EBS Date protection
If you have any questions, please do not hesitate to contact us
Privacy
Compliance with German and European data protection regulations is given the highest priority at EBS Universität and in the SRH University network.
An overview of data protection
Data protection and data security for our company’s customers and partners and interested parties and users of our website are critical to our company. Transparency regarding the processing of your personal data and protecting your data is therefore essential to us. We created this privacy policy to provide you with an overview of how your personal information is collected and processed when using our website and what you can personally do yourself to ensure your data is better protected, where applicable.
Data protection in the SRH university network
EBS Universität für Wirtschaft und Recht is part of the SRH university network. The SRH Universities collects, process, and use the personal data provided by you exclusively to respond to your request/inquiry (Article 6(1)(b) GDPR), unless - we have made explicit reference to further purposes and you have given consent for such use (Article 6(1)(b) GDPR) - the processing is performed due to a legal obligation or official/judicial arrangement (Article 6(1)(c) GDPR), or - due to legitimate interests pursued by the controller, unless your interests or fundamental rights and freedoms which require protection of personal data are overridden (Article 6(1)(f) GDPR). We will not sell or market your personal data to third parties nor pass it on for any other reasons. Furthermore, we may pass on personal data to other SRH companies if necessary to achieve the purpose for which you have made the data available to us (e.g. to respond to requests/inquiries).
Notice concerning the party responsible for this website
The party responsible for processing data on this website is:
EBS Universität für Wirtschaft und Recht gGmbH
Part of the SRH University Network
Gustav-Stresemann-Ring 3
65189 Wiesbaden
T + 49 611 7102 00
info(at)ebs.edu
The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of personal processing data (names, e-mail addresses, etc.).
Data Protection Officer
We have appointed a statutory Data Protection Officer for our company:
Symbion AG
Herr Jörg Flierenbaum
Robert-Koch-Straße 3
97230 Estenfeld
datenschutzbeauftragter-srh(at)symbion-ag.de
Data collection on our website
Personal data is any information related to an identified or identifiable natural person. Therefore, what is essential here is whether a personal reference can be made using the collected data. This includes information such as your name, address, telephone number, or your e-mail address. Information that is not directly linked to your real identities – such as actual web pages or the number of users of a page - is not included in personal data.
Suppose the online service includes the option to enter personal or commercial data (e-mail addresses, names, addresses, etc.). In that case, the user may disclose this data on a purely voluntary basis. E-mails are transmitted via a contact form. When you send such a message, your personal data is collected only to the extent necessary to reply. The e-mail is sent in an unencrypted manner. Suppose you have provided us with any personal data. In that case, we shall only use this data for the technical administration of the web pages and to respond to your wishes and requests, which as a rule means to process any contract concluded with you or to reply to any queries you may have. The legal basis for processing is Article 6(1)(a) and Article 6(1)(b) GDPR. It is only if you have given us your consent beforehand, or if you – subject to it being provided for under statutory regulations – have not raised an objection, that we will also use this data for product-related surveys, marketing, and statistical purposes. In this case, the legal basis for processing is Article 6(1)(a) GDPR and Article 6(1)(f) GDPR. Your personal data is not disclosed, sold or transmitted in any other way to third parties unless it is necessary to fulfil a contract or you have given your express consent. Any consent granted can be revoked at any time with future effect.
When you visit our website, data are collected automatically and saved temporarily by our web servers. These data are primarily technical data such as the identification data of the browser used and the operating system type, date and time of the page view, the websites you visit on our site, and the website from which you are visiting us. We will not collect your personal data such as your name, address, telephone number, or e-mail address unless you provide the data voluntarily, e.g. in the context of a registration, a survey, the execution of a contract, or an information request.
Suppose the online service includes the option to enter personal or commercial data (e-mail addresses, names, addresses, etc.). In that case, the input of these data takes place voluntarily (according to Art. 6 Abs. 1 lit. a GDPR). E-mails are transmitted via a contact form. When you send such a message, your personal data is collected only to the extent necessary to reply. The e-mail is sent in an unencrypted manner.
