described use. Your personal data will be deleted no later than 6 months after the end of the application process, provided that no other legitimate interests on our part oppose deletion or you have not given us your consent for longer storage. Other legitimate interest in this sense is, for example, a duty to provide evidence in proceedings under the General Equal Treatment Act.
If you would like us to contact you first or if you have questions about vacancies or about the application process, you can contact us at any time using a contact form provided for this purpose. We process the personal data you provide exclusively in order to respond to your request. The legal basis in this respect is Art. 6(1)(1)(f) GDPR. The purpose also represents our legitimate interest. The information required to respond to your request is specially marked. Insofar as we request input from the contact form that is not absolutely necessary to answer your request, this information is used to specify your request. A communication of this information is expressly on a voluntary basis and with your consent, Art. 6(1)(a) GDPR. Insofar as this involves information on communication channels (for example, e-mail address, telephone number), you also consent to us contacting you via this communication channel, if necessary, in order to answer your request. You can, of course, revoke this consent at any time for the future.
Your data that we have received in the course of contacting you will be deleted as soon as it is no longer required to achieve the purpose for which it was collected, your request has been fully processed and no further communication with you is necessary or desired by you.
Use of cookies:
When you use our website, cookies are stored on your computer. Cookies are small text files that are stored on your hard drive associated with the browser you are using and through which certain information flows to the entity that sets the cookie. Cookies cannot execute programs or transfer viruses to your computer. They are used to make the Internet offer as a whole more user-friendly and effective. We also use cookies to identify you for subsequent visits if you have an account with us. Otherwise, you would have to log in again for each visit.
This website uses the following types of cookies, the scope and functionality of which are explained below:
Transient cookies:
These cookies are automatically deleted when you close the browser. In particular, these include cookies that store the language of the website. As opposed to other providers, catworkx does not use session cookies.
Persistent cookies:
These cookies are deleted automatically after a specified period of time, which may differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
Flash Cookies:
catworkx does not use Flash content on its websites. For this reason, no Flash cookies are collected.
Prevention of cookies:
You can configure your browser settings according to your preferences and, for example, refuse to accept third-party cookies or all cookies. We would like to point out that you may then not be able to use all functions of this website.
Legal basis and storage period:
The legal bases for possible processing of personal data and its storage period vary and are presented in the following sections.
Website analysis:
In case of errors on the website, various data are analyzed for the purpose of error analysis. In particular, the following data are collected in order to perform error analysis. The error analysis is only possible for 7 days, because after 7 days all log files of the website are deleted. IP address of your request, date and time of the request, time zone difference to Greenwich Mean Time (GMT), content of the request (specific page), access status/HTTP status code, amount of data transferred in each case, website from which the request comes, browser, operating system, and its interface, language and version of the browser software. Data processing for the purpose of error analysis is necessary to ensure the secure operation of our website. The legal basis for the data processing is our legitimate interest, Art. 6(1)(f) GDPR. Our legitimate interest lies in the secure provision of our websites.
Google Analytics:
Insofar as you have given your consent, Google Analytics, a web analytics service provided by Google LLC, is used on this website. The responsible service provider in the EU is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").
Google Analytics uses cookies that enable an analysis of your use of our websites. The information collected by means of the cookies about your use of this website is generally transferred to a Google server in the USA and stored there.
We use the function 'anonymizeIP' (so-called IP masking): Due to the activation of IP anonymization on this website, your IP address will be truncated by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
During your website visit, the following data is collected, among other things:
>> The pages you call up, your "click path"
>> Achievement of "website goals" (conversions, e.g. newsletter sign-ups, downloads, purchases)
>> Your user behavior (for example, clicks, dwell time, bounce rates)
>> Your approximate location (region)
>> Your IP address (in shortened form)
>> Technical information about your browser and the end devices you use (e.g., language setting, screen resolution)
>> Your internet service provider
>> The referrer URL (via which website/advertising medium you came to this website)
Matomo
When the cookie settings are displayed and saved, two independent tracking pixels are transmitted to the domain matomo.synaigy.io (which belongs to TIMETOACT GROUP GmbH). The collection and processing are based on our interest in ensuring and error-free functions also and especially in interaction with campaigns, landing pages and the first call of our offers by you as a user. Only the loss rate within the web analysis is determined and for this purpose the current URL as well as the consent/rejection of the different consent categories are recorded. No personal data is collected and no conclusions can be drawn about individuals or their behavioral flow.
