PRIVACY
STATUS 07/2024
GENERAL NOTES
This Privacy Policy explains how we collect and process your personal data in light of the EU GDPR (EU General Data Protection Regulation) when we
- support you in your project search,
- maintain the relationship with you after we have found a job for you,
- provide a service for you or you provide a service for us,
- Use your data to ask you for support in connection with one of our candidates; or
- make our website or other internet presences available to you.
The specific purposes are described for the processing operations presented here (e.g. contact form, web analysis, etc.).
With regard to the legal basis for the processing of your personal data:
We process personal data that is required for the justification, implementation or processing of our service offer (contract processing) on the legal basis of Art. 6 (1) lit. b DSGVO. Insofar as we obtain consent from you for the processing of your personal data, the consent pursuant to Art. 6 (1) lit. a DSGVO forms the legal basis for the data processing. Data processing is also permitted if we process your data to protect our legitimate interests and your interests or fundamental rights and freedoms with regard to the processing of personal data are not overridden. Insofar as we use external service providers within the scope of commissioned data processing, the processing is carried out on the legal basis of Art. 28 DSGVO.
This Privacy Policy applies to the personal data of visitors to our website, candidates, customers, suppliers and other persons with whom we may contact to learn more about our candidates.
For more detailed information on data protection, please refer to our explanations on specific processing operations.
Important: This privacy policy may change from time to time. Please use this page to keep yourself informed as we post any changes here.
NOTE ON THE RESPONSIBLE BODY
The data controller for the data processing operations explained here is:
trainers4training Company for Knowledge Management and Consulting mbH
In front of Holzschlinge 31
Herford 32049
Phone: +49 5221 996453
E-mail: info@t4t.biz
DATA PROTECTION OFFICER
We have appointed a data protection officer.
You can reach him or her as follows:
Philipp Herold
Mein-Datenschutzbeauftragter.de
Hafenstraße 1a
23568 Lübeck
+49 (0) 451 160852 - 23
philipp.herold@hub24.de
YOUR RIGHTS AS AN AFFECTED PERSON
You have the right to obtain information about the personal data concerning you. You can contact us for information at any time.
In the case of a request for information that is not made in writing, we ask for your understanding that we may require proof from you that you are the person you claim to be.
Furthermore, you have a right to rectification or erasure or to restriction of processing, insofar as you are entitled to this by law.
Finally, you have a right to object to processing within the framework of the legal requirements.
A right to data portability also exists within the framework of data protection law.
You have the right to complain about the processing of personal data by us to a supervisory authority for data protection. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters for this purpose.
DISCLOSURE OF YOUR PERSONAL DATA
Your personal data will be disclosed as described below.
Data is disclosed if we are entitled or obliged to disclose data due to legal provisions and/or official or court orders. In particular, this may involve the disclosure of information for the purposes of criminal prosecution, to avert danger or to enforce intellectual property rights.
Insofar as your data is passed on to service providers to the extent necessary, they will only have access to your personal data to the extent that this is necessary for the fulfilment of their tasks. These service providers are obliged to treat your personal data in accordance with the applicable data protection laws, in particular the DSGVO.
Beyond the aforementioned circumstances, we generally do not transfer your data to third parties without your consent. In particular, we do not pass on any personal data to a body in a third country or to an international organisation.
DATA SECURITY
Unfortunately, the transmission of information via the Internet is never 100% secure, which is why we cannot guarantee the security of data transmitted to our website via the Internet.
However, we secure our website by technical and organisational measures against loss, destruction, access, modification or distribution of your data by unauthorised persons.
In particular, your personal data is transmitted in encrypted form. We use the SSL/TLS (Secure Sockets Layer/Transport Layer Security) coding system. Our security measures are continuously improved in line with technological developments.
Even independently of the website, we will take all necessary measures (both technical and organisational) to protect the personal information we hold from misuse, loss or unauthorised access.
DELETION OF DATA
We generally delete personal data when there is no need for further storage. A requirement may exist in particular if the data is still needed in order to fulfil contractual services, to check and grant or ward off warranty and, if applicable, guarantee claims. In the case of statutory retention obligations, deletion will only be considered after expiry of the respective retention obligation.
