Headergrafik - Campus Net

Privacy Policy

Compliance with German and European data protection regulations is given the highest priority at the EBS Universität and in the SRH University network. We not only adhere to data protection measures but also strives to continually improve them, in order to protect you and your privacy.


Version dated: 15 March 2021

General notes and mandatory information

An overview of data protection

Data protection and data security for our company’s customers and partners as well as interested parties and users of our website are of great importance to our company. Transparency regarding the processing of your personal data and the protection of your data are therefore particularly important to us. We created this privacy policy to provide you with an overview of how your personal data is collected and processed when using our website, and what you can personally do yourself to ensure your data is better protected, where applicable.

Data protection in the SRH university network

EBS Universität für Wirtschaft und Recht is part of the SRH university network. The SRH Universities collects, processes, and uses the personal data provided by you exclusively for the purpose of responding to your request/inquiry (Article 6(1)(b) GDPR), unless - we have made explicit reference to further purposes and you have given consent for such use (Article 6(1)(b) GDPR) - the processing is performed due to a legal obligation or official/judicial arrangement (Article 6(1)(c) GDPR), or - due to legitimate interests pursued by the controller, unless your interests or fundamental rights and freedoms which require protection of personal data are overridden (Article 6(1)(f) GDPR). We will not sell or market your personal data to third parties, nor pass it on for any other reasons. Furthermore, we may pass on personal data to other SRH companies if this is necessary to achieve the purpose for which you have made the data available to us (e.g. to respond to requests/inquiries).

Notice concerning the party responsible for this website

The party responsible for processing data on this website is:

EBS Universität für Wirtschaft und Recht gGmbH
Gustav-Stresemann-Ring 3, 65189 Wiesbaden
Telephone: + 49 611 7102 00
E-Mail: info@ebs.edu

The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).

Data Protection Officer

We have appointed a statutory Data Protection Officer for our company:

Symbion AG
Mr. Jörg Flierenbaum
Robert-Koch-Straße 3
97230 Estenfeld
E-Mail: datenschutzbeauftragter-srh@symbion-ag.de


Data collection on our website

Personal Data

Personal data is any information that relates to an identified or identifiable natural person. What is essential here, therefore, is whether a personal reference can be made using the collected data. This includes information such as your name, your address, your telephone number, or your email address. Information that is not directly linked to your real identity - such as actual web pages or the number of users of a page - is not included in personal data.

How do we collect and process your personal data?

When you visit our website, data are collected automatically and saved temporarily by our web servers. These data are primarily technical data such as the identification data of the browser used and the operating system type, date and time of the page view, the websites you visit on our site and the website from which you are visiting us. Personal data such as your name, your address, your telephone number or email addresses will not be collected, unless you provide this data voluntarily, e.g. in the context of a registration, a survey, the execution of a contract or an information request.

How we use your personal data and how we disclose it

If the online service includes the option to enter personal or commercial data (email addresses, names, addresses, etc.), the input of these data takes place voluntarily (according to Art. 6 Abs. 1 lit. a GDPR). Emails are transmitted via a contact form. When you send such a message, your personal data is collected only to the extent necessary to reply. The email is sent in an unencrypted manner.

We use various types of contact forms.

With the form for general inquiries, your personal data will be stored and used to answer the inquiry. After your request has been processed, the data will be deleted.

In the case of the forms for inquiries expressing interest in studying at the University (ordering information material, study counseling, application) as well as forms for registering for study info events (e.g. Open Day, info session), your personal data will be stored and used in order to be able to inform and advise you in the future about the advantages of the study programmes and to keep you informed about current developments at EBS Universität, also by contacting you by e-mail or telephone.

With forms for registering for general university events, your personal data will be stored and used to inform you about the given event, also by contacting you via e-mail or telephone. The data will be deleted after the event has taken place.

If you have provided us with any personal data, we shall only use this data for the technical administration of the web pages and to respond to your wishes and requests, which as a rule means to process any contract concluded with you or to reply to any queries you may have.

We will not pass on, sell, or otherwise transfer your personal data to third parties, unless this is required for the purpose of processing the contract or unless you have given your express consent. It is only if you have given us your consent beforehand, or if you – subject to it being provided for under statutory regulations – have not raised an objection, that we will also use this data for product-related surveys, marketing, and statistical purposes.

