Privacy Policy

Privacy Policy
Contents
1. Preliminary Remarks
a) Version History
| Date | Version | Description |
|---|---|---|
| 31.07.2023 | 0.1 | Draft DPO |
| 10.08.2023 | 1.0 | Revised version for preliminary publication |
| 19.09.2023 | 1.1 | Adjustment of third-country data transfer |
| 03.04.2026 | 1.2 | Addition of tools: Google Maps, Google reCAPTCHA, Google Ads, etc. |
b) Responsibility for Revisions
The Data Protection Officer is responsible for maintaining and further developing this document.
c) Scope
This document applies to the website operators.
2. General Information and Principles of Data Processing
We are pleased that you are visiting our website. Protecting your privacy and your personal data, so-called personal data, when using our website is very important to us.
According to Art. 4 No. 1 GDPR, personal data includes all information relating to an identified or identifiable natural person. This includes, for example, information such as your first and last name, address, telephone number, email address, as well as your IP address.
Data that cannot be linked to your person, such as anonymized data, is not considered personal data. Processing (e.g., collection, storage, retrieval, querying, use, transmission, deletion, or destruction) according to Art. 4 No. 2 GDPR always requires your consent or another legal basis.
Processed personal data must be deleted as soon as the purpose of processing has been fulfilled and no legally required retention obligations remain.
Here you will find information about how your personal data is handled when visiting our website. To provide the functions and services of our website, it is necessary for us to collect personal data about you.
Below you will also find information on the type and scope of the respective data processing, the purpose, the corresponding legal basis, and the respective storage duration.
This privacy policy applies only to this website. It does not apply to third-party websites to which we merely refer via hyperlinks. We cannot assume responsibility for the confidential handling of your personal data on these third-party websites, as we have no influence on whether they comply with legal data protection regulations. Please inform yourself directly on those websites about how your personal data is handled by third parties.
3. Responsible Entity
The entity responsible for processing personal data on this website is:
AtWize Business Services GmbH
Ainmillerstrasse 28
80801 Munich
info@atwize.com
4. Data Protection Officer
If you have any questions regarding data protection, you can contact our Data Protection Officer at any time:
Dr. Georg F. Schröder, LL.M.
legal data Schröder Rechtsanwaltsgesellschaft mbH
Maximilianstr. 27
80539 Munich
Tel: +49-89 - 954 597 520
Fax: +49-89 - 954 597 522
Email: georg.schroeder@legaldata.law
5. Provision and Use of the Website / Server Log Files
a) Type and Scope of Data Processing
If you use this website without otherwise transmitting data to us (e.g., through registration or use of the contact form), we collect technically necessary data in the form of protocol data (so-called log files), which are automatically transmitted from your device to our server, including:
IP address
Date and time of the request
URL of the accessed subpage
URL of the page from which you were redirected (so-called referrer URL)
Access status / HTTP status code
Type, language, and version of browser software
Operating system
b) Purpose and Legal Basis of Data Processing
This processing is technically necessary to display our website to you. We also use the data to ensure the security and stability of our website.
The legal basis for processing is Art. 6(1)(f) GDPR. Processing the above-mentioned data is necessary for providing a website and thus serves the legitimate interest of our company.
c) Storage Duration
As soon as the above-mentioned personal data is no longer required to display the website, it will be deleted. This occurs no later than seven days after visiting our website.
The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Therefore, the user has no right to object in this regard. Further storage may take place in individual cases if required by law.
6. Registration and Creation of an Intermediary Profile
a) Type and Scope of Data Processing
To use our intermediary service, you have the option to register on our website as a Senior Expert or as a company and create a profile. In doing so, we collect the personal data that you voluntarily provide as part of registration and profile creation. The data collected can be seen from the respective input forms. These include, for example, first and last name, address, email address, telephone number, and professional experience.
By registering on our platform, Senior Experts can create an individual applicant profile that can be viewed by companies seeking qualified Senior Experts. Companies have the opportunity to create a company profile to gain access to applicant profiles. Companies thus gain access to the data stored in the applicant profile and can contact the Senior Expert directly if interested. Companies that view and process personal data in such an application process act as independent controllers within the meaning of the GDPR.
b) Purpose and Legal Basis of Data Processing
The data you provide is processed exclusively for the services to be provided on the website (placement of Senior Experts with companies) and, if applicable, for initiating a contract. We may also pass your data on to one or more processors who use your data exclusively for internal purposes on our behalf. The legal basis is Art. 6(1)(b) GDPR.
