Data protection

1. Privacy at a glance

General information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is all data with which you can be personally identified. Detailed information on the subject of data protection can be found in our privacy policy listed below this text.

Data collection on this website

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. You can find their contact details in the section “Information on the controller” in this privacy policy.

How do we collect your data?

On the one hand, your data is collected when you provide it to us. This can be z. B. be data that you enter in a contact form. Other data is collected automatically or with your consent by our IT systems when you visit the website. This is primarily technical data (e.g. internet browser, operating system or time of the page call). This data is collected automatically as soon as you enter this website.

What do we use your data for?

Some of the data is collected to ensure that the website is provided without errors. Other data can be used to analyze your user behavior.

What rights do you have regarding your data?

You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time for the future. You also have the right, under certain circumstances, to request that the processing of your personal data be restricted. Furthermore, you have the right to lodge a complaint with the competent supervisory authority. You can contact us at any time if you have further questions on the subject of data protection.

Analysis tools and third-party tools

When you visit this website, your surfing behavior can be statistically evaluated. This is mainly done with so-called analysis programs. Detailed information on these analysis programs can be found in the following privacy policy.

2. General information and mandatory information

privacy

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration. If you use this website, various personal data will be collected. Personal data is data with which you can be personally identified. This data protection declaration explains what data we collect and what we use it for. It also explains how and for what purpose this happens. We would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.

Note on the responsible body

The controller responsible for data processing on this website is: farmunited GmbH Gebhardstraße 7 88046 Friedrichshafen Tel.
+49 7541 99595-0 info@farmunited.com The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).

storage duration

Unless a more specific storage period has been specified in this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a justified request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, deletion will take place after these reasons no longer apply.

General information on the legal basis for data processing on this website

If you have consented to data processing, we process your personal data on the basis of Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, if special data categories according to Art. 9 para. 1 GDPR are processed. In the event of express consent to the transfer of personal data to third countries, data processing is also based on Art. 49 para. 1 lit. a GDPR. If you have consented to the storage of cookies or to access information on your end device (e.g. via device fingerprinting), data processing is also carried out on the basis of Section 25 Para. 1 TTDSG. The consent can be revoked at any time. If your data is required to fulfill the contract or to carry out pre-contractual measures, we process your data on the basis of Art. 6 Para. 1 lit. b GDPR. Furthermore, we process your data if they are required to fulfill a legal obligation on the basis of Art. 6 para. 1 lit. c GDPR. The data processing can also be based on our legitimate interest according to Art. 6 para. 1 lit. f GDPR. Information on the relevant legal bases in each individual case is provided in the following paragraphs of this privacy policy.

Note on data transfer to the USA and other third countries

Among other things, we use tools from companies based in the USA or other third countries that are not secure under data protection law. If these tools are active, your personal data can be transferred to these third countries and processed there. We would like to point out that in these countries no level of data protection comparable to that of the EU can be guaranteed. For example, US companies are obliged to release personal data to security authorities without you as the person concerned being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g. secret services) will process, evaluate and permanently store your data on US servers for monitoring purposes. We have no influence on these processing activities.

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke consent that you have already given at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to object to data collection in special cases and to direct advertising (Art. 21 GDPR)

IF THE DATA PROCESSING IS BASED ON ART. 6 ABS. 1 LIT. E OR F GDPR, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH A PROCESSING IS BASED CAN BE FOUND IN THIS DATA PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR CONCERNED PERSONAL DATA UNLESS WE CAN PROVE COMPREHENSIVE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOM OBJECTION ACCORDING TO ARTICLE 21 (1) GDPR). IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR SUCH ADVERTISING PURPOSES; THIS ALSO APPLIES TO PROFILING TO THE EXTENT RELATED TO SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR THE PURPOSE OF DIRECT MARKETING (OBJECTION PURSUANT TO ART. 21 PARA. 2 GDPR).

Right of appeal to the competent supervisory authority

In the event of breaches of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, place of work or place of the alleged infringement. The right of appeal exists without prejudice to other administrative or judicial remedies.