How long will your data be stored?

In principle, we store all information that you transmit to us until the respective purpose, e.g. the contractual purpose has been fulfilled. For inquiries until they are processed, for newsletters until you unsubscribe from the newsletter. If longer storage is provided by law, the storage takes place within this framework.

If you no longer wish us to use your data, we will, of course, comply with this request immediately. Please contact the address indicated under Contact.

When will your data be deleted?

The stored personal data will be deleted if you revoke your consent to its storage, if knowledge of the data is no longer required for the fulfillment of the purpose for which it was stored or if the storage is inadmissible for other legal reasons. Data for invoicing and accounting purposes are not affected by a request for deletion.

The use of cookies

Within the scope of our website we partly use so-called cookies. Cookies are small text files that are stored on your computer and saved by your browser. Cookies do not harm your computer and do not contain any viruses. Rather, they serve to communicate the usefulness and number of users of our websites, as well as to make our offers more convenient, effective and secure.

The cookies we use are firstly so-called “session cookies”. These are only stored temporarily for the duration of your use of one of our websites and are automatically deleted after your visit. Secondly, we also use “permanent cookies” that are stored on your device’s memory until you delete them. The purpose of the use of these cookies is to be able to record information about visitors who repeatedly access our website and to offer you optimal user guidance. Permanent cookies only contain an identification number. Name, IP address etc. are not stored. An individual profile regarding your usage behaviour is not formed.

You can also use our offers without cookies. In this respect, it is possible to deactivate the storage of cookies in your browser or to limit them to certain websites. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of this website.

Cookies which are necessary to allow electronic communications or to provide certain functions you wish to use (such as the shopping cart) are stored pursuant to Art. 6 (1), letter f of GDPR. The website operator has a legitimate interest in the storage of cookies to ensure an optimized service provided free of technical errors. If other cookies (such as those used to analyze your surfing behaviour) are also stored, they will be treated separately in this privacy policy.

The following cookies are generated and used on our website:

  • TECHNICAL COOKIES (required)
Name Host Description Expiry
_dc_gtm_UA- campusnet.ebs.edu This cookie is associated with sites using Google Tag Manager to load other scripts and code into a page. Where it is used it may be regarded as Strictly Necessary as without it, other scripts may not function correctly. The end of the name is a unique number which is also an identifier for an associated Google Analytics account. a few seconds
cookieconsent_status www.ebs.edu This cookie stores the status of the cookie notice. 12 months
_ebs_session www.ebs.edu This cookie is deleted as soon as the user closes the browser after his session. No information is saved that serves to identify the user, just a session identifier (session ID). This is only used to assign several requests from one user to his session. In this way, the user can be identified and certain preferences or settings saved and called up. Session
  • PERFORMANCE COOKIES (optional)
Name Host Description Expiry
_gid ebs.edu
campusnet.ebs.edu
This cookie name is linked to Google Universal Analytics. It stores a unique value for each page visited. 1 day
_ga ebs.edu
campusnet.ebs.edu
This cookie name is linked to Google Universal Analytics. This cookie is used to distinguish unique users by assigning a randomly generated number as the user ID. It is included in every page request on a website and is used to calculate visitor, session and campaign data for website analysis reports. 730 days
ga-disable-UA- www.ebs.edu Used to deactivate Google Analytics. 958 months
JSESSIONID nr-data.net This domain is controlled by New Relic, which provides a platform for monitoring the performance of web and mobile applications. Session
_uetsid ebs.edu This cookie is used by Bing to gather anonymous information on how visitors are using our website. 30 minutes
  • MARKETING COOKIES (optional)
Name Host Description Expiry
_fbp ebs.edu
campusnet.ebs.edu
Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers 90 days
_gat_gtag_ ebs.edu Google Analytics a few seconds
_scid campusnet.ebs.edu Remarketing Snapchat 1 year
test_cookie doubleclick.net This domain belongs to Doubleclick (Google). Doubleclick manages Google’s real-time bidding. a few seconds
IDE doubleclick.net This domain belongs to Doubleclick (Google). Doubleclick manages Google’s real-time bidding. 1 year
no_name www.facebook.com This domain is owned by Facebook, which is the world’s largest social networking service. As a third party host provider, it mostly collects data on the interests of users via widgets such as the ‘Like’ button found on many websites. This is used to serve targeted advertising to its users when logged into its services. In 2014 it also started serving up behaviourally targeted advertising on other websites, similar to most dedicated online marketing companies. Session
fr facebook.com Contains browser and user unique ID combination, used for targeted advertising. 3 months
MUIDB bat.bing.com This domain is owned by Microsoft - it is the site for the search engine Bing. 1 year
MUID bing.com This domain is owned by Microsoft - it is the site for the search engine Bing. 1 year
bcookie linkedin.com Used by LinkedIn to track the use of embedded services. 2 years
lang ads.linkedin.com
linkedin.com
It stores the language version of a website selected by the user. Session
lidc linkedin.com Used by LinkedIn to track the use of embedded services. 1 day
lissc linkedin.com There is no specific information about this cookie. Generally these cookies are used to place advertisements that are more relevant to you and your interests. 1 year
UserMatchHistory linkedin.com This cookie is used by LinkedIn for advertising analyzes. 1 month
sc_at snapchat.com We use this cookie for showing relevant advertising based on user’s movement on Snapchat. 1 year
_scid sc-static.net Remarketing Snapchat 1 year
_uetvid ebs.edu netzeffekt GmbH collects, processes and stores data about your visit on our behalf via the agency Jung von Matt AG 16 days
_schn ebs.edu netzeffekt GmbH collects, processes and stores data about your visit on our behalf via the agency Jung von Matt AG a few seconds

