Privacy and Data Security

We appreciate your interest in our website. The protection of your privacy is of utmost importance to us. Below we inform you in detail, according to Art. 13 GDPR, about the processing of your data that occurs when using our web pages and their functionalities.

§1 Responsible Entity and Data Protection Officer

This privacy policy informs users of this website about the type, scope, and purpose of the collection and use of personal data by the operator of the websites resonio.de, resonio.com, and marketplace.resonio.com

We take your privacy very seriously and treat your personal data confidentially and in accordance with legal regulations. Due to new technologies and the continuous development of this website, changes to this privacy policy may be made. Therefore, we recommend that you visit our privacy policy at regular intervals.

Date of the privacy policy: 27.10.2023

§1.1 The Responsible Party according to Art. 4 No. 7 GDPR is:

The responsible entity for data processing carried out through the website www.resonio.de is:

clickworker GmbH
Büropark Bredeney
Hatzper Str. 30
45149 Essen

Phone: +49 201 959718-0
Email: info@resonio.com

The authorized representative is Christian Rozsenich, Management. The responsible party is based in Essen (Register court: Amtsgericht Essen, HRB 22914).

§1.2 Data Protection Officer

For all questions regarding data protection concerning our website and our service offering, or to exercise your personal rights, please contact our data protection officer:

Prof. Dr. Thomas Jäschke
DATATREE AG
Märkische Straße 212-218
44141 Dortmund
Email: dsb@datatree.ag
T +49 231 54380-798

§2 Rights of the Data Subject

You can exercise your data protection rights at any time and free of charge. Our data protection officer reviews and responds to each concern individually. You can find their contact details under point 1.2.

§2.1 Right to Information according to Art. 15 GDPR

You have the right to obtain information at any time and free of charge about whether we process data concerning you.

§2.2 Right to Rectification according to Art. 16 GDPR, Right to Erasure according to Art. 17 GDPR, Right to Restriction of Processing according to Art. 18 GDPR, Right to Data Portability according to Art. 20 GDPR, and the Right to Object according to Art. 21 GDPR

Furthermore, you have the opportunity to assert your rights to rectification, erasure, or restriction of processing. You may also object to the processing of your data by us at any time.

§2.3 Revocation in Case of Consent according to Art. 7 Para. 3 GDPR

If we process your personal data based on consent, you have the right to revoke this consent at any time for the future. However, your revocation applies only from the moment you declare it and has no retroactive effect. The use of your data until that point remains lawful.

§2.4 Your Right to Lodge a Complaint with the Supervisory Authority

If you believe that the processing of your personal data by clickworker GmbH is not lawful, you have the right at any time to lodge a complaint with any data protection supervisory authority (according to Art. 55 GDPR). The competent supervisory authority is:

North Rhine-Westphalia

State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia

Bettina Gayk

Kavalleriestr. 2-4

40102 Düsseldorf

T +49 211 384240

Email: poststelle@ldi.nrw.de

For further information and current contact details, please refer to the website www.ldi.nrw.de.

§3 Data Processing when Accessing the Page

When using the website for informational purposes only, i.e., if you do not register or otherwise provide us with information, the following personal data, which your browser transmits to our server, are processed automatically:

  • the IP address
  • the date and time of the request
  • the time zone difference to Greenwich Mean Time (GMT)
  • Referrer URL (the previously visited page)
  • the access status / HTTP status code
  • the amount of data transferred
  • the website from which the request comes
  • the browser, its interface, the language and version of the browser software

These data are stored in accordance with Art. 6 para. 1 lit. f GDPR in conjunction with § 25 para. 2 no. 2 TTDSG, for the purpose of conducting error analysis and ensuring the stability and security of the homepage.

These data are deleted after 365 days.

For the operation of this web offer, we use the services of a provider specialized in web hosting. Upon request, we provide you with information about the service providers we have integrated. Furthermore, this privacy policy informs you about other integrated service providers and third parties.

§4 Processing of Your Data When Registering as a Customer

If you register with resonio (powered by clickworker) or commission resonio with a project, it is necessary to provide a contact person with first name, last name, and email address, where a functional email can also be entered.