The disclosure of your data through visibility of your profile is based on your consent given during the registration process. This consent can be revoked at any time. You can send your revocation at any time to widerruf@atwize.com. The legality of processing up to the time of revocation remains unaffected. After revocation, your account will be blocked for transmission. Please note that placement with companies will then no longer be possible.
c) Storage Duration
The data will be deleted as soon as it is no longer required for the purpose of its processing. If retention obligations exist, we will block or delete your data after these statutory retention periods expire.
If you delete your account, your data will initially be blocked for further use and deleted after the statutory retention periods have expired.
7. Contact Form
a) Type and Scope of Data Processing
On our website, we offer you the opportunity to contact us via a provided form. During the submission process, reference is made to this privacy policy in order to obtain your consent.
If you use the contact form, the following personal data may be processed:
- Customer number
- Title
- First name
- Last name
- Title
- Address
- Postal code
- City
- Country
- Email address
- Telephone number
- Subject
- Message content
When using the contact form, your personal data will not be passed on to third parties.
b) Purpose and Legal Basis
Providing your contact data serves the purpose of enabling us to respond to your inquiry.
The legal basis for processing is your consent pursuant to Art. 6(1)(a) GDPR, which you may revoke at any time with effect for the future.
c) Storage Duration
The data you enter in the contact form remains with us until you request deletion, revoke your consent to storage, or the purpose for data storage no longer applies (e.g., after your inquiry has been fully processed).
Mandatory legal provisions – in particular retention periods under the German Commercial Code (HGB) or the Fiscal Code (AO) – remain unaffected.
8. Contact Options via Email
a) Type and Scope of Data Processing
You can contact us via email. Our data collection is limited to the email address of the email account you use to contact us, metadata (timestamp, additional recipients), and the personal data you provide voluntarily as part of the communication.
Please note that emails are generally sent unencrypted, and therefore access by third parties cannot be ruled out. You can also contact us by post at any time.
b) Purpose and Legal Basis
The purpose of data processing is to properly respond to your request. The legal basis is Art. 6(1)(f) GDPR. There is a legitimate interest in processing the above-mentioned personal data to handle your inquiry.
c) Storage Duration
The duration of storage depends on the background of your inquiry. Your personal data will generally be deleted once the purpose of the communication has ceased and storage is no longer required due to legal retention obligations.
9. Application Option
a) Type and Scope of Data Processing
You can apply to us via email. If you apply, we collect and store the data you send us via email (see also section 10 of this privacy policy).
b) Purpose and Legal Basis of Data Processing
We process your data solely for the purpose of handling your application. Your data will not be passed on to third parties. The legal basis is Art. 88(1) GDPR in conjunction with § 26(1) BDSG. If you give us consent in the event of a rejection to store your data for future consideration, the legal basis is Art. 6(1)(a) GDPR.
c) Storage Duration
If we cannot offer you a position, we will store your data for a maximum of six months after completion of the application process, taking into account § 61b(1) ArbGG in conjunction with § 15 AGG. The period begins upon receipt of the rejection letter.
If you have given consent to be included in our applicant pool, we will store your data for a maximum of two years.
d) Data Transfer
Your data will only be accessible to departments involved in the decision-making process (HR departments, specialist departments, management).
Additionally, we may be required by law or by official or court order to transfer your data to public authorities (e.g., public prosecutor’s office, police, supervisory authorities, tax office, social security institutions, etc.).
Other recipients of data may include those parties for whom you have given us consent to transfer your data.
10. Use of Cookies
We use cookies. Cookies are small files that are placed on your computer and stored by your browser. Some functions of our website cannot be offered without the use of technically necessary cookies. Other cookies, on the other hand, enable us to perform various analyses. For example, some cookies can recognize the browser you are using when you visit our website again and transmit various information to us.
We use cookies to facilitate and improve the use of our website. Through cookies, we can, among other things, make our website more user-friendly and effective for you by, for example, tracking your use of our website and determining your preferred settings (e.g., country and language settings). If third parties process information via cookies, they collect the information directly via your browser. Cookies do not cause any damage to your terminal device. They cannot execute programs and cannot contain viruses. Various types of cookies are used on our website, the nature and function of which we would like to explain below.
Temporary Cookies / Session Cookies
So-called temporary cookies or session cookies are used on our website, which are automatically deleted as soon as you close your browser. With the help of this type of cookie, it is possible to record your session ID ("Session ID"). This allows various requests from your browser to be assigned to a common session and makes it possible to recognize your terminal device during subsequent website visits. These session cookies expire at the end of the session.
