The controller within the meaning of the General Data Protection Regulation (hereinafter "GDPR") and other national data protection laws of EU countries and other data protection laws is:
Managing Director: Hannes Sommer, Christian Scholle
Am Sandtorkai 48
20457 Hamburg, Germany
Telefon: +49 (0)40 211 076 218
Data protection officer:
Dr. Christian Rauda
Board-certified specialist for copyright and media law
Board-certified specialist for information technology law
Board-certified specialist for intellectual property law
GRAEF Rechtsanwälte Digital PartG mbB
Tel.: +49.40.80 6000 9-0
Fax: +49.40.80 6000 9-10
In principle, we only collect and use personal data of our users insofar as this is necessary to provide a functional website and our content and services. The collection and use of personal data of our users takes place regularly only with the consent of the user. An exception applies in those cases in which prior consent cannot be obtained for practical reasons and the processing of the data is permitted by law. If we disclose data to other persons and companies (contract processors or third parties) as part of our processing, transmit them to them or otherwise grant them access to the data, this is only done on the basis of legal permission (e.g. if the data is transmitted to third parties,
If we commission third parties to process data on the basis of a so-called "order processing contract", this is done on the basis of Art. 28 GDPR. If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this happens in the context of the use of third-party services or disclosure or transmission of data to third parties, this will only take place if it happens to fulfill our (pre) contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or have the data processed in a third country only if the special requirements of Art. 44 ff. GDPR are met. I.e., processing is carried out, for example, on the basis of special guarantees, such as the officially recognized determination of a level of data protection corresponding to the EU (so-called "adequacy decision") or compliance with officially recognized special contractual obligations (so-called "standard contractual clauses").
Insofar as we obtain the consent of the data subject for the processing of personal data, Article 6 (1) (a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis. When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Article 6 (1) (b) GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures. Insofar as the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Article 6 (1) (c) GDPR serves as the legal basis. If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests prevail
The personal data of the person concerned will be deleted or blocked as soon as the purpose of storage no longer applies. Storage can also take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the person responsible is subject. The data will also be blocked or deleted if a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.
When you visit our website, our system automatically collects data and information from the computer system of the calling computer. The following data is collected for a limited time:
The data is stored in the log files of our system. This data is only required to analyze any malfunctions and is deleted within seven days at the latest. The legal basis for the temporary storage of the data and the log files is Art. 6 Para. 1 lit.f GDPR. The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user's computer. To do this, the user's IP address must be stored for the duration of the session. The storage in log files takes place in order to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context and no conclusions about your person are drawn. Our legitimate interest in data processing according to Art. 6 Para. 1 lit.f GDPR also lies in these purposes. The collection of the data for the provision of the website and the storage of the data in log files is essential for the operation of the website. There is consequently no option for the user to object.
Google will use this information on our behalf to evaluate the use of our online offer by users, to compile reports on the activities within this online offer and to provide us with other services related to the use of this online offer and the internet. In doing so, pseudonymous user profiles can be created from the processed data.
We only use Google Analytics with activated IP anonymization. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The full IP address will only be sent to a Google server in the USA and shortened there in exceptional cases.
The IP address transmitted by the user's browser will not be merged with other Google data. Users can prevent the storage of cookies by setting their browser software accordingly; Users can also prevent Google from collecting the data generated by the cookie and relating to their use of the online offer and from processing this data by downloading and installing the browser plug-in available at the following link: http: // tools .google.com / dlpage / gaoptout? hl = de .
You can find more information on the use of data by Google, setting and objection options on the Google website: https://www.google.com/intl/de/policies/privacy/partners (“Use of data by Google when you use websites or apps of our partners "), http://www.google.com/policies/technologies/ads (" Use of data for advertising purposes "), http://www.google.de/settings/ads (" Manage information that Google uses, to show you advertisements ").
On the basis of our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Para. 1 lit. f. GDPR), we use the marketing and remarketing services (“Google Marketing Services” for short ”) From Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA, (“ Google ”). We have concluded a joint responsibility agreement with Google within the meaning of Art. 26 DSGVO (cf. https://support.google.com/analytics/answer/9012600?).
If Google processes data in the USA, this is done on the basis of EU standard contractual clauses, which provide sufficient guarantees within the meaning of Article 46 (1), (2) (c) of the GDPR.