We process the data you provide in the context of the project request to process your inquiry (within the scope of your consent, for contract fulfillment) and to follow up on offers made (legitimate interest – Art. 6 (1) lit. f GDPR).

Your data will be retained for as long as necessary to process your concern (maximum: for the duration of the statutory retention period).

For our CRM, we use the cloud-based software solution of the provider Salesforce.com. Inc, The Landmark @ One Market, Suite 300, San Francisco, CA 94105 (hereinafter “Salesforce”). We have contractually ensured that our CRM database from Salesforce is hosted on servers located in the European Union. In regard to this data processing, we have concluded a “Data Processing Addendum (DPA)” with Salesforce. Part of this DPA are the “EU Standard Contractual Clauses” (Art. 46 (2) lit. c GDPR). Through this contract, Salesforce assures that the data will be processed according to our instructions and in compliance with the requirements of the General Data Protection Regulation. In addition, Salesforce has implemented “Binding Corporate Rules” within the company to comply with data protection and is certified under the EU-U.S. Data Privacy Framework.

The data required for registration (e.g., name, address, email address) is used by resonio (powered by clickworker) exclusively to process the contractual relationship with you as a customer (e.g., to contact you, to inform about the status of projects, for invoicing, to respond to your inquiries, etc.).

§5 Support/Ticket System

For our customer support and the provision of live chat, we use the service “Freshdesk” or “Freshchat”. Freshdesk is a support service tool of the company Freshworks Inc., 1250 Bayhill Drive, Suite 315, San Bruno, CA 94066. When you open a support ticket via Freshdesk, you are redirected to a separate page of our ticket system. The data you enter into our ticket system is transmitted to the servers of Freshdesk. If you click the speech bubble button integrated at the bottom right of our website and thus open the messenger, your personal data collected during the chat is also transmitted to the server of Freshworks.

The server location is generally in the USA, so transmission of your data to the USA cannot be excluded. We have concluded a data processing agreement (“Data Protection Addendum”) with Freshdesk to ensure that your data is processed in accordance with the regulations of the GDPR. The agreement includes the conclusion of the EU standard contractual clauses. You can view the agreement here: https://www.freshworks.com/data-processing-addendum/. Even though we have concluded a data protection agreement with Freshdesk, we expressly point out that with companies based or server locations in the USA that are not certified under the Data Privacy Framework, an equivalent level of data protection cannot be guaranteed.

The entry of some data (contact details and concerns) is mandatory. The processing of this data is based on our legitimate interest (Art. 6 para. 1 lit f GDPR), to exclude spam emails and to process your concern and subsequently contact you. The provision of other information is voluntary. Your data will be stored for as long as necessary for processing. Depending on the request, a longer retention period may result, for example, because we have a legitimate interest in proving the processing or because statutory retention periods (in particular §§ 238, 257 HGB) require this.

Furthermore, Freshdesk sets cookies. Through the integration of the above-mentioned cookies, Freshdesk receives information about your browser, your hardware and software, your internet service provider, and your IP address. These are technically necessary cookies (see § 9 of the privacy policy). Further information on data protection at Freshdesk can be found here: www.freshworks.com/privacy/ and here: https://www.freshworks.com/privacy/schrems2/.

§6 Contact Inquiry / Contact Form

When you contact us by email or via a contact form, the data you provide (your email address, if applicable your name and phone number) are stored by us to answer your questions. The provision of additional data is always voluntary on your part.

The legal basis for processing your contact request and its handling is in the case of pre-contractual or already contractual relationships Art. 6 para. 1 lit. b GDPR or in the case of other inquiries our legitimate interest in replying to you, Art. 6 para. 1 lit. f GDPR.

The storage of your data is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR, which you have granted us by sending your contact request/ clicking the send button. The data collected in this context will be deleted after storage is no longer necessary and there are no legal retention obligations that prevent deletion (e.g., in the case of subsequent contract processing).

Since you have given consent, we would like to inform you that you can revoke your consent given during the contact request at any time and without giving reasons with effect for the future, Art. 7 para. 3 GDPR. If you would like to exercise this right of revocation, please contact us.

