Data protection

Dear customers and potential customers,

In accordance with the provisions of Articles 13, 14 and 21 of the General Data Protection Regulation (GDPR), we are sending you this document to tell you about the processing of personal data collected about you and your rights in this regard under data protection law. The specific data that are processed, and how they are used, depend largely on the services requested or agreed. To ensure that you are fully informed about the processing of your personal data in the context of the performance of a contract or steps prior to entering into a contract, please note the information below.

(1) Controller for the data processing

In accordance with Art. 4 (7) GDPR and the applicable country-specific data protection regulations, the Controller is:

SCHOLPP GmbH
Waldstrasse 57 | 63128 Dietzenbach, Germany
+49 (0)6074 929 0 | Send e-mail

If you have any general questions for SCHOLPP GmbH about data protection, please send an e-mail.

You can write to our Data Protection Officer at the above postal address c/o Data Privacy Officer, or you contact us by e-mail: Send e-mail.

(2) Which data and sources do we use?

We process personal data that we receive in the course of our business relationship with customers, suppliers, contractors and prospective customers. To the extent that it is necessary for the provision of our services, we also process personal data acquired lawfully by us from publicly accessible sources or that are sent to us by other companies within the Group or by other third parties.

Relevant personal data in relation to the customer-acquisition process can include: Master data (e.g., name, address, telephone number, email address, customer number), order data, data required for compliance with our contractual obligations, information concerning your creditworthiness, the reliability of your payments, correspondence (e.g., letters to and from you) and other data comparable with these categories.

(3) For what purpose do we process your data (purpose of processing) and on what legal basis?

We process your personal data in compliance with the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG). These state that processing is lawful if at least one of the following conditions is met:

3.1 Processing in order to comply with contractual obligations (Art 6(1)(b) GDPR)

We process personal data in the context of the performance of contracts with our customers, suppliers, contractors and prospective customers, or else for steps at your request prior to entering into a contract.

3.2 Processing in the context of the balance of interests (Article 6(1)(f) GDPR)

In addition to the actual performance of the contract, we also process your data to the extent necessary for the purposes of the legitimate interests pursued by us or by third parties. For example:

• Consultation and exchange of data with credit agencies (e.g., Schufa) to determine credit and default risks
• Validating and optimizing needs-analysis processes and direct contact with customers, including customer segmentation and evaluation of the probability of closing deals
• Advertising for our own products, unless you have objected to the use of your data
• Asserting legal claims and defense in legal disputes
• Safeguarding IT security and IT operations
• Preventing criminal offenses
• Video surveillance to protect domiciliary rights, or to collect evidence in the event of assault, robbery or fraud
• Security measures for buildings and equipment (e.g., access controls)
• Measures to safeguard domiciliary rights
• Actions for business management and the further development of services and products

3.3 Processing on the basis of your consent (GDPR Art. 6 (1)(a))

Provided you have granted us consent to process personal data for certain purposes (such as disclosure to third parties, evaluation for marketing purposes, promotional activity), the legality of this processing is based on your consent. Any consent you give can be withdrawn at any time with future effect (see also Point 7 of this privacy statement). Please note that withdrawal of consent applies only with future effect and does not affect processing undertaken before consent is withdrawn.

3.4 Processing on the basis of legal requirements (Article 6(1)(c) GDPR) or in the public interest (Article 6(1)(e) GDPR)

We also process your personal data in order to comply with our legal obligations, such as regulatory requirements, retention obligations under commercial and tax law and our duties as consultants.

In the event that we use your personal data for a purpose not mentioned above, we will inform you of such use in advance.

(4) Who has access to my data?

Within our company, access to your data is given to those offices that require it in order to fulfill with our contractual and statutory obligations or in the pursuit of our legitimate interests.

Your data will be sent to certain companies within our Group if they undertake central data processing for companies within the Group, and to the extent permitted within the context of the purposes and legal bases set out in Point 3 of this data protection information sheet.

Your personal data are processed on our behalf on the basis of processing contracts in accordance with Art. 28 GDPR. In such cases, we ensure that personal data is processed in accordance with GDPR provisions. In this case, the recipients fall into the category of providers of customer-management systems and software.

We will only disclose information about you outside the company if we are permitted or instructed to do so by legal or official reporting obligations (such as to social insurance agencies, financial authorities or law enforcement authorities), where disclosure is necessary for the execution and thus the performance of the contract, or at your request, for the purposes of steps prior to entering into a contract, where you have given your consent or we are authorized to provide information.