REFERENCES AND LINKS
When calling up Internet pages referred to within the framework of our website, information such as name, address, e-mail address, browser properties etc. may be requested again. This privacy policy does not regulate the collection, disclosure or handling of personal data by third parties.
Third party service providers may have different and their own regulations regarding the collection, processing and use of personal data. It is therefore advisable to inform yourself on the websites of third parties about their practices regarding the handling of personal data before entering personal data.
CHANGES TO THIS DATA PROTECTION NOTICE
We revise this data protection notice in the event of changes to data processing or other occasions that make this necessary. You can always find the current version on our website.
WEBSITE GENERAL
PRIVACY
As the operator of these pages, we take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.
When you use this website, various personal data are collected. Personal data is data that can be used to identify you personally. This section of our privacy policy explains what data we collect through the website and what we use it for. It also explains how this is done and for what purpose.
We would like to point out that data transmission on the Internet (e.g. communication by e-mail) can have security gaps. A complete protection of data against access by third parties is not possible.
DATA PROCESSING FOR SPECIFIC PURPOSES
Whenever content of the website is accessed, data is temporarily stored there via so-called log files, which may allow identification. The following data is collected in this process:
- Date and time of the retrieval
- IP address of the calling computer
- Host name of the accessing computer
- Website from which the website was accessed
- Websites accessed via the website
- Page visited on our website
- data volume transferred
- Message whether the retrieval was successful
- Information about the browser type and version used
- Operating system
The temporary storage of the data is necessary for the course of a website visit in order to enable the delivery of the website. Further storage of the log files takes place in order to ensure the functionality of the website and the security of the information technology systems.
LEGAL BASIS OF THIS DATA PROCESSING
The legal basis for the storage and processing is the protection of our legitimate interests according to Art. 6 para. 1 lit. f DSGVO.
OTHER RECIPIENTS OF PERSONAL DATA
The website of trainers4training GmbH is hosted by STRATO AG. STRATO AG receives the above-mentioned data for this purpose as an order processor. The data is not transferred to a third country in accordance with the DSGVO.
A corresponding AV (contract data processing) has been concluded with the service provider. Further information on the subject of data protection can be found on the STRATO AG website.
SSL OR TLS ENCRYPTION
For security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.
If the SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
DATA COLLECTION ON OUR WEBSITE
COOKIES
The Internet pages partly use so-called cookies. Cookies do not damage your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, effective and safer. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are so-called "session cookies". They are automatically deleted at the end of your visit. Other cookies remain stored on your terminal device until you delete them. These cookies enable us to recognize your browser the next time you visit us.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited.
Cookies, which are necessary for the electronic communication process or for the provision of certain functions you require (e.g. shopping basket function), are stored on the basis of Art. 6 Para. 1 lit. f DSGVO. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimised provision of his services. Insofar as other cookies (e.g. cookies for analysing your surfing behaviour) are stored, these are treated separately in this data protection declaration.
PROCESSING OF DATA (CUSTOMER AND CONTRACT DATA)
We collect, process and use personal data only to the extent that they are necessary for the establishment, content or modification of the legal relationship (inventory data). This is done on the basis of Art. 6 para. 1 lit. b DSGVO, which permits the processing of data for the fulfilment of a contract or pre-contractual measures. We collect, process and use personal data on the use of our Internet pages (usage data) only to the extent necessary to enable or charge the user for the use of the service.
The collected customer data will be deleted after completion of the order or termination of the business relationship. Legal retention periods remain unaffected.
DATA TRANSFER UPON CONCLUSION OF A CONTRACT FOR SERVICES AND DIGITAL CONTENT
We only transmit personal data to third parties if this is necessary within the framework of the contract processing, for example to companies entrusted with the provision of services or to the credit institution entrusted with the payment processing.
A further transmission of the data does not take place or only if you have expressly agreed to the transmission. Your data will not be passed on to third parties without your express consent, for example for advertising purposes.
The basis for data processing is Art. 6 para. 1 letter b DSGVO, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.