Purposes of processing:
On behalf of the operator of this website, Google will use this information for the purpose of evaluating your (pseudonymous) use of the website and compiling reports on website activity. The reports provided by Google Analytics are used to analyze the performance of our website and the success of our marketing campaigns.
Recipient:
The recipient of the data is
>> Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
as a processor. We have concluded an order processing agreement with Google for this purpose. Google LLC, based in California, USA, and, if applicable, US authorities may access the data stored by Google.
Transfer to third countries:
The transfer of personal data to the USA cannot be ruled out. In the USA, your personal data is not subject to the same high standards as provided for the processing of personal data in the EU. Personal data will only be transferred to the USA if you have agreed to the use of the service.
Storage period:
The data sent by us and linked to cookies are automatically deleted after 14 months. The deletion of data whose retention period has been reached occurs automatically once a month. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by
>> not giving your consent to the setting of the cookie or
>> downloading and installing the browser add-on to disable Google Analytics HERE.
You can also prevent the storage of cookies by selecting the appropriate settings on your browser software. However, if you configure your browser to refuse all cookies, you may experience limitations in functionality on this and other websites.
Legal basis and revocation option:
The legal basis for the processing of your personal data is your consent, Art. 6(1)(a) GDPR. You can revoke your consent at any time with effect for the future by calling up the cookie settings and changing your selection there. For more information on Google Analytics terms of use and data protection at Google, please visit https://marketingplatform.google.com/about/analytics/terms/de/ and https://policies.google.com/?hl=de.
Google Tag Manager:
For transparency reasons, we point out that we use the Google Tag Manager of the provider Google Ireland Limited (registration number: 368047), Gordon House, Barrow Street, Dublin 4, Ireland.
The Google Tag Manager itself does not collect any personal data. The Google Tag Manager makes it easier for us to integrate and manage our tags. Tags are small code elements that can be used, among other things, to measure traffic and visitor behavior, track the impact of online advertising and social channels, set up remarketing and targeting, and test and optimize websites. No cookies are set by the Tag Manager itself. If you have deactivated cookies at the domain or cookie level, this deactivation will be taken into account by Google Tag Manager. For more information on Google Tag Manager, see: https://www.google.com/intl/de/tagmanager/use-policy.html.
Google Ads:
We use the Google Ads service. Google Ads is an online advertising program of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").
This means that we place ads on Google's search network, place banner ads on Google's display network (banners on third-party websites), and use Google Ads or Analytics remarketing to draw attention to our offers. For us, it is possible to combine ads with search terms or to advertise our products and services with individual ads that you have already viewed on our websites. Ads remarketing lists also allow us to optimize search and display campaigns if you have visited our websites before.
In order to be able to play out interest-based advertising, Google analyzes your user behavior. The analysis is carried out with the help of cookies that are set by Google when you click on an ad or visit our website. Google and we then receive information that you clicked on an ad and were redirected to our website. In this way, we can see which of the advertising measures used are particularly efficient.
Google provides us with statistics showing how many users clicked on one of our ads and to which of our websites the users were redirected. In addition, it is possible to target users who have already visited one of our websites at an earlier point in time and we can track which search terms have particularly often led to a click on an ad.