(5) Are data sent to any third countries or international organizations?

We only send data to countries outside the EU or the EEA (so‑called third countries) to the extent necessary or required by law for the performance of contracts with our customers, suppliers, contractors or potential customers (e.g. fiscal reporting requirements) or where you have given your consent.  It is possible that such third countries will have lower levels of data protection than the EU.

Where third-country service providers are used for data processing, in addition to written instructions, they undertake to comply with European levels of data protection by agreeing to the EU standard contractual clauses.

(6) How long will my data be stored?

We process and store your personal data for as long as is necessary for compliance with our contractual and statutory obligations. Your personal data will be periodically deleted or blocked where it is no longer required to fulfill contractual or statutory obligations, where you have exercised your right to erasure, where all reciprocal claims have been settled, and where no other statutory retention obligations or legal bases for storing the data exist.

In addition, we are subject to various obligations to retain and document data arising from the German Commercial Code (Handelsgesetzbuch, HGB) and the German Tax Code (Abgabenordnung, AO). Their stipulated retention and documentation periods range from two to ten years.

The storage period also depend on statutory limitation periods, which Sections 195 ff. of the German Civil Code (Bürgerliches Gesetzbuch, BGB), typically set at three years, for example, but which can also be up to thirty years in certain cases.

(7) What are my data protection rights?

You can request information on the data stored concerning you (Art. 15 GDPR) using the above contact details. Additionally, you can request rectification where we have stored inaccurate data relating to you (Art. 16 GDPR). Under certain conditions, you can also request the erasure of your data (Art. 17 GDPR) or exercise your right to object (Art. 21 GDPR). You also have the right to restrict of your personal data (Art. 18 GDPR) and the right to receive data that you have provided (Art. 20 GDPR). The restrictions under Articles 34 and 35 GDPR apply to the right of access and the right to erasure.

In addition, you have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR in conjunction with Section 19 of the German Federal Data Protection Act (BDSG)). The right to lodge a complaint is without prejudice to any other administrative or judicial remedy.

To the extent that data processing is based on your consent, you have the right under Art. 7 GDPR to withdraw consent to the use of your personal data at any time. Please note that withdrawal of consent applies only with future effect and does not affect processing undertaken before consent is withdrawn. Please also note that we are required to store certain data, sometimes for a stipulated time period, in order to comply with statutory requirements.

(8) Information on your right to object under Article 21 of the General Data Protection Regulation (GDPR)

1. INDIVIDUAL RIGHT TO OBJECT

You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on point (e) of Article 6(1) GDPR (data processing in the public interest) and point (f) of Article 6(1) of GDPR (Data processing on the basis of the balance of interests); this also includes profiling based on those provisions within the meaning of Article 4(4) GDPR.

If you file an objection, we will cease to process your personal data unless we can establish compelling and legitimate grounds for such processing that outweigh your interests, rights and freedoms, or to the extent that processing is necessary to assert, exercise or defend legal claims.

2. RIGHT TO OBJECT TO DATA PROCESSING FOR DIRECT-MARKETING PURPOSES

In certain cases, we process your personal data for the purposes of direct marketing. You have the right to object at any time to the processing of personal data concerning you for the purposes of such marketing. If you object to processing for the purposes of direct marketing, we will cease to use your personal data for this purpose. You can lodge your complaint in any form and should preferably send it to:

To safeguard your rights, please feel free to use the contact details in Point 1 above.

(9) What happens if I do not provide my data?

Provision of personal data is in principle neither statutorily nor contractually mandatory for the establishment, implementation or performance of a contract, or for steps prior to entering into a contract. You are therefore not obliged to provide your personal details. However, please note that we generally require these for decisions on conclusion of contracts, performance of contracts and steps prior to entering into contracts. Unless you provide us with personal data, we may be unable to take decisions in relation to contracts. We recommend that you always only provide personal data that is required for the conclusion or performance of a contract or for steps prior to entering into a contract.

(10) Automated decision‑making

In accordance with Art. 22 GDPR, in principle we do not use fully automated decision‑making for the establishment, fulfillment or conduct of business relationships or for steps prior to entering into such relationships. Where we use these procedures in individual cases, we will inform you separately of this and seek your consent where this is required by law.

