Empalis Consulting GmbHPrivacy policy

1. Subject of this Privacy Policy

We appreciate your interest in our website and our offers displayed on our websites.
The protection of your personal data (hereinafter referred to as "data") is a great and very important concern for us. In the following, we would like to inform you in detail in the following, which data was collected during your visit to our website and use of our local offers and how these are processed or used by us, as well as which accompanying protective measures we have additionally taken in technical and organizational terms.

2. Responsible body / service provider

Responsible body in the sense of the data protection right and at the same time service provider within the meaning of the Telemedia Act (TMG) is the Empalis Consulting GmbH, cf. our imprint.
If you have any questions or comments about this privacy policy or general data protection, please contact the following e-mail address: dsb@empalis.de

3. Contact details of the data protection officer

Lawyer Bettina Wengert
Feldbergstrasse 120
70569 Stuttgart
dsb@empalis.de

4. Collection and use of your data

The extent and nature of the collection and use of your data differs depending on whether you visit our website only to retrieve information or in order to use the services offered by us:

a) Informational use

For the purely informative use of our website, it is generally not necessary for you to provide personal data. Rather, in this case, we only collect and use data that your internet browser automatically transmits to us, such as:

  • date and time of retrieval of one of our websites
  • your browser type
  • the browser settings
  • the operating system used
  • the page you visited last
  • the transferred amount of data and the access status (file transfer, file not found etc.)
  • the loading times of our website as well
  • Your IP address

We collect and use this data during an informative visit exclusively in non-personal form. This is done in order to enable the use of the websites you have retrieved for statistical purposes and to improve our internet presence.
The IP address is only stored for the duration of your visit, a personal evaluation does not take place.

The collection of this data is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free and optimal presentation of his website - for this purpose, the server log files must be recorded.

b) Contact form

If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provided there, will be stored in order to process the request and in case of follow-up questions. We will not share
this information without your consent.
The processing of the data entered into the contact form takes place exclusively on the basis of your consent (Art. 6 (1) lit. GDPR). You can revoke this consent at any time. An informal message by e-mail to us is sufficient.
The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
The information you provide in the contact form will remain with us until you ask us to delete it, revoke your consent to storage, or delete the purpose for data storage (for example, after your request has been processed). Mandatory legal provisions - especially retention periods - remain unaffected.

c) Newsletter data

If you would like to receive the newsletter offered on the website, we need an e-mail address from you which allows us to verify that you are the owner of the given e-mail address and that you agree to receive the newsletter. Further data is not collected. We use this data exclusively for the delivery of the requested information and do not pass it on to third parties. The processing of the data entered into the newsletter registration form takes place exclusively on the basis of your consent (Article 6 (1) a GDPR). You may revoke your consent to the storage of data, the e-mail address and its use for sending the newsletter at any time, for example, via the opt-out link contained in each newsletter. The legality of the already completed data processing operations remains unaffected by the revocation. The data deposited with us for the purpose of obtaining the newsletter will be stored by us from the newsletter until your cancellation and will be deleted after cancellation of the newsletter. Data that has been stored for other purposes with us (such as e-mail addresses for business communication) remain unaffected.

d) Participation in surveys

We conduct surveys ourselves or with the help of selected processors to continually improve and evaluate our offers. You will receive an invitation to these surveys by e-mail. The survey is carried out by clicking on the link provided in the invitation. The survey is conducted with the help of Microsoft Forms, a service of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA. The survey collects, among other things, the following personal data:

Information provided voluntarily by survey participants.

The survey consciously refrains from collecting personal data or only does so when respondents voluntarily provide personal data via free-text questions. We therefore explicitly ask respondents to refrain from providing personal data in free-text questions. However, we cannot rule out the possibility that in individual cases, apart from the data collected in the survey, other personal data may be transferred to MICROSOFT and then processed there, which we have not commissioned to process, such as the IP address and location data of the survey participant. The Microsoft Corporation was previously effectively certified under the EU-US Privacy Shield ( ECJ, 16.7.2020 - C-311/18). The data transfer with MICROSOFT is further based on the Standard Contractual Clauses (SCC). More information on Microsoft Forms is available on https://support.office.com/de-de/forms and further information on the processing of personal data by Microsoft is available here: https://privacy.microsoft.com/de-DE/privacystatement. Participation in the survey is voluntary. The processing of this data is exclusively based on your consent (Art. 6 para. 1 lit. a DSGVO). You can withdraw this consent at any time. For this purpose, an informal communication by e-mail to us is sufficient. The legitimacy of the data processing procedures carried out until revocation remains unaffected by the revocation. The information you provide in the survey will be used only for the purpose stated therein and deleted as soon as we no longer need it for this purpose.

e) Participation in online events

If you register for our online events via a booking form, you will be redirected from our website to the ticket booking and registration platform Eventbrite. On behalf of the event organiser Empalis, Eventbrite collects and uses personal data in order to provide the ticketing service. This involves the data entered by you in the input mask, i.e. in particular your contact and, if applicable, billing data. For more information on this, please see the privacy policy of the provider Eventbrite. Provider of the booking platform is Eventbrite. Eventbrite Inc. is a corporation incorporated in accordance with the laws of the State of Delaware, USA, with its principal place of business at 155 5th Street, Floor 7, San Francisco, CA 94103, Reg. No. 4742147, USA ("Eventbrite", "we", "us", etc.). For users located in the European Economic Area ("EEA") or Switzerland, Eventbrite Inc. acts as the Data Controller with respect to personal data collected via the services. Eventbrite's representative for the purposes of European data protection legislation is Eventbrite NL BV, located at Silodam 402, 1013AW, Amsterdam, The Netherlands. When booking through Eventbrite to attend our virtual events, Eventbrite will send attendees an automated response email as part of the registration process. For events without this booking process, please refer to the invitation for registration options. In all cases, you will receive an access link to a video conferencing tool, currently either Zoom or Microsoft Teams.