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done to the extent that it is technically feasible.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Information, deletion and correction

Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of the data processing and, if necessary, a right to correction or deletion of this data. You can contact us at any time if you have further questions on the subject of personal data.

Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. You can contact us at any time for this. The right to restriction of processing exists in the following cases:

  • If you dispute the accuracy of your personal data stored by us, we usually need time to check this. For the duration of the examination, you have the right to request that the processing of your personal data be restricted.
  • If the processing of your personal data happened/is happening unlawfully, you can request the restriction of data processing instead of deletion.
  • If we no longer need your personal data, but you need it to exercise, defend or assert legal claims, you have the right to request that the processing of your personal data be restricted instead of being deleted.
  • If you object according to Art. 21 para. 1 GDPR, a balance must be struck between your interests and ours. As long as it has not yet been determined whose interests prevail, you have the right to demand that the processing of your personal data be restricted.

If you have restricted the processing of your personal data, this data – apart from its storage – may only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.

3. Data collection on this website

cookies

Our Internet pages use so-called “cookies”. Cookies are small text files and do not cause any damage to your end device. They are stored on your end device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted after your visit. Permanent cookies remain stored on your end device until you delete them yourself or until they are automatically deleted by your web browser. In some cases, cookies from third-party companies can also be stored on your end device when you enter our site (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for processing payment services). Cookies have different functions. Numerous cookies are technically necessary because certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies are used to evaluate user behavior or to display advertising. Cookies that are required to carry out the electronic communication process, to provide certain functions you want (e.g. for the shopping cart function) or to optimize the website (e.g. cookies for measuring web audience) (necessary cookies). on the basis of Art. 6 para. 1 lit. f GDPR, unless another legal basis is given. The website operator has a legitimate interest in the storage of necessary cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies and comparable recognition technologies was requested, processing takes place exclusively on the basis of this consent (Art. 6 Para. 1 lit. a DSGVO and § 25 Para. 1 TTDSG); the consent can be revoked at any time. You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when the browser is closed. If cookies are deactivated, the functionality of this website may be restricted. If cookies are used by third-party companies or for analysis purposes, we will inform you about this separately in this privacy policy and, if necessary, request your consent.

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • Browser type and browser version
  • operating system used
  • Referrer URL
  • Host name of the accessing computer
  • Time of server request
  • IP address

This data is not merged with other data sources. This data is collected on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website – for this purpose, the server log files must be recorded.

Inquiry by e-mail, telephone or fax

If you contact us by e-mail, telephone or fax, we will store and process your request, including all personal data (name, request), for the purpose of processing your request. We do not pass on this data without your consent. This data is processed on the basis of Art. 6 para. 1 lit. b GDPR if your request is related to the fulfillment of a contract or is necessary to carry out pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of inquiries addressed to us (Art. 6 Para. 1 lit. f GDPR) or on your consent (Art. 6 Para. 1 lit. a GDPR) if this was queried; the consent can be revoked at any time. The data you sent to us via contact requests will remain with us until you request deletion, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.

4. Analysis Tools and Advertising

Matomo

This website uses the open source web analysis service Matomo. Matomo uses technologies that enable cross-site recognition of the user to analyze user behavior (e.g. cookies or device fingerprinting). The information collected by Matomo about the use of this website is stored on our server. The IP address is anonymized before it is saved. With the help of Matomo we are able to collect and analyze data about the use of our website by website visitors. This enables us to find out, among other things, when which page views were made and from which region they come. We also record various log files (e.g. IP address, referrer, browser and operating system used) and can measure whether our website visitors carry out certain actions (e.g. clicks, purchases, etc.). This analysis tool is used on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the anonymous analysis of user behavior in order to optimize both its website and its advertising. If a corresponding consent was requested, the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user’s end device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

IP anonymization

We use IP anonymization for the analysis with Matomo. Your IP address is shortened before the analysis so that it can no longer be clearly assigned to you.

hosting

We host Matomo exclusively on our own servers so that all analysis data remains with us and is not passed on.