We use various types of contact forms. With the form for general inquiries, your personal data will be stored and used to answer the question. After your request has been processed, we will delete the data. In the case of the forms for inquiries expressing interest in studying at the University (ordering information material, study counselling, application) as well as forms for registering for study info events (e.g. Open Day, info session), your personal data will be stored and used to be able to inform and advise you in the future about the advantages of the study programmes and to keep you informed about current developments at EBS Universität, also by contacting you by e-mail or telephone. With forms for registering for public university events, your personal data will be stored and used to inform you about the given event by contacting you via e-mail or telephone. We will delete the data after the event has taken place. Suppose you have provided us with any personal data. In that case, we shall only use this data for the technical administration of the web pages and to respond to your wishes and requests, which as a rule means to process any contract concluded with you or to reply to any queries you may have.
We will not pass on, sell, or otherwise transfer your personal data to third parties unless this is required to process the contract or unless you have given your express consent. It is only if you have given us your consent beforehand, or if you – subject to it being provided for under statutory regulations – have not raised an objection, that we will also use this data for product-related surveys, marketing, and statistical purposes. Any consent granted can be revoked at any time with future effect.
The purpose of our portal for private housing services housing.ebs.edu is to provide housing for students.
Data processing during registration
A one-time registration is required to place an advertisement. The amount of data to be collected is based on the accommodation’s purpose and includes title, first and last name, post and e-mail address, date of birth, telephone number and a personal password. The data collected during registration will be used to create the user account and process publishing the advertisement. Mandatory fields are marked with an asterisk. When registering on the Housing portal, the user is asked to agree to use and consent to data processing. The user’s consent that personal data may be processed and stored for the Housing portal is a prerequisite for using the Housing portal.
Data processing when placing an advertisement
To place an advertisement, the required mandatory fields in the online form must be completed. These represent the minimum standard for a conclusive housing advertisement. We store and process the data for publication on the housing portal. The data will be deleted at the latest when your account is deleted.
Processing and deleting data
The user can view, update or change the registration data stored about him and his advertisement data via his user profile Housing portal at any time after entering his user name and password. The user can delete a user account via the Housing portal. In this case, collected and processed personal data will also be deleted according to the following provisions. The deletion includes the user’s data, the ads created, uploaded images and documents. Other statistical data can also be processed and stored anonymously beyond the publication period. User accounts that have not been used for more than two years will be deleted to the extent described above. The user will receive relevant information four weeks before expiry to the e-mail address stored in the account.
Disclosure of data to third parties
In compliance with data protection regulations, EBS Universität is entitled to make the user’s data available to third parties for the housing portal provision. EBS Universität is also entitled to have data processing performed entirely or partly by third parties based on a corresponding agreement.
Processing of your data to provide you with an offer
- Employees of EBS Universität to check the content of the advertisements
- Provision of the website, data backup and remote maintenance:
Blueend AG, Konrad-Adenauer-Ring 13, 65187 Wiesbaden
We collect and process the personal data of applicants to handle the application procedure. Processing may also be carried out electronically. This is particularly the case if an applicant sends us corresponding application documents electronically, e.g. via email.
When concluding an employment contract with an applicant, the transmitted data will be stored to process the employment relationship under consideration of legal regulations. If no employment contract is signed with the applicant, the application documents will be automatically deleted after six months when the rejection decision has been conveyed, provided that no other justified interests prevent the controller responsible from processing from deleting these. In this context, other legitimate reasons could, for example, be the need for evidence in proceedings by the General Law on Equality of Treatment.
In principle, we store all information you transmit to us until the respective purpose, e.g. the contractual purpose, has been fulfilled. For inquiries until they are processed, for newsletters until you unsubscribe from the newsletter. If more extended storage is provided by law, the storage takes place within this framework. If you no longer wish us to use your data, we will, of course, comply with this request immediately. Please contact datenschutz(at)ebs.edu .
We will delete the stored personal data if you revoke your consent to its storage, if knowledge of the data is no longer required for the fulfilment of the purpose for which it was stored or if the storage is inadmissible for other legal reasons. Data for invoicing and accounting purposes are not affected by request for deletion.
Within the scope of our website we partly use so-called cookies. Cookies are small text files stored on your computer and saved by your browser. Cookies do not harm your computer and do not contain any viruses. Instead, they serve to communicate the usefulness and number of users of our websites and make our offers more convenient, effective, and secure.
The cookies we use are firstly so-called “session cookies”. These are only stored temporarily for the duration of your use of one of our websites and are automatically deleted after your visit. Secondly, we also use “permanent cookies” stored on your device’s memory until you delete them. The purpose of using these cookies is to record information about visitors who repeatedly access our website and to offer you optimal user guidance. Permanent cookies only contain an identification number. Name, IP address etc. are not stored. An individual profile regarding your usage behaviour is not formed.
