Data Privacy
Inhaltsverzeichnis
1. General
1.1. Scope of Application
1.2. Structure of this privacy information
1.3. Responsible person, data protection officer, assertion of your rights
1.4. Your rights regarding your data
1.5. Rights of objection according to Art. 21 DSGVO
1.6. Data storage and place of storage
2. Special information on the processing of data by Yieldlove – Visitors of digital offers provided by Yieldlove as a service provider
2.1. Business model of Yieldlove GmbH
2.2. Auctions of advertising space by Yieldlove
2.3. Cookie Policy
2.4. Processing of your data
2.5. Processing operations under joint responsibility; single point of contact
2.6. Which of your data do we process and from which sources do these data originate
2.7. Self-regulation according to TCF 2.0
3. Visitors of our website, business partners and customers and their employees
3.1. The processing of your data
3.2. For which purposes and on what legal basis are your data processed?
3.2.1. On the basis of our legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f DSGVO
3.2.2. Due to legal obligations according to Art. 6 para. 1 sentence 1 lit. c DSGVO
3.2.3. For the performance of contracts pursuant to Art. 6 para. 1 lit. b DSGVO
3.2.4. On the basis of your consent to processing for one or more specific purposes pursuant to Art. 6 para. 1 sentence 1 lit. a DSGVO
3.3. Disclosure of your data
3.3.1. For legal reasons
3.3.2. For processing by other bodies (on our behalf)
3.4. Data processing log data, cookies, tools and plugins on this website
3.5. Marketing and newsletters
3.6. Your contact to us
3.7. Other data categories and recipients
3.8. Applications
1. General
1.1. Scope of application
We, Yieldlove GmbH, Kehrwieder 9, 20457 Hamburg, Germany (« Yieldlove », « we » or « us »), are a marketing partner for display advertising and digital advertising concepts.
The protection of your personal data is our top priority – both in the provision of our services and when you access our website.
In the following data protection information, we inform you about the processing of personal data carried out by us and our partners in accordance with the DSGVO and the Federal Data Protection Act (BDSG 2018). In this data protection information, we refer to the relevant legal basis for our processing.
1.2. Structure of this data protection information
We have set ourselves the goal of structuring our privacy notices in such a way that everyone can get a quick overview of what Yieldlove processes personal data for. This is information on the basis of which a person can be clearly identified, either directly or by linking it to other data, e.g. the name or e-mail address. We will only process your personal data (hereinafter also « your data ») in accordance with applicable data protection laws. If we process your data for purposes other than those stated in this privacy notice, we will inform you about these purposes separately in advance and, where necessary, obtain your consent.
Please read the following data protection information carefully. It is divided into individual subsections. If you have any questions or comments about this data protection notice, you can send them at any time to the email address provided under the “Your contact to us” section.
Our data protection information may be changed from time to time, e.g. to adapt it to new data protection regulations. Any changes to the data protection notice will be published by us on this page.
1.3. Responsible party, data protection officer, assertion of your rights
Yieldlove GmbH (Kehrwieder 9, 20457 Hamburg, Germany) is the data controller for the processing of your data described within this privacy notice.
For certain processing operations, we are jointly responsible with the publishers of the digital offers you visit, as well as the vendors used by them and, if applicable, the advertisers/agencies (hereinafter: « advertisers ») that play (have played) advertisements in the digital offers of the publishers (so-called joint responsibility; see more on this in the following section). You can find the contact details of the publishers in the imprint of the digital offers you visit. Contact data of the respective vendors can be found in the CMPs of these digital offers. You can obtain contact data of the advertisers from us upon request.
Where we are solely responsible for certain processing operations, we have indicated this accordingly. However, the majority of the processing operations described in this notice are carried out under joint responsibility.
To exercise your above rights please click this link.
