We point out that when data is transferred over the internet, security vulnerabilities may appear which cannot be prevented by the technical design of this website. It is not possible to protect personal data completely when using the internet.
In the following we provide you with information about how your data is protected when you visit our website.
In general it is possible to use our website without providing personal data.
If personal data is collected when you visit our website, we process this exclusively in accordance with the General Data Protection Regulation (GDPR) and the German Data Protection Act (Bundesdatenschutzgesetz, BDSG).
Information about the controller
The controller responsible for the processing of data on this website is:
Data Protection Officer
The Data Protection Officer is:
If you have any questions concerning data protection, please send us an e-mail or contact our Data Protection Officer directly:
Our website is operated on servers of IONOS SE, Elgendorfer Str. 57, D-56410 Montabaur (hoster).
We have concluded a contract data processing agreement with IONOS SE.
When you access our website, data is collected automatically and stored in the log files on our hoster’s server. This data may be personal. The data collected includes:
- IP address of the requesting computer [in anonymised form]
- Optional user ID
- Date and time of the access to our website
- Time zone of the requesting computer
- Input values transmitted (e.g. e-mail addresses)
- Name and URL of the requested page of our website
- URL from which the page was requested or the desired action was prompted
- The internet service provider of the accessing system
- Screen setting or screen resolution used by the requesting computer
- Files on our website which were requested
- Connections to a link outside of our website (outlink)
- Access log
- Main language of the browser of the requesting computer
- Transmission code
- Time which is needed in order to display the requested content on the requesting computer (page generation time, transmission rate and page speed)
- Time which is needed for the website to be generated by the server and downloaded by the user.
- Location of the user (country, region, city, latitude and longitude (geolocation))
- Browser types and versions used
- The operating system of the requesting computer (referrer)
- Device type, make and model of the requesting computer (desktop, mobile, TV, car, console, etc.)
- The page on our website last visited by you
- Other similar data and information which serves to avert danger in the case of attacks on our information technological systems.
The hoster uses the data collected to ensure the smooth operation of the website, to ensure IT security and to improve our offering. If there are clear grounds for doing so, the log data is analysed at a later time as appropriate. The temporary storage of the IP address by the hoster is necessary in order to enable the delivery of the website to the user’s computer. For this purpose, your IP address needs to be stored for the duration of the session.
This data will not be combined with other data sources.
The legal basis for the collection of data is provided by Art. 6 (1)(1)(f) GDPR. Our legitimate interest in the collection of data is established by the purposes stated above.
The data will be erased by the hoster as soon as it is no longer needed to achieve the purpose for which it was collected. If the data is collected in order for the website to be provided, it will be deleted when the respective session ends.
If the data is stored in log files, this technical information will be erased or made unrecognisable after not later than seven days.
The collection of data for the provision of the website and the storage of data in log files are essential for the operation of the website. You therefore do not have the option to opt out of this.
We currently do not use (our own) cookies in the provision of our website.
For security reasons and to protect the transmission of confidential content which you send to us as the website operator, for example orders and enquiries, our website uses SSL/TLS encryption. You can recognise an encrypted connection by the browser’s address bar switching from “http://” to “https://” and the padlock icon in the browser bar.
If the SSL/TLS encryption is activated, the data which you communicate to us cannot be read by third parties (end-to-end encryption). The logs authenticate the communication partner and ensure the integrity of the transported data.
On our website you can contact us by e-mail.
In this connection, the information provided by you in the e-mail including the contact details provided for the purpose of processing your enquiry and for follow-up questions will be stored and processed by us. This data (e.g. name, address, telephone number, e-mail address) will not be disclosed to third parties without your consent.
The data will not be combined with other data collected on this website.
The data will be stored, if applicable, in the course of our notarial activities, if we are appointed.
This data will be processed on the basis of Art. 6 (1)(b) GDPR, if your enquiry is connected to the performance of a contract or is necessary in order to take steps prior to entering into a contract. In all other cases the processing will be based on our legitimate interest in the effective processing of the enquiries sent to us (Art. 6 (1)(f) GDPR).