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and protects the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognise an encrypted connection in your browser’s address line when it changes from “http://” to “https://” and the lock icon is displayed in your browser’s address bar. If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.

If you wish to contact our company by email, we would like to point out that the confidentiality of the information provided is not guaranteed. Third parties may view the content of emails. We, therefore, recommend that you only allow us to receive confidential information by post.

Your data protection rights

Within the framework of the applicable legal provisions, you have the right to free information about your stored personal data, their origin and possible recipients and the purpose of data processing (Art. 15 GDPR) and, if applicable, a right to correction of incorrect data (Art. 16 GDPR), deletion of these data (Art. 17 GDPR), the right to restriction of processing according to Art. 18 GDPR, to objection (Art. 21 GDPR) and the right to data transferability of data provided by you according to Art. 20, GDPR). According to §§ 34 and 35 BDSG, the restrictions apply to the right to information and the right of cancellation.

Besides, you also have a right of appeal to the responsible supervisory authority in the event of data protection violations (Art. 77 GDPR in conjunction with §19 BDSG). The responsible supervisory authority for data protection issues is the federal state’s data protection officer in which our company is based. A list of data protection officers and their contact details can be found here.

Revocation of your consent to data processing

Many data processing processes are only possible with your express consent. You can revoke your consent at any time. This can be done by informal communication, e.g. by e-mail to marketing@ebs.edu, by telephone (+49 611 7102 1594) or by post (to EBS Universität für Wirtschaft und Recht gGmbH, Gustav-Stresemann-Ring 3, 65189 Wiesbaden). The legality of the data processing up to the revocation remains unaffected by the revocation.

Contact for questions, complaints, the assertion of your rights

If you have any questions, complaints or assertion of your data protection rights, you can contact us via the contact form.

Data protection for applications and in the application procedure

We collect and process the personal data of applicants to handle the application procedure. Processing may also be carried out electronically. This is particularly the case if an applicant sends us corresponding application documents by electronic means, e.g. via email.

When concluding an employment contract with an applicant, the transmitted data will be stored to process the employment relationship under consideration of legal regulations. If no employment contract is signed with the applicant, the application documents will be automatically deleted after six months when the rejection decision has been conveyed, provided that no other justified interests prevent the controller responsible from processing from deleting these. In this context, other legitimate reasons could, for example, be the need for evidence in proceedings by the General Law on Equality of Treatment.

Changes to the data protection declaration

Changes may be made to these privacy notices, which will be published on this page on time.


Data collection on plattforms of EBS Universität

Housing portal

The purpose of our portal for private housing services housing.ebs.edu is to provide housing for students.