If you have any questions or comments about this privacy notice or data protection in general, please contact:
Yieldlove GmbH
Kehrwieder 9
20457 Hamburg
Germany
E-mail: privacy@yieldlove.com
If you have any questions about the processing of your personal data or about exercising your rights under the GDPR, you can consult our data protection officer. You can reach our company data protection officer at:
Yieldlove GmbH
Data Protection Officer
Platz der Einheit 1
60327 Frankfurt am Main
E-mail: datenschutzbeauftragter-YL@stroeer.de
1.4. Your rights regarding your data
With regard to the processing of your data, you have the following rights:
- A right of disclosure against us in relation to your data (Art. 15 DSGVO). This includes, first of all, information about whether we are processing personal data about you. If this is the case, you have the right to be informed about the data processed and additionally about: a) the purposes of the processing, b) the categories of data processed, c) the recipients of the data, d) the applicable data protection safeguards in case of transfer of the data to recipients outside the European Union, e) the storage period, f) your legal rights regarding data protection, g) the origin of the data and h) the existence of automated decision-making. In addition, you have the right to be provided with a copy of your personal data, provided that this does not affect the rights of third parties.
- A right to rectification if your data is inaccurate or to completion if your data is incomplete (Art. 16 GDPR), if this is necessary to achieve the purpose of the processing.
- A right to erasure (1) if processing of your data for the aforementioned purposes is no longer necessary, (2) if the processing is based on consent that you have since revoked and there is no other legal basis for processing by us, (3) if you have objected to processing carried out by us and – in the case of objection on personal grounds – there are no overriding legitimate grounds for the processing, (4) if we have processed your data unlawfully, or (5) if there is a legal obligation to erase it (so-called. « right to be forgotten », Art. 17 DSGVO).
- A right to restriction of processing, (1) if you have disputed the accuracy of your data for the period of time we need to verify the accuracy, (2) if the processing of your data was unlawful and you want restriction of processing instead of erasure, (3) if storage by us for the aforementioned purposes is no longer necessary, but you need your data for the assertion, exercise or defense of legal claims, or (4) if you have objected to processing carried out by us based on our legitimate interests, as long as it has not yet been determined whether our legitimate interests override your rights (Art. 18 DSGVO)
- A right to data portability with respect to your data that you have provided to us, if the processing is based on your consent or a contract with us, i.e. you can request your data provided to us to be transferred to you or to a third party in a structured, common and machine-readable format (Art. 20 DSGVO)
- A right to object to processing, please also see the detailed information under the section « Rights of objection pursuant to Art. 21 DSGVO ».
- If our processing is based on your consent, a right to revoke your consent at any time, without affecting the lawfulness of the processing carried out on the basis of the consent until revocation (Art. Art. 7(3) DSGVO). You can revoke a given consent under data protection law (Art. 6 para. 1 lit. a) DS-GVO), e.g. regarding the sending of a newsletter, at any time for the future. This means that immediately upon receipt of your revocation, we will cease the data processing in question and any data processing that took place prior to your revocation on the basis of consent will remain lawful (for the past). You do not have to provide any reasons for your revocation and you can send it to us via any contact channel indicated on our website. In addition, there are separate simplified revocation options, e.g. via unsubscribe link in newsletters.
These rights are partly restricted by law. Therefore, if we are unable to fulfill these rights, we will notify you.
We will reserve the right not to process requests that are unreasonably frequent or that are received without appropriate proof of identity. We will inform you of this in writing.
If you are of the opinion that the data processing does not comply with data protection regulations, in particular the General Data Protection Regulation and the Federal Data Protection Act, you can lodge a complaint with a data protection supervisory authority. In particular, you can contact the supervisory authority at your place of residence, at your place of work or at the place of the suspected data protection violation. This does not exclude any further legal remedies, e.g. before the courts.
1.5. Rights of objection according to Art. 21 DSGVO
Right to object to direct marketing
You may object to further use of your data for advertising purposes, even if the use of the data is legally permissible without your consent.
Right to object on personal grounds
You have the right to object to data processing by us on grounds relating to your particular situation, insofar as this is based on our legitimate interests. We will then stop processing your data unless we can demonstrate compelling legitimate grounds for further processing that override your rights or the processing serves to assert, exercise or defend legal claims.
For the assertion of an objection, an informal communication to us is sufficient (contact details: privacy@yieldlove.com see under point: « Person responsible, data protection officer, assertion of your rights »).