You will be redirected to the online conference provider ZOOM via this link. The data you provide when registering and during the virtual event will be collected and stored for this purpose and, insofar as you use the chat, query or survey functions during the event, it will also be displayed or shown during the event. For further information on the use of Zoom's services, please refer to the provider's privacy policy: https://zoom.us/de-de/privacy.html. The provider of these services is Zoom Video Communications, Inc, 55 Almaden Blvd, Suite 600, San Jose, CA 95113, USA.

Access link to Microsoft Teams:

You can access this link via a browser application or, if you have installed Teams yourself, in your app. The data you provide when registering and during the virtual event will be collected and processed for these purposes. Insofar as you use the chat, query or survey functions during the event, this data will also be displayed or shown during the event. For more information on the use of Microsoft Teams services, please refer to the provider's privacy policy: https://privacy.microsoft.com/de-de/privacystatement. The provider of these services is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. For detailed data protection information for online meetings in "Teams", please click here.

f) Contract initiation and implementation

Insofar as you wish to make use of the services offered by us on our website, it is necessary for you to provide additional data. It is the data that is required for the respective transaction, e.g. your contact details when sending an offer.
The collection or use of your data is for the purpose of providing the service you want, for example, to fulfil an order or to send you the desired offer. We collect, process and use personal data only insofar as they are necessary for the establishment, content or modification of the legal relationship (inventory data). This is done on the basis of Art. 6 para. 1 lit. b GDPR, which allows the processing of data for the performance of a contract or precontractual measures. We only collect, process and use personal data when using our Internet pages (user data) so far as this is necessary in order to enable or charge the user for the use of the service. The collected customer data will be deleted after completion of the order or termination of the business relationship, but not before expiry of the legal retention periods (usually 10 years).
We only transfer personal data to third parties if this is necessary in the context of contract execution; for example, to the bank responsible for payment processing. A further transmission of the data does not take place or only if you have expressly consented to the transmission. A transfer of your data to third parties without explicit consent, such as for advertising purposes, does not occur. The basis for data processing is Art. 6 para. 1 lit. b GDPR, which allows the processing of data for the performance of a contract or precontractual measures.

g) Applications

In the following, we inform you about the scope, purpose and use of personal data collected and submitted by you within the framework of an application. We assure that the collection, processing and use of your data will be in accordance with applicable data protection law and all other legal provisions and will be kept strictly confidential. As part of your application, we will in particular record first and last name, contact information (cell phone number and / or e-mail), address, curriculum vitae and relevant certificates / training certificates as well as other information on qualification or work experience. The data collection takes place by sending us the data and your application. These personal data are used exclusively for the processing and execution of your application process. Your personal data will only be passed on within our company to persons who are involved in the processing of your application. In addition, your personal data will not be passed on to third parties unless you have given us explicit consent.
At the same time, by submitting these data, you consent to the described use of your data (Art. 6 (1) (a) GDPR). You can revoke this consent at any time for the future. You have the right at any time to request information about your data stored with us. If the application is successful, the data you submit will be stored in our data processing systems for the purpose of carrying out the employment relationship.

If we cannot offer you a job offer, if you reject a job offer or withdraw your application, we reserve the right to keep the data provided by you up to 6 months from the end of the application process (rejection or withdrawal of the application). Afterwards the data will be deleted and the physical application documents will be destroyed. The storage serves in particular proof in case of a legal dispute. If it becomes apparent that the data will be required after the expiration of the six-month period (for example, due to a pending or upcoming legal dispute), the cancellation will not take place until the data become obsolete. Other statutory storage obligations remain unaffected.

5. Use of cookies

Our websites use so-called cookies. Cookies do not harm your computer and do not contain viruses. Cookies are used to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and stored by your browser.
You can set your browser so that you are informed about the setting of cookies and decide on a case-by-case basis whether to accept them or decide to exclude the acceptance of cookies in certain cases or generally and activate the automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website.
Cookies that are required to carry out the electronic communication process are based on Art. 6 para. 1 lit. f GDPR saved. The website operator has a legitimate interest in the storage of cookies for the technically correct and optimal provision of its services. If other cookies (such as cookies for analyzing your browsing behavior) are stored, they will be treated separately in this privacy policy.

On our websites we use the following cookies:

  • borlabs-cookie saves the settings of the visitors selected in the cookie box of Borlabs Cookie. The storage period lasts for one year.
  • _icl_*, wpml_*, wp-wpml_*, stores the current language. The storage period is one day.

