Disclaimer: This document is the English version of the German privacy and cookie policy and it is only intended as a courtesy to English-speaking readers. If there are any inconsistencies between this version of the privacy and cookie policy and the original German version, then the German language version shall prevail.
 

At Cryptshare AG, we take the protection of personal data very seriously. At this point we would like to explain what data we store, when we store data, and how we use it. We are subject to the terms of the European General Data Protection Regulation (GDPR) as well as the regulations of the supplementary Bundesdatenschutzgesetz (BDSG), the German federal data protection act. In order to guarantee our as well as our external service providers’ compliance with said terms and regulations on data protection, we implemented the appropriate technical and organisational measures.

This privacy and cookie policy is valid for our online presence, including website, features and contents as well as external online presences, e.g. our social media. Furthermore, this privacy and cookie policy informs you about the processing of your personal data and serves to fulfil our obligation to inform you.

The terminology used in this privacy and cookie policy, such as controller and personal data, are applied according to the definitions in the GDPR. To improve readability and therefore deliver information in a more comprehensible way, specific articles, paragraphs, etc. in this privacy and cookie policy has been forgone in most instances.

Contact information

Controller

The controller in the sense of the GDPR and other national data protection acts of member states of the European Union and other data protection regulation is

Cryptshare AG
Schwarzwaldstr. 151
79194 Freiburg
Germany
Phone: +49 761 38913 100
Email: privacy@cryptshare.com
 

Supervisory authority

The controller has appointed a supervisory authority. The contact details are

Holger Hermann
Phone: +49 761 8832 215
Email: holger.hermann@bechtle.com

For any questions, suggestions, or comments on data protection as well as on the enforcement of your rights as listed below, please refer to our supervisory authority.

General information on data processing

Scope of the processing of personal data

As a general principle, we only process personal data to the extent to which it is necessary to provide a functioning internet presence, our contents, and services. The processing of your personal data takes place regularly only after your consent.

In cases where prior consent is not possible for actual reasons and processing personal data is permitted by legal regulations, exceptions to this rule can be made.

Legal basis for processing personal data

In the framework of the data protection regulations, processing personal data is not permitted as a general principle unless there is a legally permissible reason for doing so. We are obligated to inform you about the legal basis of data processing.

As far as we require your consent for processing personal data, the consent serves as the legal basis.

When processing data is necessary for the performance of the contract, of which you are a contracting party, the performance of the contract serves as the legal basis. This is also the case for processing data necessary for executing pre-contractual measures.

Regarding the processing of personal data necessary for the compliance with a legal obligation our company is subject to, this serves as the legal basis.

If processing of personal data is necessary in order to protect the vital interests of the data subject or of another natural person, this serves as the legal basis.

If processing of personal data is necessary to protect a legitimate interest of our company or a third party and if the interest of protecting your basic rights and fundamental freedoms does not outweigh those former interests, this serves as the legal basis for the processing of data. 

Children

Generally, our services are aimed at adults. Persons under the age of 16 should not transmit any personal data to us without the consent of their parents or legal guardians.

Erasure of data and data retention periods

Once the purpose for storing data no longer applies, we erase or block your personal data. However, such data can be stored beyond that period if the legal regulations we are subject to require us to do so. This affects data, for example, that needs to be retained due to commercial or fiscal law, such as delivery receipts or billing data. 

Blocking or erasing your data is therefore undertaken at the earliest after a retention period determined by such regulations has expired, unless it is necessary to continue storing data for the conclusion or performance of a contract.

Transfer of data to third parties

As a general principle, we do not transfer personal data to third parties without your express consent. If, in the course of processing, we disclose or send your data to third parties or give them any other access to it, this will exclusively take place on one of the previously mentioned legal bases.

If necessary for the performance of a contract, we transmit data to entities such as billing companies or suppliers. If obligated by law or a court order, we have to transmit your data to the respective entity with the right of access.

