DATA PRIVACY
1. PRIVACY STATEMENT
We are pleased that you are visiting our website. Below we would like to inform you about how we handle your data in accordance with Article 13 of the General Data Protection Regulation (GDPR).
Controller
The entity responsible for the collection and processing of data as outlined below is the party named in the imprint.
Usage Data
When you visit our website, certain usage data is temporarily stored on our web server for statistical purposes in order to improve the quality of our website. This data set includes
- the page from which the file was requested,
- the date and time of the request,
- the amount of data transmitted,
- the access status (file transferred, file not found),
- the description of the type of web browser used,
- the IP address of the requesting computer, which is shortened so that no personal reference can be made.
The mentioned log data is stored anonymously.
2. ESSENTIAL COOKIES
Our website uses cookies that are essential for the use of our website.
Cookies are small text files that are stored on your device and can be read. There are session cookies, which are deleted once you close your browser, and persistent cookies, which are stored beyond the current session.
We do not use these essential cookies for analysis, tracking, or advertising purposes.
Some cookies only contain information about specific settings and are not personally identifiable. They may also be necessary for user navigation, security, and the implementation of the website.
We use these cookies based on Article 6(1) Sentence 1 lit. f GDPR.
You can configure your browser to inform you about the placement of cookies. This will make the use of cookies transparent for you. You can also delete cookies at any time via the appropriate browser setting and prevent new cookies from being placed. Please note that our website may not display correctly, and some features may no longer be available.
| Provider |
Purpose |
Storage Duration |
Appropriate Data Protection Level |
| Kentico EMS |
Providing content via our CMS |
Session cookies and cookies for 1 year |
Processing within the EU |
| Usercentrics Consent Management Platform |
Providing our consent management service |
Consent data: 3 years |
Processing within the EU |
Click here to change your privacy settings.
3. TRACKING TOOLS
Consent Banner
On our website, we use a consent management platform (consent or cookie banner). The processing related to the use of the consent management platform and the logging of your settings is based on Article 6(1) Sentence 1 lit. f GDPR, in our legitimate interest to display content according to your preferences and to be able to prove the consent(s) you have given. Your settings, the consents granted, and part of your usage data are stored in a cookie. This ensures that your consents can be tracked for subsequent page requests. More information can be found under the section “essential cookies.”
The provider of the consent management platform acts as a strictly instructed service provider (data processor). A data processing agreement according to Article 28 GDPR has been signed.
Google Analytics
We use the web analytics tool "Google Analytics" to tailor our website according to demand. Google Analytics creates usage profiles based on pseudonyms. For this purpose, permanent cookies are stored on your device and read by us. This allows us to recognize and count returning visitors.
As part of the service, Google Ireland Limited supports us as a data processor according to Article 28 GDPR. Data processing may also occur outside the EU or EEA (particularly in the USA). An adequate level of data protection is ensured based on the adequacy decision (EU-U.S. Data Privacy Framework). Google also commits to entering into standard contractual clauses with further subprocessors.
Data processing is based on your consent, provided you have given consent via our banner. You can revoke your consent at any time. Please follow this link to change your settings through our banner.
- Provider: Google; Appropriate Data Protection Level: For transfers to the USA, an adequate level of data protection is ensured due to the provider’s certification under the Adequacy Decision (EU-U.S. Data Privacy Framework). Revocation of Consent: If you wish to revoke your consent, click here to change your privacy settings and make the appropriate settings through our banner.
Matomo
We use Matomo for web analysis, a service of InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand, NZBN 6106769, ("Matomo"). We care about the protection of your data, so we have configured Matomo to only collect anonymized IP addresses. We process your personal usage data in anonymized form, and it is not possible to trace it back to you. More information about Matomo’s terms of use and data protection regulations can be found here: https://matomo.org/privacy/
4. TRACKING TECHNOLOGIES FROM THIRD PARTIES FOR ADVERTISING PURPOSES
We use cross-device tracking technologies to display targeted advertising on other websites based on your visit to our website and to measure the effectiveness of our advertising measures.
Data processing is based on your consent, provided you have given consent via our banner. Your consent is voluntary and can be revoked at any time.