Due to the marketing tools used, your browser automatically establishes a direct connection with Google's server. We have no influence on the scope and further use of the data collected by Google through the use of this tool and therefore inform you according to our state of knowledge: Through the integration of Ads Advertising, Google receives the information that you have called up the corresponding part of our website or clicked on an advertisement from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, there is a possibility that the provider may obtain and store your IP address.
The transfer of personal data to the USA cannot be ruled out. In the USA, your personal data is not subject to the same high standards as provided for the processing of personal data in the EU. Personal data will only be transferred to the USA if you have consented to the use of the service.
You can find more information on data protection in the context of Google Ads at: https://policies.google.com/technologies/ads?hl=de.
The legal basis for the processing of your personal data is Art. 6(1)(a) GDPR, your consent. You can revoke your consent at any time with effect for the future by calling up the cookie settings and changing your selection there.
If you do not want the processing, you can prevent the storage of the cookie required for these technologies, for example, via the settings of your browser.
You also have the option of selecting the types of Google ads or deactivating interest-based ads on Google via the ad setting (https://adssettings.google.com/authenticated?hl=de). Alternatively, you can disable the use of cookies by third parties by accessing the deactivation help of the Network Advertising Initiative.
Google Marketing Platform:
Our website uses the Google Marketing Platform of Google Ireland Ltd (Gordon House, Barrow Street, Dublin 4, Ireland; hereinafter "Google").
Purposes of processing:
The purpose of the collection is that the Google Marketing Platform sets cookies on your computer so that you can be shown advertisements that correspond to your preferences. For this purpose, your browser receives a pseudonymous identification number (ID). In the process, it is checked which of the advertisements could be displayed in your browser and which were called up. The information generated by cookies is then transferred via Google to a server in the USA for the purpose of evaluation and is stored there.
Legal basis and revocation option:
The legal basis is your consent Art. 6(1)(1)(a) GDPR and § 25(1) Telecommunications Telemedia Data Protection Act. You have the right to revoke your consent at any time with effect for the future. The lawfulness of the data processing until the revocation remains unaffected.
Recipient:
The recipient of the data is
- Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
as an order processor. We have concluded an order processing agreement with Google for this purpose. Google LLC, based in California, USA, and, if applicable, US authorities may access the data stored by Google.
Transfer to third countries:
The transfer of personal data to the USA cannot be ruled out. In the USA, your personal data is not subject to the same high standards as provided for the processing of personal data in the EU. Personal data will only be transferred to the USA if you have agreed to the use of the service.
Storage period:
The data will be deleted as soon as it is no longer needed for our recording purposes.
Google Maps:
This website uses the map service Google Maps. Google Maps is a mapping service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").
In order to use the functions of Google Maps, information, including the IP address as well as the address entered as part of the route function, may be transmitted to the provider's servers. This information is usually transferred to a Google server in the USA and stored there. If you have agreed to the use of Google Maps when visiting our website, your browser will establish a direct connection with Google's servers, whereby the map content will be sent to your browser and integrated by it. The provider of this site has no influence on this data transmission.
If you do not wish Google to process data via this service, you can disable the use of JavaScript in your browser settings. Please note that in this case the interactive map function of Google Maps is not usable.
The legal basis for the processing of your personal data is your consent, Art. 6(1)(a) GDPR. You can revoke your consent at any time with effect for the future by calling up the cookie settings and changing your selection there.
The transfer of personal data to the USA cannot be excluded. In the USA, your personal data is not subject to the same high standards as provided for the processing of personal data in the EU. Personal data will only be transferred to the USA if you have consented to the use of the service.
For more information on data processing in connection with the use of Google Maps, please visit https://marketingplatform.google.com/about/analytics/terms/de/ and https://policies.google.com/?hl=en.
Microsoft Teams:
We use the web conferencing tool Microsoft Teams. This is an application of Microsoft Corporation (One Microsoft Way, Redmond, WA 98052-6399, USA; hereinafter: "Microsoft").
Legal basis and purpose of processing:
The personal data you provide is collected and processed solely for the purpose of conducting external and internal video conferences as part of a contractual relationship pursuant to Art. 6(1)(1)(b) GDPR.