Download

Data protection information on our processing of business-partner data pursuant to Articles 13, 14 and 21 of the EU General Data Protection Regulation (GDPR)

I. Information on the collection of personal data

(1) General information

Thank you for your interest in our website. Protecting your personal data upon your visit to our website is a particularly high priority for the management of SCHOLPP Holding GmbH. We have set out the following information to give you an overview of how your personal data is processed by us and your rights under data protection legislation. Personal data is any data that can be related to you personally, for example, your name, address, e-mail addresses, and user behavior.

Where a data subject wishes to use particular services offered by our company via our website, such as our contact form, it may be necessary to process personal data. If the processing of personal data is necessary and there is no legal basis for the processing, we generally obtain the consent of the data subject. Data is processed at all times in compliance with the European General Data Protection Regulation (GDPR) and in accordance with the country-specific data protection regulations that apply to SCHOLPP Holding GmbH.

As the data controller, SCHOLPP Holding GmbH has implemented technical and organizational measures to ensure that your personal data processed on this website is protected to the greatest possible extent against loss, destruction, access, alteration, or dissemination by unauthorized persons. This also includes securely transmitting your personal data in encrypted form. We use the TSL (Transport Layer Security) coding system for this purpose.

However, it is impossible to guarantee complete protection due to fundamental security vulnerabilities in web-based data transmission.

(2) Controller

The controller pursuant to Art. 4 (7) of the European General Data Protection Regulation (GDPR) and the applicable country-specific data protection regulations is:

SCHOLPP Holding GmbH
Waldstraße 57
63128 Dietzenbach
Germany
+49 (0)6074 929 0
Fax:  +49 (0)6074 929 100
Send e-mail

If you have any general questions about data protection within the SCHOLPP Group, pleaseSend an e-mail.

You can write to our Data Protection Officer, Sven Bartsch, at the above postal address c/o Data Privacy Officer, or you can contact us by e-mail to:  Send e-mail.

(3) General information on data processing

We collect and use the personal data of our users only where this is necessary to provide a functional website, to display our content, and to provide services. The personal data of our users is collected and used only with the consent of the user. This does not apply to cases where it is not possible to obtain prior consent for practical reasons and where the processing of the data is permitted under statutory regulations.

The following legal bases apply to the processing of your personal data:

• Processing on the basis of consent (Art. 6 (1) a) GDPR)
• Processing for the purpose of performing a contract to which the data subject is party. This also applies to processing that is necessary to take steps prior to entering into a contract (Art. 6 (1) b) GDPR)
• Processing that is necessary for compliance with a legal obligation to which our company is subject (Art. 6 (1) c) GDPR)
• Processing in the event that the vital interests of the data subject or another natural person render the processing of personal data necessary (Art. 6 (1) d) GDPR)
• Processing that is necessary to protect the legitimate interests of our company or a third party, except where these interests are overridden by the interests, fundamental rights, and freedoms of the data subject (Art. 6 (1) f) GDPR). Legitimate interests may include, in particular:
• Correctly displaying the content of our website
• Statistical analyses for the purpose of monitoring and optimizing our website
• Providing law enforcement authorities with the information required for criminal prosecution in the event of a cyberattack
• Responding to requests and providing services and/or information intended for you
• Processing and transmitting personal data for internal or administrative purposes
• Preventing and investigating cases of fraud and criminal offenses
• Ensuring the permanent operational reliability of our IT systems and the technology used on our website with a view to strengthening data protection and data security within our company

II. Your rights

(1) My rights as a data subject

You can request information on the data stored on you (Art. 15 GDPR) using the above contact details. Additionally, you can request rectification where we have stored inaccurate data relating to you (Art. 16 GDPR). Under certain conditions, you can also request the erasure of your data (Art. 17 GDPR) or exercise your right to object (Art. 21 GDPR). You also have the right to restrict the processing of your personal data (Art. 18 GDPR) and the right to receive the data that you have provided (Art. 20 GDPR). The restrictions under Articles 34 and 35 GDPR apply to the right of access and the right to erasure. In addition, you have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR in conjunction with Section 19 of the German Federal Data Protection Act (BDSG)).

(2) Objection to/withdrawal of consent to the processing of your data

If you have given your consent to the processing of your data, you can withdraw this consent at any time. Withdrawing your consent affects the lawfulness of the processing of your personal data after you have notified us of the withdrawal.

Insofar as we have based the processing of your personal data on the balance of interests, you can object to the processing. This is the case where, in particular, processing is not necessary to perform a contract with you, as we have outlined in the following description of the respective functions. If you choose to exercise your right to object, please state the reasons why we should not process your personal data as we have been doing so far. If your objection is justified, we will examine the situation and will either stop processing your data, or adapt the manner in which we do so, or state our compelling legitimate reasons for continuing to process your data.