Persistent Cookies
So-called persistent cookies are used on our website. Persistent cookies are cookies that are stored in your browser for a longer period of time and can transmit information. The respective storage duration differs depending on the cookie. You can delete permanent cookies independently via your browser settings.
Legal Basis and Storage Period
Due to the described purposes of use, the legal basis for the processing of personal data using cookies is Art. 6 para. 1 lit. f) GDPR. If you have given us your consent to the use of cookies on the basis of a notice provided by us on the website ("cookie banner"), the legal basis is Art. 6 para. 1 lit. a) GDPR. As soon as the data transmitted to us via the cookies is no longer required for the purposes described above, this information will be deleted. Further storage may take place in individual cases if this is required by law.
Configuration of Browser Settings
Most web browsers are preset to accept cookies automatically. However, you can configure your respective browser so that it only accepts certain cookies or no cookies at all. However, we would like to point out that you may then no longer be able to use all functions of our website.
You can also delete cookies already stored in your browser via your browser settings. Furthermore, it is possible to set your browser so that it notifies you before cookies are stored. Since different browsers can differ in their respective functions, we ask you to use the respective help menu of your browser for the corresponding configuration options.
The deactivation of the use of cookies may require the storage of a permanent cookie on your computer. If you delete this cookie, you must subsequently set it again for it to be effective again.
Further information on the configuration of cookie settings in the respective browsers can be found at:
- Edge
- Safari
- Chrome
- Firefox
- Opera
Cookie Categories
We use the following categories of cookies:
a) Necessary Cookies
Necessary cookies ensure functions without which our website cannot be used as intended. These absolutely necessary cookies serve, for example, to ensure that logged-in users always remain logged in when accessing various subpages. These are so-called first-party cookies, which are only set and used by us. These cookies do not require consent. You can deactivate cookies in your browser at any time.
b) Functional Cookies
With the help of functional cookies, we can also expand the functionality of our site in order to display additional useful information to you or to optimize the presentation of our site. The data collected with the help of such cookies may vary depending on the objective of the cookie and is listed directly for the respective tool used.
c) Statistics Cookies
With the help of statistics cookies, information about the use of a website can be collected in order to improve its attractiveness, content, and functionality. This concerns, for example, the length of stay on the page, the subpages accessed, and the functions used (click behavior).
d) Marketing Cookies
Marketing cookies can be used to display interest-based advertising to website visitors and to measure the effectiveness of advertising campaigns. With the help of these cookies, visitors can be recognized on other websites and personalized advertisements can be displayed to them there.
11. Online Tools
Google Analytics
a) Type and Scope of Data Processing
We use the tracking tool Google Analytics from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Tel: +353 1 543 1000, Fax: +353 1 686 5660, E-mail: support-deutschland@google.com ("Google") on our website.
Google Analytics uses so-called "cookies", text files that are stored on your computer and enable an analysis of the use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.
On behalf of the operator of this website, Google will use this information to systematically evaluate your use of the website, to compile reports on website activity, and to provide other services related to website activity and internet usage to the website operator.
If individual pages of our website are accessed, the following data is stored:
Three bytes of the IP address of the user's calling system (anonymized IP address)
The web page accessed
The website from which the user reached the accessed page of our website (referral URL)
The subpages accessed from the accessed page
The length of stay on the website
The frequency of access to the website
We use Google Analytics with activated IP anonymization. This shortens the IP addresses by the last octet (e.g., 192.168.79.***; so-called IP masking). An assignment of the shortened IP address to the calling computer or terminal device of the user is no longer possible.
b) Purpose and legal basis of data processing
The Google Analytics service is used to analyze the user behavior of our website. The legal basis is your consent according to Art. 6 para. 1 lit. a) GDPR.
c) Storage period
The stored data is deleted by us as soon as it is no longer needed for our recording purposes. In our case, the storage period is a maximum of 24 months.
d) Right of objection
You can prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case, you may not be able to use all functions of this website to their full extent.
You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en
Further information on the terms of use of Google Analytics:
www.google.com/analytics/terms/gb.html
Further information on Google Analytics data protection:
https://support.google.com/analytics/answer/6004245?hl=de
Google Tag Manager
We use the Google Tag Manager tool on our website. Google Tag Manager is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Tel: +353 1 543 1000, Fax: +353 1 686 5660, E-mail: support-deutschland@google.com (“Google”), with which marketers can manage website tags via an interface.