If no contractual relationship exists, the legal basis is Art. 6(1)(1)(f) GDPR. Our interest here is effective communication and exchange of the parties involved.
The provision of your personal data is necessary for the implementation of the video conferences. If you do not provide it, you will unfortunately not be able to participate. Automated decision-making will not be carried out.
Recipients:
Personal data processed in connection with videoconferences will generally not be disclosed to third parties unless it is specifically intended for disclosure.
Transfer to third countries:
Data transfer to the USA is based on the EU standard contractual clauses, details of which can be found here: https://docs.microsoft.com/de-de/compliance/regulatory/offering-EU-Model-Clauses.
Microsoft's privacy policy can be found at: https://privacy.microsoft.com/de-de/privacystatement
Social Media (Pixel):
We would like to get in touch with you and other interested parties, customers and users. For this purpose, we use different social networks. Which individual social networks we use can be found in the following section. As a rule, data is collected in the process, which is used in the context of market research and for advertising purposes. Such data includes the assignment of your visit to our website to your user account with the social network or the assignment by means of your stored cookies or your IP address. This is usually done by creating user profiles and the interests determined from them. This makes it possible to display tailored advertising, both on and off the social network. Therefore, as a rule, cookies may be set on you through the use of social networks. However, we would like to point out that we generally have no influence on what data is collected.
Through the social media presences, we would like to communicate information to you in the simplest and quickest way or give you the opportunity to share such. Therefore, unless you have consented to data processing on the respective platform, the legal basis is our legitimate interest pursuant to Art. 6(1)(1)(f) GDPR. If you have consented on the respective platform, the legal basis for processing is your consent pursuant to Art. 6(1)(1)(a) GDPR and Section 25(1) Telecommunications Telemedia Data Protection Act (TTDPA), if the consent within the meaning of the TTDPA relates to the setting of cookies or access to information on your terminal device. You have the right to revoke your consent at any time with effect for the future. The lawfulness of the data processing until the revocation remains unaffected. If you revoke your consent, request us to delete the data or the purpose for storing the data no longer applies, we will delete your data unless mandatory legal provisions prevent this. Cookies stored by you remain on your terminal device until you delete them. The data processed as a result of your visit to our appearances on social media websites are classified as data processing initiated by us and are thus subject to joint responsibility with the operator of the social media website pursuant to Art. 26 GDPR. Joint responsibility is limited to those processing operations where the purpose and means of the processing are decided jointly. If you wish to assert your data subject rights, you may do so both against us and against the operator of the social media website. Furthermore, we would like to point out that your data may also be processed outside the European Union and that you therefore run the risk of not being able to properly enforce your rights.
LinkedIn Insight Tag:
Our website further uses Insight Tag technology, which is exclusively operated by LinkedIn Ireland Unlimited Company (Wilton Place, Dublin 2, Ireland); hereinafter "LinkedIn".
Purposes of processing:
The purpose of the Insight Tag is to enable us to optimize our campaigns, retarget website visitors, and learn more about our audience. For this purpose, the LinkedIn Insight tag creates a unique LinkedIn browser cookie in a visitor's browser and enables the collection of the following data for this cookie: metadata such as IP address, timestamp and page events (e.g. page views). Furthermore, log files (which are URL, referrer URL, IP address, device and browser characteristics, and time of access) are collected by LinkedIn.
Recipients:
LinkedIn does not share any personally identifiable information with us, but only provides aggregate reports on website audience and ad performance. LinkedIn members can control the use of their personal data for advertising purposes in their account settings. You have the option to object to the analysis of usage behavior and targeted advertising by LinkedIn here: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Legal basis and revocation option:
The legal basis for the processing of data is your consent pursuant to Art. 6 (1)(a) GDPR and Section 25(1) TTDPA, provided that the consent within the meaning of the TTDPA relates to the setting of cookies or access to information on your terminal device. You have the right to revoke your consent at any time with effect for the future. The lawfulness of the data processing carried out until the revocation remains unaffected.