(3) Who has access to my data?

Unless otherwise provided for in the detailed descriptions of our services, those units within our company that need your data to fulfill our contractual and statutory obligations will have access to it. We will only disclose information relating to you where statutory duties to provide information require us to do so, where you have given your consent and/or where the disclosure is legitimate under another legal basis.

Where we engage the services of contracted service providers for specific functions of our website, these providers are carefully selected and commissioned by us, are bound by our instructions and monitored on a regular basis.

If we would like to use your data for marketing purposes, we have set out in detail below how these processes operate.

(4) How long is my data stored?

Unless otherwise provided for in the detailed descriptions of our services, we process and store your personal data as long as is necessary to fulfill our contractual and statutory obligations.

Your personal data is periodically deleted or blocked where it is no longer required to fulfill contractual or statutory obligations, you have exercised your right to erasure, all reciprocal claims have been settled, and no other statutory retention obligations or legal bases for storing the data exist.

III. Collection of personal data when you visit our website

(1) Use of server log files

Each time a data subject or an automated system accesses our website, a series of general data and information is collected in log files. This includes an Internet protocol address (IP address), the directory protection user, the browser types and versions used, the website from which the accessing system accesses our website (so-called referrer), the sub-pages on our website accessed by the accessing system, data volume, date and time of the access to our website, and other similar data and information for risk prevention purposes in case of attacks on our IT systems.

The legal basis for the temporary storage of data and log files is Art. 6 (1) f) GDPR in connection with the aforementioned legitimate interests.

Temporary storage of the IP address by the system is necessary to ensure that the website is transmitted to the user’s computer. In this case, the user’s IP address must be stored for the duration of the session.

Data is stored in log files to ensure that the website functions properly. The data also helps us to optimize the website and ensure the security of our IT systems. This also forms the basis for our legitimate interest in the data processing pursuant to Art. 6 (1) f) GDPR. The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. Where data is collected to provide the website, this is the case when the respective session has ended. The collection of data for the provision of the website and the storage of data in log files is necessary to operate the website. The log files may also be inspected where, on the basis of specific indications, there is legitimate reason to suspect illegal use or a specific attack on our website. Here, our legitimate interest in the processing lies in identifying and prosecuting the individuals behind such attacks or illegal use.

(2) Use of cookies

In addition to the data set out above, cookies are stored on your computer when you use our website. Cookies are small text files that are assigned to your browser and stored on your hard drive, and by means of which specific information is transmitted to the body setting the cookie (in this case, us). Cookies cannot run programs or transmit viruses to your computer. Their purpose is to make the website more user-friendly and more efficient as a whole.

This website uses the following types of cookies. Their scope and function are set out below:

Transient cookies: Transient cookies are automatically deleted when you close your browser. This includes session cookies in particular. These store a so-called session ID, which is used to assign various requests from your browser to the same session. This allows your computer to be recognized when you return to our website. Session cookies are deleted when you log out or close your browser.

Persistent cookies: These are deleted automatically after a specified time, which may vary depending on the cookie. You can delete the cookies at any time in the security settings of your browser.

When you access our website, we inform you that we use cookies and obtain your consent to the processing of the personal data used in this context. Here we also refer you to this Data Protection Policy. You can configure your browser settings according to your personal preferences and, for example, reject third-party cookies or all cookies. You as the user therefore have full control over the use of cookies. Art. 6 (1) f) GDPR provides the legal basis for the processing of personal data using cookies. If you disable cookies for our website, you may not be able to make full use of all the functions of the website.

IV. Other functions and services of our website

Besides the purely informational use of our website, we also offer various services which you can use if interested. You will generally be asked to provide further personal data in this case, which we will use to provide the respective service. The above data processing principles apply to the personal data provided.

(1) Use of contact options

We provide a contact form, which can be used to contact us electronically, on our website. The data entered by the user on this form is transmitted to us and stored. This includes the following required fields: your name, e-mail address, and your message. All other details are voluntary and not required. Before the contact form is transmitted, we obtain your consent to the processing of your data and refer you to this Data Protection Policy. Art. 6 (1) a) GDPR provides the legal basis for the processing of data using the contact form.

Alternatively, you can contact us using the e-mail address provided. In such cases, we store the personal data of the user that is transmitted in the e-mail. The data is used solely for the ongoing dialogue with you and will not be shared with third parties. We have a legitimate interest in processing the personal data transmitted in an e-mail under Art. 6 (1) f) GDPR.