The Google Tag Manager only implements tags. Tags are small code elements on the website that serve, among other things, to measure traffic and visitor behavior, to record the impact of online advertising and social channels, to use remarketing and targeting, and to test and optimize the website.
This means: No additional cookies are used. No personal data is collected. The Google Tag Manager triggers other tags, which in turn may collect data. Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level – in particular, if you have chosen the objection solution described above for Google Analytics or have made corresponding settings in your browser – it remains in effect for all tracking tags, provided these are implemented with the Google Tag Manager.
Further information on data protection at Google can be found here: https://policies.google.com/privacy?hl=en
Privacy terms for advertising: https://www.google.com/intl/en/policies/technologies/ads/
Google Maps
This site uses the Google Maps map service via an API. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
To use the functions of Google Maps, it is necessary to store your IP address. This information is usually transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.
The use of Google Maps is in the interest of an appealing presentation of our online offers and to make the places indicated by us on the website easy to find. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f) GDPR. If a corresponding consent has been requested, processing takes place exclusively on the basis of Art. 6 para. 1 lit. a) GDPR; the consent can be revoked at any time. More information on how user data is handled can be found in Google's privacy policy: https://policies.google.com/privacy?hl=en.
Google reCAPTCHA
a) Type and scope of data processing
We use reCAPTCHA, a service of the company Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Through this service, Google can determine from which website a request is sent and from which IP address you use the so-called reCAPTCHA input box.
In addition to your IP address, other information may be collected by Google that is necessary for the offering and guarantee of this service.
b) Purpose and legal basis
The purpose of using Google reCAPTCHA is to ensure data security during the transmission of forms. This serves primarily to distinguish whether the entry is made by a natural person or misused through mechanical and automated processing.
The tool includes the transmission of the IP address and, if applicable, other data required by Google for the reCAPTCHA service to Google. The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the security of our website and in the defense against unwanted, automated access in the form of spam.
c) Storage period
The stored data is deleted by us as soon as it is no longer required for the purposes presented.
d) Right of objection
Further information on Google's privacy policy can be found at http://www.google.com/intl/en/privacy. If you do not agree to this processing, you can prevent the storage of cookies by a setting in your internet browser.
Google Ads
The website operator uses Google Ads. Google Ads is an online advertising program of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Ads allows us to display advertisements in the Google search engine or on third-party websites when users enter specific search terms on Google (keyword targeting). Furthermore, targeted advertisements can be displayed based on user data available at Google (e.g., location data and interests) (audience targeting). As website operators, we can evaluate this data quantitatively by analyzing, for example, which search terms led to the display of our advertisements and how many ads resulted in corresponding clicks.
The legal basis is consent in accordance with Art. 6(1)(a) GDPR.
Further information can be found in Google’s privacy policy at: https://policies.google.com/privacy?hl=de
Campaign Manager
We use the online marketing tool Campaign Manager from Google. Campaign Manager is a service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.
Campaign Manager uses cookies to display advertisements relevant to users, improve campaign performance, or prevent users from seeing the same ads multiple times. By means of a cookie ID, Google records which ads are displayed in which browser and can thus prevent duplicate displays.
In addition, Campaign Manager can use cookie IDs to track so-called conversions that are related to ad requests. This is the case, for example, when a user sees a Campaign Manager ad and later visits the advertiser’s website using the same browser and makes a purchase.
Due to the marketing tools used, your browser automatically establishes a direct connection with Google’s server.
By integrating Campaign Manager, Google receives the information that you have accessed the relevant part of our website or clicked on one of our ads. If you are registered with a Google service, Google can associate the visit with your account.
Even if you are not registered with Google or not logged in, there is a possibility that the provider collects and stores your IP address. The Campaign Manager (DoubleClick Floodlight) cookies used allow us to track whether you perform certain actions on our website after viewing or clicking on one of our ads on Google or another platform via Campaign Manager (conversion tracking). This enables us to send you targeted advertising.
The legal basis is consent in accordance with Art. 6(1)(a) GDPR. Stored data will be deleted once it is no longer required for our purposes.
You can prevent the storage of cookies by adjusting your browser settings. You can disable personalized advertising via a browser plugin at: https://support.google.com/ads/answer/7395996?hl=de
You can also disable personalized ads here.