You can also use our offers without cookies. In this respect, it is possible to deactivate the storage of cookies in your browser or limit them to specific websites. Alternatively, you can configure your browser to automatically accept cookies under certain conditions or always to reject them or to delete cookies when closing your browser automatically. Disabling cookies may limit the functionality of this website.
Cookies that are necessary to allow electronic communications or to provide certain functions you wish to use (such as the shopping cart) are stored according to Art. 6 (1), letter f of GDPR. The website operator has a legitimate interest in storing cookies to ensure an optimized service provided free of technical errors. If other cookies (such as those used to analyze your surfing behaviour) are also stored, they will be treated separately in this privacy policy.
Our organisation takes all of the necessary technical and organisational security measures to ensure your personal data is protected from loss or misuse. Accordingly, your data shall be stored in a secure operational environment that is not open to the public. In certain cases, your personal data is encrypted by Secure Socket Layer technology (SSL) during transmission. This means that an approved encryption procedure is used for communication between your computer and our organisation’s servers if your browser supports SSL.
Or: SSL and TLS encryption
For security reasons and to protect the transfer of confidential content, such as the orders or enquiries that you send to us as the website operators, this site uses SSL and TLS encryption. You can identify an encrypted connection from the padlock symbol in your browser bar and the fact that “http://” in the address bar changes to “https://”. If SSL or TLS encryption is enabled, the data you send to us cannot be read by third parties.
Should you wish to contact our organisation via email, we would like to point out that the confidentiality of the transmitted information cannot be guaranteed. The content of emails may be viewed by third parties. We would therefore recommend that you arrange for confidential information to be sent to us exclusively by post.
Within the framework of the applicable legal provisions, you have the right to free information about your stored personal data, their origin and possible recipients and the purpose of data processing (Art. 15 GDPR) and, if applicable, a right to correction of incorrect data (Art. 16 GDPR), deletion of these data (Art. 17 GDPR), the right to restriction of processing according to Art. 18 GDPR, to objection (Art. 21 GDPR) and the right to data transferability of data provided by you according to Art. 20, GDPR). According to §§ 34 and 35 BDSG, the restrictions apply to the right to information and the right of cancellation.
Besides, you also have a right of appeal to the responsible supervisory authority in the event of data protection violations (Art. 77 GDPR in conjunction with §19 BDSG). The responsible supervisory authority for data protection issues is the federal state’s data protection officer on which our company is based.
Many data processing processes are only possible with your express consent. You can revoke your consent at any time. This can be done by informal communication, e.g. by e-mail to marketing(at)ebs.edu, by telephone (+49 611 7102 1594) or by post (to EBS Universität für Wirtschaft und Recht gGmbH, Gustav-Stresemann-Ring 3, 65189 Wiesbaden). The legality of the data processing up to the revocation remains unaffected by the revocation.
Changes may be made to these privacy notices, which will be published on this page on time. This page was last reviewed and updated on 31 August 2022.
Analytic tool, third-party tools and advertising
If you have explicitly agreed, we will use your email address and voluntary personal data to send you our newsletter regularly. All you need to do is to enter an email address to receive the newsletter. Additional personal details you have provided voluntarily are merely used to personalise the newsletter.
Der Newsletter-Versand erfolgt über den Anbieter Sendinblue:
Sendinblue GmbH – Köpenicker Str. 126, 10179 Berlin, Deutschland
The data entered in the newsletter registration form will be processed exclusively based on your consent (Art. 6 paras. 1 lit. a GDPR). You can revoke your consent to the storage of the data, the email address, and their use for sending the newsletter at any time via the link at the end of the newsletter to unsubscribe from the newsletter. You can also unsubscribe from the newsletter at any time by sending an e-mail to marketing(at)ebs.edu. The legality of the data processing processes already carried out remains unaffected by the revocation.
When registering for the newsletter, the data will distribute the newsletter until you cancel your subscription when said data are deleted. Data we have stored for other purposes (e.g. e-mail addresses for the member’s area) remain unaffected.