USE OF THE CONTACT FORMS
Scope
With the use of our available forms
we store the personal data you provide in order to process your request and to contact you to handle your request. The voluntary information serves us to specify your request and to improve the processing of your request. The requested data is transmitted to us by you on a purely voluntary basis.
Depending on the type of request, the legal basis for this processing is Art. 6 para. 1 lit. b DSGVO for requests that you yourself make as part of a pre-contractual measure or Art. 6 para. 1 sentence 1 lit. f DSGVO if your request is of a different nature. If personal data is requested that we do not need for the fulfillment of a contract or for the protection of legitimate interests, the transfer to us is based on your consent pursuant to Art. 6 para. 1 lit. a DSGVO.
Purpose and legal basis of the processing of personal data
The personal data is collected, processed and used by us exclusively for the following purposes.
- For contacting and related correspondence
- To process a request
- To realize a booking of a seminar
- To process an application
- To the newsletter dispatch
Personal data collected and processed
We collect and process your personal data only if they are provided to us voluntarily, e.g. by filling out our forms or sending e-mails.
An exception are requests to external trainers, whose data we receive from official information files or from project managers.
In the context of the available forms or messages, this is first of all the following data:
Data of interested parties and inquiring person
- Salutation*
- full name*
- full address*
- Company name*
- E-mail address*
- complete call number*
- the consent to the privacy policy*.
- Message*
Data from seminar bookings
- Salutation*
- full name*
- full address*
- Company name*
- E-mail address*
- complete call number*
- the consent to the privacy policy*.
- Message*
ONLINE SCHOOL
To register for our Online School, we require your full name, e-mail address and, if applicable, a billing address in order to set up your log-in and process the use of our service.
The processing of the aforementioned personal data for the purposes stated here is carried out on the legal basis of Art. 6 (1) lit. b DSGVO.
We use Paddle.com from Paddle.com Market Limited, Judd House, 18-29 Mora Street, London, EC1V 8BT, United Kingdom to process all payments.
Paddle.com is a recipient of your personal data and acts as a processor for us as far as the processing of payment processes is concerned. For more information on data processing by Paddle.com, please visit: https://www.paddle.com/legal/privacy.
We are obliged by commercial and tax law to store your address, payment and order data for a period of ten years.
To prevent unauthorized access by third parties to your personal data, especially financial data, the process is encrypted using TLS technology.
NEWSLETTER
If you subscribe to our company's newsletter, the data in the respective input mask will be transmitted to the controller. The registration for our newsletter takes place in a so-called double opt-in procedure. This means that after registration you will receive an e-mail in which you are asked to confirm your registration. This confirmation is necessary so that no one can register with other people's e-mail addresses. When registering for the newsletter, the user's IP address and the date and time of registration are stored. This serves to prevent misuse of the services or the e-mail address of the person concerned. The data is not passed on to third parties. An exception exists if there is a legal obligation to pass on the data. The data is used exclusively for sending the newsletter. The subscription to the newsletter can be cancelled by the data subject at any time. Likewise, consent to the storage of personal data can be revoked at any time. For this purpose, a corresponding link can be found in each newsletter. The legal basis for the processing of the data after the user has registered for the newsletter is Art. 6 para. 1 lit. a) DSGVO if the user has given his consent. The legal basis for sending the newsletter as a result of the sale of goods or services is Article 7 (3) UWG.
HUBSPOT CRM
We use Hubspot CRM as a central customer relationship management system. The provider is Hubspot Inc. 25 Street, Cambridge, MA 02141 USA (hereinafter Hubspot CRM). We have chosen a server location within the EU to store the data; the provider is HubSpot Ireland Ltd, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland.
Among other things, Hubspot CRM enables us to manage existing and potential customers and customer contacts. With the help of Hubspot CRM, we are able to record, sort and analyze customer interactions via email, social media or telephone across various channels. The personal data collected in this way can be evaluated and used for communication with the potential customer or for marketing measures (e.g. newsletter mailings). With Hubspot CRM, we are also able to record and analyze the user behavior of our contacts on our website.
The use of Hubspot CRM is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the most efficient customer management and customer communication possible. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's end device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.
Details can be found in Hubspot's privacy policy: https://legal.hubspot.com/privacy-policy.