Further information can be found in Google’s privacy policy: https://policies.google.com/privacy?hl=de
Privacy policy for advertising measures: https://policies.google.com/technologies/ads?hl=de
Sentry
We use the error analysis service "Sentry" on our website. This service is provided by Functional Software, Inc. d/b/a Sentry, 45 Fremont Street, 8th Floor, San Francisco, CA 94105, USA ("Sentry").
To ensure the technical stability of our services, system errors are logged using Sentry. Data processing is carried out based on our legitimate interest pursuant to Art. 6(1)(f) GDPR.
The data is stored for a maximum of 30 days after analysis and then completely deleted. The information generated by Sentry is usually transferred to a Sentry server in the USA and stored there. Functional Software Inc. is certified under the EU-US Data Privacy Framework and commits to complying with its principles.
Further information on the processing of personal data by Sentry can be found in the service’s privacy policy: https://sentry.io/privacy/
Content Delivery Networks (CDN)
For error analysis on our website and to quickly fix issues, we use the service "Rollbar". This service is provided via a so-called Content Delivery Network (CDN).
A CDN is a network of powerful servers that cache content at various locations around the world. A CDN essentially has two tasks: to deliver content as quickly as possible and to reduce the load on the web host by distributing data traffic.
CDNs transmit two types of content: static and dynamic. Static content is delivered in the same form to all website visitors, such as video content from streaming services or code frameworks (e.g., JavaScript, jQuery). Dynamic content is first adapted to the user and only created at the moment of request.
To enable the latter, information about website visitors must first be transmitted to the CDN.
The legal basis for using a CDN and transferring your data is Art. 6(1) sentence 1 lit. f) GDPR (legitimate interest in data processing). The legitimate interest arises from our need for a technically flawless and fast presentation of our website and the relief of our IT infrastructure.
We use hosting services from Amazon Web Services, Inc., 410 Terry Avenue North, Seattle WA 98109, USA.
Further information on data protection at AWS: https://aws.amazon.com/de/compliance/eu-data-protection/
12. Social Networks
We link on this website to our presences on social networks. When accessing our website, no data is transmitted to the operator of the respective social network. Data is only transmitted when you actively follow the link to our profile or click on the social plugin.
In this case, the respective social network processes, among other things, the following data categories:
IP address
Date, time
Visited website
If you are logged into your user account on a social network when accessing our profile page, the operator of the social network may be able to assign the collected information of the specific visit to your personal account.
If you interact via a “share” or “like” button, this information may also be assigned to your account and possibly published.
To prevent this, you must log out of your account before visiting our profile page or using the social plugin.
You can also configure your user account accordingly in the respective social network.
When you access our profile page, the social network operator may set cookies on your device, regardless of whether you have an account or are logged in. Cookies are data packets that mark user devices with a specific identifier. They are primarily used to display personalized advertising to visitors, including on our profile pages.
Cookies also enable the creation of statistics about the use of our profile page (e.g., number of page views, user categories). If we receive such statistical analyses, the data is anonymized beforehand, meaning we cannot assign usage data to individual users.
The purpose of processing your data on our profile pages is to provide information about our offers and services and to respond to inquiries.
The legal basis is Art. 6(1)(f) GDPR. Public relations work is considered a legitimate interest.
If you use a social plugin, the legal basis is your consent pursuant to Art. 6(1)(a) GDPR.
Private messages sent to us via social networks are deleted after 2 years from the last communication. Public posts (e.g., on our timeline) are generally published permanently unless you request deletion.
We have no influence over which data is collected and transmitted by social network operators, to whom it is transferred, or how long it is stored. Please refer to the respective privacy policies of the networks.
We reserve the right to delete unlawful content published by users (e.g., copyright violations or criminal statements).
According to case law of the European Court of Justice, we are jointly responsible with the operator of the respective social network for the operation of our profile page or social plugin with regard to compliance with data protection regulations.
The operator provides the IT infrastructure and is generally the primary contact for data processing issues (e.g., access or deletion). However, you can also assert your legal rights against us, and we will forward your request.
For US providers (LinkedIn, YouTube), data is transferred to the USA. These providers commit to EU-standard contractual clauses ensuring an adequate level of data protection. TikTok may also transfer data outside the EEA based on such clauses.
However, please note that an adequate level of data protection outside the EU/EEA cannot always be guaranteed.