How does tracking work?
When you visit our website, third-party providers may retrieve recognition features for your browser or device (e.g., a so-called browser fingerprint), analyze your IP address, store or read recognition features on your device (e.g., cookies), or access individual tracking pixels.
These features can be used by third parties to recognize your device on other websites. We can engage these third-party providers to display ads tailored to the pages you visited on our site.
What does cross-device tracking mean?
If you log in with your own user data with a third-party provider, the recognition features from different browsers and devices can be linked. For example, if the third-party provider has created a feature for the laptop, desktop PC, or smartphone/tablet you use, these features can be linked once you use a service of the third-party provider. This allows the third-party provider to target our advertising campaigns across different devices.
Which third-party providers do we use in this context?
Below, we list the third-party providers with whom we work for advertising purposes. If data is processed outside the EU or EEA in this context, please note that there is a risk that authorities may access the data for security and surveillance purposes, without informing you or providing the possibility to appeal. If we use providers from insecure third countries and you consent, the transfer is made based on Article 49(1)(a) GDPR.
- Provider: Meta (Facebook); Appropriate Data Protection Level: For transfers to the USA, an adequate level of data protection is ensured due to the provider’s certification under the Adequacy Decision (EU-U.S. Data Privacy Framework). Revocation of Consent: If you wish to revoke your consent, click here to change your privacy settings and make the appropriate settings through our banner.
- Provider: Google; Appropriate Data Protection Level: For transfers to the USA, an adequate level of data protection is ensured due to the provider’s certification under the Adequacy Decision (EU-U.S. Data Privacy Framework). Revocation of Consent: If you wish to revoke your consent, click here to change your privacy settings and make the appropriate setting through our banner.
- Provider: LinkedIn; Appropriate Data Protection Level: For transfers to the USA, an adequate level of data protection is ensured due to the provider’s certification under the Adequacy Decision (EU-U.S. Data Privacy Framework). Revocation of Consent: If you wish to revoke your consent, click here to change your privacy settings and make the appropriate setting through our banner.
5. RETARGETING
Google
By using our websites, you agree to the following data processing:
We use Google Remarketing Technologies
We use cross-device remarketing technologies from Google to show you targeted ads on other websites based on your visit to our sites. The data processing is based on your consent pursuant to Art. 6(1) Sentence 1 lit. a GDPR.
How does remarketing work?
When you visit our websites, Google may retrieve recognition features for your browser or device (e.g., creating a browser fingerprint), evaluate your IP address, or store a recognition feature in the form of a small text file (e.g., a third-party cookie). It is also possible for Google to link and store your visit to our websites with one or more of these recognition features in order to display our ads on other websites.
The aforementioned recognition features are pseudonymous and can be used by Google to recognize your device on other websites. For example, if you visit a site that is part of Google’s Display Advertising Network (i.e., displaying ads on behalf of Google), Google can recognize your device and browser based on the above features.
We may also equip our websites with so-called "remarketing tags," which means that we can include keywords on our websites that describe the content of the displayed page (e.g., product or service categories). These keywords do not contain any personal or sensitive information. Google receives and stores these keywords along with the aforementioned recognition features. When you visit a page we’ve tagged with a specific product category, Google stores this keyword and associates it with your recognition features.
Through this process, we can commission Google to display ads on other websites tailored to the pages you visited on our site. So, if you visit another website that is part of Google's Display Advertising Network, Google can recognize your device and determine whether and which of our ads should be displayed.
For more information about how Google remarketing technologies work, visit https://www.google.com/policies/technologies/ads/.
What does cross-device remarketing mean?
If you sign in with your personal Google credentials or use one or more of your own Google accounts, Google can link recognition features from different browsers and devices. If Google has created a recognition feature for your laptop, desktop PC, or smartphone/tablet, these recognition features can be linked once you use a Google service with your credentials. This allows Google to target our ads across devices. However, Google will only do this if you have previously consented to this data processing.
You have the option to adjust ad settings
You can object to this form of advertising at any time. Please visit this page https://support.google.com/ads/answer/2662922 and disable personalized ads. Please note that these settings may not affect all devices and browsers. More information is available at https://support.google.com/ads/answer/2662922.