The data transfer to the USA is carried out in accordance with Art. 45 para. 1 GDPR on the basis of the adequacy decision of the European Commission. The US company involved is certified in accordance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF).
Order processing
We have concluded a data processing agreement (DPA) with the above-mentioned provider. This is a contract prescribed by data protection law, which ensures that the provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
Hubspot Analytics
We use HubSpot Analytics from HubSpot, Inc, Cambridge, Massachusetts, US, as an analysis service for the statistical evaluation of our online offering. This includes, for example, the number of visits to our website, subpages visited and the time spent by visitors.
HubSpot Analytics uses cookies and other browser technologies to evaluate user behavior and recognize users.
This information is used, among other things, to compile reports on website activity.
The use of HubSpot Analytics is based on your consent in accordance with Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TDDDG.
We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the U.S. takes place in accordance with Art. 45 (1) DSGVO on the basis of the adequacy decision of the European Commission. The U.S. companies involved and/or their U.S. subcontractors are certified in accordance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF).
The specific storage period of the processed data cannot be influenced by us, but is determined by HubSpot, Inc. Further information can be found in the privacy policy for HubSpot Analytics: https://legal.hubspot.com/privacy-policy.
Hubspot Chat
We have integrated components of the HubSpot Chat customer communication platform on our website. HubSpot Chat is a service of HubSpot, Inc. and offers us the opportunity to communicate with visitors to our website via chat and to provide targeted help with questions. HubSpot Chat uses cookies and other browser technologies to evaluate user behaviour and recognize users. Furthermore, HubSpot Chat is used to store and transmit data entered in chats using cookies, including your IP address. In this case, your data will be passed on to the operator of HubSpot Chat, HubSpot, Inc, Cambridge, Massachusetts, US.
The use of HubSpot Chat is based on your consent in accordance with Art. 6 para. 1 lit. a. GDPR and § 25 para. 1 TDDDG.
We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the U.S. takes place in accordance with Art. 45 (1) DSGVO on the basis of the adequacy decision of the European Commission. The U.S. companies involved and/or their U.S. subcontractors are certified in accordance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF).
The specific storage period of the processed data cannot be influenced by us, but is determined by HubSpot, Inc. Further information can be found in the privacy policy for HubSpot Chat: https://legal.hubspot.com/privacy-policy.
USE OF RAPIDMAIL
Recipients of your personal data
Description and purpose
We use rapidmail to send newsletters. The provider is rapidmail GmbH, Wentzingerstraße, 21, 79106 Freiburg, Germany. Among other things, rapidmail is used to organise and analyse the dispatch of newsletters. The data you enter for the purpose of receiving the newsletter is stored on rapidmail's servers in Germany. If you do not wish to have your data analysed by rapidmail, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. For the purpose of analysis, the e-mails sent with rapidmail contain a so-called tracking pixel, which connects to the servers of rapidmail when the e-mail is opened. In this way, it can be determined whether a newsletter message has been opened. Furthermore, with the help of rapidmail we can determine whether and which links are clicked on in the newsletter message. All links in the e-mail are so-called tracking links, with which your clicks can be counted. Depending on the font used to design the respective newsletter, a connection to external servers such as Google Fonts takes place.
Legal basis
The legal basis for the data processing is Art. 6 para. 1 lit. a) DSGVO.
Receiver
The recipient of the data is rapidmail GmbH.
Transmission to third countries
The data is not transferred to third countries.
Duration
The data stored by us within the scope of your consent for the purpose of the newsletter will be stored by us until you unsubscribe from the newsletter and deleted from our servers as well as from the servers of rapidmail after you unsubscribe from the newsletter. Data stored by us for other purposes (e.g. e-mail addresses for the member area) remain unaffected by this.
Revocation option
You have the option to revoke your consent to data processing with effect for the future at any time. The legality of the data processing operations already carried out remains unaffected by the revocation.
Further data protection information
For more details, please refer to the data security information of rapidmail at: https://www.rapidmail.de/datensicherheit. For more information on the analysis functions of rapidmail, please refer to the following link: https://www.rapidmail.de/wissen-und-hilfe.