To some extent, we may use carefully selected external service providers to process your data. If data is transferred to service providers as part of a so-called processing agreement, this is based on the guidelines of the GDPR. Our processors have been carefully selected, are bound to our instructions, and are checked regularly. We only use processors who offer sufficient guarantees that appropriate technical and organisational measures are implemented to ensure that data is processed in accordance with the requirements of the GDPR and BDSG and that your rights are being protected.

Transfer of data to third countries

The GDPR ensures an equally high level for data protection within the European Union. Therefore, we prioritise European partners in our selection of service providers and cooperation partners for the processing of your personal data. When employing the services of third parties, your data will only be processed outside the European Union on rare occasions.

We only permit the processing of your data in a third country if the specific requirements of the GDPR are met, meaning your data may only be processed on the basis of special guarantees. Among these guarantees are the official recognition by the EU Commission of a level of data protection equivalent to that of the EU, the compliance with officially recognised specific contractual obligations (the so-called standard contractual clauses ) or other agreements between the EU and third countries (such as the Privacy Shield, an agreement between the EU and the US).

Automated decision-making

We abstain from automated decision-making or profiling.

The rights of data subjects

According to the GDPR, you are a data subject if your personal data gets processed. You are entitled to the following rights.

To exercise these rights, please refer to our supervisory authority.

The right to withdraw consent

If the processing of your personal data is based on your consent, you have the right to withdraw consent at any time. All data processing up to the point of withdrawal of consent remains unaffected.

Access to personal data

You have the right to enquire if we process your personal data. If this is the case, you may request the following information:

  • the purposes of the processing;
  • the categories of personal data that are being processed;
  • the recipients or categories of recipients that the personal data was disclosed to or will be disclosed to;
  • the planned period for which the personal data will be stored, or if that is not possible in concrete terms, the criteria used to determine that period;
  • the right to rectification or erasure of your personal data, the right to restriction of processing by us or the right to object to this processing;
  • the right to lodge a complaint with a supervisory authority;
  • the right to all information concerning the origin of the data if the personal data was not obtained from you;
  • the existence of automated decision-making, including profiling, and – at least in those cases – meaningful information about the logic involved, as well as the significance and the envisaged consequences such processing has for you.

You have the right to enquire if your personal data will be transferred to a third country or international organisation. In this context you have the right to demand information about the suitable guarantees regarding the transfer.

We will provide you with a copy of the personal data that is subject to processing within one month of having received your enquiry. If you made your enquiry electronically, we will provide you the information in a common electronic format, unless requested otherwise.

Right to rectification

You have the right to demand from us without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed.

Right to erasure (‘right to be forgotten’)

You have the right to obtain from us the erasure of personal data concerning you without undue delay and we are obligated to erase personal data without undue delay if one of the following reasons applies: 

  • The personal data is no longer necessary to the purposes for which it was processed.
  • You withdraw your consent on which the processing was based and there is no other legal basis for the processing.
  • You object to the processing and there are no overriding legitimate reasons for the processing.
  • The personal data has been processed unlawfully.
  • The personal data has to be erased for compliance with a legal obligation in Union or Member State law.
  • The personal data has been collected in relation to the services according to article 4 of the GDPR.
  • Where we have made your personal data public and are obliged to erase the personal data, we, taking account of available technology and the cost of implementation, will take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of, that personal data.

The right to erasure (‘right to be forgotten’) does not apply if processing is necessary:

  • for exercising the right of freedom of expression and information;
  • for compliance with a legal obligation we are subject to or for the performance of a task carried out in the public interest or in the exercise of official authority vested in us;
  • for reasons of public interest in the area of public health;  
  • for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in so far as the right to erasure is likely to render impossible or seriously impair the achievement of the objectives of the processing, or;
  • for the establishment, exercise or defence of legal claims.

Right to restriction of processing

You have the right to obtain from us restriction of processing your personal data where one of the following conditions applies:

  • you contest the accuracy of the personal data pertaining to you, for a period enabling us to verify the accuracy of the personal data;
  • the processing is unlawful and you oppose the erasure of the personal data and request the restriction of its use instead;
  • we no longer need the personal data for the purposes of the processing, but it is required by you for the establishment, exercise or defence of legal claims;
  • you have objected to processing pending the verification whether the legitimate grounds of us override those of you.
  • Where processing has been restricted under the above-mentioned conditions, such personal data will, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.