Transmission to third countries:
Data transfer to the USA is based on the EU standard contractual clauses, details of which can be found here: https://www.linkedin.com/legal/l/eu-sccs
Storage period:
After seven days, the direct identifiers of LinkedIn members are deleted, the remaining data is pseudonymized and deleted after 180 days. For more information on the LinkedIn Pixel, please visit: https://www.linkedin.com/help/linkedin/answer/65521 For LinkedIn's privacy policy, please visit https://www.linkedin.com/legal/privacy-policy and https://www.linkedin.com/help/linkedin/answer/87150/linkedin-marketinglosungen-und-die-datenschutz-grundverordnung-dsgvo-?lang=de.
Facebook plugins (Like and Share button):
You can recognize the Facebook plugins by the "Like, Share or Send buttons" ("Like") on our website. These are operated by Facebook Ireland Ltd (4 Grand Canal Square, Dublin 2, Ireland; hereinafter: "Facebook"). When you visit our website, a direct connection is established via the plugin between the Facebook server and your browser. Facebook thereby receives the information that you have visited our site with your IP address.
Transmission to third countries:
Collected data is also transmitted to the USA and other third countries, according to Facebook.
Recipients:
If the "Like button" is clicked while you are logged into your Facebook account, it is possible that you can link the content of our website on your Facebook profile. This enables Facebook to associate your visit to our website with your user account. If you do not want this association with your Facebook user account, please log out of your user account. Personal data collected by means of this tool is subject to the area classified as data processing initiated by us, joint responsibility with Facebook pursuant to Art. 26 GDPR. The joint responsibility of Facebook and us as website operators is limited to those processing operations where the purpose and means of the processing are decided jointly. In the case of the Like and Share button, this is the collection of the personal data as well as the transmission. If you wish to assert your data subject rights, you can do so directly with Facebook. We are obliged to forward an assertion by you with us to Facebook. The agreement can be viewed at the following link: https://www.facebook.com/legal/controller_addendum.
Legal basis and revocation option:
The transfer of your data will only take place with your express consent. Accordingly, the legal basis for the processing of the data is Art. 6(1)(a) GDPR and Section 25(1) TTDPA, insofar as the consent within the meaning of the TTDPA relates to the setting of cookies or access to information on your terminal device. You have the right to revoke your consent at any time with effect for the future. The legality of the data processing carried out until the revocation remains unaffected.
We would like to point out that we do not receive any knowledge of the content of the transmitted data as well as its use by Facebook. The privacy policy of Facebook can be found at: https://www.facebook.com/privacy/explanation. A detailed overview of the Facebook plugins is available at the following link: http://developers.facebook.com/docs/plugins/. Data transfer to the USA is based on the EU standard contractual clauses, details of which can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum.
Twitter (link):
On our website, we use a link to our presence on the social network Twitter. This is an application of Twitter International Company (One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland; hereinafter: "Twitter").
Legal basis and revocation option:
If you have consented to data processing by Twitter, your consent pursuant to Art. 6(1)(1)(a) GDPR and Section 25(1) TTDPA, insofar as the consent within the meaning of the TTDPA relates to the setting of cookies or access to information on your terminal device, is the legal basis for the processing. You have the right to revoke your consent at any time with effect for the future. The lawfulness of the data processing until the revocation remains unaffected. We would like to point out that we do not receive any knowledge of the content of the transmitted data as well as its use by Twitter. Further information can be found at: https://twitter.com/de/privacy Data transfer to the USA is based on the EU standard contractual clauses, details of which can be found here: https://gdpr.twitter.com/de/controller-to-controller-transfers.html.