These cookies serve users who have user access to our website in order to facilitate their browsing:

  • wordpress_[hash] saves login details.
  • wordpress_logged_in_[hash] saves the user's username and displays that the user is logged in.
  • wp-settings-{time}-[UID] saves the individual user settings (e.g. page views) saves the individual user settings (e.g. page settings).
  • wordpress_test_cookie verifies whether the browser settings enable cookies to be set. 

The duration of storage lasts one month.

6. Website analysis

6.1 Matomo (formerly Piwik)

This website uses the open source web analytics service Matomo. Matomo uses so-called "cookies". These are text files that are stored on your computer and that allow an analysis of the use of the website by you. For this purpose, the information generated by the cookie about the use of this website is stored on our server. The IP address is anonymized before saving.

Matomo cookies remain on your device until you delete them.

Matomo cookies are stored on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the anonymized analysis of user behavior in order to optimize both its website and its advertising.

The information generated by the cookie about the use of this website will not be disclosed to third parties. You can prevent the storage of cookies by a corresponding setting of your browser software; however, we point out that in this case you may not be able to use all the functions of this website in full.

If you do not agree with the storage and use of your data, you can disable the storage and use here. In this case, an opt-out cookie is deposited in your browser that prevents Matomo from saving usage data. Deleting your cookies will result in deletion of the Matomo opt-out cookie as well. The opt-out must be reactivated when visiting our site again.

It is possible for you to prevent actions you take here from being analysed and linked. This will protect your privacy, but will also prevent the owner from learning from your actions and improving usability for you and other users.

Your visit to this website is currently collected by Matomo web analytics. Deselect checkbox to opt-out.

6.2 LeadForensics

For marketing and optimisation purposes, this website uses products and services from Lead Forensics (Communication House, 26 York Street, London, W1U 6PZ United Kingdom). Lead Forensics tracks the actual progress of a visit to this website, including all sub-pages visited and viewed, and how much time a visitor has spent on each page. Insofar as IP addresses are collected by Lead Forensics, these are filtered immediately after collection to determine whether they belong to a company. IP addresses that cannot be assigned are anonymised immediately, according to Lead Forensics. On behalf of the operator of this website, Lead Forensics will exclusively use the information collected on the basis of company IP addresses for the purpose of evaluating the visit of the website by companies, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. This includes, amongst other things, the matching of the company IP address with Lead Forensics' own data files. After this comparison, we receive the information from Lead Forensics that could be assigned to the IP address in question (e.g. company name, contact details of the company, information on function holders, if applicable).

Further information on data protection at Lead Forensics can be found at https://www.leadforensics.com/privacy-andcookies/.

Insofar as we process personal data when using the services of Lead Forensics, we do so on the basis of your consent. The legal basis is the protection of legitimate interests pursuant to Art. 6 (1) (a) DSGVO. You can revoke this consent at any time with effect for the future by clicking on the following link: https://optout.leadforensics.com/?clientID=166100. We will then no longer store any additional data. The transfer of personal data to the UK is based on the EU adequacy decision of 28.06.2021

7. Social Media Pages

We currently do not use social media plugins. The social media buttons used on our website lead via a link to our respective social media pages. For these, in addition to our privacy policy, the privacy policy of the respective provider applies.

7.1 LinkedIn

When you visit our LinkedIn page, we connect to LinkedIn servers. LinkedIn is informed that you have visited our pages with your IP address. If you're logged in to LinkedIn, LinkedIn will be able to associate your visit with you and your user account. We point out that we as the provider of the pages have no knowledge of the content of the transmitted data and their use by LinkedIn.
For more information, see the LinkedIn privacy statement at: https://www.linkedin.com/legal/privacy-policy
Providers of this service are LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, United States.

7.2 Twitter

By using Twitter and the "Re-Tweet" feature, the web pages you visit will be linked to your Twitter account and shared with other users. This data is also transmitted to Twitter. We point out that we as the provider of our pages do not receive knowledge of the content of the transmitted data and their use by Twitter. For more information, see the privacy policy of Twitter at: http://twitter.com/privacy.
You can change your privacy settings on Twitter in the Account Settings at http://twitter.com/account/settings.
Provider of these services is Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, United States.

7.3 Instagram

When you visit our Instagram page, you will be connected to Instagram servers. Instagram is informed that you have visited our pages with your IP address. If you are logged in to Instagram, Instagram will be able to associate your visit with you and your user account. We point out that we as the provider of the pages have no knowledge of the content of the transmitted data and their use by Instagram.
For more information, see the Instagram Privacy Policy: http://instagram.com/about/legal/privacy/
Provider of the service is Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA.

7.4 XING / kununu

When you visit our pages of the network XING or the employer rating platform kununu, a connection is established to servers of XING SE. XING SE will be informed that you have visited our pages with your IP address. If you are logged into your account with a service of XING SE, it is possible for XING SE to assign your visit to you and your user account. We point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data and their use by XING SE.
Provider of these services is XING SE, Dammtorstraße 30, 20354 Hamburg, Germany.
Further information on data protection can be found in the data protection declaration of XING under: https://privacy.xing.com/de/datenschutzerklaerung

7.5 YouTube

On our website we offer links to videos on YouTube.

When you click on the button to load and play the YouTube video, a connection to YouTube servers is established. The legal basis is your consent in accordance with Art. 6 Para. 1 a) DSGVO. YouTube is notified that you have visited our pages with your IP address. If you are logged in to your YouTube account, it is possible for YouTube to associate your visit with you and your user account. We would like to point out that we, as the provider of our website, have no control over the content of the transferred data or its use by YouTube.