§7 Use of Our Appointment Booking Tool

If you as a client are interested in our services, you have the option to book an appointment online with our sales team. In this case, we process the data you enter to schedule and conduct the appointment. Certain information is required to carry out the appointment (name, company, contact information). Other information is provided voluntarily (e.g., your position in the company). The data entered are used for planning, carrying out, and possibly for the post-processing of the appointment. The legal basis for processing the data is Art. 6 Abs. 1 S. 1 lit. b GDPR (execution of pre-contractual measures). Your data will be deleted as soon as processing is no longer necessary. If further contact and/or an engagement results from the appointment, your data will continue to be stored in other systems (e.g., CRM system, correspondence, offer and contract documents) – possibly until the expiry of possible retention periods according to §§ 238, 257 HGB.

We use the services of Calendly LLC, 271 17th St NW, 10th Floor, Atlanta, Georgia 30363, USA for the provision of the appointment tool and have concluded a Data Processing Addendum. When using our appointment tool, the transfer of personal data to the servers of Calendly located in the USA, i.e., outside the legal area of the European Union, cannot be excluded. Calendly is certified under the Data Privacy Framework and guarantees an equivalent level of data protection in the event of a possible data transfer to the USA.

For information on data protection at Calendly, please visit: https://calendly.com/privacy
and https://calendly.com/security.

§8 Newsletter Subscription

You have the option to subscribe to our newsletter. To register, we require your email address, first and last name. Only this information is mandatory for sending the newsletter. The provision of additional data, such as salutation, your company and department affiliation, position, remains voluntary. We send newsletters with promotional information, especially our current and interesting offers.

The so-called double opt-in procedure is used for the newsletter subscription. This means that after your registration, we will send an email to the provided email address asking you to confirm that you wish to receive the newsletter. This confirmation is necessary to prevent someone from registering with email addresses that do not belong to them.
We store your IP addresses and the time of registration and confirmation. The purpose of the procedure is to prove your registration and, if necessary, to clarify any possible misuse of your personal data; the logging of the registration process is our legitimate interest according to Art. 6 Abs. 1 lit. GDPR.

The newsletter is sent based on your express consent according to Art. 6 Abs. 1 lit. a GDPR in conjunction with § 7 Abs. 2 No. 3 UWG.

After your confirmation, we store your data for the purpose of sending the newsletter. Your information is stored in our CRM system Campaign Monitor, a software of Campaign Monitor Pty Ltd, 10 Lower Thames Street, Ground Floor Billingsgate, London EC3R 6GAF, UK, and used only for sending newsletters. The server location is usually in the USA, so the transfer of your data to the USA cannot be excluded. We have concluded a Data Processing Addendum (“Data Protection Addendum”) with Campaign Monitor Ltd. to ensure that your data is processed in accordance with the provisions of the GDPR. The agreement includes the conclusion of the EU standard contractual clauses. More information on the privacy policies of Campaign Monitor can be found at https://www.campaignmonitor.com/policies/#privacy-policy. Regardless of the agreement concluded, we expressly point out that for companies with headquarters or server locations in the USA that are not certified under the Data Privacy Framework, an equivalent level of data protection cannot be guaranteed.

You can revoke your consent to the sending of the newsletter at any time for the future and without giving reasons, thus unsubscribing from the newsletter, Art. 7 Abs. 3 GDPR. You can declare the revocation by clicking on the unsubscribe link provided in every newsletter email or by sending a message to the contact details provided in the imprint.

We would like to point out that we evaluate your user behavior when sending the newsletter. For this evaluation, our newsletters contain so-called web beacons or tracking pixels, which are one-pixel image files stored on our website.

For the evaluations, we link data and web beacons with your email address and an individual ID, which are included in the links in the newsletter. The following data are processed and evaluated for this purpose:

  • the IP address, the date and time of the request
  • the time zone difference from Greenwich Mean Time
  • the content of the request (specific page)
  • the access status/HTTP status code; the amount of data transferred
  • the website from which the request comes, the browser
  • the operating system and its interface, the language, and the version of the browser software.

The data are collected exclusively in a pseudonymized form, the IDs are thus not linked with your further personal data, a direct personal reference is excluded.