The Google Marketing Services allow us to display advertisements for and on our website in a more targeted manner in order to only present users with advertisements that potentially correspond to their interests. If, for example, a user is shown advertisements for products that he was interested in on other websites, this is called "remarketing". For these purposes, when our and other websites on which Google Marketing Services are active are accessed, Google immediately executes a code from Google and so-called (re) marketing tags (invisible graphics or code, also known as "web Beacons "called) integrated into the website. With their help, an individual cookie, ie a small file, is saved on the user's device (comparable technologies can also be used instead of cookies). The cookies can be set by various domains, including google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com or googleadservices.com. This file records which websites the user has visited, which content he is interested in and which offers he has clicked, as well as technical information on the browser and operating system, referring websites, visiting time and other information on the use of the online offer. The IP address of the user is also recorded, whereby we inform you as part of Google Analytics, that the IP address is shortened within member states of the European Union or in other contracting states of the Agreement on the European Economic Area and only transferred in full to a Google server in the USA and shortened there in exceptional cases. The IP address is not merged with the user's data within other Google offers. The aforementioned information can also be combined with information from other sources by Google. If the user then visits other websites, they can be shown advertisements tailored to their interests. The aforementioned information can also be combined by Google with information from other sources. If the user then visits other websites, the advertisements tailored to him can be displayed according to his interests. The aforementioned information can also be combined by Google with information from other sources. If the user then visits other websites, the advertisements tailored to him can be displayed according to his interests.
The user data is processed pseudonymously as part of the Google Marketing Services. This means that Google does not store and process the name or email address of the user, for example, but rather processes the relevant cookie-related data within pseudonymous user profiles. In other words, from Google's point of view, the ads are not managed and displayed for a specifically identified person, but for the cookie owner, regardless of who this cookie owner is. This does not apply if a user has expressly allowed Google to process the data without this pseudonymization. The information collected about users by Google Marketing Services is transmitted to Google and stored on Google's servers in the USA.
The Google marketing services we use include the online advertising program “Google AdWords”. In the case of Google AdWords, each AdWords customer receives a different "conversion cookie". Cookies cannot therefore be tracked via the websites of AdWords customers. The information obtained with the help of the cookie or Adwords pixel is used to create conversion statistics for AdWords customers who have opted for conversion tracking. The AdWords customers find out the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information with which users can be personally identified.
You can find more information on the use of data by Google for marketing purposes on the overview page: https://www.google.com/policies/technologies/ads , Google's data protection declaration is available at https://www.google.com/policies/privacy retrievable.
If you would like to object to interest-based advertising by Google Marketing Services, you can use the setting and opt-out options provided by Google: http://www.google.com/ads/preferences .
We also use the services of so-called lead generation tools. Lead generation (prospect acquisition) is a marketing term. A lead is a qualified prospect who, on the one hand, is interested in a company or a product and, on the other hand, gives the advertiser his address and similar contact details (lead = data record) for further dialog building and is therefore very likely to become a customer . Generating high quality leads is a fundamental task in acquiring new customers. Address data of potential interested parties can be generated online and offline for specific target groups and our legitimate interest in data processing according to Art. 6 Para. 1 lit. f GDPR lies in these purposes.
We use the service "LinkedIn Lead Generation" as a further lead generation tool. LinkedIn uses forms to generate leads and functions and content of the LinkedIn service, offered by LinkedIn AG, Dammtorstraße 29-32, 20354 Hamburg, Germany, can be integrated. If the users are members of the LinkedIn platform, LinkedIn can assign the above-mentioned content and functions to the profiles of the users there.
If LinkedIn processes data in the USA, this is done on the basis of EU standard contractual clauses, which provide sufficient guarantees within the meaning of Article 46 (1), (2) (c) of the GDPR.
In this context, we also use lead generation tools from LinkedIn.
These tools are used for marketing purposes. Our legitimate interest in data processing according to Art. 6 Para. 1 lit.f GDPR also lies in these purposes.
You can contact us via our contact form on our website, by e-mail, telephone or letter. In this case, the information you provide in your inquiry, including the contact data you provide there, will be stored by us solely for the purpose of processing the inquiry and in the event of follow-up questions. In this context, the data will not be passed on to third parties.
The legal basis for the processing of the data is Art. 6 para. 1 lit. f DSGVO. Our interest in answering your inquiry outweighs your interest; furthermore, since you are writing to us, an answer is also in your interest and you are aware that we need to process your data to answer your inquiry.
If the e-mail contact aims at the conclusion of a contract, the legal basis for the processing is Art. 6 (1) lit. b DSGVO.
The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. This is the case when the respective conversation with the user has ended. The conversation is terminated when it can be inferred from the circumstances that the matter in question has been conclusively clarified.