For more information, please see YouTube's privacy policy: https://www.google.de/intl/de/policies/privacy. The provider of the service is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA, a subsidiary of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

8. Use of third-party tools

8.1 Google Maps

This website offers you a direct link to the Google Maps service. The provider is Google Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. If you call up the map service by clicking the button, you will be directed from our website to Google. When using the functions on the Google Maps website, it is necessary to store your IP address. This information is transferred to and stored on a Google server in the USA. The provider of this website has no control over this data transfer.

For more information on how Google handles user data, please refer to Google's privacy policy: https://www.google.de/intl/de/policies/privacy/.

8.2 Video offer of Empalis via the video portal Vimeo

We use the video portal Vimeo to provide videos for a restricted group of users. The provider is Vimeo Inc, 555 West 18th Street, New York, New York 10011, USA. When you call up a video via the hyperlink we provide, a connection is established to the Vimeo servers. In the process, the Vimeo server receives information about which of our pages you have visited. In addition, Vimeo collects your IP address, technical information about your browser type, your operating system or very basic device information. You decide yourself whether further information is stored by selecting the option in Vimeo's cookie policy, which you can access via the cookie notice. If you give your consent to the use of non-essential cookies here, Vimeo will store information about what actions (web activities) you perform on the website. These web activities include, for example, session duration, bounce rate or which button you clicked on the website with a built-in Vimeo function. These actions are analysed and stored by Vimeo using cookies and similar technologies. If you are logged in to Vimeo as a registered member, your actions on our website will be directly linked to your Vimeo account. To prevent this, you must log out of Vimeo before accessing our website. We use Vimeo in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 Para. 1 lit. f DSGVO. Insofar as a consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO; the consent can be revoked at any time. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://vimeo.com/privacy. Further information on the handling of user data is provided in Vimeo's privacy policy at: https://vimeo.com/privacy.

9. Involvement of service providers and transfer to third parties

Your data will be forwarded to the provision of this website and for the purposes mentioned above, if necessary, to our supporting technical service providers (e.g. website hosting, support, quality assurance or mailing service), which we have of course carefully selected and commissioned in writing.
These service providers are bound by our instructions and are regularly monitored by us.
Otherwise, the transfer of your data to other third parties is only as far as explicitly stated in this privacy policy or in case we are legally obliged to do so.

10. Data security

We also use technical and organizational security measures to protect personal data arising or collected, in particular against accidental or intentional manipulation, loss, destruction or against the attack of unauthorized persons. Our security measures are continuously improved in line with technological developments.
Your personal data is also encrypted using SSL / TLS technology to prevent access by unauthorized third parties.

11. Your rights as a victim

11.1 Right to information

You have the right, at any time upon request, to obtain information from us about your personal data concerning you in the scope of Art. 15 GDPR. You can submit an application by post or e-mail to the above address.

11.2 Right to correct incorrect data

You have the right to request immediate correction of personal data concerning you if it is incorrect. Please contact the above mentioned contact addresses.

11.3 Right to cancellation

You have the right to demand the deletion of your personal data under the conditions described in Art. 17 GDPR. Those conditions provide, inter alia, for a right of deletion where the personal data are no longer necessary for the purposes for which they were collected or otherwise processed, as well as in cases of unlawful processing, the existence of an opposition or the existence of an erasure obligation under Union law or the law of the Member State to which we are subject. To claim your right to cancel, please contact the above mentioned contact addresses.

11.4 Right to restriction of processing

You have the right to demand that we restrict processing in accordance with Art. 18 GDPR. This right applies in particular if the accuracy of the personal data between the user and us is controversial for the period of time required to verify correctness, and if the user requires limited processing for an existing right to delete instead of deletion; and in the event that the data is no longer required for our intended purposes, but the user requires it to assert, exercise or defend legal claims, and if the successful exercise of an objection between us and the user is still controversial. To exercise your right to restriction of processing, please contact the above contact addresses.

11.5 The right to data portability

You have the right to receive from us the personal data relating to you which you have provided to us in a structured, common, machine-readable format in accordance with Art. 20 GDPR. In order to assert your right to data portability, please contact the above mentioned contact addresses.

11.6 Right to object

You have the right at any time, for reasons arising out of your particular situation, against the processing of personal data relating to you, including but not limited to: based on Art. 6 para. 1 lit. e) or f) GDPR, to submit an objection pursuant to Art. 21 GDPR. We will cease the processing of your personal data unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or if the processing is for the purposes of asserting, exercising or defending legal claims.

11.7 Withdrawal

We would like to point out that you can revoke any data protection consent that we have been granted at any time with effect for the future. For this you should contact us informally by e-mail: dsb@empalis.de

11.8 Right to complain

You also have the right to contact the competent supervisory authority for complaints. The supervisory authority responsible for us is:
The State Commissioner for Data Protection and Freedom of Information
Lautenschlagerstraße 20
70173 Stuttgart

12. Changes to this Privacy Policy

We constantly keep this privacy policy up to date. Therefore, we reserve the right to change it from time to time and to make changes in the collection, processing or use of your data. The current version of the privacy policy is available at any time on our website at www.empalis.de/privacy-policy.