If you have obtained a restriction of processing under the above-mentioned conditions, you will be informed by us before the restriction of processing is lifted.

Right to data portability

You have the right to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit that data to another controller without hindrance from us provided that the processing is based on consent or on a contract and the processing is carried out by automated means.

In exercising your right to data portability, you have the right to have the personal data transmitted directly from one us to another controller, where technically feasible. Exercising the right to data portability does not affect the right to erasure (‘right to be forgotten’). That right does not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.

Right to object

You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data after a weighing of interests, including profiling based on these terms. We will then no longer process the personal data unless we are able to demonstrate compelling legitimate grounds for the processing which override the interest, rights and freedoms of you or for the establishment, exercise or defence of legal claims.

Where personal data is processed for direct marketing purposes, you have the right to object at any time to processing of your personal data for such marketing, which includes profiling to the extent to which it is related to such direct marketing. Where you object to processing for direct marketing purposes, the personal data will no longer be processed for such purposes.

In the context of the use of services according to article 4 of the GDPR, you may exercise your right to object by automated means using technical specifications.

Automated individual decision-making, including profiling

You have the right not to be subject to a decision solely based on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision:

  • is necessary for entering into, or performance of, a contract between yourself and us,
  • is authorised by Union or Member State law to which we are subject to and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or
  • is based on your explicit consent.

We implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on part of the controller, to express his or her point of view and to contest the decision.

Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.

Use of our website

You can generally use our website without disclosing your identity. In the following section, we will explain when and in what context we process data relating to the use of our website, what offers of service providers and cooperating partners we have implemented, how these work, and what happens with your data.

Data collection when visiting our website 

As long as you use our website exclusively for the purposes of gathering information and do not register for an offer, conclude a contract with us, or disclose information to us in some other way, we only collect the personal data that is transmitted to our servers by your browser.

When visiting our website, we collect the following data that is technically necessary for us to be able to display our website to you and to ensure stability and security:

  • IP address of the visitor
  • Date and time of the request
  • Content of the requested URL (specific website)
  • Access status/HTTP status code
  • Specific transmitted data volume
  • Website from which the request originates
  • The visitor’s operating system
  • Language and version of the browser software.

This data is temporarily stored in our systems’ log files and erased after it has served its purpose. Storing data beyond that is possible; in this case, however, IP addresses are shortened or distorted so that it is no longer possible to identify the requesting client. There is no storing of log files with other, personal data relating to you in this context. The legal basis for this data processing is our legitimate interest.

Storage of log files also takes place to produce operational functionality of our website and to make their availability as reliable as possible. Our legitimate interest in data processing is also due to these aforementioned purposes.

Use of cookies

General information for the use of cookies

When visiting our website, cookies are stored on your device besides the previously discussed data.
Cookies are small packages consisting of text that can be sent from a website to the browser. The browser then stores them and sends them back to the website. In cookies, various details can be stored that can be read by the entity that set the cookie. They are commonly assigned a particular string of characters (ID) that allow for a clear identification of the browser when returning to the website or leaving it. Their primary function is to make our website more user-friendly and more effective. The data that is collected in cookies are pseudonymised by technical provisions which generally make the assigning of the data to the requesting user no longer possible. If an identification is possible, as is the case with login cookies where the session ID is necessarily linked to the account of the user, we will notify you about this at the respective time.

We use various cookies on our website:

  • So-called “session cookies” are cookies that are deleted after you leave our website and close the browser. In such cookies, language settings and the content of the shopping cart are saved.
  • “Permanent cookies” are stored after the browser has been closed so that for instance the login status or entered search terms can be saved. We also use such cookies for measuring the success of our marketing activities as well as for our marketing purposes.
    Permanent cookies are automatically deleted after a set period of time that can be different for each cookie. You can, however, delete such cookies at any time with your browser.
     