In the context of an application procedure or a contact confirmation, after receipt of your application or activation of your contact data via our candidate portal, we process the data that you have provided to us or communicated to one of our consultants m/f and that are necessary for us for the purpose of conducting an application procedure with one of our customers or contacting you with the aim of opening an application procedure with one of our customers.
The following categories of data are processed:
In addition, for the purpose of contacting you or after receipt of your application for the purpose of carrying out the application process, we process such personal data that we have obtained in a permissible manner from publicly accessible sources or personal contacts (e.g., from a joint communication in a career-oriented social network such as XING or LinkedIn).
If you voluntarily provide us with special categories of personal data within the meaning of Art. 9 DSGVO in the context of your application or contact (e.g. provide information about an existing severe disability or attach a photo to your application that reveals, for example, glasses and thus a visual impairment), this is done on the basis of your consent that we may process the corresponding data after receipt of your application for the purpose of carrying out the application process. You can revoke your consent at any time without giving reasons. The lawfulness of the processing carried out on the basis of the consent until the revocation remains unaffected.
To enable more comprehensive job offers and consulting, you may consent to the processing of your personal data in the applicant database of the Career Team Group by CTG Consulting GmbH, alphacoders GmbH, CareerTeam GmbH, Foxio Consulting GmbH, Numeris Consulting GmbH, PALTRON GmbH and Sinceritas GmbH. We expressly point out that your consent is voluntary and has no effect on your chances in the application process. You may revoke your consent at any time vis-à-vis us or one of our group companies without stating reasons. The lawfulness of the processing carried out on the basis of the consent until the revocation remains unaffected.
In the event of a rejection or if you are no longer interested in a specific job offer, you can consent to your data being stored in our CareerTeam Group applicant database for a longer period of time in order to provide you with other job offers that may be of interest to you. You may revoke your consent at any time to us or to our group companies CTG Consulting GmbH, alphacoders GmbH, CareerTeam GmbH, Foxio Consulting GmbH, Numeris Consulting GmbH, PALTRON GmbH and Sinceritas GmbH without giving reasons. The lawfulness of the processing carried out on the basis of the consent until the revocation remains unaffected.
Recipients of your personal data are only those persons who require your data for the decision on the establishment of an employment relationship as well as the subsequent implementation of the decision made or - in the case of contacting you - to inquire about your interest in career prospects and job offers with our customers. Contact is established with the greatest possible confidentiality, usually by telephone or e-mail, using the contact details provided by you.
We only pass on your data to the customer once you have informed us in a personal meeting or telephone call of your express interest in the advertised position of the customer. You will be informed of the transfer of your data verbally or / and in most cases also in writing by e-mail. No other persons will have access to your data.
The legal basis for data processing is Art. 6 para 1 b) DSGVO in conjunction with Art. 88 DSGVO and § 26 BDSG and, in the case of processing sensitive data in accordance with Art. 9 DSGVO and/or in the case of processing within the group of companies, your consent Art. 6 para 1 lit a) DSGVO.
In principle, your personal data will only be processed within the EU. In the case of international customers, it may also be necessary to transfer your applicant data to customers in third countries. However, we will inform you about the potential recipient and the third country before the transfer.
No automated individual case decisions or profiling measures take place.
We process your personal data only until the purpose of the processing no longer applies; unless this conflicts with legal obligations (e.g., obligations to provide proof and to retain data due to tax and labor protection laws and contractual obligations with our customers).
If our efforts result in you establishing an employment relationship with one of our customers, we will store your data for as long as we need it in each case for the lawful and proper establishment, implementation and termination of the employment relationship during the probationary period and for the processing of our related business activities with the respective customer. Afterwards, we delete your data, provided that there are no legal obligations to the contrary (e.g. obligations to provide proof and to retain data due to tax and labor protection laws and contractual obligations with our customers).
If, on the other hand, our efforts do not lead to the establishment of an employment relationship but to a rejection (either by you or by us or our customer), we will store your data for as long as is necessary for the defense against any claims resulting from the rejection of the application, but generally only for six months from the rejection issued.
We maintain an online presence within social networks and platforms in order to be able to communicate with the customers, interested parties and users active there and to inform them about our services. When calling up the respective networks and platforms, the terms and conditions and the data processing guidelines of their respective operators apply. Unless otherwise stated in our data protection declaration, we process the data of the users as long as they communicate with us within the social networks and platforms, e.g. write articles on our online presence or send us messages. We set within our online offer on the basis of our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Para. 1 lit. f.