Twitter plugins (Like and Share button):
You can recognize the Twitter plugins by the "Like", "Retweet" or "Send" buttons on our website. These are operated by the social network Twitter Inc (Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland; hereinafter: "Twitter"). When you visit our website, a direct connection is established via the plugin between the Twitter server and your browser. Twitter thereby receives the information that you have visited our site with your IP address. If the "share button" is clicked or the "retweet" function is used while you are logged into your Twitter account, it is possible that you can link the content of our website on your Twitter profile. This enables Twitter to associate your visit to our website with your user account. If you do not wish this association with your Twitter user account, please log out of your user account.
Legal basis and revocation option:
Your data will only be transmitted after your express consent. Accordingly, the legal basis for processing the data is Art. 6(1)(a) GDPR and Section 25(1) TTDPA, insofar as the consent within the meaning of the TTDPA relates to the setting of cookies or access to information on your terminal device. You have the right to revoke your consent at any time with effect for the future. The legality of the data processing carried out until the revocation remains unaffected.
We would like to point out that we do not receive any knowledge of the content of the transmitted data as well as its use by Twitter. The privacy policy of Twitter can be found at: https://twitter.com/privacy?lang=de.
Transmission to third countries:
Data transfer to the USA is based on the EU standard contractual clauses, details of which can be found here: https://gdpr.twitter.com/de/controller-to-controller-transfers.html.
XING:
On our website, we use a reference (link) to our presence on the social career network XING. This is an application of New Work SE (Dammtorstraße 30, 20354 Hamburg; hereinafter: "XING"). We have deployed functions of the XING service on our website. When you visit our website, your web browser connects for a short time to the servers of XING, through which the XING functions are provided. XING does not use cookies and does not store any personal data. Furthermore, no evaluation of your usage behavior takes place.
Legal basis and revocation option:
If you have consented to data processing at XING, your consent pursuant to Art. 6(1)(1)(a) GDPR and Section 25(1) TTDPA, insofar as the consent within the meaning of the TTDPA relates to the setting of cookies or access to information on your terminal device, is the legal basis for the processing. You have the right to revoke your consent at any time with effect for the future. The lawfulness of the data processing until the revocation remains unaffected.
We would like to point out that we do not receive any knowledge of the content of the transmitted data as well as its use by XING. For more information, please visit: https://privacy.xing.com/de/datenschutzerklaerung.
XING plugin (share button):
You can recognize the XING plugin by the "Share button" on our website. This is operated by New Work SE (Dammtorstraße 30, 20354 Hamburg).
Recipient:
When you visit our website, a direct connection is established via the plugin between the Xing server and your browser. This provides the share functions - such as the display of the counter value. According to Xing, this does not provide them with any information that you have visited our site with your IP address.
Legal basis and revocation option:
The legal basis for the processing of the data is your consent pursuant to Art. 6(1)(a) GDPR and Section 25(1) TTDPA, insofar as the consent within the meaning of the TTDPA relates to the setting of cookies or access to information on your terminal device. You have the right to revoke your consent at any time with effect for the future. The legality of the data processing carried out until the revocation remains unaffected.
We point out that we do not receive any knowledge of the content of the transmitted data as well as their use by Xing. The privacy policy of Xing can be found at: https://www.xing.com/app/share?op=data_protection
LinkedIn (Link):
On our website, we use a reference (link) to the social network LinkedIn, which is operated exclusively by LinkedIn Ireland Unlimited Company (Wilton Place, Dublin 2, Ireland); hereinafter "LinkedIn".
The reference is identified by means of the LinkedIn logo (no LinkedIn plugin).
Recipient:
When clicking on the LinkedIn logo, your browser establishes a direct connection with the servers of LinkedIn. If you are already logged in to LinkedIn via your personal user account, the information about your visit to our website is automatically forwarded to LinkedIn. It is then possible that LinkedIn assigns the visit to the website to your account.