5. Newsletters

newsletter data

If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or only collected on a voluntary basis. We use the newsletter service providers described below to process the newsletter.

Sendinblue

This website uses Sendinblue to send newsletters. The provider is Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany. Sendinblue is a service that can be used, among other things, to organize and analyze the sending of newsletters. The data you enter for the purpose of subscribing to the newsletter will be stored on Sendinblue’s servers in Germany.

Data analysis by Sendinblue

With the help of Sendinblue, we are able to analyze our newsletter campaigns. So we can e.g. For example, see whether a newsletter message has been opened and which links, if any, have been clicked. In this way, we can determine, among other things, which links were clicked particularly often. We can also see whether certain previously defined actions were carried out after opening/clicking (conversion rate). We can e.g. B. recognize whether you have made a purchase after clicking on the newsletter. Sendinblue also allows us to subdivide (“cluster”) newsletter recipients into different categories. The newsletter recipients can e.g. B. by age, gender or place of residence. In this way, the newsletters can be better adapted to the respective target groups. If you do not wish to be analyzed by Sendinblue, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. Detailed information on the functions of Sendinblue can be found at the following link: https://de.sendinblue.com/newsletter-software/.

legal basis

The data processing takes place on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. The legality of the data processing operations already carried out remains unaffected by the revocation.

storage duration

The data you provide us with for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data stored by us for other purposes remains unaffected. After you have been removed from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist if this is necessary to prevent future mailings. The data from the blacklist is only used for this purpose and is not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR). Storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest. For more information, please refer to Sendinblue’s privacy policy at: https://de.sendinblue.com/datenschutz-uebersicht/.

order processing

We have concluded an order processing contract (AVV) with the above-mentioned provider. This is a contract required by data protection law, which ensures that the data controller processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

6. Plugins and Tools

YouTube with enhanced privacy

This website embeds videos from YouTube. The website operator is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. We use YouTube in the extended data protection mode. According to YouTube, this mode means that YouTube does not store any information about visitors to this website before they watch the video. However, the extended data protection mode does not necessarily exclude the transfer of data to YouTube partners. This is how YouTube establishes a connection to the Google DoubleClick network, regardless of whether you are watching a video. As soon as you start a YouTube video on this website, a connection to the YouTube servers is established. The YouTube server is informed which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account. Furthermore, YouTube can save various cookies on your end device after starting a video or use comparable recognition technologies (e.g. device fingerprinting). In this way, YouTube can receive information about visitors to this website. This information is used, among other things, to collect video statistics, to improve user-friendliness and to prevent attempts at fraud. If necessary, after the start of a YouTube video, further data processing operations can be triggered over which we have no influence. YouTube is used in the interest of an attractive presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent was requested, the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user’s end device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time. You can find more information about data protection at YouTube in their privacy policy at: https://policies.google.com/privacy?hl=de.

Google Web Fonts (local hosting)

This site uses so-called web fonts provided by Google for the uniform display of fonts. The Google Fonts are installed locally. There is no connection to Google servers. Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://policies.google.com/privacy?hl=de.

7. eCommerce and Payment Providers

Processing of data (customer and contract data)

We collect, process and use personal data only insofar as it is necessary for the establishment, content or modification of the legal relationship (inventory data). This is done on the basis of Art. 6 para. 1 lit. b GDPR, which allows the processing of data to fulfill a contract or pre-contractual measures. We collect, process and use personal data about the use of this website (usage data) only to the extent necessary to enable the user to use the service or to bill the user. The collected customer data will be deleted after completion of the order or termination of the business relationship. Statutory retention periods remain unaffected.

8. Own Services

Handling applicant data

We offer you the opportunity to apply to us (e.g. by e-mail, post or online application form). In the following we will inform you about the scope, purpose and use of your personal data collected as part of the application process. We assure you that your data will be collected, processed and used in accordance with applicable data protection law and all other statutory provisions and that your data will be treated in strict confidence.