Where the purpose of the e-mail contact is to conclude a contract, Art. 6 (1) b) GDPR applies additionally to steps taken prior to entering into a contract and, where applicable, for subsequent processing in order to perform a contract.

We only store personal data that is processed by us within the context of a general request sent via the contact form or in an e-mail until such time as our dialogue has ended. The dialogue is deemed to have ended when it can be seen from the circumstances that the issue in question has been conclusively resolved.

Consent to the processing of your personal data can be withdrawn at any time. If you contact us by e-mail, you can, of course, also object at any time to the storage of your personal data. In such cases, we will not be able to continue the dialogue with you.

(2) Newsletter

By granting your consent, you can subscribe to our newsletter with which we keep you informed at regular intervals about our current projects, company innovations, and other interesting offerings. We use the so-called double opt-in process for newsletter subscriptions. This means that we will send an e-mail to the address that you have provided in which we ask you to confirm that you want to receive the newsletter. If you do not confirm your subscription within 24 hours, your information will be blocked and automatically deleted after 14 days. We also store the IP addresses used by you as well as the time of subscription and confirmation. The purpose of this procedure is to enable us to document your subscription and to investigate any potential misuse of your personal data.

The only information we require in order to send you the newsletter is your e-mail address. The provision of other separately indicated data is voluntary and will be used to address you personally. Upon receipt of your confirmation, we will store your e-mail address in order to send you the newsletter. The legal basis for this is Art. 6 (1) a) GDPR.

You can withdraw your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can do so by clicking the link provided for this purpose in each newsletter e-mail, by sending an e-mail to info(at)scholpp.de, or by sending a message to us using the contact details provided on the page About this website.

We should point out that the newsletter is sent and analyzed using the e-mail marketing solution provided by Mailingwork GmbH, Birkenweg 7, 09569 Oederan, Germany. The data you provide to allow us to send you the newsletter is stored on Mailingwork’s servers in Germany. To ensure that Mailingwork processes your personal data solely in line with our instructions and in compliance with the applicable data protection legislation, we have concluded a data processing agreement with Mailingwork.

During the sending of newsletter e-mails, technical information (e.g. time of access, IP address, browser type, and operating system) is collected in order to analyze user behavior. For the purposes of this analysis, these e-mails contain so-called web beacons that establish a connection with Mailingwork’s servers in Germany. This enables us to record if and when you read our newsletters and the links you click in them, and to use this data to identify your personal interests. The data generated in this way is used solely to enable us to understand our subscribers’ expectations better and to adapt the content accordingly. At no time will Mailingwork write to you for its own purposes on the basis of your personal data, nor will your data be shared with third parties.

You can find detailed information about Mailingwork and the functions offered by it at https://mailingwork.de/software/newsletter-software/

You can object to this tracking at any time by clicking the separate link provided in each e-mail or by contacting us through a different channel. The information will be stored until you unsubscribe from the newsletter. After you unsubscribe from the newsletter, we store the data anonymously and solely for statistical purposes.

(3) Job newsletter

By granting your consent, you can subscribe to our job newsletter, which keeps you informed of all new job vacancies on the SCHOLPP job portal at regular intervals. We use the so-called double opt-in process for newsletter subscriptions. This means that we will send an e-mail to the address that you have provided in which we ask you to confirm that you want to receive the newsletter. If you do not confirm your subscription within 14 days, your information will be blocked and automatically deleted after one month. We also store the IP addresses used by you as well as the time of subscription and confirmation. The purpose of this procedure is to enable us to document your subscription and to investigate any potential misuse of your personal data.

The only information we require in order to send you the newsletter is your e-mail address. The provision of other separately indicated data is voluntary and will be used to address you personally. Upon receipt of your confirmation, we will store your e-mail address in order to send you the newsletter. The legal basis for this is Art. 6 (1) a) GDPR.

You can withdraw your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can do so by clicking the link provided for this purpose in each newsletter e-mail, by sending an e-mail Send e-mail, or by sending a message to us using the contact details provided on the page About this website.

(4) Use of personal data provided in the application process

Ensuring the highest possible level of protection for your personal data in the application process is important to us. All personal data that is collected and processed by us as part of an application is protected against unauthorized access and manipulation by technical and organizational measures.