Data processing during registration

A one-time registration is required to place an advertisement. The amount of data to be collected is based on the accommodation’s purpose and includes title, first and last name, post and e-mail address, date of birth, telephone number and a personal password. The data collected during registration will be used to create the user account and process publishing the advertisement. Mandatory fields are marked with an asterisk.

When registering on the Housing portal, the user is asked to agree to the terms of use and consent to data processing. The user’s consent that personal data may be processed and stored for the Housing portal is a prerequisite for using the Housing portal.

Data processing when placing an advertisement

To place an advertisement, the required mandatory fields in the online form must be completed. These represent the minimum standard for a conclusive housing advertisement. We store and process the data for publication on the housing portal. The data will be deleted at the latest when your account is deleted.

Processing and deleting data

The user can view, update or change the registration data stored about him and his advertisement data via his user profile Housing portal at any time after entering his user name and password.

The user can delete a user account via the Housing portal. In this case, collected and processed personal data will also be deleted according to the following provisions. The deletion includes the user’s data, the ads created, uploaded images and documents. Other statistical data can also be processed and stored anonymously beyond the publication period.

User accounts that have not been used for more than two years will be deleted to the extent described above. The user will receive relevant information four weeks before expiry to the e-mail address stored in the account.

Disclosure of data to third parties

In compliance with data protection regulations, EBS Universität is entitled to make the user’s data available to third parties for the housing portal provision. EBS Universität is also entitled to have data processing performed entirely or partly by third parties based on a corresponding agreement.

Processing of your data to provide you with an offer

  • Employees of EBS Universität to check the content of the advertisements
  • Provision of the website, data backup and remote maintenance:
    Blueend AG
    Konrad-Adenauer-Ring 13
    65187 Wiesbaden


Analytic tool, third-party tools and advertising

Newsletter

If you have explicitly agreed, we will use your email address and voluntary personal data to send you our newsletter regularly. All you need to do is to enter an email address to receive the newsletter. Additional personal details you have provided voluntarily are merely used to personalise the newsletter.

Der Newsletter-Versand erfolgt über den Anbieter Sendinblue:

Sendinblue GmbH – Köpenicker Str. 126, 10179 Berlin, Deutschland

This is Sendinblue Privacy Policy.

The data entered in the newsletter registration form will be processed exclusively based on your consent (Art. 6 paras. 1 lit. a GDPR). You can revoke your consent to the storage of the data, the email address, and their use for sending the newsletter at any time via the link at the end of the newsletter to unsubscribe from the newsletter. You can also unsubscribe from the newsletter at any time by sending an e-mail to marketing@ebs.edu. The legality of the data processing processes already carried out remains unaffected by the revocation.

When registering for the newsletter, the data will be used to distribute the newsletter until you cancel your subscription when said data are deleted. Data we have stored for other purposes (e.g. email addresses for the members area) remain unaffected.



Google Analytics

This website uses Google Analytics, a web analytics service. It is operated by:

Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States
(In the following: Google)

Google Analytics uses cookies. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the United States and stored there.

Google will use this information on our behalf to evaluate the use of our online offer by users, compile reports on the activities within this online offer, and provide us with further services associated with this online offer and Internet use. Pseudonymous user profiles can be created from the processed data.

IP anonymisation

We have activated the IP anonymisation feature on this website. Google will shorten your IP address within the European Union or other parties to the European Economic Area Agreement before transmission to the United States. Only in exceptional cases is the full IP address sent to a Google server in the United States and shortened there. Google will use this information on behalf of this website’s operator to evaluate your website’s use, compile reports on website activity, and provide other services regarding website activity and Internet usage for the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google.

Browser plugins

You can prevent these cookies from being stored by selecting the appropriate settings in your browser. However, we wish to point out that doing so may mean you will not enjoy the full functionality. You can also prevent the data generated by cookies about your use of the website (including your IP address) from being passed to Google, and the processing of these data by Google, by downloading and installing the browser plugin.

Objecting to the collection of data

You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this site: Deactivation of Google Analytics

Further information on the use of data for advertising purposes by Google, as well as settings options and procedures available for opting out, can be found on Google’s website:

Outsourced data processing

We have concluded an agreement with Google on contract data processing and implement in full the strict provisions of the German data protection authorities for the use of Google Analytics.