Scope and Purpose of Data Collection

If you send us an application, we will process your associated personal data (e.g. contact and communication data, application documents, notes taken during job interviews, etc.) to the extent that this is necessary to decide on the establishment of an employment relationship. The legal basis for this is § 26 BDSG under German law (initiation of an employment relationship), Art. 6 para. 1 lit. b GDPR (general contract initiation) and – if you have given your consent – Art. 6 para. 1 lit. a GDPR. The consent can be revoked at any time. Within our company, your personal data will only be passed on to people who are involved in processing your application. If the application is successful, the data you have submitted will be processed on the basis of § 26 BDSG and Art. 6 para. 1 lit. b GDPR for the purpose of implementing the employment relationship in our data processing systems.

retention period of the data

If we are unable to make you a job offer, you reject a job offer or withdraw your application, we reserve the right to retain the data you have submitted on the basis of our legitimate interests (Art. 6 para. 1 lit. f GDPR) for up to 6 months from the end of the application process (rejection or withdrawal of the application). The data will then be deleted and the physical application documents will be destroyed. The storage serves in particular as evidence in the event of a legal dispute. If it is apparent that the data will be required after the 6-month period has expired (e.g. due to an impending or pending legal dispute), it will only be deleted if the purpose for further storage no longer applies. Data may also be stored for longer if you have given your consent (Art. 6 para. 1 lit. a GDPR) or if statutory retention obligations prevent deletion.

9. information on data protection when using our social media channels in accordance with
Art. 13, 14 GDPR

In the following, we inform you about the processing of your personal data by our company when you visit and use our social media channels on Facebook, Instagram, YouTube and X (hereinafter referred to as “social media platforms”) and about the data protection rights to which you are entitled. 1. principles

  1. Please check carefully which personal data you exchange and share with us via the social media platforms.
    If you wish to prevent the operator of a social media platform from processing personal data that you have transmitted to us, please contact us by other means, for example via the address below.
  2. You can also find out about us and our offers and services via our website at farmunited.com.
    In this case, the service providers do not contain any information.

2. controller “Controller” pursuant to Art. 4 para.
7 GDPR are:

  1. farmunited GmbH, 7, 88046 Friedrichshafen, phone: +49 7541 995950, e-mail: info@farmunited.com
  2. and the respective service provider

Facebook & Instagram: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland YouTube: Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland X: Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland When users visit our social media channels, the service providers collect personal data and information, which in particular flows into a data analysis and evaluation and is made available to us as aggregated statistics (so-called page insights).
For these cases in particular and in the context of the provision and use of our social media channels, we have concluded an agreement with the service provider in accordance with the legal requirements between jointly responsible parties in accordance with.
Art. 26 GDPR concluded. Facebook & Instagram: https://www.facebook.com/legal/terms/page_controller_addendum X: https://gdpr.x.com/en/controller-to-controller-transfers.html3. Data protection officer You can contact our data protection officer directly at reichert & reichert steuer- und rechtsberatungsgesellschaft mbH, Max-Porzig-Straße 1, 78224 Singen, Germany, e-mail: dsb@reichert-reichert.de Facebook & Instagram: https://www.facebook.com/help/contact/540977946302970 YouTube: https://support.google.com/policies/contact/general_privacy_form X: https://twitter.ethicspointvp.com/custom/twitter/forms/data/form_data.asp4. Cookies When operating social media platforms, service providers regularly use services with data processing through technologies that make it possible to store and process users’ personal data for various purposes.
Technologies include cookies, small text files that are stored on your end device by the web browser.
All information on the cookies used by the service provider, on the integration of cookies by other websites and on your revocation, objection and deletion options can be found in the information on cookies of the respective provider: Facebook & Instagram: https://de-de.facebook.com/help/336858938174917 and https://www.facebook.com/policies/cookies/ YouTube: https://consent.youtube.com/d?continue=https://www.youtube.com/&gl=DE&hl=de&pc=yt&uxe=23983172&src=1 X: https://help.twitter.com/de/rules-and-policies/x-cookies