Please note that with regard to data processing under joint responsibility, we are generally not able to identify you by name or e-mail address. To exercise your right to object, you should therefore contact the publishers of the digital offerings you visit or, ideally, change your settings directly in the CMPs of the digital offerings you visit.
An objection will not trigger any costs for you and will not have any negative consequences for you. The lawfulness of the processing of your data prior to your objection remains unaffected in this case.
1.6. Data storage and place of storage
We will not store your data for longer than is necessary to fulfill the respective purpose for which it was collected, unless there is a legal basis for processing it beyond that. We will then delete your data. The respective retention periods depend on the underlying purpose and the type of personal data.
Against this background, we store your user data for a maximum period of 2 years, unless the user previously deletes the cookie assigned to his browser with the unique cookie ID contained therein, revokes his consent to the use of cookies or objects to the (further) use of cookies (opt-out).
We, as the controller, process your data ourselves exclusively within the European Union (« EU »). However, your data will be processed by the recipients described in section 2.2. both within and outside the EU and the European Economic Area (hereinafter « EEA »). Please note: If your data is transferred from your home country to another country, the laws protecting your data may differ from those in your country (and may only provide a lower level of protection). For example, in particular, countries outside the EEA have different conditions under which law enforcement authorities can access your data than within the EEA. If we transfer your data to a country outside the EEA, we will take appropriate measures to ensure an adequate level of data protection, for example by concluding so-called standard contractual clauses (Article 46 of the GDPR) or by obtaining your explicit consent (Article 49 (1) sentence 1 lit. a of the GDPR).
You have the right to receive a copy of the specific agreed arrangements to ensure the appropriate level of data protection. Please use the information in the « Contact » section for this purpose.
2. Special information on the processing of data by Yieldlove
Visitors of digital offers provided by Yieldlove as a service provider
2.1. Business model of Yieldlove GmbH
Through the use of our online advertising technology, we enable the playout of advertising (e.g. in the form of banner ads) based on data collected/processed during the visit of digital offers of publishers. For this purpose, cookies and similar technologies are set by other companies (so-called vendors) in the digital offerings of the publishers – exclusively with your consent. These allow the vendors to collect and transmit your data (pseudonymous cookie ID, IP address) to other vendors within an anonymous environment (so-called cookie matching process). The purpose of this cookie matching process is to combine information from various digital offers in order to enable the most accurate possible display of advertising on this basis. Under no circumstances will data such as name, address or e-mail address be stored in the cookies.
You can find more information on this and on the vendors in the data protection notices of the digital offerings you visit as well as in the consent management platforms (hereinafter « CMPs ») used there.
In order to provide the highest level of transparency for you as a user, the publishers use vendors who participate in the Transparency & Consent Framework (hereinafter « TCF ») of IAB Europe and have submitted to its specifications and guidelines for data processing under joint responsibility via their CMPs. Via the CMPs of the digital offers of the publishers, you have the possibility to give informed consent to the processing of your data for case groups defined by the TCF, individually or in total, as well as to revoke this consent at any time with effect for the future. You can also object to the processing of your data insofar as it is based on legitimate interests.
An overview of your setting options and information, the purposes and involved vendors in the context of data processing in joint responsibility can be found at any time in the CMPs of the digital offers you visit.
In addition, you can find out more about the TCF on IAB Europe’s website: iabeurope.eu.
2.2. Auction of advertising space through Yieldlove
Yieldlove auctions advertising space from publishers to affiliated sales platforms
Yieldlove can use the collected user data to pre-filter relevant target groups.
Yieldlove provides certain user data to the purchasing platforms so that they can make a purchasing decision for their advertisers for the respective advertising space (so-called bid requests). In particular, Yieldlove assigns cookie IDs assigned by the Ströer Core SSP in the user’s browser to the cookie IDs assigned by the respective shopping platforms and makes this assignment available to the respective shopping platforms in the bid request in order to identify already known end devices of users (so-called cookie matching process).
Based on the user data provided, the purchasing platforms make a purchasing decision for their advertisers for the respective advertising space and submit a bid for this (so-called bid response).
Yieldlove delivers the advertising media of the highest bidder on the respective advertising space.