Google Analytics Remarketing

Our website uses Google Analytics Remarketing features combined with the cross-device capabilities of Google AdWords and DoubleClick. This service is provided by:

Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States

This feature makes it possible to link target audiences for promotional marketing created with Google Analytics Remarketing to Google AdWords and Google DoubleClick’s cross-device capabilities. This allows advertising to be displayed based on your interests, identified based on your previous usage and surfing behaviour on one device (e.g. your mobile phone), on other devices (such as a tablet or computer).

Once you have given your consent, Google will associate your web and app browsing history with your Google Account for this purpose. That way, any device that signs in to your Google Account can use the same personalised promotional messaging.

To support this feature, Google Analytics collects Google-authenticated IDs of users temporarily linked to our Google Analytics data to define and create audiences for cross-device ad promotion. You can permanently opt out of cross-device remarketing and targeting by turning off personalised advertising in your Google Account.

The aggregation of the data collected in your Google Account data is based solely on your consent, which you may give or withdraw from Google (Art. 6 (1)(a) GDPR). For data collection operations not merged into your Google Account (for example, because you do not have a Google Account or have objected to the merge), the collection of data is based on Art. 6 (1)(f) GDPR. The website operator has a legitimate interest in analysing anonymous user behaviour for promotional purposes.

Further information along with the various privacy regulations can be found in Google’s Privacy Policy and Terms of Service.

Google AdWords and Google Conversion Tracking

This website uses the online advertising program Google AdWords and conversion tracking in the context of Google AdWords. This online advertising program is provided by:

Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States

When you click on an ad served by Google, a conversion tracking cookie is set. These cookies expire after 30 days and are not used for the personal identification of the user. Should the user visit individual pages of the website and the cookie have not yet expired, Google and we can recognise that you have clicked on the advert and forwarded it to this page. Every Google AdWords customer receives a different cookie.

Cookies, therefore, cannot be traced via the websites of AdWords customers. The information obtained using the conversion cookie is used to create conversion statistics for the AdWords customers who have opted for conversion tracking. Customers are informed about the total number of users who have clicked on their advert and were redirected to a conversion tracking tag page. However, advertisers do not obtain any information that can be used to identify users personally. If you do not want to participate in tracking, you can opt-out of this by easily disabling the Google Conversion Tracking cookie by changing your browser settings. In doing so, you will not be included in the conversion tracking statistics.

Conversion cookies are stored based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in analysing user behaviour to optimise its website and its advertising.

For more information about Google AdWords and Google Conversion Tracking, see the Google Privacy Policy.

Google Tag Manager

We use Google Tag Manager. This service is provided by:

Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States

With this tool, the marketer can administer website tags via a user interface. Google Tag Manager (which implements the tags) is a cookie-free domain that does not record personal data. With this tool’s help, other labels are released, which can, potentially, record data.

Google Tag Manager does not access this data. If the user has deactivated this on domain or cookie level, this is valid for all tracking tags implemented using the Google Tag Manager.

You can find more information on the handling of user data in Google’s Privacy Policy.

Google Maps

This website uses the map service Google Maps via an API. This service is provided by:

Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States

To use the functions of Google Maps, it is necessary to save your IP address. This information is usually transferred to a Google server in the United States, where it will be stored. The provider of this site does not influence this data transmission.

The use of Google Maps is in the interest of an appealing representation of our online offers and to make it easy to find one of the locations specified on our website. This represents a legitimate interest within the meaning of Art. 6(1)(f) GDPR.

You can find more information on the handling of user data in Google’s Privacy Policy.

Social networks

Our website contains references in the form of links to the external social networks Facebook, Instagram, Twitter, LinkedIn, XING and YouTube, on which we have a corporate presence.

The logo identifies the links on our website (no plug-ins used).

When you visit our website, functions and data transmissions to the providers mentioned are not automatically activated. Only by clicking on the links are the plug-ins activated, your browser establishes a direct connection with the respective servers. You provided that you follow the links and are simultaneously logged into your user account’s corresponding social network. The information you have visited our website forwards to the affiliated provider. The respective provider can assign your visit to your account. This information is transmitted to the respective provider and stored there. To prevent this, you must log out of your account of the corresponding social network before clicking on the link.

Facebook

We operate a company presence on the Facebook platform to promote our products and services and communicate with interested parties or customers. We are jointly responsible for this social media platform with Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland.