1. Subject of this Privacy Policy

We appreciate your interest in our website and our offers displayed on our websites.
The protection of your personal data (hereinafter referred to as "data") is a great and very important concern for us. In the following, we would like to inform you in detail in the following, which data was collected during your visit to our website and use of our local offers and how these are processed or used by us, as well as which accompanying protective measures we have additionally taken in technical and organizational terms.

2. Responsible body / service provider

Responsible body in the sense of the data protection right and at the same time service provider within the meaning of the Telemedia Act (TMG) is the Empalis Consulting GmbH, cf. our imprint.
If you have any questions or comments about this privacy policy or general data protection, please contact the following e-mail address: dsb@empalis.de

3. Contact details of the data protection officer

Lawyer Bettina Wengert
Feldbergstrasse 120
70569 Stuttgart
dsb@empalis.de

4. Collection and use of your data

The extent and nature of the collection and use of your data differs depending on whether you visit our website only to retrieve information or in order to use the services offered by us:

a) Informational use

For the purely informative use of our website, it is generally not necessary for you to provide personal data. Rather, in this case, we only collect and use data that your internet browser automatically transmits to us, such as:

  • date and time of retrieval of one of our websites
  • your browser type
  • the browser settings
  • the operating system used
  • the page you visited last
  • the transferred amount of data and the access status (file transfer, file not found etc.)
  • the loading times of our website as well
  • Your IP address

We collect and use this data during an informative visit exclusively in non-personal form. This is done in order to enable the use of the websites you have retrieved for statistical purposes and to improve our internet presence.
The IP address is only stored for the duration of your visit, a personal evaluation does not take place.

The collection of this data is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free and optimal presentation of his website - for this purpose, the server log files must be recorded.

b) Contact form

If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provided there, will be stored in order to process the request and in case of follow-up questions. We will not share
this information without your consent.
The processing of the data entered into the contact form takes place exclusively on the basis of your consent (Art. 6 (1) lit. GDPR). You can revoke this consent at any time. An informal message by e-mail to us is sufficient.
The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
The information you provide in the contact form will remain with us until you ask us to delete it, revoke your consent to storage, or delete the purpose for data storage (for example, after your request has been processed). Mandatory legal provisions - especially retention periods - remain unaffected.

c) Newsletter data

If you would like to receive the newsletter offered on the website, we need an e-mail address from you which allows us to verify that you are the owner of the given e-mail address and that you agree to receive the newsletter. Further data is not collected. We use this data exclusively for the delivery of the requested information and do not pass it on to third parties. The processing of the data entered into the newsletter registration form takes place exclusively on the basis of your consent (Article 6 (1) a GDPR). You may revoke your consent to the storage of data, the e-mail address and its use for sending the newsletter at any time, for example, via the opt-out link contained in each newsletter. The legality of the already completed data processing operations remains unaffected by the revocation. The data deposited with us for the purpose of obtaining the newsletter will be stored by us from the newsletter until your cancellation and will be deleted after cancellation of the newsletter. Data that has been stored for other purposes with us (such as e-mail addresses for business communication) remain unaffected.

d) Participation in surveys

We conduct surveys ourselves or with the help of selected processors to continually improve and evaluate our offers. You will receive an invitation to these surveys by e-mail. The survey is carried out by clicking on the link provided in the invitation. The survey is conducted with the help of Microsoft Forms, a service of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA. The survey collects, among other things, the following personal data:

Information provided voluntarily by survey participants.

The survey consciously refrains from collecting personal data or only does so when respondents voluntarily provide personal data via free-text questions. We therefore explicitly ask respondents to refrain from providing personal data in free-text questions. However, we cannot rule out the possibility that in individual cases, apart from the data collected in the survey, other personal data may be transferred to MICROSOFT and then processed there, which we have not commissioned to process, such as the IP address and location data of the survey participant. The Microsoft Corporation was previously effectively certified under the EU-US Privacy Shield ( ECJ, 16.7.2020 - C-311/18). The data transfer with MICROSOFT is further based on the Standard Contractual Clauses (SCC). More information on Microsoft Forms is available on https://support.office.com/de-de/forms and further information on the processing of personal data by Microsoft is available here: https://privacy.microsoft.com/de-DE/privacystatement. Participation in the survey is voluntary. The processing of this data is exclusively based on your consent (Art. 6 para. 1 lit. a DSGVO). You can withdraw this consent at any time. For this purpose, an informal communication by e-mail to us is sufficient. The legitimacy of the data processing procedures carried out until revocation remains unaffected by the revocation. The information you provide in the survey will be used only for the purpose stated therein and deleted as soon as we no longer need it for this purpose.

e) Participation in online events

If you register for our online events via a booking form, you will be redirected from our website to the ticket booking and registration platform Eventbrite. On behalf of the event organiser Empalis, Eventbrite collects and uses personal data in order to provide the ticketing service. This involves the data entered by you in the input mask, i.e. in particular your contact and, if applicable, billing data. For more information on this, please see the privacy policy of the provider Eventbrite. Provider of the booking platform is Eventbrite. Eventbrite Inc. is a corporation incorporated in accordance with the laws of the State of Delaware, USA, with its principal place of business at 155 5th Street, Floor 7, San Francisco, CA 94103, Reg. No. 4742147, USA ("Eventbrite", "we", "us", etc.). For users located in the European Economic Area ("EEA") or Switzerland, Eventbrite Inc. acts as the Data Controller with respect to personal data collected via the services. Eventbrite's representative for the purposes of European data protection legislation is Eventbrite NL BV, located at Silodam 402, 1013AW, Amsterdam, The Netherlands. When booking through Eventbrite to attend our virtual events, Eventbrite will send attendees an automated response email as part of the registration process. For events without this booking process, please refer to the invitation for registration options. In all cases, you will receive an access link to a video conferencing tool, currently either Zoom or Microsoft Teams.