Legal basis and revocation option:
If you have consented to data processing at LinkedIn, your consent pursuant to Art. 6(1)(1)(a) GDPR and Section 25(1) TTDPA, insofar as the consent within the meaning of the TTDPA relates to the setting of cookies or access to information on your terminal device, is the legal basis for the processing. You have the right to revoke your consent at any time with effect for the future. The lawfulness of the data processing until the revocation remains unaffected.
Transmission to third countries:
Data transfer to the USA is based on the EU standard contractual clauses, details of which can be found here: https://www.linkedin.com/legal/l/eu-sccs.
We would like to point out that we have no knowledge of the content of the transmitted data or its use by LinkedIn. The following link leads to the privacy policy of LinkedIn: http://de.linkedin.com/legal/privacy-policy
LinkedIn (Plugins)
Plugins of the social career network LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; hereinafter "LinkedIn") are integrated on our website. The LinkedIn plugins can be recognized by the LinkedIn logo or the "Share button" ("Recommend").
If you call up our website, a direct connection is established between the LinkedIn server and your browser via the plugin. Through this connection, LinkedIn receives the information that you have visited our website with your IP address. If you are logged into your LinkedIn account and click on the "Share Button" ("Recommend"), you have the option of linking content from our website to your LinkedIn profile. This results in a link between your visit to our website and your user account. We would like to point out that we do not receive any knowledge of the content of the transmitted data as well as its use by LinkedIn.
Legal basis and revocation option:
The basis of the processing is Art. 6 (1)(a) GDPR and Section 25(1) TTDPA, insofar as the consent within the meaning of the TTDPA relates to the setting of cookies or access to information on your terminal device. You have the right to revoke your consent at any time with effect for the future. The legality of the data processing carried out until the revocation remains unaffected.
The following link leads to the privacy policy of LinkedIn: http://de.linkedin.com/legal/privacy-policy
Transmission to third countries:
Data transfer to the USA is based on the EU standard contractual clauses, details of which can be found here: https://www.linkedin.com/legal/l/eu-sccs.
YouTube:
We are interested in providing you with a wide range of multimedia information. Therefore, we integrate videos from YouTube (YouTube LLC, 901 Cherry Ave. San Bruno, CA 94066 USA). The legal basis for this is Art. 6(1)(a) GDPR, your consent.
The integration takes place in the extended data protection mode or the no-cookie solution, which means that cookies and pixel tags for the personalization of advertising and search results are only set by YouTube when the video is played.
When the YouTube video is played, the following data is transmitted to Google as YouTube operator:
>> The IP address,
>> The specific address of the page called up on our site
>> The transmitted identifier of the browser
>> System date and time of the call
>> Already existing cookies, via which your browser can be clearly identified
Google as the operator of YouTube is exclusively responsible for this data processing. You can find more information here.
We would like to point out that Google may receive further data about cookies already stored on your computer. To what extent these are utilized by Google is beyond our control. The privacy policy of YouTube can be found here.
Twitter:
On our website, we use services of the provider Twitter Inc, 795 Folsom St, Suite 600, San Francisco, CA 94107, USA. With the help of these services, it is possible, among other things, to follow our company on Twitter or to share posts from us.
With your consent, personal data is transmitted to the short message service Twitter when you visit our website. If you have your own Twitter account, your data may be assigned to the data of your Twitter account or your Twitter profile. We have no influence on the type and scope of the data processed by Twitter, the type of processing and use or the transfer of this data to third parties. You can find information about which data is processed by Twitter and for what purposes in Twitter's data protection declaration (https://twitter.com/privacy?lang=de) and about the possibility of viewing your own data on Twitter (https://help.twitter.com/de/managing-your-account/accessing-your-twitter-data).
Furthermore, you have the option of requesting information via the Twitter data protection form or the archive requirements:
The legal basis for the processing of your personal data is your consent, Art. 6(1)(a) GDPR. You can revoke your consent at any time with effect for the future by calling up the cookie settings and changing your selection there.