The data protection officer of Facebook can be reached via this contact form.

We have regulated the joint responsibility in an agreement regarding the respective obligations in terms of the DSGVO. This agreement, from which the result of the mutual commitment, can be accessed here.

From 31.08.2020, the Controller Addendum will also apply.

The legal basis for the processing of personal data that carried out as a result of this and reproduced below is Art. 6 para. 1 letter f GDPR. We have a legitimate interest in the analysis, communication, sales and advertising of our products and services.

The legal basis may also be the user’s consent, according to Art. 6 paras. 1 letter a GDPR to the platform operator. The user can revoke this consent for the future at any time by notifying the platform operator per Art. 7 paras. 3 GDPR.

When our online presence calls on the Facebook platform, Facebook Ireland Ltd. will process user data (e.g. personal information, IP address) as the platform operator in the EU.

This user data is used for statistical information about the use of our company presence on Facebook. Facebook Ireland Ltd. uses this data for market research and advertising purposes and creates user profiles. These profiles enable Facebook Ireland Ltd. to, for example, promote the interests of users within and outside of Facebook. If the user is logged in to their Facebook account at the time of access, Facebook Ireland Ltd. can also link the data to the respective user account.

If the user contacts Facebook, the user’s data entered on this occasion will process the request. We will delete the user’s data, provided that the user’s enquiry has been finally answered and no legal storage obligations, e.g. in the case of subsequent contract processing, stand in the way.

Facebook Ireland Ltd. may also use cookies to process the data.

If the user does not agree to this processing, it is possible to prevent the installation of cookies by setting the browser accordingly. Already stored cookies can also be deleted at any time. The settings for this depend on the respective browser. In the case of flash cookies, processing cannot be prevented by the browser settings but by the corresponding setting of the flash player. If the user prevents or restricts the installation of cookies, this may mean that not all Facebook functions can be used to their full extent.

Please refer to the Facebook Data Policy.

It does not exclude that Facebook Ireland Ltd.’s processing may also carry out via Facebook Inc, 1601 Willow Road, Menlo Park, California 94025 in the USA.

Facebook Pixel

Our website measures conversions using visitor action pixels from:

Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, United States

These allow site visitors to be tracked after they click on a Facebook ad to reach the provider’s website. This allows an analysis of Facebook advertisements’ effectiveness for statistical and market research purposes and future optimisation.

The data collected is anonymous to us as operators of this website, and we cannot use it to draw any conclusions about our users’ identities. However, the data are stored and processed by Facebook, which may make a connection to your Facebook profile and which may use the data for its advertising purposes, as stipulated in the Facebook privacy policy. This will allow Facebook to display ads both on Facebook and on third-party sites. We have no control over how this data is used.

See Facebook’s Privacy Policy for more information on how to protect your privacy.

Facebook Remarketing

We use the remarketing function “Custom Audiences” of:

Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, United States

Visitors to our website are then presented with interest-related advertising (“Facebook Ads”) when visiting Facebook’s website. For this purpose, the Facebook remarketing tag is implemented on our website. This establishes a direct connection to Facebook servers when you visit the website. Information is then transferred to the Facebook servers confirming that you have visited our website, and Facebook assigns this information to your personal Facebook user account.

For more information about Facebook’s collection and use of the data and your associated rights and options for protecting your privacy, please see Facebook’s Privacy Policy. Alternatively, you can deactivate the remarketing function Custom Audiences. You must be logged in to Facebook to do this.

Instagram

We operate a company presence on the Instagram platform to promote our products and services and communicate with interested parties or customers. We are jointly responsible for this social media platform with Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland.

The Instagram Privacy Officer can be reached via this contact form.

We have regulated the joint responsibility in an agreement regarding the respective obligations in terms of the DSGVO. This agreement, from which the result of the mutual commitment, can be accessed here.

The legal basis for processing personal data that carry out this agreement and reproduces it below is Art. 6 Para. 1 letter f DSGVO. We have a legitimate interest in the analysis, communication, sales and promotion of our products and services.

The legal basis may also be the user’s consent, according to Art. 6 paras. 1 letter a DSGVO to the platform operator. The user can revoke this consent for the future at any time by notifying the platform operator by Art. 7 paras. 3 DSGVO.