2.3. Cookie Policy
As explained at the beginning, our business model is based on the placement of user-based advertising on the publisher’s pages through the use of cookies and similar technologies (hereinafter collectively referred to as « cookies »). The data collection and processing necessary for this is carried out on the publisher’s websites under joint responsibility pursuant to Art 26 DSGVO. We jointly process data collected when visiting digital offers of the publisher for the purpose of targeting advertising (e.g. as banner advertising). For this purpose, we integrate scripts into the websites of the publishers that technically enable the vendors – exclusively with your consent – to set cookies in the mobile devices of the users and thus collect data about the usage behavior of the users of such digital offers. This data is usually aggregated downstream by the vendors in so-called target group segments.
Cookies are small text files that enable recognition of your browser and are sent to your computer or mobile device. Under no circumstances will data such as name, address or e-mail address be stored in the cookies.
Of course, you can also use the digital offers of the publishers without cookies. You can configure your browser yourself, even without our involvement or the involvement of the publishers, so that cookies are generally rejected. Likewise, you can delete cookies that have already been set in your browser settings. However, if you do not use cookies, this may result in you not being able to use the functions of the publishers’ digital offerings to their full extent.
2.4. Processing of your data
For certain processing operations, we are jointly responsible with the publishers of the digital offers you visit as well as the vendors used by them and, if applicable, the advertisers who play out advertisements (or have advertisements played out) in the publishers’ digital offers (so-called joint responsibility). You can find the contact details of the publishers in the imprint of the digital offerings you visit. Contact details of the respective vendors can be found in the Consent Management Platforms (CMPs) of these digital offers.
Where we are solely responsible for certain processing operations or the processing of certain categories of data, we have indicated this accordingly. However, the majority of the processing operations described in this notice are carried out under joint responsibility.
2.5. Processing operations under joint responsibility; one-stop shop
The processing operations for which we are jointly responsible with the other controllers include the following:
- Collection of your data on the publisher’s digital offerings you visit using cookies and other technologies,
- Transmission of your data (pseudonymous cookie ID, IP address) within an anonymous environment (so-called cookie matching process),
- Auction of advertising space by Yieldlove,
- Playing out advertisements in the digital offers you visit.
Not in joint responsibility is the acquisition of so-called segment data and the formation of target group segments by the various advertisers.
For more information on data processing under joint responsibility by the publishers, please refer to the privacy notices of the digital offerings you visit. You can find more detailed information on data processing in joint responsibility by the other vendors in their data protection notices, which you can access from the CMP of the digital offer you are visiting.
To exercise your rights as a data subject, you can either contact us (you can find our contact details in the « Contact Us » section), assert them directly against the publishers of the digital offerings you visit, or contact the vendors named in the respective CMP. The joint controllers have further agreed that the publisher will act as a single point of contact for the exercise of data subjects’ rights against all joint controllers.
2.6. Which of your data do we process and from which sources do these data originate?
In connection with the operation of the various advertisers/SSPs/vendors, we process the following data under joint responsibility that relates to you as a user of publishers’ digital offerings:
HTTP Data
When you visit a digital offer, certain information is collected for technical reasons by the browser used on your device or the respective app via the so-called Hypertext Transfer Protocol (Secure) (HTTP(S)), for example, your IP address, type and version of your Internet browser, operating system used, language used, the page called up, the previously visited page (referrer URL), date and time of the call.
Device-related data
When a digital offer is accessed via a mobile device, the so-called IFA (Identifier for Advertisers) of the mobile device may be read. The IFA is an identification number of a mobile end device that enables identification of the end device for advertising purposes.
Location-related information
The approximate location of your end device can be determined from the HTTP data (the postal code district is determined).
The Ströer Core DSP also receives information about the approximate location of an end device from the sales platforms.
Cookie data
When you use a digital offer, cookies and other technologies (hereinafter collectively « cookies ») may be stored in the browser on your device for the purpose of targeting advertising. Cookies are tiny text files. The next time you visit the digital offer, the cookies can be read from your browser.
The cookies are used for this purpose exclusively with your consent. Under no circumstances will data such as your name, address, e-mail address or IP address be stored in the cookies.