§9 Use of the Comment Function in the Blog

On our website, we offer the opportunity to post questions, answers, and opinions, hereinafter referred to as “comments”. If you use this comment function, we would like to inform you that we process and publish your contribution, the date of submission, and your chosen pseudonym. We recommend using a pseudonym instead of your real name. The provision of a username and email address is mandatory, all other information is voluntary.

The legal basis for this is Art. 6 Abs. 1 lit. a GDPR. You can revoke your consent according to Art. 7 Abs. 3 GDPR at any time and without giving reasons for the future. To revoke your consent, you simply need to contact us.

When you post a comment, we also store your email and IP address, which we delete after 365 days. The data provided in the context of comments and contributions are stored by us until the users object.

The legal basis for this is Art. 6 Abs. 1 lit. f GDPR. The storage is necessary for us to defend against liability claims in cases of possible publication of unlawful content. We need your email address to contact you in case a third party should object to your comment as unlawful. Comments are not reviewed before publication. We reserve the right to delete comments if they are objected to by third parties as unlawful.

§10 Use of cookies

§10.1 Definition: Temporary and permanent cookies

Cookies are small text files that are stored on your computer by a web server. The next time you visit the website, it can use the cookie to recognize your web browser. Cookies cannot execute programs or transfer viruses to your computer. They are used to make the website more user-friendly and effective overall.

There are different types of cookies, the scope and function of which we would now like to explain:

  • There are so-called temporary or transient cookies, which are automatically deleted when you close the browser. These include session cookies. These store a so-called session ID, with which various requests from your browser can be assigned to a common session. This allows your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close your web browser.
  • Furthermore, there are permanent or persistent cookies, which initially remain stored after the browser is closed, but are automatically deleted after a specified period of time. The duration differs depending on the cookie, but we would like to point out that you can delete the cookies at any time using the security settings of your web browser.
  • Third-party cookies are cookies that are offered by providers other than the controller who operates the online service.

§10.2 Legal basis for use

The use of certain cookies is necessary to ensure the functionality and security of our website (Art. 6 para. 1 lit. f GDPR, legitimate interest). When you visit our site for the first time, you will be informed via our consent banner which technically necessary cookies are absolutely essential for the operation of the site. You can also use the consent banner to select which cookies that are not technically necessary are used as a result of your visit to our website.

The implementation of this selection via the consent banner used by us requires the use of a cookie, which is stored on your end device for a period of one year, unless you delete it beforehand through your browser settings. The following data is processed through the use of a consent banner

  • Date and time of the visit
  • Browser information
  • Information on consents
  • Device information
  • The IP address of the requesting device

The legal basis is our legitimate interest (Art. 6 para. 1 lit. f GDPR) to provide evidence of your cookie selection and to comply with our accountability obligation pursuant to Art. 5 para. 2 GDPR.

If you agree via the consent banner that technically unnecessary cookies (usually for the implementation of tracking and remarketing tools) are set, the processing of your personal data is based on your consent (Art. 6 para. 1 lit. a GDPR in conjunction with § 25 para. 1 TTDSG).

§10.3 Option to revoke cookies

You can revoke your consent at any time in accordance with Art. 7 para. 3 GDPR by clicking on “Cookie settings” in the footer of our page and calling up the consent banner. You can then use the banner to make a new selection.

You also have the option of restricting or preventing the installation of cookies via your browser settings. You can also delete cookies that have already been saved at any time. The respective steps and measures for deleting cookies depend on the specific Internet browser you are using.

§11 Use of Google services

§11.1 Google Analytics

We use Google Analytics on our website, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. This is a web-based analysis tool with which we can analyze the use of our website and make our web presence more interesting.
During your visit to our website, Google Analytics places a cookie on your end device with which your browser can be recognized and your behaviour analyzed. If subpages of our website are accessed, the following personal data is collected by Google Analytics:

  • Your IP address
  • the accessed subpage and time of access
  • Source of origin of your visit (i.e. via which website you came to us)
  • technical information (information about browser, internet provider, end device and screen resolution)
  • the achievement of “website goals” (e.g. contact requests, newsletter registrations)

The use of Google Analytics is in accordance with Art. 6 para. 1 lit. a GDPR i.V.m. § 25 para. 1 TTDSG only if you have given us your consent via the selection in our content banner. If you have not consented, no data processing will take place.

