Privacy notice

Datenschutz-erklärung

Privacy notice for our website and the application process

Last update: June 2022.

1. Scope of the processing of personal data

With this privacy notice, we would like to explain the basic rules of our handling of personal data - which is, of course, carried out in compliance with the applicable European and national data protection regulations. As a matter of principle, we collect and use personal data of our users only insofar as this is necessary for the provision of a functional website as well as our contents and services. In addition, we collect application data only insofar as it is necessary for the implementation of an application procedure. The collection and use of personal data of our users is regularly only carried out with the consent of the user. An exception applies in those cases where obtaining prior consent is not possible for factual reasons and the processing of the data is permitted by legal regulations.

2. Legal basis for the processing of personal data

So far as we obtain the consent of the data subject for processing operations involving personal data, Article 6(1)(a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis for the processing of personal data.

When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations that are necessary for the implementation of pre-contractual measures. Insofar as processing of personal data in the context of an application is necessary to establish an employment relationship, the legal basis is Section 26(1), (8) sentence 2 federal data protection act (Bundesdatenschutzgesetz – BDSG), Art. 6(1)(b) GDPR. Should an employment relationship come about, we may further process the data from the application in accordance with Section 26(1) BDSG for the purposes of the employment relationship if this is necessary for this purpose.

Insofar as processing of personal data is necessary for the fulfillment of a legal obligation, Art. 6(1)(c) GDPR serves as the legal basis.

In the event that vital interests of the data subject or another natural person make processing of per-sonal data necessary, Art. 6(1)(d) GDPR serves as the legal basis.

If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not override the first-mentioned interest, Art. 6(1)(f) GDPR serves as the legal basis for the processing.

3. Purpose of data processing

When you access our website, your browser transmits certain data to our web server for technical reasons. We use this technical access information to continuously improve the attractiveness and usability of our Internet pages as well as their content and to identify possible technical problems in our Internet service. In addition, to protect our legitimate interests, we store this data for a limited period of time in order to be able to trace it back to personal data in the event of unauthorized access or attempted access to our servers. What information this is in detail, they can be found on the following pages.

We do not use "Cookies" on our website.

In addition to automatically collected data, we also process data that you have voluntarily provided to us, e.g. in the context of contacting us.

If we process your personal data as part of your application, the purpose of this processing is to establish an employment relationship.

4. Description and scope of data processing

The website is hosted on servers of a service provider commissioned by us. The location of the serv-er of the website is geographically in Germany / in the European Union.

Each time our website is called up, our system automatically records data and information from the computer system of the accessing computer. This data is recorded in the form of logs.

The following data is collected:

  • Browser type and browser version
  • Operating system used
  • Referrer URL
  • Host name of the accessing computer
  • IP address of the user
  • Date and time of access
  • HTTP method
  • HTTP version
  • Websites from which the user's system accesses our website
  • Websites accessed by the user's system through our website
  • HTTP status code of the server response
  • Size of the response in bytes

This data is not merged with other data sources. The recording of this data is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website - for this purpose, the server log files must be recorded.

Application procedure

As part of the application process, we process all data related to your application. This may be general personal data (such as name, address and contact details), information on professional qualifications and school education or information on further professional training or other information that you transmit to us in connection with your application. In addition, we may process job-related information that you have made publicly available, such as a profile on professional social media networks. We store your data for up to 6 months after the end of the application process. Should you obtain employment with our company, parts of this data may continue to be used. We will inform you separately about this in this case.

External services and content on our website

We include external services or content by linking to them on our website (e.g. plugins). When you use such a service (click on the link and open the platform) or when third-party content is displayed to you, communication data (such as IP addresses or general device information) is exchanged between you and the respective provider for technical reasons.

In addition, it may be that the provider of the respective external services or content collects personal data about you - for example, by using appropriate cookies - and then processes it for further, own purposes. We have configured services or content from providers that are known to process data for their own purposes to the best of our knowledge and belief in such a way that either communication for purposes other than the presentation of the content or services on our website does not take place or communication only takes place when you actively decide to use the external service. As a rule, or to a large extent, we have no influence on the data collected by third parties and its processing by them.

Information about the purpose and scope of the collection and processing of your data by the providers of the corresponding external services, as well as information about the privacy notices of the respective providers of the external services or content integrated by us, can therefore be found in the following links:

LinkedIn:

Privacy notice = https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv

LinkedIn company page

b.yond operates an online presence on LinkedIn, a so-called LinkedIn company page, in order to communicate with the interested parties and users active there and to be able to inform them there about our events and news. The following supplementary information on data processing applies to visits to our company page.