Of course, you can also use the digital offers of the publishers entirely without cookies. You can set your browser to generally reject cookies without our involvement or the involvement of the publishers. Likewise, you can delete cookies already set in your browser settings. If you do not use cookies, however, this may mean that you cannot use the functions of the digital offerings of the publishers to their full extent.
For more information on the purposes and the vendors that use cookies in the digital offerings you visit, please refer to the CMP of the respective Publisher.
2.7. TCF 2.0 Self-Regulation
Yieldlove cares about practicable data protection for the benefit of users with regard to usage-based online advertising. Beyond the legal requirements and the strict pseudonymization of the collected data, we therefore follow the self-regulatory requirements of the IAB Europe Framework.
Information on the IAB Transparency and Consent Framework (TCF 2.0)
Yieldlove is a registered vendor in the Transparency and Consent Framework (also called TCF 2.0) of the International Advertising Bureau Europe (IAB). Cookies are set on some partner sites for the processing of advertising campaigns. Yieldlove makes use of the processing purposes from TCF 2.0 listed below. The legal basis for the data processing is Art. 6 para. 1 sentence 1 lit. a DSGVO.
Processing purposes requiring consent:
Storing and/or retrieving information on a device
For the processing purposes indicated to you, cookies, device identifiers or other information may be stored on or retrieved from your device.
Selecting Simple Ads
Ads may be displayed to you based on the content you are viewing, the application you are using, and your approximate location or device type.
Select personalized content
Select personalized content based on their user profile or other historical user data, including past activity, interests, website or app visits, location, or user demographics.
Measure Ad Performance
The performance and effectiveness of ads you see or interact with can be measured.
Measure content performance
The performance and effectiveness of content you see or interact with can be measured.
Develop and improve product
We use information to improve existing products with new features and to develop new products.
3. Visitors of our website, business partners and customers and their employees
3.1. The processing of your data
Depending on the information you provide to us, we collect the following categories of data:
- Occupational contact and organizational data such as last name, first name, gender, address, email address, phone number, cell phone number, area, department, responsibilities or participation in sales events.
- Order or contract data such as products purchased, services provided, date of contract or pre-contract stage, pricing, payment and delivery information, or special requests
- Billing or banking data such as payment history, balances, credit bureau data, or bank account information.
No special categories of data (Art. 9 para. 1 DSGVO) are processed.
3.2. For what purpose and on what legal basis is your data processed?
Your data will be processed for the following purposes and on the following legal basis (sole and joint responsibility):
3.2.1. On the basis of our legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f DSGVO.
- to provide, maintain, protect and improve our services, to develop new services and to protect us and our business partners and customers;
- to further improve the security of our IT system for the benefit of all business partners and customers;
- to detect or prevent technical problems;
- to protect rights involving our property or safety, the property or safety of business partners and customers, or the public, as permitted and required by law;
- to assert, exercise or defend legal claims;
- to provide you with relevant information about the Ströer Group company and services including customer service and marketing activities, unless you have objected to the use of your data for these services;
- in the context of customer administration and support.
3.2.2. On the basis of legal obligations pursuant to Art. 6 para. 1 sentence 1 lit. c DSGVO
- to fulfill and comply with applicable laws, regulations, legal proceedings or enforceable official orders that are binding for Ströer;
- for the detection, prevention or combating of legal violations, insofar as Yieldlove is legally obligated to do so or third parties have a legal claim against Ströer to do so;
- to detect, to prevent or to remedy security deficiencies or technical problems.
3.2.3. For the performance of the contract pursuant to Art. 6 para. 1 lit. b DSGVO
- for the establishment, content or amendment of the contractual relationship with the respective customer;
- for the provision of our services, i.e. the fulfillment of our contracts.
3.2.4. On the basis of your consent to the processing for one or more Specific Purposes pursuant to Art. 6 para. 1 sentence 1 lit. a DSGVO
- for the processing of your personalized data in relation to the personalized creation of the newsletter;
- the regular dispatch to the e-mail address provided by you;
- for marketing purposes and customer approach;
- to provide you with customized content, for example, to provide you with personalized advertising.
3.3 Sharing of your data
Within our company, your data will be passed on to those departments or group units that need it to fulfill our contractual and legal obligations or in the context of processing and implementing our legitimate interests.