Besides so-called “first-party cookies” that are set by us as the controller for data processing, there are also “third-party cookies” provided by other vendors.

  • We as controller set so-called “first-party cookies”:

The legal basis for the processing of your personal data in this context is our legitimate interest.

  • External service providers, who do web tracking or measure the success of our marketing activities for us, may also set cookies.

The legal basis for processing your personal data in this context is your consent.


Note:

A general objection to the use of cookies for marketing purposes can be declared for a number of services on the EU website https://www.youronlinechoices.com or the US website https://www.aboutads.info/choices/. You can also configure your browser settings accordingly and for instance block the acceptance of “third-party cookies” or all cookies or activate the option “do not track”. However, you may then no longer be able to use all of our website’s features.

Information on the processing and use of cookies

HubSpot

We use HubSpot for our website. Hubspot is an integrated software solution we use to cover various aspects of our website.

HubSpot is a software company based in the United States of America with a European office in Dublin: HubSpot, Ground Floor, Two Dockland Central, Guild Street, Dublin 1, Irland, Phone +353 1 5187500.

With its certification according to the EU-US Privacy Shield, Hubspot ensures that the EU’s data protection requirements are also met when data is processed in the USA. More information regarding data protection at Hubspot can be found here and here.

We use Hubspot in so-called inbound marketing; among other things, this enables us to better coordinate and optimise our marketing strategy by means of statistical analyses and evaluation of documented user behaviour.

This includes, but is not limited to:

  • Parts of the content management (website and blog)
  • Email marketing (newsletters as well as automated mailings, e.g. for providing downloads)
  • Social media publishing & reporting
  • Reports (e.g. traffic sources, page views, etc.)
  • Contact management (e.g. user segmentation & CRM)
  • Web analyses and reports (e.g. traffic sources, page views, etc.)
  • Landing pages and contact forms

This information is stored on the servers of our software partner Hubspot. We can use it to contact visitors to our website and to determine which of our company’s services are of interest to them. 

We also use Hubspot’s live chat service Messages (round chat icon in the bottom right corner of the screen) to improve the user experience on our website by sending and receiving messages on some sub-pages. When using this function, the following data is transmitted to Hubspot’s servers:

  • Content of all sent and received chat messages
  • Context information (e.g. webpage, on which the chat was used)
  • Optional: Email address of the user if you have provided it via the chat function

The legal basis for the use of Hubspot’s services is our legitimate interest. Our legitimate interest in the use of this service is the optimisation of our marketing and the improvement of the quality of the service on our website. We use all collected information exclusively to optimise our marketing and sales.
 

Recipients / Categories of recipients 

Hubspot is the recipient of the collected data.

Transfer to third countries 

Under the so-called EU-US Privacy Shield on the basis of an adequacy decision of the European Commission, the personal data is transferred to the USA. You can view the corresponding certificate here.

Duration of the data storage 

Cookies are used to process your data. These will be automatically deleted after 13 months at the latest.

Google Analytics

Google Analytics is a web analysis service of Google Ireland Limited. This enables the analysis of a user’s activity across devices by means of assigning data, sessions, and interactions across several devices to a pseudonymised user ID.

With the certification under the EU-US Privacy Shield Google ensures that the European Union’s data protection requirements are also met in the processing of data in the USA.

Google Analytics uses cookies that enable an analysis of your use of the website. The information regarding your use of this website that is created by the cookie is usually transferred to and stored on a Google server in the USA. In the case the IP anonymisation on this website is activated, however, Google will first shorten your IP address within Member States of the European Union or other contracting countries in the European Economic Area. Please not that on this website, Google was extended by a IP anonymisation to ensure the anonymised collection of IP addresses. The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data. Google Analytics supports the determination of the following data:

  • Number of page impressions
  • Number of users
  • Bounce rate (page is closed again after one page view)
  • Duration of session (average duration of all users)
  • Country of origin from which the website was visited
  • Use of website features
  • How often individual website are visited
  • What website the user came from
  • Booking Conversion Rate (how many of the website’s visitors book a service)
  • What region the user is from
  • Device and device category from which the user visits the website

On behalf of us, Google will use this information to analyse your use of the website in order to compile reports on the activities on our website and to perform other services for us regarding the website use.