We link to the following social networks:
LinkedIn
Provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2 D02 AD98, Ireland
https://www.linkedin.com/legal/privacy-policy/
YouTube
Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4 D04 E5W5, Ireland
https://policies.google.com/privacy?hl=de
Xing
Provider: New Work SE, Baumwall 7, 20459 Hamburg, Germany
https://privacy.xing.com/de/datenschutzerklaerung
Instagram
Provider: Meta Platforms Ireland Limited, Merrion Road, Dublin, D04 X2K5, Ireland
https://help.instagram.com/519522125107875
13. Data Transfer
We only transfer your personal data to third parties if:
you have given your explicit consent in accordance with Art. 6(1)(a) GDPR;
it is legally permissible and necessary under Art. 6(1)(b) GDPR for contract performance or pre-contractual measures (e.g., payment, shipping, delivery, or debt collection services);
there is a legal obligation under Art. 6(1)(c) GDPR (e.g., to authorities, social security institutions, tax offices, supervisory authorities, law enforcement);
the transfer is necessary under Art. 6(1)(f) GDPR to safeguard legitimate business interests or legal claims and no overriding interests oppose it;
we use processors under Art. 28 GDPR who act on our instructions (e.g., IT or marketing providers).
Transfer to Other Users
We share your profile information with other users as part of our services. Further details can be found in our terms and conditions.
Transfer to Third Countries
When transferring data to third countries (outside the EU/EEA), we ensure the same level of care as within the EU/EEA. We only transfer data if:
the EU Commission has confirmed an adequate level of protection, or
appropriate safeguards (e.g., contractual agreements) are in place.
For US service providers, data transfer is based on the EU-US Privacy Framework, provided the company is certified. Otherwise, standard contractual clauses are used.
List of certified companies: https://www.dataprivacyframework.gov/s/participant-search
14. Data Security and Protective Measures
We are committed to protecting your privacy and treating your personal data confidentially. To this end, we take extensive technical and organizational security precautions, which are regularly reviewed and adapted to technological progress.
This includes, among other things, the use of recognized encryption procedures (SSL or TLS). However, data disclosed without encryption—for example, if this is done via unencrypted email—can potentially be read by third parties. We have no influence over this. It is the responsibility of the user to protect the data they provide against misuse through encryption or other means.
15. Changes to the Privacy Policy
We reserve the right to update this declaration at any time as required.
16. Your Legal Rights
Below you will find your legal rights regarding your personal data. Details can be found in Articles 7, 15-22, and 77 of the GDPR. You may contact us as the responsible body or our data protection officer in this regard.
a) Right to withdraw your data protection consent pursuant to Art. 7 para. 3 sentence 1 GDPR
You can withdraw your consent to the processing of your personal data at any time with effect for the future. However, the lawfulness of the processing carried out until the withdrawal remains unaffected.
b) Right of access pursuant to Art. 15 GDPR
You have the right to request confirmation as to whether we are processing personal data concerning you. If this is the case, you have the right to information about this personal data as well as further information, e.g., the processing purposes, the categories of personal data processed, the recipients, and the planned duration of storage or the criteria for determining the duration.
c) Right to rectification and completion pursuant to Art. 16 GDPR
You have the right to demand the immediate correction of incorrect data. Taking into account the purposes of processing, you have the right to request the completion of incomplete data.
d) Right to erasure (“Right to be forgotten”) pursuant to Art. 17 GDPR
You have a right to erasure insofar as the processing is not necessary. This is the case, for example, if your data is no longer required for the original purposes, you have withdrawn your data protection consent declaration, or the data has been processed unlawfully.
For security reasons and to avoid unintentional deletion of the account, you can perform the deletion yourself within your account. You must be logged into your account to perform the deletion.
e) Right to restriction of processing pursuant to Art. 18 GDPR
You have a right to restriction of processing, e.g., if you believe that the personal data is incorrect.
f) Right to data portability pursuant to Art. 20 GDPR
You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format.
g) Right to object pursuant to Art. 21 GDPR
You have the right to object at any time, for reasons arising from your particular situation, to the processing of certain personal data concerning you. In the case of direct marketing, you as the data subject have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct marketing.
h) Automated individual decision-making, including profiling, pursuant to Art. 22 GDPR
You have the right not to be subject to a decision based solely on automated processing—including profiling—except in the exceptional cases mentioned in Art. 22 GDPR. Decision-making based exclusively on automated processing—including profiling—does not take place.
i) Complaint to a data protection supervisory authority pursuant to Art. 77 GDPR
Furthermore, you can lodge a complaint with a data protection supervisory authority at any time, for example, if you believe that the data processing is not in compliance with data protection regulations.