ANALYSIS TOOLS AND ADVERTISING
(1) Analysis tools and third-party tools
When you visit our website, your surfing behaviour can be statistically evaluated. This is mainly done with cookies and with so-called analysis programs. The analysis of your surfing behaviour is usually anonymous; the surfing behaviour cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. For details, please refer to our privacy policy under the heading "Third party modules and analysis tools".
You can contradict this analysis. We will inform you about the possibilities of objection in this privacy policy.
(2) Google Analytics
Nature and scope of the processing
We use Google Analytics from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, as an analysis service for the statistical evaluation of our online offer. This includes, for example, the number of times our online offer is called up, sub-pages visited and the length of time visitors spend on the site.
Google Analytics uses cookies and other browser technologies to evaluate user behaviour and recognise users.
This information is used, among other things, to compile reports on website activity.
Purpose and legal basis
The use of Google Analytics is based on your consent pursuant to Art. 6 para. 1 lit. a. DSGVO and § 25 para. 1 TTDSG.
We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the U.S. takes place in accordance with Art. 45 (1) DSGVO on the basis of the adequacy decision of the European Commission. The U.S. companies involved and/or their U.S. subcontractors are certified in accordance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF).
Storage period
The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Analytics: https://policies.google.com/privacy.
Google Tag Manager
Nature and scope of the processing
We use the Google Tag Manager of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager is used to manage website tags through one interface and allows us to control the exact integration of services on our website.
This allows us to flexibly integrate additional services to evaluate user access to our website.
Purpose and legal basis
The use of Google Tag Manager is based on your consent pursuant to Art. 6 para. 1 lit. a. DSGVO and § 25 para. 1 TTDSG.
We intend to transfer personal data to third countries outside the European Economic Area, in particular the USA. The data transfer to the U.S. takes place in accordance with Art. 45 (1) DSGVO on the basis of the adequacy decision of the European Commission. The U.S. companies involved and/or their U.S. subcontractors are certified in accordance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF).
Storage period
The concrete storage period of the processed data cannot be influenced by us, but is determined by Google Ireland Limited. Further information can be found in the privacy policy for Google Tag Manager: https://marketingplatform.google.com/about/analytics/tag-manager/use-policy/.
WAYLOT
Nature and scope of the processing
We have integrated components from Weglot on our website. Weglot is a service of Weglot SAS and offers translation solutions for websites and web applications.
When you use the translation function of our website, you connect to servers of Weglot SAS, 138 Rue Pierre Joigneaux, 92270 Bois-Colombes, France, where your IP address and possibly browser data such as your user agent are transmitted. This data is processed exclusively for the purposes mentioned above and to maintain the security and functionality of Weglot.
Purpose and legal basis
The use of Weglot is based on your consent pursuant to Art. 6 para. 1 lit. a. DSGVO and § 25 para. 1 TTDSG.
Storage period
The specific storage period of the processed data cannot be influenced by us, but is determined by Weglot SAS. Further information can be found in the privacy policy for Weglot: https://weglot.com/privacy/.
DATA COLLECTION & PROCESSING IN OUR BUSINESS PROCESSES
(1) Data of our customers and suppliers
We only collect data from and about our customers and suppliers to the minimum extent necessary to enable a functioning business relationship. This includes the contact data of the company as well as contact data of individual contact persons within the company organisation (e.g. names, telephone numbers and e-mail addresses), as well as bank data in order to be able to make payments. The legal basis is the justification, implementation or processing of our range of services (Art. 6 para. 1 lit. b DSGVO).
(2) Data of our trainers and consultants
Training, process visualization and project management made to measure is our motto - to realize it, we have to collect and process relevant data about our trainers and consultants (permanent and freelance). These are:
- Personal data: name, date of birth / age, contact details, emergency contacts, company loyalty, origin/initial contact, contact history, availability, preferences and conditions
- Skills & Abilities: Trainer/consultant categorisation, language skills, sector/industry experience, SAP knowledge (duration, modules, applications, technologies), authoring tools, TOBA membership/certification.
- Profile data: Links to XING and LinkedIn profiles, CVs as provided to us by the individuals themselves (usually via email).