Joint responsibility, contact details, company data protection officer::

We are jointly responsible with LinkedIn for the operation of our company site in accordance with Art. 26 GDPR. For this purpose, LinkedIn has defined with us in an agreement who fulfills which obliga-tions regarding data protection. This agreement can be accessed here. LinkedIn is obliged to provide the data subject with information about the joint processing and to enable him to exercise his data protection rights. Regardless of this, we hereby inform you as the jointly responsible party about your visit to our company page and thus provide you with the infor-mation required under data protection law.

Information on data protection at LinkedIn in general can be found here.

LinkedIn can be reached at:

LinkedIn Ireland Unlimited Company

Wilton Place,
Dublin 2, Irland

You can reach LinkedIn online here.

LinkedIn's data protection officer can be reached at:

https://www.linkedin.com/help/linkedin/ask/TSO-DPO.

Collection and storage of personal data and the nature, purpose and use thereof::

a) Data collected by LinkedIn:

If you are a LinkedIn user, LinkedIn collects the data described in the LinkedIn Privacy Policy under "Information We Collect." If you are not a LinkedIn user, cookies provided with identifiers, small text files, may still be stored in your browser, which enable so-called tracking of your user behavior.

As a rule, the user data during a visit to LinkedIn is also processed by LinkedIn for market research and advertising purposes. Based on the user behavior (including when visiting our company site), complex user profiles are created, which LinkedIn can use to display personalized advertisements to the visitor within and outside of LinkedIn. More information on this can also be found in the LinkedIn Privacy Policy.

There is no separate opt-out option in LinkedIn's settings, as all underlying campaigns respect members' settings, according to LinkedIn.

b) Data we use ("Page Insights") and legal basis:

LinkedIn provides us with statistics and user data that we can use to analyze the use of our company page (so-called "page insights"). This enables us to continuously improve our offer on LinkedIn. We, as the operator, do not make any decisions regarding the processing of Insights Data and all other information resulting from Art. 13 GDPR, such as storage duration of cookies on user end devices. The primary responsibility under the GDPR for the processing of Insights Data lies with LinkedIn. In this regard, we also refer to the joint responsibility agreement pursuant to Art. 26 GDPR that LinkedIn has entered into with us and to the obligations assumed by LinkedIn accordingly.

We as site administrator have no other possibility, not even via user tracking, to evaluate user behav-ior on our company site. It is also generally not possible for us to identify the visitor to our company page based on the page insights. In particular under the agreement with LinkedIn, we have no right to demand that LinkedIn disclose individual visitor data.

The operation of the LinkedIn company page and the use of the page insights serve our legitimate interest in effective external presentation and communication with our interested parties. This interest justifies the operation of the page both to the legitimate interests of LinkedIn users and to visitors to our company page who do not have a LinkedIn account. Accordingly, the legal basis is Art. 6(1)(f) GDPR.

5. Data deletion and storage period

Personal data will be deleted or blocked as soon as the purpose of storage no longer applies. Please refer to clauses 1 to 7 for the exact times with respect to the individual categories of processed data. In addition, storage may still be necessary if this has been required for by the European or national legislator in Union regulations, laws, or other provisions to which the controller is subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned regulations expires, unless there is a necessity for the continued storage of the data for the conclusion or fulfillment of a contract.

6. Right of objection and elimination

You have the right to object at any time, on grounds relating to your particular situation, to the pro-cessing of personal data relating to you which is carried out on the basis of Article 6(1)(e) or (f) GDPR.

The controller shall no longer process the personal data concerning you unless the controller can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of establishment, exercise, or defense of legal claims.

If the personal data concerning you is processed for the purposes of direct marketing, you have the right to object at any time to processing of the personal data concerning you for the purposes of such marketing; this also applies to profiling, insofar as it is related to such direct marketing.

If you object to the processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.

If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.

7. Rights of the data subjects

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights towards the controller:

  • Right to access information about the data we have stored about you, Art. 15 GDPR;
  • Right to rectification, erasure or restriction of the processing of your personal data, Art. 16-18 GDPR;
  • Right to object to processing which serves our legitimate interest, a public interest or profil-ing, unless we can demonstrate compelling legitimate grounds for the processing which over-ride your interests, rights and freedoms, or the processing serves the purpose of establish-ing, exercising or defending legal claims, Art. 21 GDPR;
  • Right to data portability, Art. 20 GDPR;
  • Right to lodge a complaint with a supervisory authority, Art. 77 GDPR;
  • Right to withdraw any consent you have given for the collection, processing and use of your personal data at any time with effect for the future, Art. 7(3) GDPR. For more information, please refer to the respective sections above, where data processing based on your consent is described.

If you wish to exercise your rights, you can send an email to info@byond-digital.com.

8. Name and address of the controller

The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:

b.yond GmbH

Breite Straße 28
40213 Düsseldorf

Germany

Phone: +49 (0) 2302 926 874
E-mail: info@byond-digital.com

Website: https://www.byond-digital.com/en/