Your data will only be passed on to other offices:
3.3.1. For legal reasons:
We will disclose your information to other companies, organizations or individuals when necessary to comply with applicable laws or regulations, such as required for legal process, or disclosure is made to comply with a binding government order, enforce contractual agreements, including investigation of potential violations, to detect, prevent, or otherwise address fraud, security or technical issues, or to protect our property, other rights or safety, the property or safety of our users or the public from harm, as permitted or required by law.
In the aforementioned cases, your data may also be disclosed to authorities, courts, lawyers, auditors and tax advisors as necessary.
3.3.2. For processing by other entities (on our behalf):
These are trustworthy companies that we commission with the processing of data within the framework provided by law and that process the data according to our instructions (so-called processors). This is done in accordance with applicable law, as well as appropriate confidentiality and security measures that enable us to ensure the protection of your data at all times. Ströer remains responsible for the protection of your data even in this case. We engage companies in the following areas in particular: IT, sales, marketing, finance, consulting, customer service, human resources, logistics, printing. Beyond that, only our employees have access to your data. We may pass on to third parties data that has no personal reference, i.e. data that cannot be associated with your person (e.g. completely anonymized data).
3.4. Data processing log data, cookies, tools and plugins on this website
When you access our website, your browser sends certain technical data to us in order to enable a connection of your device to our server and the retrieval of our page.
We process the following categories of personal data in the process:
- IP address (this is anonymized immediately after collection),
- date and time of the page call,
- URLs called up from our sub-pages,
- referral URL (URL of the page from which you came to our site),
- http status code (e.g. successful page request),
- browser language settings,
- operating system, browser type, model of terminal device.
3.5. Marketing and Newsletter
We process your data in accordance with legal requirements for our own marketing purposes.
You can object to the processing of your data for marketing purposes at any time by sending a short written message to privacy@yieldlove.com or revoke your consent without incurring any costs other than the transmission costs according to the basic rates.
If you object to the use of your data, your contact address will not be used for advertising purposes. We would like to point out that in exceptional cases, advertising material may still be sent even after receipt of your objection. This is due to technical reasons and does not mean that we will not implement your objection.
The legal basis for this is § 7 para. 3 UWG as well as Art. 6 para. 1 lit. f) EU DSGVO. Our interest in addressing advertising in a needs-based manner is to be regarded as legitimate within the meaning of the aforementioned provision.
We pass on your data to business partners
- for the dispatch of advertising material
- only if the partner is committed to our data protection standards.
On our website you can register for our newsletters. In our newsletters we inform you about our current products and services, invite you to our events and provide an overview of interesting articles (e.g. blog entries) and relevant topics. Also this information is used for our advertising purposes. For the registration we usually need your email address.
The registration for our newsletters takes place as a so-called double opt-in process. After entering your email address on our website (1st step), we will send you a confirmation link in the first e-mail. After calling up this link (2nd step), you will regularly receive our newsletter. This procedure serves to confirm that the email address has not been entered into our newsletter distribution list by unauthorized persons. If the confirmation link is not used within a certain period of time, the newsletter will not be sent.
If you have subscribed to a newsletter, there is also a corresponding link at the end of the newsletter. Alternatively you can use this link to unsubscribe. If no legal retention periods are relevant for your personal data (e.g. from a contractual relationship with us), we will remove you from the respective newsletter distribution list immediately after receiving your unsubscription.
The processing of your personal data serves the personalized creation of the newsletter as well as the regular dispatch to the e-mail address you have provided. The legal basis of the processing is your consent (Art. 6 para. 1 lit. a) DSGVO).
3.6. Your contact to us
We offer a separate form on our website to quickly contact us and to arrange an appointment for a Yieldlove Free Demo. In doing so, we process the data you provide in the forms, including the content of the message that you can provide on an optional basis. If certain categories of data, while not strictly necessary for processing your request, are helpful for further personalization of our response (e.g., the function in your company) or for contacting you by alternative means (e.g., on the phone), we mark such fields as « voluntary ».