You can revoke your consent at any time in accordance with Art. 7 para. 3 GDPR and without giving reasons with effect for the future by clicking on the “Cookie settings” button integrated in the footer of our website and thus calling up the consent banner. You can then use the banner to make a new selection. Alternatively, Google provides a deactivation add-on that can be installed on standard Internet browsers. You can find the link to the deactivation add-on at https://tools.google.com/dlpage/gaoptout?hl=de. This add-on ensures that information about your visit to our website is not transmitted to Google Analytics.

We cannot rule out the possibility that personal data may be transferred outside the legal area of the European Union, e.g. to servers located in the USA. Google is subject to the certification of the Data Privacy Framework and guarantees an equivalent level of data protection in the event of a possible data transfer to the USA. Furthermore, we have concluded agreements with Google regarding data processing. Through these agreements, Google guarantees that it will process the data in accordance with the General Data Protection Regulation and ensure the protection of the rights of the data subject (“EU Standard Contractual Clauses” (Art. 46 (2) lit. c GDPR)).

For details on the collection and storage of your personal data as well as the type, scope and purpose of its use by Google Analytics, please refer to Google’s privacy policy: https://policies.google.com/technologies/partner-sites?hl=de.

§11.2 Google Ads

We use the Google Ads advertising component on our website with conversion tracking, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. This gives us the opportunity to place ads both in Google’s search engine results and in the Google advertising network. With Google Ads, certain keywords are defined in advance, by means of which an ad is only displayed in Google’s search engine results if you use the search engine to retrieve a keyword-relevant search result.

The purpose of Google Ads is to promote our website by displaying interest-relevant advertising on the websites of third-party companies and in the search engine results of the Google search engine. If you access our website via a Google ad, Google will set a cookie. The cookie is used to track how you interact with our website and which subpages on our website have been accessed.

The cookie is used to store personal information, such as the websites visited by the data subject. Each time our websites are visited, personal data, including the IP address of the internet connection used by the data subject, is therefore transmitted to Google.

The use of Google Ads is in accordance with Art. 6 para. 1 lit. a GDPR i.V.m. § 25 para. 1 TTDSG only if you have given us your consent via the selection in our content banner. If you have not consented, no data processing will take place.

You can revoke your consent at any time in accordance with Art. 7 para. 3 GDPR and without giving reasons with effect for the future by clicking on the “Cookie settings” button integrated in the footer of our website and thus calling up the consent banner. You can then use the banner to make a new selection. In addition, you can object to interest-based advertising by Google by accessing www.google.de/settings/ads under the Internet browser you are using and making the desired settings there.

Google is subject to the certification of the Data Privacy Framework and guarantees an equivalent level of data protection in the event of a possible data transfer to the USA. We have also concluded agreements with Google regarding data processing. Through these agreements, Google guarantees that it will process the data in accordance with the General Data Protection Regulation and ensure the protection of the rights of the data subject (“EU Standard Contractual Clauses” (Art. 46 (2) lit. c GDPR)).

For details on the processing of your personal data by Google, please refer to Google’s privacy policy: https://policies.google.com/privacy

§11.3 Google Tag Manager

We use Google Tag Manager on our website, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. This is an organizational tool with which we can manage our analysis tags via an interface. The Google Tag Manager collects data on our website and forwards it to our connected analysis tools. The connected analysis tools store and evaluate this data. The Google Tag Manager itself does not set any cookies and does not store any personal data. The organization tool only collects data on how individual tags are used.

The Google Tag Manager is used in accordance with Art. 6 para. 1 lit. a GDPR i.V.m. § 25 para. 1 TTDSG only if you have given us your consent via the selection in our content banner. If you have not given your consent, Google Tag Manager will not be used.

You can revoke your consent at any time in accordance with Art. 7 para. 3 GDPR and without giving reasons with effect for the future by clicking on the link “Cookie settings” integrated in the footer of our website and thus calling up the consent banner. You can then use the banner to make a new selection.