This always presupposes that the third-party providers of this content perceive the IP address of the users, since they would not be able to send the content to their browser without the IP address. The IP address is therefore required to display this content. We strive to only use content whose respective providers only use the IP address to deliver the content. Third-party providers can also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website.
On the basis of our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 Paragraph 1 lit. operated by Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland ("Facebook"). The plugins can display interaction elements or content (e.g. videos, graphics or text contributions) and can be recognized by one of the Facebook logos (white “f” on a blue tile, the terms “like”, “like” or a “thumbs up” sign ) or are marked with the addition "Facebook Social Plugin". The list and the appearance of the Facebook social plugins can be viewed here:https://developers.facebook.com/docs/plugins/ .
Meta Platforms Ireland Ltd. processes personal data when using Facebook products, even of persons who are not logged into any of the Facebook or Instagram services. The data may be transferred to countries outside the European Union (USA); however, this is done on the basis of EU standard contractual clauses, thus providing sufficient guarantees within the meaning of Art. 46 (1), (2) c) DSGVO. Which personal data these are in detail, how, for which purposes and on which legal basis these are processed, Facebook describes in its data policy (https://help.instagram.com/519522125107875?helpref=page_content)
When a user calls up a function of this online offer that contains such a plugin, his device establishes a direct connection with the Facebook servers. The content of the plug-in is transmitted directly from Facebook to the user's device, which integrates it into the online offer. In doing so, user profiles can be created from the processed data. We therefore have no influence on the amount of data that Facebook collects with the help of this plugin and therefore inform users according to our level of knowledge.
By integrating the plugins, Facebook receives the information that a user has called up the corresponding page of the online offer. If the user is logged in to Facebook, Facebook can assign the visit to his Facebook account. When users interact with the plugins, for example by pressing the Like button or making a comment, the relevant information is transmitted directly from your device to Facebook and stored there. If a user is not a member of Facebook, there is still the possibility that Facebook will find out his IP address and save it. According to Facebook, only an anonymized IP address is saved in Germany.
The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as the related rights and setting options to protect the privacy of users can be found in Facebook's data protection information: https://www.facebook.com/about/privacy/ .
If a user is a Facebook member and does not want Facebook to collect data about him through this online offer and link it to his member data stored on Facebook, he must log out of Facebook before using our online offer and delete his cookies. Further settings and contradictions to the use of data for advertising purposes are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the US website http://www.aboutads.info / choices / or the EU page http://www.youronlinechoices.com/ . The settings are platform-independent, ie they are adopted for all devices such as desktop computers or mobile devices.
Functions and contents of the Twitter service, offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, can be integrated into our online offer. This can include, for example, content such as images, videos or texts and buttons with which users can express their liking for the content, subscribe to the authors of the content or our contributions. If the users are members of the Twitter platform, Twitter can assign the above-mentioned content and functions to the profiles of the users there. Data protection declaration from Twitter: https://twitter.com/de/privacy . TIf Twitter processes data in the USA, this is done on the basis of EU standard contractual clauses, which provide sufficient guarantees within the meaning of Article 46 (1), (2) c) of the GDPR. Data protection declaration: https://twitter.com/de/privacy , Opt-Out: https://twitter.com/personalization .
Data protection officer for all of the aforementioned companies:
Dr. Christian Rauda
Specialist lawyer for information
technology law GRAEF Rechtsanwälte Digital Partnerschaftsgesellschaft mbB
Tel. +49.40.80 6000 9-0
Fax +49.40.80 6000 9-10
Bringing together suitable candidates - as individuals or in a team - and companies for the purpose of concluding an employment contract. The processing is based on Article 6, Paragraph 1, Letter f) of the GDPR.
Name, Xing or LinkedIn link, current position, current employer, possibly correspondence with the candidate
In each case internal department of the above named responsible bodies that operate recruiting for companies. The data will only be passed on to a potential employer after the candidate has given his / her consent.
See at the individual service providers.
The data is stored for as long as the person concerned is potentially a candidate for exciting job offers.
We want to address candidates as individually and personally as possible and only offer them jobs that we are convinced will fit the candidate perfectly. We not only mediate individual candidates in the corporate group, but also put together cross-professional teams. We also have an economic interest in finding jobs.
Xing or LinkedIn (public data)
If personal data is processed by the candidate - that is, from you - he is a data subject within the meaning of the GDPR and he has rights vis-à-vis those responsible.