The data provided by you in the e-mail will remain with us until you ask us to erase it, withdraw your consent for it to be stored or the purpose for which it is stored no longer exists (e.g. after we have finished working on your enquiry). Mandatory statutory provisions – in particular retention periods – remain unaffected.
Our presence on social networks and video platforms, which we list below, helps us to communicate actively and in a contemporary manner with our customers and potential customers. Here we provide information about our services, products and interesting special promotions relating to our company and our services. Further information about ourselves as a provider of the social media channel can be found in our <Link to ‘Impressum’>.
We provide below the privacy policies for the social media sites operated by us pursuant to Art. 13 of the General Data Protection Regulation (GDPR).
Facebook Fanpage / Facebook presence
The social network Facebook is operated by Meta Platforms, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or if your registered office or place of residence is in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland (“Facebook”).
When you visit our social media sites, your data may be collected automatically and stored for market research and advertising purposes. From this data, usage profiles are created using pseudonyms. These can be used in order to, for example, place advertisements inside and outside of the platforms which are presumed to correspond to your interests. For this purpose, cookies are generally used on your device.
For information about how cookies work, please see the relevant information provided in our privacy notice. These cookies store information on visitor behaviour and the interests of users. This helps to protect our, in the balancing of various interests, overriding legitimate interest in ensuring the optimal presentation of our services and offers and effective communication with customers and potential customers. The legal basis for the processing is therefore provided by Art. 6 (1)(1)(f) GDPR.
The legal basis for the collection and processing of data is provided by your consent within the meaning of Art. 6 (1)(1)(a) GDPR, which you have given to Facebook or have given when you accessed the Facebook website, if applicable. You can withdraw the consent given to process data at any time with effect for the future; to do this, please contact Facebook direct. The withdrawal of consent does not affect the lawfulness of the processing that has taken place up until the withdrawal of your consent.
Information about the opt-out options can be found at: https://www.facebook.com/settings?tab=ads
The data is processed on the basis of an agreement between joint controllers pursuant to Art. 26 GDPR, which you can see here: https://www.facebook.com/legal/terms/page_controller_addendum
Because no adequacy decision has been adopted by the EU Commission for the transfer of personal data to the USA, we have concluded with Facebook standard data protection clauses within the meaning of Art. 46 (2)(c) GDPR.
We use XING and kununu to present our company. The provider of XING and kununu is New Work SE, Dammtorstraße 30, 20354 Hamburg.
Our XING profile helps us to communicate actively and in a contemporary manner with potential employees in a professional environment. On this page we also share information about our company and in so doing present ourselves externally. Here we provide information about our services, products, interesting special promotions and employment opportunities in our company.
If you are asked by Xing to give your consent to data processing, e.g. by means of a checkbox, the legal basis for the data processing is provided by Art. 6 (1)(1)(a) GDPR.
kununu provides users first and foremost with the opportunity to rate and view the ratings of employers. At the same time, we use our presence on kununu to provide information about our company, career opportunities and our products and services.
The data is processed jointly. For content provided by you directly on the platform, e.g. comments, private messages or the like, New Work SE and we act as joint controllers pursuant to Art. 26 GDPR.
The legal basis for the processing of the data is your consent pursuant to Art. 6 (1)(1)(a) of the General Data Protection Regulation (GDPR), if you have given this, as well as the protection of legitimate interests pursuant to Art. 6 (1)(1)(f) GDPR. If you contact us, the legal basis is also provided by Art. 6 (1)(1)(b) GDPR (necessary in order to take steps prior to entering into a contract).
The aforementioned legitimate interest lies in us wanting to use our kununu page to communicate with you and provide you with information about our company, career opportunities and jobs, and our products and services.
Because only New Work SE possesses information about the actual data collected and its use on the respective platforms, requests for information and communications to exercise further data subject rights should be sent directly to New Work SE. You can of course also send enquiries concerning this to us, we will forward these to the operator for further processing.
We process on the XING and kununu platforms only the data you have disclosed directly to us: comments, enquiries, your user profiles, ratings and similar information. This data will be retained as long as the presence exists.
Any processing of the data used by us will take place only in the territory of the EU or the EEA. Data will not be transmitted by us to third countries.