Google is subject to the certification of the Data Privacy Framework and guarantees an equivalent level of data protection in the event of a possible data transfer to the USA. We have also concluded agreements with Google regarding data processing. Through these agreements, Google guarantees that it will process the data in accordance with the General Data Protection Regulation and ensure the protection of the rights of the data subject (“EU Standard Contractual Clauses” (Art. 46 (2) lit. c GDPR)).

For details on the processing of your personal data by Google, please refer to Google’s privacy policy: https://policies.google.com/privacy.

§11.4 Google reCAPTCHA, Google Fonts

We use Google reCAPTCHA on our website, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google reCAP-TCHA attempts to distinguish whether a particular action is performed by a human or a computer program or “bot”.

During the verification by Google reCAPTCHA, the following personal data, among others, is transmitted to Google:

  • the page that integrates Google reCAPTCHA
  • Your IP address
  • Your set language in the browser
  • Screen and window resolution information
  • The time zone
  • Installation of browser plugins

In addition, Google reCAPTCHA checks whether a cookie has already been created in your browser. If this is not the case, a cookie will be set by Google reCAPTCHA.

We would also like to point out that Google Fonts is part of the Google re-CAPTCHA tool and is also loaded as a necessary sub-function within this service. Google Fonts is a service that makes it possible to integrate various web fonts on websites. When you access our website on which Recaptcha is used, the required font is loaded into the browser cache by your web browser. These fonts are integrated by a server call to a Google server. Among other things, the following personal data is collected by Google Fonts:

  • Your IP address
  • the page you are visiting
  • Your preferred language setting
  • technical information (information about browser, internet provider, end device, screen and window resolution and operating system)

Google reCAPTCHA is used in accordance with Art. 6 para. 1 lit. f GDPR, i.e. on the basis of our legitimate interest in recognizing spam mails and bots and also fending them off in the interest of our users. Data processing only takes place if you use certain of our services, e.g. the contact form, subscribe to the newsletter or register.

Google is subject to the certification of the Data Privacy Framework and guarantees an equivalent level of data protection in the event of a possible data transfer to the USA. We have also concluded agreements with Google regarding data processing. Through these agreements, Google guarantees that it will process the data in accordance with the General Data Protection Regulation and ensure the protection of the rights of the data subject (“EU Standard Contractual Clauses” (Art. 46 (2) lit. c GDPR)).

For details on the processing of your personal data by Google, please refer to Google’s privacy policy: https://policies.google.com/privacy.

§12 Use of Visitor InSites Smart Pixel

(on client related pages of our .com website only)

We use Smart Pixel of Visitor InSites Inc. Tracking pixel are implemented on all client related pages of our clickworker.com website. The Tracking identifies visitors and leverages an identity Graph focused on adults in the US only. The tracking tool provides the visiting user’s contact details (name and email), job title, company name and LinkedIn profile.
Visitor InSites is compliant with California’s CCPA regulation.

Information is collected about our website visitors for Marketing purposes only. If you’d like to have your information deleted, please send an email to: dsb@clickworker.com

Provider of the above services is Visitor InSites, 1805 High Grove Lane, Suite 201, Naperville, Illinois 60540 You will find more information on the technology and the compliance with data protection laws on Visitor Insites‘ website: https://www.visitorinsites.com/faqs/

§13 Integration of YouTube with plug-in

We have integrated YouTube videos into our online offering, which are stored on http://www.youtube.com and can be played directly from our website. These are all integrated in “extended data protection mode” and via a plug-in, i.e. no data about you as a user is transferred to YouTube if you do not play the videos. Only when you play the videos will the data mentioned below be transmitted. We have no influence over this data transfer.

If you play a video from YouTube on our website, YouTube will receive the following personal data from you:

  • Your IP address
  • The date and time of the request
  • The time zone difference to Greenwich Mean Time
  • The content of the request (specific page)
  • the access status/HTTP status code
  • the amount of data transferred in each case
  • the website from which the request comes
  • Browser type, the operating system and its interface as well as the language and version of the browser software

This occurs regardless of whether YouTube provides a user account through which you are logged in or whether a user account exists or not.