The service Unibuddy is embedded into our websites and does not run on our servers. Unibuddy is used to connect you and your questions with current students, alumni, and staff via an iFrame chat on our website. To ensure that accessing our websites with embedded services does not automatically lead to third-party content being reloaded, in a first step, we ask you in our cookie banner to allow this service. Only after clicking on “Accept all cookies” can content from Unibuddy be reloaded. We have no control over further data processing by Unibuddy. Embedding is based on your consent according to Art. 6 (1) 1 GDPR.
We use the services of Calendly.com (Calendly, 1315 Peachtree St NE, Atlanta, GA 30309) to schedule selection appointments and counselling sessions online. This site provides an external platform for arranging appointments. By using the appointment system, you as a prospective student automatically use the services of Calendly.com. There, data is transferred for security and documentation purposes as well as for arranging an appointment. The data collected includes: name, IP address at the time of the appointment, agreed date and time. This data is not passed on to third parties and is only used for administrating and organising appointments as well as for anonymised internal statistics.
By using the appointment system, the prospective student agrees to this. You can find the Calendly privacy policy here: https://calendly.com/en/privacy/
If you do not wish to use Calendly services, please send your availability directly by email to recruiting(at)ebs.edu. Please note that this will not have a negative effect on the application process. Consent to the use of personal data can be revoked at any time for future issues by emailing marketing@ebs.edu.
This website uses Google Analytics (In the following: Google), a web analytics service. It is operated by:
Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States
Google Analytics uses cookies. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the United States and stored there. Google will use this information on our behalf to evaluate the use of our online offer by users, compile reports on the activities within this online offer, and provide us with further services associated with this online offer and Internet use. Pseudonymous user profiles can be created from the processed data.
IP anonymisation
We have activated the IP anonymisation feature on this website. Google will shorten your IP address within the European Union or other parties to the European Economic Area Agreement before transmission to the United States. Only in exceptional cases is the full IP address sent to a Google server in the United States and shortened. Google will use this information on behalf of this website’s operator to evaluate your website’s use, compile reports on website activity, and provide other services regarding website activity and Internet usage for the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google.
Browser plugins
You can prevent these cookies from being stored by selecting the appropriate settings in your browser. However, we wish to point out that doing so may mean you will not enjoy the full functionality. You can also prevent the data generated by cookies about your use of the website (including your IP address) from being passed to Google, and the processing of these data by Google, by downloading and installing the browser plugin.
Objecting to the collection of data
You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this site: Deactivation of Google Analytics
Further information on the use of data for advertising purposes by Google, as well as settings options and procedures available for opting out, can be found on Google’s website:
- Advertising
- How Google uses information from sites or apps that use our services
- Control the information Google uses to show you ads
- Take control of your Google ads experience
Outsourced data processing
We have concluded an agreement with Google on contract data processing and implement in full the strict provisions of the German data protection authorities for the use of Google Analytics.
This website uses the online advertising program Google AdWords and conversion tracking in the context of Google AdWords. This online advertising program is provided by:
Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States
When you click on an ad served by Google, a conversion tracking cookie is set. These cookies expire after 30 days and are not used for the personal identification of the user. Should the user visit individual pages of the website and the cookie have not yet expired, Google can recognise that you have clicked on the advert and forwarded it to this page. Every Google AdWords customer receives a different cookie.
Cookies, therefore, cannot be traced via the websites of AdWords customers. The information obtained using the conversion cookie is used to create conversion statistics for the AdWords customers who have opted for conversion tracking. Customers are informed about the total number of users who have clicked on their advert and were redirected to a conversion tracking tag page. However, advertisers do not obtain any information that can be used to identify users personally. If you do not want to participate in tracking, you can opt out of this by easily disabling the Google Conversion Tracking cookie by changing your browser settings. In doing so, you will not be included in the conversion tracking statistics.
Conversion cookies are stored based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in analysing user behaviour to optimise its website and its advertising.
Our website uses Google Analytics Remarketing features combined with the cross-device capabilities of Google AdWords and DoubleClick. This service is provided by:
Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States
This feature makes it possible to link target audiences for promotional marketing created with Google Analytics Remarketing to Google AdWords and Google DoubleClick’s cross-device capabilities. This allows advertising to be displayed based on your interests, identified based on your previous usage and surfing behaviour on one device (e.g. your mobile phone), on other devices (such as a tablet or computer).
Once you have given your consent, Google will associate your web and app browsing history with your Google Account for this purpose. That way, any device that signs in to your Google Account can use the same personalised promotional messaging.