You can also configure your browser settings according to your own wishes and thus make a general advance decision on the use of cookies.
Further information on this can be found in the help function of the browser used.
If you wish to restrict or prevent processing by the service providers, you should log out of your accounts or deactivate the “stay logged in” function, delete the cookies on your device and close and restart your browser or app.
In addition, you can restrict the service providers’ access to contact and calendar data, photos, location data, etc. in the settings of mobile devices (smartphones, tablets, laptops).
However, this depends on the operating system used.
We have no influence on the data processing carried out by the service provider in connection with cookies.
We also do not receive any access to personal data, with the exception of the Insights data mentioned above.

5. processing of personal data Data subject category: Visitors and users of our social media pages Data categories: Interaction data from likes, dislikes, stroyviews, follows, unfollows, comments, tweets, @-mentions, tags, ratings, photographs, other content shared by you, personal data that you disclose about yourself in the public area of your profile, health data, insights data Page Insights / Page Insights are summarized statistics that are created based on certain events.
As the site operator, we receive these events summarized in the page insights as aggregated statistics in the form of anonymized or pseudonymized data, which are used to gain insights into the types of actions that people take on our site.
The Page Insights do not allow any conclusions to be drawn about you as an individual person.
Events are defined exclusively by the service provider.
We cannot set up, change or otherwise influence events and we cannot access the individual data.
We can only view your public social media profile.
The information that can be viewed here depends on your settings in your profile.
We do not merge the data with any personal data stored by us, even if it were possible for us to do so.
However, we cannot see which and to what extent service providers use web tracking tools and use your profile and behavioral data to evaluate your habits, personal relationships or preferences and merge them with your existing Facebook profile, regardless of whether you are logged in or registered as a user of the social media platform or not.
However, you should assume that service providers will merge and analyze your visit to and interactions with our social media channels.
All information about the Insights data can be found in the data protection information of the respective service provider: Facebook & Instagram Page Insights:
https://www.facebook.com/legal/terms/information_about_page_insights_data YouTube Analytics: https://support.google.com/youtube/answer/9002587?hl=en-GB&co=GENIE.Platform%3DDesktop&sjid=17898164701211009876-EU

Purposes of the processing: Provision of social media channels, presentation of the company, implementation of marketing campaigns, user retention through communication on social media platforms, processing and responding to contact requests and applications, interaction through direct messages / comments / recommendations / sharing and similar, recruitment, advertising activities, Implementation of pre-contractual measures, deletion of inappropriate content, analysis and statistical evaluation of user behavior based on insights data provided by the platform, optimization of our content and advertising activities All information on the purposes of processing by the service providers can be found in the information on data protection of the respective service provider: Facebook & Instagram: https://www.facebook.com/privacy/center/ YouTube: https://policies.google.com/privacy?hl=de X: https://twitter.com/de/privacy#x-privacy-9.1