If you have a YouTube user account and/or Google account and are logged in, YouTube can analyze your usage behavior and create a usage profile corresponding to your usage behavior. Cookies are stored on your device for this purpose. These cookies allow YouTube to create user profiles based on your preferences and interests and to show you customized advertising (inside and outside the platform). We have no access to the usage data that YouTube collects to compile these statistics. The individual data processing operations and their scope are not necessarily comprehensible to us.

If you do not agree to YouTube assigning the collected data directly to your YouTube user account and/or Google account, we recommend that you log out of the respective accounts of the above-mentioned portals before clicking on the video, delete your cookies as part of the browser settings and restart the browser. You also have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right.

The use of YouTube takes place in accordance with Art. 6 para. 1 lit. a GDPR i.V.m. § 25 para. 1 TTDSG only if you have given us your consent via the selection in our content banner / by clicking the play button. If you have not consented/if you have not played the YouTube video, no data processing will take place.

You can revoke your consent at any time in accordance with Art. 7 para. 3 GDPR and without giving reasons with effect for the future by clicking on the “Show cookie settings” button integrated in the footer of our website and thus calling up the consent banner. You can then use the banner to make a new selection.

YouTube is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. We cannot rule out the possibility that personal data may be transferred outside the legal area of the European Union, e.g. to servers located in the USA. Google is subject to the certification of the Data Privacy Framework and guarantees an equivalent level of data protection in the event of a possible data transfer to the USA.

For details on the collection and storage of your personal data as well as the type, scope and purpose of its use by YouTube, please refer to YouTube’s privacy policy: https://policies.google.com/privacy?hl=de.

§14 Processing of your data in the event of an application

You can apply for vacancies via our website or send us unsolicited applications. As part of the application process, we will process your application data electronically.

The processing of applicant data is only carried out to fulfill our (pre-)contractual obligations in the context of the application process in accordance with Art. 88 para. 1, Art. 6 para. 1 lit. b GDPR and in accordance with § 26 BDSG-new.

In order to guarantee that your application is processed exclusively by the authorized person of our company, we ask you to use the e-mail address provided for this purpose, which can be found on our “Careers” subpage.

In the event of a rejection, your documents will be deleted or destroyed immediately, whereby the legally stipulated minimum security level will always be observed when destroying the documents. Exceptionally, no immediate deletion will take place if the data requires longer storage of up to 4 months or until the conclusion of legal proceedings due to legal provisions (e.g. due to a burden of proof within the meaning of the AGG). The legal basis for this results from Art. 6 para. 1 lit. f GDPR i.V.m. § Section 24 para. 1 no. 1 BDSG.

Our legitimate interest lies in legal defense and enforcement. If we retain your application for a longer period of time in order to contact you again at a later date about career prospects at our company, this will only take place if you have previously given us your consent in accordance with Art. 6 para. 1 lit. a GDPR. Here, too, you have the right to revoke your consent at any time in accordance with Art. 7 para. 3 GDPR by submitting a declaration to us with effect for the future.
In the event of an acceptance and consequently the conclusion of an employment contract, we store your data transmitted to us as part of the application for the purpose of standard administrative and organizational processes. The legal basis for this results from Art. 6 para. 1 lit. b, Art. 88 para. 1 GDPR i.V.m. § SECTION 26 BDSG.

§15 Pure linking to the social media websites

The LinkedIn, Xing, YouTube link integrated on our site is not integrated via a so-called social plug-in. The embedded graphic only contains an http link to our LinkedIn, Xing, YouTube page. This means that no direct connection to the servers of the aforementioned sites is established when our site is accessed.

§16 Data protection declaration for our corporate presence on social networks

As the operator of company presences on social networks, we process personal data together with the respective provider of the social network. The legal basis for the processing of your personal data is Art. 6 para. 1 lit. f GDPR. Our legitimate interest is to present our company in common communication media and to offer users, interested parties and our customers a preferred form of communication with our company that is common in today’s world.

Our company operates the following company presences in the social networks:

  • LinkedIn
  • Xing
  • YouTube
  • X (Twitter)

We would like to point out that the use of social media by you, in particular the interaction with the networks, such as the posting and sharing of contributions, is at your own risk and that you can alternatively contact us via the contact form on our website or by e-mail/letter/telephone.