To support this feature, Google Analytics collects Google-authenticated IDs of users temporarily linked to our Google Analytics data to define and create audiences for cross-device ad promotion. You can permanently opt out of cross-device remarketing and targeting by turning off personalised advertising in your Google Account.
The aggregation of the data collected in your Google Account data is based solely on your consent, which you may give or withdraw from Google (Art. 6 (1)(a) GDPR). For data collection operations not merged into your Google Account (for example, because you do not have a Google Account or have objected to the merge), the collection of data is based on Art. 6 (1)(f) GDPR. The website operator has a legitimate interest in analysing anonymous user behaviour for promotional purposes.
We use Google Tag Manager. This service is provided by:
Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States
With this tool, the marketer can administer website tags via a user interface. Google Tag Manager (which implements the tags) is a cookie-free domain that does not record personal data. With this tool’s help, other labels are released, which can, potentially, record data.
Google Tag Manager does not access this data. If the user has deactivated this on domain or cookie level, this is valid for all tracking tags implemented using the Google Tag Manager.
This website uses the map service Google Maps via an API. This service is provided by:
Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States
To use the functions of Google Maps, it is necessary to save your IP address. This information is usually transferred to a Google server in the United States, where it will be stored. The provider of this site does not influence this data transmission.
The use of Google Maps is in the interest of an appealing representation of our online offers and to make it easy to find one of the locations specified on our website. This represents a legitimate interest within the meaning of Art. 6(1)(f) GDPR.
We operate a company presence on the Facebook platform to promote our products and services and communicate with interested parties or customers. We are jointly responsible for this social media platform with Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland.
We have regulated the joint responsibility in an agreement regarding the respective obligations in terms of the DSGVO. This agreement, from which the result of the mutual commitment, can be accessed here. From 31.08.2020, the Controller Addendum will also apply.
The legal basis for the processing of personal data that carried out as a result of this and reproduced below is Art. 6 para. 1 letter f GDPR. We have a legitimate interest in the analysis, communication, sales and advertising of our products and services. The legal basis may also be the user’s consent, according to Art. 6 paras. 1 letter a GDPR to the platform operator. The user can revoke this consent for the future at any time by notifying the platform operator per Art. 7 paras. 3 GDPR. When our online presence calls on the Facebook platform, Facebook Ireland Ltd. will process user data (e.g. personal information, IP address) as the platform operator in the EU.
This user data is used for statistical information about the use of our company presence on Facebook. Facebook Ireland Ltd. uses this data for market research and advertising purposes and creates user profiles. These profiles enable Facebook Ireland Ltd. to, for example, promote the interests of users within and outside of Facebook. If the user is logged in to their Facebook account at the time of access, Facebook Ireland Ltd. can also link the data to the respective user account. If the user contacts Facebook, the user’s data entered on this occasion will process the request. We will delete the user’s data, provided that the user’s enquiry has been finally answered and no legal storage obligations, e.g. in the case of subsequent contract processing, stand in the way. Facebook Ireland Ltd. may also use cookies to process the data. If the user does not agree to this processing, it is possible to prevent the installation of cookies by setting the browser accordingly. Already stored cookies can also be deleted at any time. The settings for this depend on the respective browser. In the case of flash cookies, processing cannot be prevented by the browser settings but by the corresponding setting of the flash player. If the user prevents or restricts the installation of cookies, this may mean that not all Facebook functions can be used to their full extent. It does not exclude that Facebook Ireland Ltd.’s processing may also carry out via Facebook Inc, 1601 Willow Road, Menlo Park, California 94025 in the USA.
Facebook Pixel
Our website measures conversions using visitor action pixels from:
Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, United States
These allow site visitors to be tracked after clicking on a Facebook ad to reach the provider’s website. This allows an analysis of Facebook advertisements’ effectiveness for statistical and market research purposes and future optimisation. The data collected is anonymous to us as operators of this website, and we cannot use it to draw any conclusions about our users’ identities. However, the data are stored and processed by Facebook, which may make a connection to your Facebook profile and which may use the data for its advertising purposes, as stipulated in the Facebook privacy policy. This will allow Facebook to display ads both on Facebook and on third-party sites. We have no control over how this data is used.