The legal basis for data processing is your consent (Art. 6 para. 1 lit. a) DSGVO). If we need the data you provide for the preparation or fulfillment of a contract with you, the legal basis is Art. 6 (1) (b) DSGVO.
Of course, you can also contact us by e-mail at any time. If you send us a message to an email address provided on our website, the legal basis for data processing is our legitimate interest in processing your request (Art. 6 para. 1 lit. f) DSGVO).
Please note that emails are generally not sent fully encrypted. This means that – despite extensive technical security precautions – there is a risk of unauthorized access to the email contents by third parties, e.g. during transmission.
3.7. Further data categories and recipients
The offer on our website and in our social media presences is not designed to process special categories of personal data within the meaning of Art. 9 DS-GVO, e.g. information on health, origin or religion. As a rule, we therefore do not process such special categories of data unless they are provided to us on our own initiative, e.g. in a contact form (Art. 9(2)(a) DS-GVO).
If we involve external service providers who come into contact with the personal data provided to us, they will usually act for us as so-called order processors. This means that we conclude a contract with them for commissioned processing in accordance with Art. 28 DS-GVO, on the basis of which they are obliged to use the data exclusively in accordance with our specifications. We select our service providers carefully and oblige them to maintain confidentiality. We may use external service providers, for example, in the areas of IT (hosting, cloud services), customer administration (so-called customer relationship management systems) and marketing (mailing tools).
If personal data is required for the preparation or implementation of a legal dispute or action against legal violations, it may also be processed to the extent necessary for this purpose (e.g., forwarding to lawyers). In this case, the legal basis for data processing is the exercise of our legitimate interest in legal action (Section 24 (1) No. 2 BDSG, Article 6 (1) f) DS-GVO).
In addition, personal data may also be transmitted to competent state authorities (e.g. for the purpose of criminal prosecution) on the basis of a legal obligation, enforceable official order or court decision (Art. 6 (1) c) DS-GVO).
3.8. Applications
In this section, we would like to inform you about the extent to which we process personal data from you when you contact us via our career portal and submit an application form there.
We collect and process the following personal data from you during the application process:
- applicant personal data (first name, last name, title, e-mail address, telephone number, address, date of birth, nationality),
- qualification data (cover letter, letter of motivation, curriculum vitae, previous activities, professional qualifications and skills),
- voluntary information, such as an application photo, details of severely disabled status or other information that you voluntarily provide to us in your application or voluntarily upload,
- additional questions depending on the respective job advertisement (e.g. driver’s license, nationality, salary requirements),
- communications between you and us, as well as comments and evaluations written about you in the course of your application process.
The specific scope of data processing in the application process depends on the position to be filled. If, for example, the position involves increased financial responsibility, we may request additional documents for a decision, e.g. an extract from the Federal Central Register (certificate of good conduct) limited to relevant entries. Insofar as such additional data collection is necessary for the implementation of the application process, we will inform you separately and explain the reasons for which we need to collect the relevant data categories.
The legal basis for data processing is Section 26 (1) of the German Federal Data Protection Act (BDSG). The processing serves the preparation, conclusion and execution of an employment contract, for which a review and evaluation of the application documents by the internal departments responsible at our company is necessary.
Recipients
We forward your application documents internally to the departments responsible for this at our company. These are primarily the Human Resources department and the management of the relevant department. In addition, applications may also be forwarded to the works council so that it can fulfill its legally prescribed duties (e.g., approval of hiring).
Applicant pool
You can also give your consent for your data to be included in our applicant pool. We will then store your application documents for a period of 1 year.