In addition to the option of e-mailing your application to Send e-mail, you can also send your application details directly via our online application platform. The data entered by applicants on this platform is transmitted to us and stored. Mandatory data for an online application includes your first name, last name, and e-mail address; any additional information such as address, phone numbers, and your application documents are voluntary. Before the contact form is transmitted, we obtain your consent to the processing of your data and refer you to this Data Protection Policy. Art. 6 (1) a) GDPR and/or Section 26 BDSG provide the legal basis for the processing of data where the online application form is used.

Your personal data is collected and processed solely for the purpose of selecting or recruiting potential employees with the objective of filling job vacancies within our corporate group.

Additionally, data is processed on the basis of our legitimate interests pursuant to Art. 6 (1) f) GDPR:

• To optimize our application processes
• To ensure observance of compliance regulations, industry standards, and contractual obligations
• To establish, exercise, or defend legal claims, and
• To prevent damage to and/or liability on the part of our company by adopting appropriate measures

Your data is deleted once it is no longer needed for the purpose for which it was collected; it will, however, be retained for as long as is necessary to defend legal claims or against accusations under the General Equal Treatment Act (AGG). This is usually 6 months. Particularly interesting applicants to whom we are unable to offer a position at that point in time are asked to provide separate consent so that their data can be retained for a longer period (usually one year). Where accounting-related processing takes place, for example the reimbursement of travel expenses, the data required for this is deleted in accordance with the statutory retention periods, which are usually 6 or 10 years.

If the application is successful and we are able to offer you a contract of employment within our company, we will transfer the data collected during the application process to our personnel files.

(5) WhatsApp Messenger Service

If you have consented, we will process your provided or available personal data (e.g. name, telephone number, e-mail address, Messenger ID, profile picture, messages) for communication in the recruiting process using the instant messaging service "WhatsApp" WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

An existing messaging account is required to use this service. We would like to point out that WhatsApp Ireland Limited may also pass on personal data (in particular communication metadata) to WhatsApp Inc., which is also processed on servers in countries outside the EU (e.g. USA) which do not have an adequate level of data protection . WhatsApp may share this data with other companies within and outside the Facebook group of companies. For more information, see the WhatsApp Business (https://www.whatsapp.com/legal/business-policy/) and WhatsApp (https://www.whatsapp.com/legal/#privacy-policy) privacy policies.

We have neither precise knowledge nor influence on the data processing by WhatsApp Ireland Limited or WhatsApp Inc., which is responsible for data protection in this respect. In addition to the recipients specifically named above, we use the help of other service providers (processors) to fulfill our obligations. We would like to point out that you can revoke your consent at any time without giving reasons for the future by sending us your revocation via Whatsapp with a message with the note REVOCATION or by e-mail to the address in this data protection declaration or our imprint stated e-mail address of the corresponding processing of their personal data.

The above data will be deleted by us in accordance with the legal requirements as soon as your consent to processing is revoked or if the purpose of processing this data no longer applies or it is not required for the purpose. If the data is not deleted because it is required for other, legally permissible purposes, its processing will be limited to these purposes. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be stored for commercial or tax reasons or whose storage is necessary to assert, exercise or defend legal claims or to protect the rights of another natural or legal person.

V. Web analysis

(1) Google Tag Manager

This website uses Google Tag Manager. This service enables website tags to be managed via an interface. Google Tag Manager only implements tags. This means that no cookies are set and no personal data is collected. Google Tag Manager triggers other tags that in turn may collect data. However, Google Tag Manager does not access this data. In the event that domains or cookies have been disabled, this also applies to all tracking tags, provided that these were implemented using Google Tag Manager.

(2) Use of Google Analytics

This website uses Google Analytics, a web analysis service provided by Google Inc. (“Google”). Google Analytics uses “cookies,” which are text files that are stored on your computer and enable an analysis of how you use the website. The information generated by the cookie about your use of this website is usually sent to a Google server in the USA and stored there. If IP anonymization is activated on this website, your IP address will first be truncated by Google within the Member States of the European Union or other countries that are party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity, and to provide the website operator with other services relating to website activity and Internet usage.

Your IP address transmitted by your browser will not be associated by Google with any other data during the use of Google Analytics.

You can prevent the storage of cookies by configuring your browser settings accordingly. However, please note that in this case you may not be able to use all of the functions of this website to their full extent. You can also prevent the collection and processing of data generated by the cookie and related to your use of the website (including your IP address) by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

Opt-out cookies prevent your data from being collected in future when you visit this website. To prevent the collection of data by Universal Analytics on various devices, you should set the opt-out cookie on all of the systems that you use. To set the opt-out cookie, click here: deactivate Google Analytics.