The transfer of personal data to the USA cannot be excluded. In the USA, your personal data is not subject to the same high standards as provided for the processing of personal data in the EU. Personal data will only be transferred to the USA if you have agreed to the use of the service.
Google Fonts:
Our website uses Google Fonts for the integration of external fonts, a service of Google Ireland Ltd (Gordon House, Barrow Street, Dublin 4, Ireland; hereinafter: "Google").
The integration of Google Fonts takes place locally on our own server, so that no direct connection is established with Google's servers when you visit our website.
Insofar as data processing is carried out, this is done for the purpose of uniform display of fonts and icons. The legal basis is therefore our legitimate interest in the uniform presentation in accordance with Art. 6(1)(f) GDPR.
Font Awesome:
Our website uses the web fonts from "Font Awesome" for the uniform display of fonts. These are integrated via the provider BootstrapCDN. BootstrapCDN is owned by MaxCDN, LLC (3575 Cahuenga Blvd. West, Suite 330, Los Angeles, CA 90068, USA). The integration of the fonts takes place locally on our own server, so that when visiting our website, no direct connection is established with the servers of the provider. Insofar as data processing is carried out, this is done for the purpose of uniform presentation of fonts and icons. The legal basis is therefore our legitimate interest in the uniform presentation in accordance with Art. 6(1)(f) GDPR.
Consent management (cookie banner):
We use a consent tool to obtain and manage required consent declarations. The cookie banner enables us to obtain and store the consent declarations required for data processing by certain applications or by cookies set by certain applications, in accordance with the legal requirements. The use of the service as well as the cookies set by the service are technically necessary for the legally compliant operation of our website.
>> The following data is processed via the service:
>> Date and time of the visit
>> Device information
>> Browser information
>> Anonymized IP address
>> Opt-in and opt-out data
The legal basis for data processing is our legitimate interest, Art. 6(1)(f) GDPR. Our legitimate interest lies in the fulfillment of legal requirements.
A declaration of consent given via the service is usually stored until the time of its revocation. The certificate of revocation of a previously granted consent is usually stored for three years.
Data transfer:
As a rule, your data will not be transferred to third parties - except in the cases indicated - unless we are legally obliged to do so, or the transfer of data is necessary for the performance of the contractual relationship, or you have previously given your express consent to the transfer of your data.
External service providers and partner companies only receive your data to the extent that this is necessary for the execution of contractual relationships. In these cases, however, the scope of the transmitted data is limited to the necessary minimum. Insofar as our service providers come into contact with your personal data, we ensure within the framework of commissioned processing pursuant to Art. 28 GDPR that they comply with the provisions of the data protection laws in the same manner. Please also note the respective data protection notices of the providers. The respective service provider is responsible for the content of third-party services, whereby we check within the scope of reasonableness that the services comply with the legal requirements.
We attach importance to processing your data within the EU / EEA. However, it may happen that we use service providers who process data outside the EU / EEA. In these cases, we ensure that an adequate level of data protection comparable to the standards within the EU is established at the recipient before transferring your personal data. This can be achieved, for example, via EU standard contracts or Binding Corporate Rules or special agreements to whose regulations the company may be subject.
Data security:
We have implemented extensive technical and operational safeguards to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorized persons. Our security procedures are regularly reviewed and adapted to technological advances.
Links to other websites:
Our websites may contain links to websites of other providers. We would like to point out that this data protection declaration applies exclusively to the websites of catworkx GmbH, catworkx AG (Germany, Austria & Switzerland). We have no influence on and do not control that other providers comply with the applicable data protection regulations.
Changes to the privacy policy:
We reserve the right to change or adapt this data protection declaration at any time in compliance with the applicable data protection regulations.
Status: December 2022
Contact:
catworkx limited liability company
Schellerdamm 16
21079 Hamburg, Germany
Phone: +49 40 890646-0
E-mail: [email protected]
Our external data protection officer will be happy to answer your questions, just contact us.