We collect personal data in three ways:
- Notification by the business partners themselves
- From other sources, especially social networks and partner companies
- Automatic registration on this website
We may share your personal information with the following categories of persons in many ways and for many purposes, as appropriate and in accordance with local laws and regulations:
- Individuals and organizations who, in order to work with us, have information associated with the reference or application, such as current, past or prospective employees, trainers and selection boards, and employment and recruitment agencies
- In the case of candidates: potential clients and other external partners
(3) Information requirements for applicants pursuant to Art. 13 and Art. 14 DSGVO
Who is responsible for data processing?
Responsible for all incoming applications within the company:
trainers4training Company for Knowledge Management and Consulting mbH
In front of Holzschlingel 31
32049 Herford
Where do we get the data we collect?
We only collect and process the personal data you provide to us as part of the application process. This is the data listed below (type of data):
Personnel
- Name, first name
- Address and other contact details
- Birthplace
- Birthday
- Nationality
Bank details
- e.g. for the purpose of travel expense reimbursements that may be incurred
Legitimate data
- e.g. ID card data
Health data
- Information on disabilities or severe disabilities
Qualification papers
- Certificates, evaluations or similar Training certificates
For what purpose are the collected data processed (legal basis)?
Processing is carried out in compliance with the applicable General Data Protection Regulation (GDPR) and the new German Federal Data Protection Act (BDSG), sector-specific data protection standards in the course of the application process, such as the German Social Security Code, Telecommunications Act and Works Constitution Act. The legal basis for the processing of your personal data as part of the application process is Section 26 (1) in conjunction with (2) BDSG.
Processing within the framework of the balancing of interests
We process your data, if necessary, to protect our legitimate interests or the legitimate interests of third parties. These include, for example, the assertion of legal claims and defence in legal disputes, measures for business management and further development.
Processing on the basis of consent given
With your consent to the processing of personal data, the legality of the collection and processing of your personal data is based on your consent given to us. This consent can be revoked at any time. The revocation will take effect in the future and cannot be granted retroactively. If the processing of the collected personal data is revoked, the purpose for which it was collected can no longer be fulfilled or implemented.
To whom is the personal data collected forwarded?
The data collected will be forwarded within our company to the competent departments which have been entrusted with the processing of the application procedure and need it to fulfil legal obligations. Processors working with the company may also receive your data for the aforementioned purposes. This concerns companies in the area of IT services. At this point, it should be mentioned that we also comply with and take into account the data protection regulations when passing on data to third parties in the circumstances just described.
Your data is only passed on on the basis of legal regulations, your consent given to us or if we are authorised to obtain information about it. These are data recipients such as affiliated companies (application procedures for other advertised positions) for which you have given us your consent to transfer the data.
How long is the data collected during the application process stored?
Your personal data will be processed and stored, if necessary, for the duration of the application procedure. After the purpose has been fulfilled, but after 6 months at the latest, we delete the data. If the storage of the data is no longer necessary to carry out the application procedure and there is no legal retention period for this or if we do not have your consent which justifies a longer storage period, the data will be deleted immediately.
Is there a transfer to third countries?
There is no data transfer to a third country, i.e. countries outside the European Economic Area (EEA).
What rights can I assert?
Within the framework of the legal requirements from the DSGVO and the new BDSG, every data subject has the right to information about the processing of their personal data, the right to correction, deletion and restriction of this as well as the right to object to the processing and the right to data portability. When asserting the right to information as well as the right to deletion, the restrictions of §§ 33, 34 BDSG-neu must be taken into account. Furthermore, there is a right of appeal to the competent supervisory authority pursuant to Art. 77 DSGVO in conjunction with. § Section 19 BDSG-new.
Is it mandatory to provide data?
You only need to provide the data required in the application process. There is no obligation to provide certain data to us. However, without the provision of the required data on your part, an appropriate application process can usually not be realized.
To what extent is there automatic decision-making in individual cases?
No automated decision-making processes are used within our application process.
Does the data collected lead to profiling (scoring)?
We do not use profiling data to justify and carry out the application process.