For the purposes of personnel recruitment, we use the career network “LinkedIn” and maintain a company profile here. LinkedIn is operated by LinkedIn Corporation, 1000 W. Maude Ave., Sunnyvale, California 94085 USA, or if your registered office or place of residence is in the EU, LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (“LinkedIn”).
We also obtain from the data collected a statistical analysis of the groups of persons who are interested in our company page. Here the data is processed for statistical purposes in anonymised form that does not allow individuals to be identified, which may contain information about the approximate geographical location or age group and other summarising characteristics.
If you are asked by LinkedIn to give your consent to data processing, e.g. by means of a checkbox, the legal basis for the data processing is provided by Art. 6 (1)(1)(a) GDPR. You can withdraw the consent at any time with effect for the future, whereby you will need to contact LinkedIn for this purpose. Any data processing that has taken place up until the withdrawal of your consent will remain lawful.
The data is processed on the basis of an agreement between joint controllers pursuant to Art. 26 GDPR, which you can see here: https://legal.linkedin.com/pages-joint-controller-addendum
Regardless of the internal responsibilities agreed between us and LinkedIn, you can contact us/our Data Protection Officer or LinkedIn with all enquiries relating to data protection.
Because no adequacy decision has been adopted by the EU Commission for the transfer of personal data to the USA, we have concluded with LinkedIn standard data protection clauses within the meaning of Art. 46 (2)(c) GDPR.
You have the right pursuant to Art. 15 GDPR to ask for information about your personal data processed by us. In particular you can ask for information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to complain, the origin of your data, if this was not collected by us, and about the existence of automated decision-making including profiling and if applicable meaningful information about its details;
You have the right pursuant to Art. 16 GDPR to ask for the immediate rectification of inaccurate or immediate completion of incomplete personal data stored by us.
You have the right pursuant to Art. 17 GDPR to ask for the erasure of your data stored by us, unless the processing is necessary to exercise the right of freedom of expression and information, to meet a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.
Restriction of processing:
You have the right pursuant to Art. 18 GDPR to ask for the restriction of the processing of your personal data, if the accuracy of the personal data is contested by you, the processing is unlawful and you oppose its erasure and we no longer need the data, but it is required to assert, exercise or defend legal claims or you have objected to the processing pursuant to Article 21 GDPR.
You have the right pursuant to Art. 20 GDPR to ask to receive your personal data which you have provided us in a structured, commonly used and machine-readable format or transmit it to another controller.
Withdrawal of consent:
You have the right pursuant to Art. 7 Para. 3 GDPR to withdraw your consent from us at any time. As a result of this, we will in future no longer be allowed to continue the data processing based on this consent.
Right to object
You have the right to object at any time for reasons relating to your particular situation to the processing of personal data concerning yourself which is performed on the basis of Article 6 (1)(e) or (f) GDPR; this also applies to profiling based on these provisions.
The controller will no longer process the personal data concerning yourself, unless it can provide proof of compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the enforcement, exercising or defence of legal rights.
If the personal data concerning yourself is processed for direct advertising purposes, you have the right to object at any time to the processing of personal data concerning yourself for the purpose of such advertising; this also applies to profiling, if it is related to such direct advertising.
If you object to processing for direct marketing purposes, the personal data concerning yourself will no longer be processed for such purposes.
In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you can exercise your right to object by automated means using technical specifications.
Automated individual decision-making, including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning yourself or similarly significantly affects you. This does not apply if the decision is necessary for entering into, or the performance of, a contract between you and the controller, is authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights, freedoms and legitimate interests, or if this takes place with your express consent.
However, these decisions are not allowed to be based on special categories of personal data pursuant to Art. 9 (1) GDPR, unless Art. 9 (2)(a) or (g) GDPR applies and appropriate measures have been taken to protect the rights and freedoms and your legitimate interests.
Complain to a supervisory authority
Your have the right pursuant to Art. 77 GDPR to lodge a complaint with a supervisory authority. As a rule you can contact for this purpose the supervisory authority for your habitual residence, place of work or our headquarters.
Date: August 2022