The legal basis for the use of Google Analytics is your voluntarily given consent.

You can find more information on terms of use and data protection here and here.

Recipients / Categories of recipients 

Google is the recipient of the collected data.  

Transfer to third countries 

Under the so-called EU-US Privacy Shield on the basis of an adequacy decision of the European Commission, the personal data is transferred to the USA. You can view the corresponding certificate here.

Duration of the data storage 

The data we send that is linked to cookies, user IDs, or marketing IDs is automatically erased after 14 months. Data, whose retention period has expired, is automatically erased once a month.

By downloading and installing the browser add-on for the deactivation of Google Analytics for your browser, you can prevent the collection of the data regarding your use of the website that is created by the cookie for Google as well as the processing of that data by Google.

A so-called opt-out cookie prevents the future collection of your data when visiting this website. To prevent the collection across different devices, however, you need to perform the opt out on all of the devices you use. By clicking here, you set the opt-out cookie for the device you are currently using.

Google Maps

We use Google Maps to show our location. This is a service of Google LLC, Gordon House, Barrow Street, Dublin 4, Ireland (subsequently referred to as Google). For the display of the map the processing of the user’s IP address by Google is mandatory.

With the certification under the ES-US Privacy Shield Google ensures that the European Union’s data protection requirements are also met in the processing of data in the USA. 

The collaboration with Google in a data protection respect takes place on the basis of a concluded contract on the shared responsibility under article 26 of the GDPR, which can be viewed here.

Furthermore, by using Google Maps you directly enter into a contractual relationship with Google.

You can find more information regarding the terms of use and data protection at Google here.
 

Recipients / Categories of recipients 

Google is the recipient of the collected data.

Transfer to third countries 

Under the so-called EU-US Privacy Shield on the basis of an adequacy decision of the European Commission, the personal data is transferred to the USA. You can view the respective certificate here.

Duration of the data storage 

Data we send is automatically erased after 14 months. Data, whose retention period has expired, is automatically erased once a month.

Bing Universal Event Tracking/Bing Webmaster Tools

We use Bing Universal Event Tracking (“UET”), a service of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (“Microsoft”).

With its certification according to EU-US Privacy Shield, Microsoft ensures that the EU’s data protection requirements are also met when data is processed in the USA.

When you access our website via ads on Microsoft Advertising, a cookie is set on your computer. Additionally, a UET tag is integrated on our website; this is a code that, together with the cookie, stores pseudonymised data about the use of the website. In combination with the cookie, the tag records pseudonymised data to track your actions on our website after you clicked on an advertisement on Microsoft Advertising. Session duration on the website, the visited areas of the website, and via which ad you arrived at our website are among the collected data.

Beyond this, Microsoft can trace your pattern of use across several of your electronic devices via so-called cross device tracking. The collected information is transferred to a Microsoft server in the USA. Microsoft is certified under the EU-US Privacy Shield.
 

Recipients / Categories of recipients 

Microsoft is the recipient of the collected data.  

Transfer to third countries 

Under the so-called EU-US Privacy Shield on the basis of an adequacy decision of the European Commission, the personal data is transferred to the USA. You can view the respective certificate here

Duration of the data storage 

Microsoft stores the data for 180 days at most. You can prevent the collection and processing of this data if you deactivate the setting of cookies. Under certain circumstances, this can result in limitations of the website’s functionality. You can deactivate cross device tracking by clicking on this link.

Online presence on social media

We have an online presence on different platforms to provide information and to be able to get in contact with you.

We have no influence over the processing of personal data by the respective operator of the platform. Generally, the operator of the platform stores cookies on your browser which document your pattern of use or your interests respectively for market research and marketing purposes when you visit our services on said platform.

By doing so, mostly across devices, platform operators gain user profiles show you personalised ads. It is possible that people are affected by this data processing who are not registered users on the respective platform, and their data is possibly processed outside of the European Union, which can complicate enforcing your rights. However, we make it a point in the selection of such platforms that the operators agree to comply with data protection standards of the EU.