When our online presence calls upon the Instagram platform, user data (e.g. personal information, IP address) are processed by Facebook Ireland Ltd. as the platform operator in the EU.

This user data is used for statistical information about the use of our company presence on Instagram. Facebook Ireland Ltd. uses this data for market research and advertising purposes and creates user profiles. For example, Facebook Ireland Ltd. may use these profiles to promote users’ interests inside and outside Instagram. If the user is logged into their account on Instagram at the time of access, Facebook Ireland Ltd. may also link the data to the user’s account.

If the user contacts Instagram, the user’s data entered on this occasion will process the request. We will delete the user’s data, provided that the user’s enquiry has been finally answered and no legal storage obligations, e.g. in the case of subsequent contract processing, stand in the way.

Facebook Ireland Ltd. may also use cookies to process the data.

If the user does not agree to this processing, it is possible to prevent the installation of cookies by setting the browser accordingly. Already stored cookies can also be deleted at any time. The settings for this depend on the respective browser. In the case of flash cookies, processing cannot be prevented by the browser settings but by the corresponding setting of the flash player. If the user prevents or restricts the installation of cookies, this may mean that not all Facebook functions can be used to their full extent.

Please refer to the ** Instagram Privacy Policy ] for details of the processing activities, how to prevent them, and how to delete the data processed by Instagram. Please refer to the [Instagram Privacy Policy**.

It does not exclude that Facebook Ireland Ltd.’s processing may also be carried out via Facebook Inc, 1601 Willow Road, Menlo Park, California 94025 in the USA.

YouTube

We maintain an online presence on YouTube to present our company and our services and communicate with customers/interested parties. YouTube is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA.

In this respect, we would like to point out that there is a possibility that user data may be processed outside the European Union, in particular in the USA. This may increase the risks for users in that, for example, subsequent access to user data may be made more difficult. We also have no access to this user data. The access possibility lies exclusively with YouTube. Information on the processing of personal data by YouTube can be found in the Data protection declaration of YouTube.

LinkedIn

We maintain an online presence on LinkedIn to present our company and our services and communicate with customers/interested parties. LinkedIn is a LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland, a LinkedIn Corporation subsidiary, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA.

In this respect, we wish to point out that there is a possibility that user data may be processed outside the European Union, in particular in the USA. This may increase the user’s risks in that, for example, subsequent access to the user data may become more complex. We also have no access to this user data. The access possibility lies exclusively with LinkedIn. You will find information about LinkedIn’s processing of personal data in LinkedIn’s Privacy Policy.

Twitter

We maintain an online presence on Twitter to present our company and our services and communicate with customers/interested parties. Twitter is a service of Twitter Inc. 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.

In this respect, we would like to point out that there is a possibility that user data may process outside the European Union, especially in the USA. This may increase the risks for users in that, for example, subsequent access to user data may be made more difficult. We also have no access to this user data. The access possibility lies exclusively with Twitter. You will find information on the processing of personal data by Twitter in the Data protection declaration of Twitter.

XING

We maintain an online presence on XING to present our company and our services and communicate with customers/interested parties. The XING website is operated by XING SE, Dammtorstraße 30, 20354 Hamburg, Germany.

We have access to statistical evaluations of access to our company website. This data is available in an aggregated and anonymous form and does not allow us to conclude individual visitors. We use statistical evaluations to make the information continuously attractive to visitors and align it with user interests.

Suppose users are logged on to XING via a user account when they access the company website. In that case, information about access to the service can be assigned to the respective user account. This information is also available to us as the operator of our company website. The provision of this information can be avoided by logging off from XING via the user account before accessing the company’s website.

Visitors to our company website also can use interactive functions during their visits, such as the Like symbol or the sharing and commenting of contributions. This use generally requires the visitor to register with XING. During this use, personal data and information are visible to other visitors to the company website and us. A direct individual assignment may be made. We do not influence the interactive functionalities and user activities’ visibility on our company site on XING.

At this point, we would like to expressly point out that our company site on XING can, of course, also be visited without using these interactive functionalities.

The Company site also offers the option of contacting us by message using the contact details provided. We process the information transmitted in this way based on Art. 6 (1) lit. b) DSGVO (fulfilment of a contract or pre-contractual measure). We use this information only to provide a targeted response to your enquiries. Information on the processing of personal data by XING can be found in the Data protection declaration of XING.