Facebook Remarketing
We use the remarketing function “Custom Audiences” of:
Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, United States
Visitors to our website are then presented with interest-related advertising (“Facebook Ads”) when visiting Facebook’s website. For this purpose, the Facebook remarketing tag is implemented on our website. This establishes a direct connection to Facebook servers when you visit the website. Information is then transferred to the Facebook servers confirming that you have visited our website, and Facebook assigns this information to your personal Facebook user account. Alternatively, you can deactivate the remarketing function Custom Audiences. You must be logged in to Facebook to do this.
We operate a company presence on the Instagram platform to promote our products and services and communicate with interested parties or customers. We are jointly responsible for this social media platform with Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland.
We have regulated the joint responsibility in an agreement regarding the respective obligations in terms of the DSGVO. This agreement, from which the result of the mutual commitment, can be accessed here. The legal basis for processing personal data that carry out this agreement and reproduces it below is Art. 6 Para. 1 letter f DSGVO. We have a legitimate interest in the analysis, communication, sales and promotion of our products and services. The legal basis may also be the user’s consent, according to Art. 6 paras. 1 letter a DSGVO to the platform operator. The user can revoke this consent for the future at any time by notifying the platform operator by Art. 7 paras. 3 DSGVO. When our online presence calls upon the Instagram platform, user data (e.g. personal information, IP address) are processed by Facebook Ireland Ltd. as the platform operator in the EU. This user data is used for statistical information about the use of our company presence on Instagram. Facebook Ireland Ltd. uses this data for market research and advertising purposes and creates user profiles. For example, Facebook Ireland Ltd. may use these profiles to promote users’ interests inside and outside Instagram. If the user is logged into their account on Instagram at the time of access, Facebook Ireland Ltd. may also link the data to the user’s account. If the user contacts Instagram, the user’s data entered on this occasion will process the request. We will delete the user’s data, provided that the user’s enquiry has been finally answered and no legal storage obligations, e.g. in the case of subsequent contract processing, stand in the way.
Facebook Ireland Ltd. may also use cookies to process the data. If the user does not agree to this processing, it is possible to prevent the installation of cookies by setting the browser accordingly. Already stored cookies can also be deleted at any time. The settings for this depend on the respective browser. In the case of flash cookies, processing cannot be prevented by the browser settings but by the corresponding setting of the flash player. If the user prevents or restricts the installation of cookies, this may mean that not all Facebook functions can be used to their full extent. It does not exclude that Facebook Ireland Ltd.’s processing may also be carried out via Facebook Inc, 1601 Willow Road, Menlo Park, California 94025 in the USA.
We maintain an online presence on YouTube to present our company and our services and communicate with customers/interested parties. YouTube is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA.
In this respect, we would like to point out that there is a possibility that user data may be processed outside the European Union, in particular in the USA. This may increase the risks for users in that, for example, subsequent access to user data may be made more difficult. We also have no access to this user data. The access possibility lies exclusively with YouTube. Information on the processing of personal data by YouTube can be found in the Data protection declaration of YouTube.
For the integration of audio formats on our website, we maintain an online presence at the podcast hosting service LetsCast.fm of Produktgenuss GmbH, Vereinsstraße 51, 20357 Hamburg.
Produktgenuss GmbH is a German company and stores the collected data in a DSGVO-compliant manner on servers in Germany. When using the podcast player, only information about the podcast episode, the IP address and the version of the browser and operating system are transmitted. The IP address is stored anonymously or pseudonymously in the database of LetsCast.fm.
The use is based on our legitimate interests, i.e. interest in a safe and efficient provision, analysis as well as optimization of our offer according to Art. 6 para. 1 lit. f. DSGVO.
We maintain an online presence on LinkedIn to present our company and our services and communicate with customers/interested parties. LinkedIn is a LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland, a LinkedIn Corporation subsidiary, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA.
In this respect, we wish to point out that there is a possibility that user data may be processed outside the European Union, in particular in the USA. This may increase the user’s risks in that, for example, subsequent access to the user data may become more complex. We also have no access to this user data. The access possibility lies exclusively with LinkedIn. We receive your contact details for communication only from you after consent. You will find information about LinkedIn’s processing of personal data in LinkedIn’s Privacy Policy.
We maintain an online presence on Twitter to present our company and our services and communicate with customers/interested parties. Twitter is a service of Twitter Inc. 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.
In this respect, we would like to point out that there is a possibility that user data may process outside the European Union, especially in the USA. This may increase the risks for users in that, for example, subsequent access to user data may be made more difficult. We also have no access to this user data. The access possibility lies exclusively with Twitter. You will find information on the processing of personal data by Twitter in the Data protection declaration of Twitter.