The processing of your personal data when visiting one of our presences on social media is based on our legitimate interest in a multifaceted presentation of our company and the use of an effective way to inform and communicate with you.

You can find detailed information on data processing in the context of the use of our presence on these platforms, the right to object, and claiming your right of access in the data privacy statement of the respective platform operator.
 

Facebook

Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
The basis for data processing is a shared data processing agreement for personal data under the requirements of the GDPR.

Data protection policy of the platform operator

YouTube

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

Data protection policy of the platform operator

Instagram

Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA

Data protection policy of the platform operator

Twitter

Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA

Data protection policy of the platform operator

LinkedIn

LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland

Data protection policy of the platform operator

Xing

XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany)

Data protection policy of the platform operator

Newsletter

We offer you to subscribe to our free email newsletter. We only send you newsletters if you have given consent. When signing up for a newsletter, the data from the entry form (name and email address) is transferred to us and stored as long as the subscription to the newsletter is active.

To process this data for the purpose of sending the newsletter, your consent is obtained and this data protection policy is referred to. We use a so-called “double opt-in” for the sign-up process. After signing up, you will receive an email with a link you have to click on in order to confirm you signed up. This way, we prevent unauthorised third parties from signing up by using your email address. We log the sign-up process to be able to document the process according to the legal requirements. When signing up, the IP address of the requesting device and the date and time of the sign-up are recorded. The data you entered is stored for as long as the subscription to the newsletter remains active.

You can cancel your subscription at any time, and you can find an unsubscribe link for doing so in every newsletter. This link also enables you to withdraw consent. The legal basis for the processing of your data is your voluntarily given consent to receive newsletters.

If you obtain goods or services from us and provide your email address when doing so, we reserve the right to use it for sending newsletters and direct marketing for similar goods and services of ours. This serves to protect our legitimate interests that prevail in the framework of a weighing of interests in favour of contacting our customers with promotion. You can object this use of your data at any time by sending a message to the contacts below or by using the unsubscribe link in the promotional email without any financial charges from our side. If the newsletter is sent due to the sale of goods and services, we invoke the requirements of the German Act Against Unfair competition (Gesetz gegen den unlauteren Wettbewerb, UWG).

Requests addressed to us

If you send us a request, for instance by using the contact form, your personal data is processed to respond to your contact request:

  • to process your request you conveyed in the contact form
  • to process your request for service
  • to process a possible return via mail
  • for further enquiries via phone or in writing (email)
  • to provide information on products and services

We will not use your data for an automated decision-making process or for profiling.

Job applications

The provided data in all incoming job applications, such as your contact data and qualifications, is exclusively used to conduct the application process.

Your data is forwarded internally to those in charge of the respective department. We process your personal data for your job application as far as it is necessary to determine if we will offer you a job contract.

Furthermore, we may process your personal data to the extent necessary to defend ourselves from effective legal claims against us arising from the application process.

Your data is generally erased two months after the application process has been concluded, unless otherwise agreed with the applicant (also see entry in the talent pool). If the application results in successfully concluding an employment contract, your data is adopted into the personnel file.
 

How long will your data be stored?

We store your personal data as long as necessary to make a decision on your application. If an employment contract between you and us does not materialise, we may continue to store data to the extent to which it is necessary to defend ourselves from legal claims. Application documents are erased two months after notification about the rejection of an application, unless longer storage is necessary due to litigation.

Entry into the talent pool

If we currently do not have a job opportunity that matches your application, for instance in the case of an unsolicited application, we would be happy to take your application and file it in a talent pool. For doing so, however, your consent is necessary and we will approach you with such a request.

If we do not use your application documents in the talent pool within one year, your application documents are erased automatically.

Automated decision-making

There is no automated decision-making in individual cases, meaning the decision on your application does not exclusively rely on automated processing.

Changes

This data protection policy does undergo changes from time to time. Such amendments occur, for instance, when there are changes due to technological progress, legal requirements, or other factors.

Last update: July 2019