You will be redirected to the online conference provider ZOOM via this link. The data you provide when registering and during the virtual event will be collected and stored for this purpose and, insofar as you use the chat, query or survey functions during the event, it will also be displayed or shown during the event. For further information on the use of Zoom's services, please refer to the provider's privacy policy: https://zoom.us/de-de/privacy.html. The provider of these services is Zoom Video Communications, Inc, 55 Almaden Blvd, Suite 600, San Jose, CA 95113, USA.

Access link to Microsoft Teams:

You can access this link via a browser application or, if you have installed Teams yourself, in your app. The data you provide when registering and during the virtual event will be collected and processed for these purposes. Insofar as you use the chat, query or survey functions during the event, this data will also be displayed or shown during the event. For more information on the use of Microsoft Teams services, please refer to the provider's privacy policy: https://privacy.microsoft.com/de-de/privacystatement. The provider of these services is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. For detailed data protection information for online meetings in "Teams", please click here.

f) Contract initiation and implementation

Insofar as you wish to make use of the services offered by us on our website, it is necessary for you to provide additional data. It is the data that is required for the respective transaction, e.g. your contact details when sending an offer.
The collection or use of your data is for the purpose of providing the service you want, for example, to fulfil an order or to send you the desired offer. We collect, process and use personal data only insofar as they are necessary for the establishment, content or modification of the legal relationship (inventory data). This is done on the basis of Art. 6 para. 1 lit. b GDPR, which allows the processing of data for the performance of a contract or precontractual measures. We only collect, process and use personal data when using our Internet pages (user data) so far as this is necessary in order to enable or charge the user for the use of the service. The collected customer data will be deleted after completion of the order or termination of the business relationship, but not before expiry of the legal retention periods (usually 10 years).
We only transfer personal data to third parties if this is necessary in the context of contract execution; for example, to the bank responsible for payment processing. A further transmission of the data does not take place or only if you have expressly consented to the transmission. A transfer of your data to third parties without explicit consent, such as for advertising purposes, does not occur. The basis for data processing is Art. 6 para. 1 lit. b GDPR, which allows the processing of data for the performance of a contract or precontractual measures.

g) Applications

In the following, we inform you about the scope, purpose and use of personal data collected and submitted by you within the framework of an application. We assure that the collection, processing and use of your data will be in accordance with applicable data protection law and all other legal provisions and will be kept strictly confidential. As part of your application, we will in particular record first and last name, contact information (cell phone number and / or e-mail), address, curriculum vitae and relevant certificates / training certificates as well as other information on qualification or work experience. The data collection takes place by sending us the data and your application. These personal data are used exclusively for the processing and execution of your application process. Your personal data will only be passed on within our company to persons who are involved in the processing of your application. In addition, your personal data will not be passed on to third parties unless you have given us explicit consent.
At the same time, by submitting these data, you consent to the described use of your data (Art. 6 (1) (a) GDPR). You can revoke this consent at any time for the future. You have the right at any time to request information about your data stored with us. If the application is successful, the data you submit will be stored in our data processing systems for the purpose of carrying out the employment relationship.

If we cannot offer you a job offer, if you reject a job offer or withdraw your application, we reserve the right to keep the data provided by you up to 6 months from the end of the application process (rejection or withdrawal of the application). Afterwards the data will be deleted and the physical application documents will be destroyed. The storage serves in particular proof in case of a legal dispute. If it becomes apparent that the data will be required after the expiration of the six-month period (for example, due to a pending or upcoming legal dispute), the cancellation will not take place until the data become obsolete. Other statutory storage obligations remain unaffected.

5. Use of cookies

Our websites use so-called cookies. Cookies do not harm your computer and do not contain viruses. Cookies are used to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and stored by your browser.
You can set your browser so that you are informed about the setting of cookies and decide on a case-by-case basis whether to accept them or decide to exclude the acceptance of cookies in certain cases or generally and activate the automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website.
Cookies that are required to carry out the electronic communication process are based on Art. 6 para. 1 lit. f GDPR saved. The website operator has a legitimate interest in the storage of cookies for the technically correct and optimal provision of its services. If other cookies (such as cookies for analyzing your browsing behavior) are stored, they will be treated separately in this privacy policy.

On our websites we use the following cookies:

  • borlabs-cookie saves the settings of the visitors selected in the cookie box of Borlabs Cookie. The storage period lasts for one year.
  • _icl_*, wpml_*, wp-wpml_*, stores the current language. The storage period is one day.

These cookies serve users who have user access to our website in order to facilitate their browsing:

  • wordpress_[hash] saves login details.
  • wordpress_logged_in_[hash] saves the user's username and displays that the user is logged in.
  • wp-settings-{time}-[UID] saves the individual user settings (e.g. page views) saves the individual user settings (e.g. page settings).
  • wordpress_test_cookie verifies whether the browser settings enable cookies to be set. 