We maintain an online presence on XING to present our company and our services and communicate with customers/interested parties. The XING website is operated by XING SE, Dammtorstraße 30, 20354 Hamburg, Germany.
We have access to statistical evaluations of access to our company website. This data is available in an aggregated and anonymous form and does not allow us to conclude individual visitors. We use statistical evaluations to make the information continuously attractive to visitors and align it with user interests. Suppose users are logged on to XING via a user account when they access the company website. In that case, information about access to the service can be assigned to the respective user account. This information is also available to us as the operator of our company website. The provision of this information can be avoided by logging off from XING via the user account before accessing the company’s website. Visitors to our company website also can use interactive functions during their visits, such as the Like symbol or the sharing and commenting of contributions. This use generally requires the visitor to register with XING. During this use, personal data and information are visible to other visitors to the company website and us. A direct individual assignment may be made. We do not influence the interactive functionalities and user activities’ visibility on our company site on XING. At this point, we would like to expressly point out that our company site on XING can, of course, also be visited without using these interactive functionalities.
The Company site also offers the option of contacting us by message using the contact details provided. We process the information transmitted in this way based on Art. 6 (1) lit. b) DSGVO (fulfilment of a contract or pre-contractual measure). We use this information only to provide a targeted response to your enquiries. Information on the processing of personal data by XING can be found in the Data protection declaration of XING.
To optimise, evaluate and support our advertising measures and to enable the retargeting of visitors to our Internet pages, netzeffekt GmbH, Theresienhöhe 28, 80339 Munich collects, processes and stores data about your visit on our behalf via the agency Jung von Matt AG, Glashüttenstraße 79, 20357 Hamburg.
Tracking tools used:
- Google Adwords
- Yahoo
- Adform (if applicable, services linked to Adform)
- Snapchat
Using the technologies of netzeffekt GmbH, your usage data and your IP address are stored anonymously, and cookies with an expiration time of 30 days are set. netzeffekt GmbH will use the data generated by these cookies to evaluate the use of our internet services. You can object to data processing by netzeffekt GmbH via e-mail to datenschutz(at)netzeffekt.de.
Mindshare GmbH, Darmstädter Landstr. 112, 60598 Frankfurt a.M., Germany, collects, processes and stores data pertaining to your visit on our behalf in order to optimise, evaluate and support our advertising activities and to enable the re-targeting of visitors to our website.
Categories of personal data to be processed
The following data categories are collected by Xandr:
a) information about the browser used
b) information about the terminal device used
c) precise geographical location information
d) information about the user’s activity on the website and the time it was visited
e) information about the internet connection provider
Purposes for which personal data to be processed are processed
The collected data may be used for the following purposes for - displaying online advertising - frequency capping - geo-targeting - semantic targeting - conversion measurements - statistical purposes - cross-device marketing
In addition, Xandr processes the collected data for its own purposes, which can be found at www.xandr.com.
Place where personal data to be processed is processed.
Xandr also transfers the collected data to the USA and processes it there.
Duration for which personal data to be processed is stored
According to Xandr, the data collected by Xandr are stored in accordance with generally approved security standards. Deletion or aggregation normally takes place within 3-60 days, but this period can be extended to a maximum of 18 months from the date of collection.
Possibility to object to the processing of personal data to be processed
The processing of collected data by Xandr can be contested with future effect, for instance by clicking on “OPT-OUT” after calling up the following link: platform.xandr.com. For technical reasons, the opt-out option only applies to the browser and device used for opt-out.
Mindshare GmbH, Darmstädter Landstr. 112, 60598 Frankfurt a.M., Germany, collects, processes and stores data pertaining to your visit on our behalf, in order to optimise, evaluate and support our advertising activities and to enable re-targeting of visitors to our website.
The following data categories are collected by [m]Insights:
a) the IP address, which is not processed beyond the technically mandatory period (i.e. for setting or reading the cookie) (the IP address is filtered by a third-party provider and does not reach GroupM’s systems unabbreviated)
b) cookie IDs and mobile advertising IDs (e.g. IDFAs and Google Advertising IDs) and the [m]Insights proxy ID for such IDs; and c) date and time of online activity.