PRIVACY NOTICE FOR ONLINE MEETINGS, TELEPHONE CONFERENCES AND WEB SEMINARS VIA VIDEO CONFERENCING SYSTEMS
We would like to inform you below about the processing of personal data in connection with the use of video conferencing systems such as "Teams" or other tools used.
Purpose of the processing
We use video conferencing systems to conduct conference calls, online meetings, video conferences, online trainings and/or web seminars (hereinafter: "Online Meetings"). Currently, we use the tool "Teams" for this purpose: "Teams" is a system of Microsoft Corporation, One Microsoft Way, located in the USA.
Responsible
The controller for data processing directly related to the implementation of "online meetings" is
trainers4training Gesellschaft für Wissensmanagement und Beratung mbH
Vorm Holzschlinge 31
32049 Herford
Note: If you access the website from the provider, the provider is responsible for data processing. However, accessing the website is only necessary for the use of the online meetings conference systems in order to download the software for their use.
If you do not want to or cannot use the "Microsoft Teams" app, you can also use "Microsoft Teams" via your browser. The service will then also be provided via the "Microsoft Teams" website.
What data is processed?
When using the video conferencing systems, various types of data are processed. The scope of the data also depends on the data you provide before or during participation in an "online meeting".
The following personal data are subject to processing:
User details:
- First name, last name
- Telephone (optional)
- E-mail address
- Password (if "Single-Sign-On" is not used)
- Profile picture (optional)
- Department (optional)
Meeting metadata:
- Topic, description (optional)
- Participant IP addresses
- Device/hardware information
For recordings (optional):
- MP4 file of all video, audio and presentation recordings
- M4A file of all audio recordings
- Text file of the online meeting chat
When dialling in with the telephone:
- Incoming and outgoing telephone number information
- Country name
- Start and end time
- If necessary, further connection data such as the IP address of the device can be saved.
Text, audio and video data:
- You may have the option of using the chat, question or survey functions in an "online meeting". In this respect, the text entries you make are processed in order to display them in the "online meeting" and, if necessary, to log them.
- In order to enable the display of video and the playback of audio, the data from the microphone of your terminal device and from any video camera of the terminal device are processed accordingly for the duration of the meeting. You can switch off or mute the camera or microphone yourself at any time via the applications.
- In order to participate in an "online meeting" or to enter the "meeting room", you must at least provide information about your name.
Scope of the processing
We use the video conferencing systems to conduct "online meetings". If we want to record "online meetings", we will inform you transparently in advance and - if necessary - ask for your consent. The fact of the recording will also be displayed to you in the applications. If it is necessary for the purposes of recording the results of an online meeting, we will record the chat content. However, this will not usually be the case. In the case of web seminars, we may also process questions asked by webinar participants for the purposes of recording and following up web seminars.
If you are registered as a user with a video conferencing tool, then reports of "online meetings" (meeting metadata, telephone dial-in data, questions and answers in web seminars, survey function in web seminars) can be stored for up to at least one month.
Automated decision-making within the meaning of Art. 22 DSGVO is not used.
Legal basis for data processing
Insofar as personal data of employees of trainers4training Gesellschaft für Wissensmanagement und Beratung mbH are processed, § 26 BDSG is the legal basis for data processing.
If, in connection with the use of video conferencing systems, personal data is not required for the establishment, implementation or termination of the employment relationship, but is nevertheless an elementary component in the use of these applications, Art. 6 para. 1 lit. f) GDPR is the legal basis for data processing. In these cases, our interest lies in the effective conduct of "online meetings".
Furthermore, the legal basis for data processing when conducting "online meetings" is Art. 6 para. 1 lit. b) DSGVO, insofar as the meetings are conducted within the framework of contractual relationships.
If there is no contractual relationship, the legal basis is Art. 6 para. 1 lit. f) DSGVO. Here too, our interest is in the effective conduct of "online meetings".
Recipients / passing on of data
Personal data processed in connection with participation in "online meetings" will not be disclosed to third parties as a matter of principle, unless it is specifically intended for disclosure. Please note that the content of online meetings, as well as personal meetings, is often used to communicate information with customers, interested parties or third parties and is therefore intended to be passed on.