The duration of storage lasts one month.

6. Website analysis

 

6.1 Matomo (formerly Piwik)

This website uses the open source web analytics service Matomo. Matomo uses so-called "cookies". These are text files that are stored on your computer and that allow an analysis of the use of the website by you. For this purpose, the information generated by the cookie about the use of this website is stored on our server. The IP address is anonymized before saving.

Matomo cookies remain on your device until you delete them.

Matomo cookies are stored on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the anonymized analysis of user behavior in order to optimize both its website and its advertising.

The information generated by the cookie about the use of this website will not be disclosed to third parties. You can prevent the storage of cookies by a corresponding setting of your browser software; however, we point out that in this case you may not be able to use all the functions of this website in full.

If you do not agree with the storage and use of your data, you can disable the storage and use here. In this case, an opt-out cookie is deposited in your browser that prevents Matomo from saving usage data. Deleting your cookies will result in deletion of the Matomo opt-out cookie as well. The opt-out must be reactivated when visiting our site again.

It is possible for you to prevent actions you take here from being analysed and linked. This will protect your privacy, but will also prevent the owner from learning from your actions and improving usability for you and other users.

Your visit to this website is currently collected by Matomo web analytics. Deselect checkbox to opt-out.

6.2 LeadsForensics

For marketing and optimisation purposes, this website uses products and services from Lead Forensics (Communication House, 26 York Street, London, W1U 6PZ United Kingdom). Lead Forensics tracks the actual progress of a visit to this website, including all sub-pages visited and viewed, and how much time a visitor has spent on each page. Insofar as IP addresses are collected by Lead Forensics, these are filtered immediately after collection to determine whether they belong to a company. IP addresses that cannot be assigned are anonymised immediately, according to Lead Forensics. On behalf of the operator of this website, Lead Forensics will exclusively use the information collected on the basis of company IP addresses for the purpose of evaluating the visit of the website by companies, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. This includes, amongst other things, the matching of the company IP address with Lead Forensics' own data files. After this comparison, we receive the information from Lead Forensics that could be assigned to the IP address in question (e.g. company name, contact details of the company, information on function holders, if applicable).
 
Further information on data protection at Lead Forensics can be found at https://www.leadforensics.com/privacy-andcookies/.
 
Insofar as we process personal data when using the services of Lead Forensics, we do so on the basis of your consent. The legal basis is the protection of legitimate interests pursuant to Art. 6 (1) (a) DSGVO. You can revoke this consent at any time with effect for the future by clicking on the following link: https://optout.leadforensics.com/?clientID=166100. We will then no longer store any additional data. The transfer of personal data to the UK is based on the EU adequacy decision of 28.06.2021
 

7. Social Media Pages

We currently do not use social media plugins. The social media buttons used on our website lead via a link to our respective social media pages. For these, in addition to our privacy policy, the privacy policy of the respective provider applies.

7.1 LinkedIn

When you visit our LinkedIn page, we connect to LinkedIn servers. LinkedIn is informed that you have visited our pages with your IP address. If you're logged in to LinkedIn, LinkedIn will be able to associate your visit with you and your user account. We point out that we as the provider of the pages have no knowledge of the content of the transmitted data and their use by LinkedIn.
For more information, see the LinkedIn privacy statement at: https://www.linkedin.com/legal/privacy-policy
Providers of this service are LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, United States.

7.2 Twitter

By using Twitter and the "Re-Tweet" feature, the web pages you visit will be linked to your Twitter account and shared with other users. This data is also transmitted to Twitter. We point out that we as the provider of our pages do not receive knowledge of the content of the transmitted data and their use by Twitter. For more information, see the privacy policy of Twitter at: http://twitter.com/privacy.
You can change your privacy settings on Twitter in the Account Settings at http://twitter.com/account/settings.
Provider of these services is Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, United States.

7.3 Instagram

When you visit our Instagram page, you will be connected to Instagram servers. Instagram is informed that you have visited our pages with your IP address. If you are logged in to Instagram, Instagram will be able to associate your visit with you and your user account. We point out that we as the provider of the pages have no knowledge of the content of the transmitted data and their use by Instagram.
For more information, see the Instagram Privacy Policy: http://instagram.com/about/legal/privacy/
Provider of the service is Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA.

7.4 XING / kununu

When you visit our pages of the network XING or the employer rating platform kununu, a connection is established to servers of XING SE. XING SE will be informed that you have visited our pages with your IP address. If you are logged into your account with a service of XING SE, it is possible for XING SE to assign your visit to you and your user account. We point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data and their use by XING SE.
Provider of these services is XING SE, Dammtorstraße 30, 20354 Hamburg, Germany.
Further information on data protection can be found in the data protection declaration of XING under: https://privacy.xing.com/de/datenschutzerklaerung

7.5 YouTube

On our website we offer links to videos on YouTube.

When you click on the button to load and play the YouTube video, a connection to YouTube servers is established. The legal basis is your consent in accordance with Art. 6 Para. 1 a) DSGVO. YouTube is notified that you have visited our pages with your IP address. If you are logged in to your YouTube account, it is possible for YouTube to associate your visit with you and your user account. We would like to point out that we, as the provider of our website, have no control over the content of the transferred data or its use by YouTube.