Purposes for which the personal data to be processed are processed
The processing is for marketing and optimisation purposes, in particular usage profiles are created under pseudonyms. These usage profiles are used through [m]Insights to display ads and evaluate displaying those ads, to understand what factors make advertising successful or unsuccessful for advertisers and create analytics to understand and improve service usage and advertising effectiveness.
Place where personal data to be processed is processed.
The storage and other processing of data collected through [m]Insights will be carried out exclusively within the European Union.
Duration for which the personal data to be processed is stored:
GroupM stores the data collected by [m]Insights in non-aggregated (i.e. pseudonymised) form in usage profiles for a maximum of 53 days after the last contact of the cookie in a user’s browser with a website on which [m]Insights is used. If there is no such contact, the corresponding usage profile is deleted.
Possibility to object to the processing of the personal data to be processed
Objecting to the processing of personal data by [m]Insights is possible at OPTOUT
Contact details of the GroupM data protection officer
WPP Deutschland Holding GmbH & Co. KG
Data Protection Officer
Darmstädter Landstraße 112
60598 Frankfurt am Main
dsb@wpp-germany.de
Online courses and webinars
We offer webinars and online teaching formats as well as interested parties and applications interviews via video conference. For this purpose, we use “Zoom” from the US provider Zoom Video Communications Inc.
Necessary: We use Zoom’s so-called “EU” cluster. This means that the personal data of meeting participants are processed in data centres within the European Union. Transferring personal data to the USA occurs only to a minimal extent. We have concluded an order processing contract with “Zoom” following Art. 28 DSGVO (GDPR), including the EU standard contractual clauses. To achieve an adequate protection level, we have opted for EU data centres in the “Zoom” configuration as an additional protection measure.
Meeting participants’ data will be stored as follows:
- Zoom Users (who have a Zoom account)
First name, last name, email address, department (optional/voluntary), job title (optional/voluntary), avatar (optional/voluntary), profile picture (optional/voluntary), preferred language, username and password, company name (optional/voluntary), phone number (optional/voluntary)
- Meeting participants (guests)
Displayed name, e-mail address
The storage of data generated during a meeting, such as images, sound and conversation content, as well as the recordings in the cloud, are processed on servers in the EU, primarily Germany.
- Meeting meta data
Topic, description (optional) and duration of the meeting, start and end (time) of participants, participants’ IP addresses, approximate position to the nearest dial-in point, devices and hardware information (only users with Zoom account, no guests).
Metadata are stored on servers in the USA. Metadata in the dashboard and reports are deleted after 12 months.
- Dial-in via telephone
Phone number, dial-in number, start and end times.
Duration of storage:
Your data will only be retained by the video conferencing provider Zoom for as long as required for the above-mentioned purposes (webinars, online teaching formats and interested parties/applicant interviews). Generally, communication content is not stored beyond the duration of the communication. In the case of approved recording in the Zoom Cloud, the data is deleted after 30 days.
With locally stored recordings, the data is only stored as long as it is necessary for the intended use. Recordings of webinars, online events and video conferences A recording of the “Zoom” meeting will only be made with prior consent and announced by the organiser via signalling with a request for approval. A recording always includes the video data and audio stream and presentation recordings, and the meeting chat. The deletion occurs depending on the storage location (Cloud 30 days/local according to purpose/metadata after 12 months).
In the case of webinars, we may also process questions asked by webinar participants to record and follow up on webinars.
Legal basis for the processing of data via “Zoom” is Art. 6 para. 1 lit. b) DSGVO (GDPR). We provide the contractual deliverables of our teaching contract with “Zoom”. In addition to implementing webinars, online teaching formats, and interested parties/applicant interviews, this includes examinations and the follow-up of participation data to prepare, for instance, different education certificates and examination results. If no contractual relationship exists, the legal basis is Art. 6 para. 1 lit. f) DSGVO (GDPR). Once again, our interest is in the effective conduct of “Zoom” meetings.
Insofar as the personal data of EBS employees are processed, Section 26 BDSG is the legal basis for this data processing. If, when using “Zoom”, personal data is not required for the establishment, implementation or termination of the employment relationship, but is nevertheless an elementary component of the use of “Zoom”, Art. 6 paras. 1 lit. f) DSGVO (GDPR) is the legal basis for this data processing. In these cases, our interest is in the effective conduct of “Zoom” meetings.
Disclosure of data
As a matter of principle, personal data processed in connection with participation in “Zoom” meetings” will not be disclosed to third parties unless they are specifically intended for disclosure.