This website uses Google Analytics with the extension “_anonymizeIp()”. This means that IP addresses are only processed in truncated form, meaning that they cannot be related to a specific individual. Any possibility of relating the data collected on you to you personally is immediately excluded, and the personal data is deleted immediately.

We use Google Analytics to analyze the use of our website and in order to make regular improvements. We use these statistics to improve our presence and to make the content more interesting for you as the user. For the exceptional cases in which personal data is transmitted to the USA, Google has submitted to the EU-US Privacy Shield, www.privacyshield.gov/EU-US-Framework. The legal basis for the use of Google Analytics is Art. 6 (1) f) GDPR.

Third-party provider details: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax:  +353 (1) 436 1001. Terms and conditions of use: https://www.google.com/analytics/terms/us.html, data privacy overview:  http://www.google.com/intl/de/analytics/learn/privacy.html, and privacy policy:  https://policies.google.com/privacy.

This website also uses Google Analytics for the cross-device analysis of website traffic, which is performed via a user ID. You can disable the cross-device analysis of your user behavior in your customer account by going to My Data > Personal Data.

(3) Company identification

This website uses Piwik, an open source software application for statistical analysis of user access. Piwik uses cookies. Cookies are small text files that are stored in a user’s browser. They are used to evaluate the use of this website. Data is collected, processed and stored on servers in Germany in order to create pseudonymous usage profiles. The data includes the name of the accessed website, file, date and time of access, transferred data volume, notification of successful access, browser type and version, the user’s operating system, referrer URL (the page visited previously), IP address and the requesting provider. The personal IP address is anonymised immediately after processing (IP-based company identification) by deleting the last number block (masking), and is also not merged with the cookies or other data. Users can prevent cookie-based tracking by setting their browser software accordingly or by clicking on the following link (opt-out).

(4) Post-view tracking

This website uses Google DoubleClick cookies (Floodlights). DoubleClick is a service provided by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Cookies are small text files that are stored in a user’s browser. They are used to evaluate the use of this website. The data collected are only evaluated for statistical purposes and in anonymous form. Your browser is assigned a pseudonymous identification number (ID). DoubleClick cookies do not contain any personal data. You can prevent the use of cookies by downloading and installing the browser plugin available at the following link under ‘Extension for disabling DoubleClick’. Alternatively, you can disable the Doubleclick cookies on the Digital Advertising page by clicking on the following link.

(5) Analysis by Wired Minds

Our website uses counting pixel technology provided by WiredMinds GmbH (www.wiredminds.de) to analyze visitor behavior. In connection with this, the IP address of the visitor is processed. The processing occurs only for the purpose of collecting company based information such as company name, for example. IP addresses of natural persons are excluded from any further processing by means of a whitelist. An IP address is not stored in LeadLab under any circumstances. While processing data, it is our outmost interest to protect the rights of natural persons. Our interest in processing data is based on Article 6(1)(f) GDPR. At no time is it possible to draw conclusions from the collected data on an identifiable person. WiredMinds GmbH uses this information to create anonymized usage profiles of the visit behavior on our website. Data obtained during this process is not used to personally identify visitors of our website. Alternatively, you can disable the Doubleclick cookies on the Digital Advertising page by clicking on the following Exclude from tracking link.

(6) Dealfront Lead Feeder

We use LeadFeeder as a tool to identify and collect behavioural data from business users on our website. To do this, LeadFeeder accesses the list of IP addresses of website visitors provided by Google Analytics and links the IP addresses to information about the companies that can be found on the Internet under these IP addresses. LeadFeeder only displays company visits and no classification with direct personal reference. The tool collects the visitor's IP address to determine the company and geographic location. LeadFeeder is a service of Liidio Oy, Mikonkatu 17 C, Helsinki 00100, Finland. LeadFeeder's privacy policy can be found at https://www.leadfeeder.com/privacy/.

VI. Use of social media

(1) Social media plug-ins

We currently use the following social media plug-ins: Facebook, Xing, LinkedIn and YouTube. We use the so-called two-click solution for these plug-ins. This means that when you visit our website, no personal data is initially sent to the plug-in providers. You can recognize the plug-in provider by the marking in the box around its initial letter or its logo. You can use the button to communicate directly with the plug-in provider. The plug-in provider is only notified that you have accessed the respective page of our website if you click on the marked field and thereby activate it. The data specified in Section III of this policy is also transmitted. In the case of Facebook and Xing, IP addresses are anonymized immediately after collection, according to the respective providers in Germany. By activating the plug-in, personal data relating to you is transmitted to the respective plug-in provider and stored there (in the case of US providers, in the USA). As the plug-in provider collects data particularly through the use of cookies, we recommend that you delete all cookies in your browser’s security settings before clicking the grayed-out box.