Legal basis: Art. 6 para. 1 lit. b GDPR for pre-contractual measures in the context of the application procedure and for the implementation of pre-contractual measures, Art. 6 para. 1 lit. f GDPR for communication via the social media platforms, to respond to contact requests, to carry out advertising activities and to analyze and statistically evaluate user behavior using insights data provided by the platform to publicize our company and a profit-making intention, Art. 9 para. 2 lit. e GDPR in the case of transmitted health data All information on the legal basis for processing by the service providers can be found in the data protection information of the respective service provider: Facebook & Instagram: https://www.facebook.com/privacy/center/ YouTube: https://policies.google.com/privacy?hl=de X: https://twitter.com/de/privacy#x-privacy-9.1Empfängerkategorien: Within our company, those persons who are responsible for managing the social media pages and those persons for whom the data is relevant, e.g. in the application process, have access to the personal data.
The data will not be passed on to third parties or otherwise disseminated by us unless you have consented to the data transfer or the data transfer is required by law.
In some cases, we rely on the support of external service providers to process personal data.
These service providers work for us as processors.
Processors are acc.
Art. 28 GDPR, processors are contractually bound by our instructions and are regularly monitored.
A contract for order processing has been concluded with all of them to ensure the protection of your personal data.
If these are service providers who are not processors, they have been carefully selected and commissioned by us. Data sources: We process the personal data that you provide to us via the respective social media platform or that we receive from the respective social media provider. Transfer to third countries: We only transfer personal data to countries outside the EU or the EEA if this is necessary for the operation of the social media channel or communication with you, if this is required by law, if the user has given their consent or in the context of order processing.
In these cases, a transfer is only permitted if the European Commission has established an adequate level of data protection for the third country concerned or if suitable guarantees are provided and enforceable rights and effective legal remedies are available to the data subject.
Information on data recipients, data transfers, data sources used by service providers and, in particular, on the merging of your personal data by them can be found in the data protection information of the respective service provider: Facebook & Instagram: https://www.facebook.com/privacy/center/ YouTube: https://policies.google.com/privacy?hl=de X: https://twitter.com/de/privacy#x-privacy-9.1 If personal data is transferred within the service provider’s group, it may be transferred to the parent company’s servers in the USA and processed there.
For cases in which personal data is transferred to the USA, the service providers have certified themselves in accordance with the EU-US Transatlantic Data Privacy Framework, https://www.dataprivacyframework.gov.
The certification confirms an adequate level of data protection in accordance with the EU Commission’s implementing decision. Storage period: We generally delete personal data on social media platforms once storage is no longer necessary. For personal data from communication, we assume that further storage on the social media platforms is not necessary if it can be inferred from the circumstances that the matter in question has been conclusively clarified or our legitimate interest in processing has ceased to exist.
Exceptions to the deletion obligation exist if statutory retention obligations prevent deletion or if storage is still necessary, e.g. for the enforcement of and defense against legal claims.
Information on the management and deletion of the processed data by the service providers can be found in the data protection information of the respective service provider: Facebook & Instagram: https://www.facebook.com/privacy/center/ YouTube: https://policies.google.com/privacy?hl=de X: https://twitter.com/de/privacy#x-privacy-9.16. Rights of data subjects You have the right to information about the personal data stored about you as well as to correction of incorrect data or to deletion if one of the reasons stated in Art. 17 GDPR applies, e.g. if the data is no longer required for the purposes pursued.
You also have the right to restriction of processing if one of the conditions set out in Art. 18 GDPR applies and, in the cases set out in Art. 20 GDPR, the right to data portability.
According to Art. 22 GDPR, you have the right not to be subject to a decision based solely on automated processing – including profiling – which produces legal effects concerning you or similarly significantly affects you.
If you are of the opinion that the processing of the data concerning you violates data protection regulations, you have acc.
Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority.
The right to lodge a complaint can be asserted in particular with a supervisory authority in the Member State in which you are resident or the place of the alleged infringement.
In Baden-Württemberg, the competent supervisory authority is the State Commissioner for Data Protection and Freedom of Information in Stuttgart. Your right to object in the case of legitimate interests In accordance with Art. 21 GDPR, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on Art. 6 (1) GDPR. 1 lit. f GDPR are collected, to file an objection.
We will then no longer process the personal data unless there are demonstrably compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims.
You can assert your data subject rights at any time both against us and against the respective service provider.
If you assert your rights against us, you can reach us and our data protection officer using the contact details given above.
We are obliged to forward your request to the relevant service providers.
They will inform you and ensure that your rights can be enforced (including information obligations Art. 12-13 GDPR, rights of data subjects Art. 15-22 GDPR and data security and reporting of data breaches Art. 32-34 GDPR).
We have no influence on how the service providers fulfill their obligations and implement decisions.
The data protection officer of the respective service provider or a contact form for asserting a data subject right can be found in the information on data protection of the respective service provider: Facebook & Instagram: https://www.facebook.com/help/contact/540977946302970 YouTube: https://support.google.com/policies/contact/general_privacy_form X: https://twitter.ethicspointvp.com/custom/twitter/forms/data/form_data.asp