If a suitable position is identified within the Group, your application documents may also be forwarded to the following Ströer Group companies for review and further contact:
Ambient-TV Sales & Services GmbH / Asam Betriebs-GmbH / ASAMBEAUTY GmbH / Avedo II GmbH / Avedo Essen GmbH / Avedo Gelsenkirchen GmbH Avedo Köln GmbH / Avedo Leipzig GmbH / Avedo Leipzig West GmbH / Avedo München GmbH / Avedo Rostock GmbH / blowUp Media GmbH / Business Advertising GmbH / Content Fleet GmbH / DSA Schuldisplay GmbH / DSM Deutsche Städte Medien GmbH / DSM Krefeld Außenwerbung GmbH / DSMDecaux GmbH / ECE flatmedia GmbH / Edgar Ambient Media Group GmbH / Fahrgastfernsehen Hamburg GmbH / grapevine marketing GmbH / Hamburger Verk.Mittel Werbung GmbH / Infoscreen GmbH / kajomi GmbH / M. Asam GmbH / Nachsendeauftrag DE Online GmbH / Neo Advertising GmbH / Omnea GmbH / OPS Online Post Service GmbH / Optimise IT GmbH / Outsite Media GmbH / Permodo GmbH / PosterSelect Media-Agentur für Aussenwerbung GmbH / Ranger Marketing & Vertriebs GmbH / RegioHelden GmbH / Sales Holding GmbH / Seeding Alliance GmbH / Service Planet GmbH / SIGN YOU mediascreen GmbH / Statista GmbH / StayFriends GmbH / Ströer Content Group GmbH / Ströer DERG Media GmbH / Ströer Content Group Sales GmbH / Ströer Deutsche Städte Medien GmbH / Ströer Dialog Group GmbH / Ströer Digital Media GmbH / Ströer Digital Publishing GmbH / Ströer media brands GmbH / Ströer Media Deutschland GmbH / Ströer News Publishing GmbH / Ströer Next Publishing GmbH / Ströer Sales & Services GmbH / Ströer Sales Group GmbH / Ströer SE & Co. KGaA / Ströer Social Publishing GmbH / Ströer SSP GmbH / SuperM&N UG / Yieldlove GmbH
The legal basis for data processing in this case is your consent (Art. 6 (1) a) DSGVO), which also includes any special categories of personal data, insofar as you have specified these in your application documents (Art. 9 (2) a) DSGVO). You can revoke your consent to the inclusion of your application documents in our applicant pool at any time for the future.
Prescreen
When you access our career portal, personal data is also transmitted to the service provider Prescreen (New Work SE, Dammtorstraße 30, D-20354 Hamburg; NEW WORK AUSTRIA XING kununu Prescreen GmbH, Schottenring 2-6, A-1010 Vienna), which is the operator of the prescreen.io recruiting system. This concerns the following data categories:
- date and time as well as duration of access,
- browser type / version,
- operating system used,
- URL of the previously visited website,
- amount of data transferred,
- based on the IP address, a GeoIP lookup is created,
- name of the retrieved files,
- http status code (e.g. successful page request),
- URL of the accessed website.
In addition, cookies are set on our career portal by Prescreen. This is used to identify the user while calling up the career portal, in particular to restore a session that has ended prematurely. A list of the cookies used can be found in our Consent Tool (cookie banner) under the heading « Necessary ».
The data processing is necessary from a technical point of view in order to be able to integrate the recruiting system into our career portal. The legal basis for the processing is our legitimate interest in providing an application opportunity (Art. 6 para. 1 lit. f) DSGVO).
Prescreen’s privacy policy is available at: https://prescreen.io/de/datenschutzerklaerung/
Reminder in case of interruption of the application process
If you initially do not complete the application process via our career portal, it can be resumed at a later time. One day after the application process is interrupted, you will receive an automatic email reminder that the application has not yet been completed.
In this respect, the legal basis of the data processing is our legitimate interest in complete applications and the recruitment of new employees (Art. 6 para. 1 lit. f) DSGVO).
Feedback questionnaire
In order to optimize our application process on an ongoing basis, we will send you a questionnaire to the e-mail address you provided with a request for feedback. If you participate in this survey, your personal data will be collected by Prescreen’s recruiting system, in particular the content of your feedback, your position title, the location of the position, the job category and, if applicable, the type of employment you have applied for. Our service provider Prescreen forwards this information to us for further processing. The information may also be transmitted to the rating portal Kununu (which comes from the same provider as Prescreen’s recruiting system) and, if applicable, other rating platforms, where it will be published in anonymous form. Please note, however, that you may be recognized based on the content of your feedback.
The legal basis of the data processing is our legitimate interest in a presentation in relevant evaluation portals (Art. 6 para. 1 lit. f) DS-GVO).
This privacy notice was last updated on 06.12.2022.