We have no influence on the data collected or the manner in which it is processed, nor are we aware of the full scope of the data collection, the purposes of the processing or the storage periods. We also have no information about the deletion of the collected data by the plug-in provider.

The plug-in provider stores the collected data relating to you in the form of user profiles and uses these for the purpose of advertising, market research and/or the needs-based design of its website. Such an evaluation is carried out in particular (even if users are not logged in) in order to display appropriate ads and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles; however, you must contact the respective plug-in provider to exercise this right. We use this plug-in to enable you to interact with the social media networks and other users so that we can improve our online presence and make the content more interesting for you as the user. The legal basis for the use of plug-ins is Art. 6 (1) f) GDPR.

The data is transmitted regardless of whether or not you have an account with the plug-in provider and are logged into it. If you are logged into the plug-in provider, the data relating to you collected by us is directly assigned to your account with the plug-in provider. If you click the activated button and, for example, link the page, the plug-in provider also stores this information in your user account and shares it publicly with your contacts. We recommend that you routinely log out after using any social media network, and in particular before activating the button, as this prevents the plug-in provider from linking this data to your profile.

Further information on the purpose and scope of the data collection and processing by the plug-in provider can be found in the providers’ privacy policies listed below. These policies also contain further information on your rights in this context and the settings to protect your privacy.

Addresses of the respective plug-in providers and URLs where you can find their privacy policies:

a)     Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php; further information on data collection:  http://www.facebook.com/help/186325668085084, http://www.facebook.com/about/privacy/your-info-on-other#applications and http://www.facebook.com/about/privacy/your-info#everyoneinfo.  Facebook has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

b)    Xing AG, Gänsemarkt 43, 20354 Hamburg, Germany; http://www.xing.com/privacy.

c)     LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; http://www.linkedin.com/legal/privacy-policy. LinkedIn has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

d)    Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA; https://twitter.com/privacy. Twitter has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

e)     YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.  YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; policies.google.com/technologies/partner-sites. Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

(2) Integration of Google Maps

We use Google Maps on this website in the form of a link. An interactive map is displayed when you click this link, making the map function easy for you to use.

When you visit this website, Google receives the information that you have accessed the respective sub-page of our website. The data specified in the section “Use of server log files” of this Data Protection Policy is also transmitted. This occurs regardless of whether or not you have a user account with Google and are logged into it. If you are logged into Google, your data is directly assigned to your account. If you do not want this data to be assigned to your Google account, you should log out before activating the button. Google stores the data relating to you in the form of user profiles and uses these for the purpose of advertising, market research and/or the needs-based design of its website. Such an evaluation is carried out in particular (even if users are not logged in) in order to display appropriate ads and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles; however, you must contact Google in order to exercise this right.

Further information on the purpose and scope of the data collection and processing by the plug-in provider can be found in the provider’s privacy policy. Here you can also find further information on your rights in this context and the settings to protect your privacy: https://policies.google.com/privacy. Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

(3) Integration of YouTube videos

We have embedded YouTube videos on our website. These videos are stored at http://www.YouTube.com and can be played directly from our website. They are all embedded in privacy-enhanced mode, which means that no data relating to you as the user is transmitted to YouTube if you do not play the videos. The data specified in Paragraph 2 is only transmitted if you play the videos. We have no influence on the transmission of this data.

When you visit the website, YouTube receives the information that you have accessed the respective sub-page of our website. The data specified in Section III of this policy is also transmitted. This occurs regardless of whether or not you have a user account with YouTube and are logged into it. If you are logged into Google, your data is directly assigned to your account. If you do not want this data to be assigned to your YouTube account, you should log out before activating the button. YouTube stores the data relating to you in the form of user profiles and uses these for the purpose of advertising, market research and/or the needs-based design of its website. Such an evaluation is carried out in particular (even if users are not logged in) in order to display appropriate ads and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles; however, you must contact YouTube in order to exercise this right.

Further information on the purpose and scope of the data collection and processing by YouTube can be found in its privacy policy. This policy also contains find further information on your rights in this context and the settings to protect your privacy: https://policies.google.com/privacy. Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

Download

Data Protection Policy for users of the SCHOLPP Holding GmbH website