You will find these for the responsible body under 1. under number 1 in the following paragraph of this data protection declaration (Roman VIII.).
as well as for the responsible bodies under point 2 under the following links:
PALTRON GmbH: https://www.paltron.com/datenschutz
Numeris Consulting GmbH: https://www.numeris-consulting.de/datenschutz
Sinceritas GmbH: https : //www.sinceritas.com/datenschutz
Foxio Consulting GmbH https://www.foxio.com/datenschutz
CAREERTEAM GmbH: https://www.careerteam.de/datenschutz
CAREERTEAM Schweiz GmbH: https: //www.careerteam. ch / data protection
CAREERTEAM BV: https://www.careerteam.nl/privacyverklaring
CAREERTEAM SAS: https://www.careerteam.fr/protection-des-donnees
If your personal data is processed, you are affected within the meaning of the GDPR and you have the following rights vis-à-vis the person responsible:
You can request confirmation from the person responsible as to whether we are processing personal data relating to you. If this is the case, you can request the following information from the person responsible:
You have a right to correction and / or completion vis-à-vis the person responsible if the processed personal data concerning you is incorrect or incomplete. The person responsible must make the correction immediately.
Under the following conditions, you can request that the processing of your personal data be restricted:
If the processing of your personal data has been restricted, this data - apart from its storage - may only be permitted with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for reasons of important public interest processed by the Union or a Member State. If the processing restriction has been restricted according to the above conditions, you will be informed by the person responsible before the restriction is lifted.
You can request the person responsible to delete the personal data relating to you immediately, and the person responsible is obliged to delete this data immediately if one of the following reasons applies:
If the person responsible has made the personal data relating to you public and is obliged to delete it in accordance with Art. 17 Paragraph 1 GDPR, he shall take appropriate measures, including technical measures, to take into account the available technology and the implementation costs, to identify the person responsible for the data processing who process the personal data, that you, as the data subject, have requested them to delete all links to this personal data or copies or replications of this personal data.
The right to deletion does not exist if processing is necessary
If you have asserted the right to correction, deletion or restriction of processing against the person responsible, the person responsible is obliged to notify all recipients to whom the personal data concerning you have been disclosed of this correction or deletion of the data or restriction of processing, unless this turns out to be impossible or involves a disproportionate effort.
You have the right vis-à-vis the person responsible to be informed about these recipients.
You have the right to receive the personal data concerning you, which you have provided to the person responsible, in a structured, common and machine-readable format. You also have the right to transfer this data to another person responsible without hindrance from the person responsible to whom the personal data was provided, provided that
In exercising this right, you also have the right to have the personal data relating to you transmitted directly from one person in charge to another person in charge, insofar as this is technically feasible. This must not impair the freedoms and rights of other people.
The right to data portability does not apply to the processing of personal data that is necessary for the performance of a task that is in the public interest or takes place in the exercise of official authority that has been transferred to the person responsible.
You have the right, for reasons that arise from your particular situation, to object at any time to the processing of your personal data, which is based on Art. 6 Para. 1 lit. e or f GDPR; this also applies to profiling based on these provisions.
The person responsible will no longer process the personal data relating to you unless he can prove compelling legitimate reasons for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
If the personal data relating to you are processed in order to operate direct mail, you have the right to object at any time to the processing of the personal data relating to you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising.
If you object to processing for direct marketing purposes, the personal data relating to you will no longer be processed for these purposes.
In connection with the use of information society services - regardless of Directive 2002/58 / EC - you have the option of exercising your right of objection by means of automated processes that use technical specifications. You can send an email to our data protection officer.
You have the right to withdraw your declaration of consent under data protection law at any time. Revoking your consent does not affect the legality of the processing carried out on the basis of your consent up to the point of revocation.
You have the right not to be subject to a decision based solely on automated processing - including profiling - which has legal effect on you or which significantly affects you in a similar manner. This does not apply when making the decision
However, these decisions may not be based on special categories of personal data according to Art. 9 Paragraph 1 GDPR, unless Art. 9 Paragraph 2 lit. a or g GDPR applies and appropriate measures have been taken to protect your rights and freedoms and your legitimate interests . With regard to the cases mentioned in (1) and (3), the person responsible shall take appropriate measures to safeguard the rights and freedoms as well as your legitimate interests, including at least the right to obtain the intervention of a person on the part of the person responsible, to express their own point of view and heard on contesting the decision.
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your place of residence, your place of work or the place of the alleged violation, if you are of the opinion that the processing of your personal data is against violates the GDPR. The supervisory authority to which the complaint was submitted informs the complainant about the status and the results of the complaint, including the possibility of a judicial remedy in accordance with Art. 78 GDPR.