6. EXPLANATION OF SECURITY MEASURES
Data Security
To protect your data from unauthorized access, we implement technical and organizational measures. We use encryption technology on our websites. Your information is transmitted from your computer to our server and vice versa via the internet using TLS encryption. You can recognize this by the closed lock symbol in your browser's status bar and the URL beginning with https://.
7. OTHER DATA PROCESSORS
We pass your data to service providers as part of data processing according to Art. 28 GDPR, who assist us with the operation of our websites and related processes. These include hosting service providers. Our service providers are strictly bound by instructions and contractually obligated.
Below, we list the data processors we work with, if not already mentioned in the privacy policy above. If data is transferred outside the EU or EEA in this context, we provide details about the appropriate data protection level.
- Data Processor: Microsoft, Inc. (USA); Purpose: Web hosting; Appropriate Data Protection Level: Processing within the EU
- Data Processor: Usercentrics GmbH; Purpose: Consent Management Platform; Appropriate Data Protection Level: Processing within the EU
- Data Processor: Mailgun, Inc. (USA); Purpose: SMTP Mail Relay; Appropriate Data Protection Level: Processing within the EU
- Data Processor: Jotform, Inc. (USA); Purpose: Form creation; Appropriate Data Protection Level: Processing within the EU
- Data Processor: Salesforce (USA); Purpose: Customer Relationship Management; Appropriate Data Protection Level: Processing within the EU
- Data Processor: Cloudflare (USA); Purpose: Optimization of our service; Appropriate Data Protection Level: Processing within the EU
- Data Processor: Social Scape Tech LLP Purpose: Integration of social media posts through the Taggbox tool; Appropriate Data Protection Level: No adequate data protection level, transmission is based on Art. 49(1)(a) GDPR.
8. DATA TRANSMISSION TO RECIPIENTS
We only transmit your data to third parties if this is legally permissible under the aforementioned principles. Therefore, we sometimes transmit personal data to third parties in the course of order and contract processing.
We will not sell or otherwise market your personal data to third parties.
9. INTEGRATION OF OTHER TECHNICAL THIRD-PARTY PROVIDERS AND FUNCTIONS
We use the technical functions and content of third-party providers listed below to display our websites. Accessing our pages will cause third-party content to be loaded, which provides these functions and content. As a result, the third-party provider will receive information that you have accessed our page, along with the usage data required for this purpose. We have no influence on the further processing of data by the third-party provider.
Data processing is based on your consent, if you have previously given your consent via our banner solution. Please note that the use of third-party content and functions may result in your data being processed outside the EU or EEA (particularly in the USA). For transmissions to the USA, an adequate level of data protection is ensured by the adequacy decision (EU-U.S. Data Privacy Framework).
- Processor: Microsoft, Inc. (USA); Purpose: Web Hosting; Appropriate Level of Data Protection: Processing within the EU
- Processor: Usercentrics GmbH; Purpose: Consent Management Platform; Appropriate Level of Data Protection: Processing within the EU
- Processor: Mailgun, Inc. (USA); Purpose: SMTP Mail Relay; Appropriate Level of Data Protection: Processing within the EU
- Processor: Jotform, Inc. (USA); Purpose: Form Creation; Appropriate Level of Data Protection: Processing within the EU
- Processor: Salesforce (USA); Purpose: Customer Relationship Management; Appropriate Level of Data Protection: Processing within the EU
- Processor: Cloudflare (USA); Purpose: Optimization of our service performance; Appropriate Level of Data Protection: Processing within the EU
- Processor: Social Scape Tech LLP Purpose: Embedding social media posts via the Taggbox tool; Appropriate Level of Data Protection: No adequate level of data protection, the transmission is based on Art. 49 (1) lit. a GDPR.
10. RIGHTS OF THE USER
Your Rights as a User
When processing your personal data, the GDPR grants you certain rights as a website user:
1. Right to Information (Art. 15 GDPR):
You have the right to request confirmation as to whether personal data concerning you is being processed; if this is the case, you have the right to access this personal data and the information listed in Art. 15 GDPR.