Control of online advertising measures with netzeffekt GmbH

To optimise, evaluate and support our advertising measures and to enable the retargeting of visitors to our Internet pages, netzeffekt GmbH, Theresienhöhe 28, 80339 Munich collects, processes and stores data about your visit on our behalf via the agency Jung von Matt AG, Glashüttenstraße 79, 20357 Hamburg.

Using the technologies of netzeffekt GmbH, your usage data and your IP address are stored anonymously, and cookies with an expiration time of 30 days are set. netzeffekt GmbH will use the data generated by these cookies to evaluate the use of our internet services.

You can object to the data processing by netzeffekt GmbH. To do so, please call up the Data protection declaration of netzeffekt GmbH.

Webinars and online teaching formats, video conferences

We offer webinars and online teaching formats as well as interested parties and applications interviews via video conference. For this purpose, we use “Zoom” from the US provider Zoom Video Communications Inc.

Necessary: We use Zoom’s so-called “EU” cluster. This means that the personal data of meeting participants are processed in data centres within the European Union. Transferring personal data to the USA occurs only to a minimal extent. We have concluded an order processing contract with “Zoom” following Art. 28 DSGVO (GDPR), including the EU standard contractual clauses. To achieve an adequate protection level, we have opted for EU data centres in the “Zoom” configuration as an additional protection measure.

Meeting participants’ data will be stored as follows:

  • Zoom Users (who have a Zoom account):
    First name, last name, email address, department (optional/voluntary), job title (optional/voluntary), avatar (optional/voluntary), profile picture (optional/voluntary), preferred language, username and password, company name (optional/voluntary), phone number (optional/voluntary)

  • Meeting participants (guests):
    Displayed name, e-mail address

    The storage of data generated during a meeting, such as images, sound and conversation content, as well as the recordings in the cloud, are processed on servers in the EU, primarily Germany.

  • Meeting meta data:
    Topic, description (optional) and duration of the meeting, start and end (time) of participants, participants’ IP addresses, approximate position to the nearest dial-in point, devices and hardware information (only users with Zoom account, no guests).

    Metadata are stored on servers in the USA. Metadata in the dashboard and reports are deleted after 12 months.

  • Dial-in via telephone:
    Phone number, dial-in number, start and end times

Duration of storage:

Your data will only be retained by the video conferencing provider Zoom for as long as required for the above-mentioned purposes (webinars, online teaching formats and interested parties/applicant interviews). Generally, communication content is not stored beyond the duration of the communication.

In the case of approved recording in the Zoom Cloud, the data is deleted after 30 days.

With locally stored recordings, the data is only stored as long as it is necessary for the intended use.

Recordings of webinars, online events and video conferences A recording of the “Zoom” meeting will only be made with prior consent and announced by the organiser via signalling with a request for approval. A recording always includes the video data and audio stream and presentation recordings, and the meeting chat. Deletion takes place depending on the storage location (Cloud 30 days/local according to purpose/metadata after 12 months).

In the case of webinars, we may also process questions asked by webinar participants to record and follow up on webinars.

Legal basis for the processing of data via “Zoom” is Art. 6 para. 1 lit. b) DSGVO (GDPR). We provide the contractual deliverables of our teaching contract with “Zoom”. In addition to the implementation of webinars, online teaching formats, and interested parties/applicant interviews, this includes examinations and the follow-up of participation data to prepare, for instance, different education certificates and examination results. If no contractual relationship exists, the legal basis is Art. 6 para. 1 lit. f) DSGVO (GDPR). Once again, our interest is in the effective conduct of “Zoom” meetings.

Insofar as the personal data of EBS employees are processed, Section 26 BDSG is the legal basis for this data processing. If, when using “Zoom”, personal data is not required for the establishment, implementation or termination of the employment relationship, but is nevertheless an elementary component of the use of “Zoom”, Art. 6 paras. 1 lit. f) DSGVO (GDPR) is the legal basis for this data processing. In these cases, our interest is in the effective conduct of “Zoom” meetings.

Disclosure of data

As a matter of principle, personal data processed in connection with participation in “Zoom” meetings” will not be disclosed to third parties unless they are specifically intended for disclosure.