§16.1 Common responsibility pursuant to Art. 26 GDPR

In accordance with Art. 26 GDPR, joint data processing with the respective provider of the social network requires the conclusion of an agreement in which the distribution of our obligations under the GDPR and the obligations of the respective provider of the social network are bindingly defined.

With the creation and publication of our company websites, we have concluded such an agreement by accepting the so-called terms of use of the respective social network, which regulate the conditions for the use of the site and the resulting data processing.

The providers of the social network generally assume primary responsibility for fulfilling their data protection obligations (see ECJ judgment of 5.6.2018, Case C-210/16). This includes, among other things:

  • The fulfillment of information obligations (pursuant to Art. 12, 13 GDPR)
  • The rights of data subjects (pursuant to Art. 15 – 22 GDPR)
  • The security of the processing (pursuant to Art. 32 GDPR)
  • The notification of data protection breaches (pursuant to Art. 33, 34 GDPR)

Further details on the collection and storage of your personal data as well as the type, scope and purpose of its use by the respective provider of the social network can be found in the respective privacy policy of the platform operator.

As operators of company presences on social networks, we also assume responsibility for fulfilling our data protection obligations. This includes, among other things:

  • The lawfulness of the data processing (pursuant to Art. 6 para. 1 GDPR)
  • The forwarding of requests from data subjects relating to content published by us on the respective social networks to the respective platform operator

The obligation to create a privacy policy for our company presence on social networks

§16.2 Data processing by social networks

We use the technical platform and services of the following companies for the information services offered:

https://www.linkedin.com/company/resonio/, offered by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland

https://www.xing.com/pages/resonio, offered by New Work SE, Am Strandkai 1 in 20457 Hamburg

https://www.youtube.com/channel/UC1FQK9j006czw8Esbenz5LA, offered by Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland)

https://twitter.com/resonio_com, offered by Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2 D02 AX0, Ireland

Your visit to our profile on the respective social network triggers a variety of data processing operations. Your personal data is not only collected, used and stored by us, but also by the social network. This happens even if you do not have a profile on this network yourself. We only process the personal data that you provide to us through your public account and by commenting on our posts. You are not obliged to provide us with your personal data. However, this may be necessary for individual functionalities of our social media profile. These functionalities will not be available to you, or only to a limited extent, if you do not provide us with your personal data.

The legal basis for the processing of your personal data is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest lies in being able to communicate with users or interested parties as well as customers and to inform them about our services.

If you have a profile in the respective social network and are logged in, the social network processes, among other things, your voluntarily entered data such as first and last name, user name, email address and telephone number. In addition, the social network can analyze your usage behavior and create a usage profile corresponding to your usage behavior. Cookies are stored on your end device for this purpose. These cookies allow the social network to create user profiles based on your preferences and interests and to display customized advertising (inside and outside the platform). We do not have access to the usage data that the social network collects to create these statistics. The individual data processing operations and their scope are not necessarily traceable for us. We are only provided with anonymous usage statistics by the social network, which we use in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR to improve the user experience for specific target groups when visiting our company profile.

If you do not agree to the social network assigning the collected data directly to your profile, we recommend that you log out of this social network, delete your cookies as part of the browser settings and restart the browser. You also have the right to object to the creation of these user profiles, whereby you must contact the respective social network to exercise this right.

We cannot rule out the possibility that personal data may be transferred outside the legal area of the European Union, e.g. to servers located in the USA, when our company presence on social networks is accessed. Furthermore, we expressly point out that no equivalent level of data protection can be guaranteed for the USA.

For details on the collection and storage of your personal data as well as the type, scope and purpose of its use by the social networks we use, please refer to the data protection declarations published there:

LinkedIn:
https://www.linkedin.com/legal/privacy-policy? and
https://www.linkedin.com/help/linkedin/answer/a545600

Xing:
https://privacy.xing.com/en/privacy-policy,
https://privacy.xing.com/en/privacy-policy/what-rights-can-you-assert and
https://privacy.xing.com/en/your-privacy

YouTube
https://policies.google.com/privacy and,
https://myaccount.google.com/intro/privacycheckup

X (Twitter)
https://twitter.com/en/privacy and
https://help.twitter.com/en/resources/how-you-can-control-your-privacy

 

Version: Nov. 28, 2023