2. Right to Rectification and Deletion (Art. 16 and 17 GDPR):
You have the right to request the immediate correction of incorrect personal data concerning you and, if applicable, the completion of incomplete personal data.
You also have the right to request the immediate deletion of personal data concerning you if one of the reasons listed in Art. 17 GDPR applies, e.g., if the data is no longer necessary for the purposes pursued.
3. Right to Restriction of Processing (Art. 18 GDPR):
You have the right to request the restriction of processing if one of the conditions listed in Art. 18 GDPR applies, e.g., if you have objected to processing while an examination is taking place.
4. Right to Data Portability (Art. 20 GDPR):
In certain cases outlined in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, commonly used, and machine-readable format or to request the transmission of this data to a third party.
5. Right to Object (Art. 21 GDPR):
If data is collected based on Art. 6 (1) sentence 1 lit. f (processing to safeguard legitimate interests), you have the right to object to the processing at any time for reasons arising from your particular situation. We will then no longer process the personal data, unless there are demonstrably compelling legitimate grounds for the processing that override the interests, rights, and freedoms of the data subject, or the processing is necessary for the assertion, exercise, or defense of legal claims.
6. Right to Lodge a Complaint with a Supervisory Authority
Under Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data violates data protection laws. The complaint can be filed with a supervisory authority in the member state of your residence, your place of work, or the location of the alleged infringement.
11. CONTACT DETAILS OF THE DATA PROTECTION OFFICER
Our company data protection officer is available for any information or suggestions regarding data protection:
DSN Holding GmbH
Konsul-Smidt-Straße 88
28217 Bremen
Web: www.dsn-group.de
E-Mail: [email protected]
12. ADDITIONAL CONTENT OF THE DATA PRIVACY STATEMENT
12.1. Sweepstakes
Information provided by you in the context of sweepstakes will only be used to identify and contact the winners (Art. 6 (1) sentence 1 lit. f GDPR). Winners will be notified in writing. We will not use your data for advertising purposes. We will delete this data immediately after the prize handover or if you object to the use of your data.
12.2. Contact Form
You have the option to contact us via a web form. To use our contact form and to process and respond to your request, we need your name, subject, email address, phone number, and a brief description of your issue. You may provide additional information, but it is not required. We will only transmit your data to the relevant employees of the affiliated companies for processing and responding to your inquiry if necessary.
CONSENT
By submitting this email form, you consent to the electronic collection, storage, and use of the data you provided solely for processing and responding to your request within the corporate group. The legal basis for processing is Art. 6 (1) sentence 1 lit. a GDPR. We will use your data exclusively to process your request. You can revoke your consent at any time, e.g., by email to [email protected].
12.3. Online Applications
We process your personal data in accordance with applicable data protection laws based on § 26 BDSG-new. We process the data you provide in your online application exclusively for the purpose of candidate selection. Data processing for other purposes does not occur.
You determine the scope of the data you wish to submit as part of your online application. Online applications are electronically transmitted to our HR department and processed as quickly as possible. The transmission is encrypted. Typically, applications are forwarded to the heads of the relevant departments in our company. No further transmission of your data takes place. Your data is treated confidentially within our company. In the case of an unsuccessful application, your documents will be deleted after 6 months.
If we are allowed to consider your application for other or future job openings, we ask you to indicate this on your application. We will process your data based on Art. 6 (1) sentence 1 lit. a GDPR.
12.4. Facebook Company Page
We operate various Facebook pages based on Art. 6 (1) sentence 1 lit. f GDPR. We do not collect, store, or process personal data of our users on this page at any time. No other data processing is carried out or initiated by us. The data you enter on our Facebook page, such as comments, videos, or images, will never be used or processed by us for other purposes.
Facebook uses web tracking methods on this page. Please be aware: It cannot be ruled out that Facebook may use your profile data to analyze your habits, personal relationships, preferences, etc. We have no control over how Facebook processes your data.
13. STORAGE DURATION
Unless we have already informed you about the storage duration, we will delete personal data when it is no longer required for the aforementioned processing purposes and no legal retention obligations prevent its deletion.