For more information, please see YouTube's privacy policy: https://www.google.de/intl/de/policies/privacy. The provider of the service is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA, a subsidiary of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

8. Use of third-party tools

8.1 Google Maps

This website offers you a direct link to the Google Maps service. The provider is Google Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. If you call up the map service by clicking the button, you will be directed from our website to Google. When using the functions on the Google Maps website, it is necessary to store your IP address. This information is transferred to and stored on a Google server in the USA. The provider of this website has no control over this data transfer.

For more information on how Google handles user data, please refer to Google's privacy policy: https://www.google.de/intl/de/policies/privacy/.

8.2 Video offer of Empalis via the video portal Vimeo

We use the video portal Vimeo to provide videos for a restricted group of users. The provider is Vimeo Inc, 555 West 18th Street, New York, New York 10011, USA. When you call up a video via the hyperlink we provide, a connection is established to the Vimeo servers. In the process, the Vimeo server receives information about which of our pages you have visited. In addition, Vimeo collects your IP address, technical information about your browser type, your operating system or very basic device information. You decide yourself whether further information is stored by selecting the option in Vimeo's cookie policy, which you can access via the cookie notice. If you give your consent to the use of non-essential cookies here, Vimeo will store information about what actions (web activities) you perform on the website. These web activities include, for example, session duration, bounce rate or which button you clicked on the website with a built-in Vimeo function. These actions are analysed and stored by Vimeo using cookies and similar technologies. If you are logged in to Vimeo as a registered member, your actions on our website will be directly linked to your Vimeo account. To prevent this, you must log out of Vimeo before accessing our website. We use Vimeo in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 Para. 1 lit. f DSGVO. Insofar as a consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO; the consent can be revoked at any time. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://vimeo.com/privacy. Further information on the handling of user data is provided in Vimeo's privacy policy at: https://vimeo.com/privacy.

9. Involvement of service providers and transfer to third parties

Your data will be forwarded to the provision of this website and for the purposes mentioned above, if necessary, to our supporting technical service providers (e.g. website hosting, support, quality assurance or mailing service), which we have of course carefully selected and commissioned in writing.
These service providers are bound by our instructions and are regularly monitored by us.
Otherwise, the transfer of your data to other third parties is only as far as explicitly stated in this privacy policy or in case we are legally obliged to do so.

10. Data security

We also use technical and organizational security measures to protect personal data arising or collected, in particular against accidental or intentional manipulation, loss, destruction or against the attack of unauthorized persons. Our security measures are continuously improved in line with technological developments.
Your personal data is also encrypted using SSL / TLS technology to prevent access by unauthorized third parties.

11. Your rights as a victim

11.1 Right to information

You have the right, at any time upon request, to obtain information from us about your personal data concerning you in the scope of Art. 15 GDPR. You can submit an application by post or e-mail to the above address.

11.2 Right to correct incorrect data

You have the right to request immediate correction of personal data concerning you if it is incorrect. Please contact the above mentioned contact addresses.

11.3 Right to cancellation

You have the right to demand the deletion of your personal data under the conditions described in Art. 17 GDPR. Those conditions provide, inter alia, for a right of deletion where the personal data are no longer necessary for the purposes for which they were collected or otherwise processed, as well as in cases of unlawful processing, the existence of an opposition or the existence of an erasure obligation under Union law or the law of the Member State to which we are subject. To claim your right to cancel, please contact the above mentioned contact addresses.

11.4 Right to restriction of processing

You have the right to demand that we restrict processing in accordance with Art. 18 GDPR. This right applies in particular if the accuracy of the personal data between the user and us is controversial for the period of time required to verify correctness, and if the user requires limited processing for an existing right to delete instead of deletion; and in the event that the data is no longer required for our intended purposes, but the user requires it to assert, exercise or defend legal claims, and if the successful exercise of an objection between us and the user is still controversial. To exercise your right to restriction of processing, please contact the above contact addresses.

11.5 The right to data portability

You have the right to receive from us the personal data relating to you which you have provided to us in a structured, common, machine-readable format in accordance with Art. 20 GDPR. In order to assert your right to data portability, please contact the above mentioned contact addresses.

11.6 Right to object

You have the right at any time, for reasons arising out of your particular situation, against the processing of personal data relating to you, including but not limited to: based on Art. 6 para. 1 lit. e) or f) GDPR, to submit an objection pursuant to Art. 21 GDPR. We will cease the processing of your personal data unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or if the processing is for the purposes of asserting, exercising or defending legal claims.

11.7 Withdrawal

We would like to point out that you can revoke any data protection consent that we have been granted at any time with effect for the future. For this you should contact us informally by e-mail: dsb@empalis.de

11.8 Right to complain

You also have the right to contact the competent supervisory authority for complaints. The supervisory authority responsible for us is:
The State Commissioner for Data Protection and Freedom of Information
Lautenschlagerstraße 20
70173 Stuttgart

12. Changes to this Privacy Policy

We constantly keep this privacy policy up to date. Therefore, we reserve the right to change it from time to time and to make changes in the collection, processing or use of your data. The current version of the privacy policy is available at any time on our website at www.empalis.de/privacy-policy.