Other recipients: The provider of online services necessarily receives knowledge of the above-mentioned data, insofar as this is provided for in the context of our order processing contract with online services.
Data processing outside the European Union
"Teams" is a service provided by a provider from the USA. Personal data may therefore also be processed in a third country.
We have concluded an order processing contract with the provider that meets the requirements of Art. 28 DSGVO. In addition, the EU standard contractual clauses are contractually agreed for data transfers to third countries. Microsoft has also been certified in accordance with the current Data Privacy Framework.
In order to ensure an appropriate level of data protection, we only use the most necessary personal data for implementation. This also applies to the recording of web seminars as part of our service offering.
PRESENCE IN SOCIAL MEDIA
In order to be able to present our company in the best possible way and to communicate with you as a user, customer or interested party and to inform you about our offered services, we make use of our presence in social networks. When using social networks, data is processed outside the European Union (EU) and the European Economic Area (EEA). An equivalent level of data protection to that which exists in the EU cannot be guaranteed in all countries outside the EU.
In this context, it may lead to risks for you as a user if the transmitted data is processed in so-called third countries with an inadequate level of data protection.
This makes it more difficult to enforce known user rights. In addition, your data may not be processed in your interest by the provider in the third country.
We only transfer personal data to third countries for which an adequate level of protection has been confirmed or if the transfer of personal data can be ensured by contractual agreements or other suitable guarantees.
In addition to the respective provider of a social network, we also collect and process personal user data on so-called "fan pages". With this notice, we inform you about which data we collect from you on our social media sites, how we use it and how you can object to the use of the data. For the respective data processing purposes and data categories, please refer to the respective offer listed in more detail below.
The social media activities operated by us and detailed below are carried out on the basis of a balancing of interests pursuant to Art. 6 (1) lit. f) DSGVO.
To realize this, cookies are used which record user behavior and enable profiling of the user.
A concrete list of the purposes for which user data is processed can be found in the data protection notices of the respective providers. By making the appropriate settings in your user account, you can restrict the profiling, at least to a certain extent. For the exact procedure, please read the corresponding data protection information of the respective provider.
Platform | Responsible entity | Privacy policy of the platform operator |
---|---|---|
Meta Platforms Ireland Ltd 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland | https://privacycenter.instagram.com/policy/ | |
Meta Platforms Ireland Ltd 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland | https://privacycenter.instagram.com/policy/ | |
YouTube | Google Ireland Limited Gordon House, Barrow Street, Dublin 4, Ireland | https://policies.google.com/privacy?hl=de |
New Work SE Am Strandkai 1, 20457 Hamburg, Germany | https://privacy.xing.com/de/datenschutzerklaerung | |
LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland | https://de.linkedin.com/legal/privacy-policy? |
We operate profiles on the listed platforms in order to draw attention to products and service offers and to interact with customers, interested parties and other users of the platform.
In this context, the platform operators also use certain data that they have collected from users of the platform (e.g., whether a photo on a profile was marked with "Like" or commented on) to create aggregated usage statistics and make them available to the respective operators of the profile (so-called "Insights" or "Analytics"). We as profile operators also receive such usage statistics. The information that we receive as profile operators does not allow any conclusions to be drawn about individual users. The profile operator itself has no access to personal data that the platform operators process for the creation of usage statistics. The respective platform operator alone determines which data is processed for these purposes, and in what manner. As the profile operator, we can neither legally nor actually influence the processing by the platform operators.
For processing in connection with the creation of usage statistics, we are considered joint controllers with the respective platform operator within the meaning of Art. 26 DSGVO.
Where possible, joint responsibility agreements are in place with the respective platform operators.
Beyond that, data processing by us as profile operator only takes place to a very limited extent:
- Processing of usernames and comments that are deleted due to violation of netiquette. These will be kept on file for possible proof in the event of legal disputes within the statute of limitations.
- Processing of usernames and individual messages when you contact us via messenger services.
- Processing of usernames and postings in the context of inquiries and, if necessary, obtaining consent to re-post images
- Recruiting potential applicants on career platforms
For these purposes, we generally only process your name, message content, comment content, and the profile information you "publicly" provide.