Data protection

A. PRIVACY POLICY

We take the protection of the personal data of visitors to our website very seriously and act in accordance with the rules of data protection laws (Data Protection Regulation VO EU 2016/679, DSGVO, Federal Data Protection Act, BDSG as well as the Telemedia Act, TMG). Personal data will only be collected and processed on this website to the extent technically necessary and in accordance with this privacy policy.

In no case the collected data will be sold or given to third parties for any other reason. We undertake to protect the privacy of visitors to our website and to treat their data confidentially.

Diese Datenschutzerklärung gilt für die Nutzung der Internetseite unter der Adresse www.intenture-group.com.
‍

1. THE CONTROLLER AND ITS DATA PROTECTION OFFICER

The responsible person in the sense of the DSGVO and other national data protection laws of the member states as well as other data protection regulations is:

INTENTURE Group GmbH

- Datenschutzbeauftragter -

Kesselstraße 3

40221 Düsseldorf

E-Mail: datenschutz@intenture-group.de
‍

2. DEFINITIONS

In order to make this privacy statement as readable and understandable as possible, the most important terms used shall be explained in advance:

a. personal data

Personal data is any information relating to an identified or identifiable natural person (hereinafter "data subject").

An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

b. Person concerned

Data subject is any identified or identifiable natural person whose personal data are processed by the controller.

c. Processing

Processing means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

d. Restriction of processing

Restriction of processing is the marking of stored personal data with the aim of limiting their future processing.

e. Profiling

Profiling is any type of automated processing of personal data that consists of using such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects relating to that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or change of location.

f. Pseudonymization

Pseudonymization is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separate and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

g. Controller or person responsible for the processing

The controller or controller is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided for under Union or Member State law.

h. Processor

Processor means a natural or legal person, public authority, agency or other body that processes personal data on behalf of the Controller.

i. Receiver

A recipient is a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not a third party. However, authorities that may receive personal data in the context of a specific investigation mandate under Union or Member State law are not considered recipients.

j. Third party

Third party means any natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons who are authorized to process the personal data under the direct responsibility of the controller or the processor.

k. Consent

Consent shall mean any freely given indication of the data subject's wishes for a specific case in an informed and unambiguous manner in the form of a declaration or other unambiguous affirmative act by which the data subject indicates that he or she consents to the processing of personal data relating to him or her.

3. VISIT TO OUR WEBSITE AND CREATION OF LOG FILES

Description and scope of data processing: Our website collects a series of general data and information each time a data subject or automated system accesses the website.

This general data and information is stored in the log files of the server. The following can be recorded

- browser types and versions used,

- the operating system used by the accessing system,

- the website from which an accessing system arrives at our website (so-called referrer),

- the sub-websites that are accessed via an accessing system on our website,

- the date and time of an access to the website,

- an Internet Protocol (IP) address,

- the Internet service provider of the accessing system and

- other similar data and information that serve to avert danger in the event of attacks on our information technology systems.

The collection of data for the provision of the website and the storage of the data in so-called log files is absolutely necessary for the operation of the website.

Legal basis for data processing: The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f DSGVO.

Purpose of data processing: When using these general data and information, we do not draw any conclusions about the data subject. Rather, this information is needed to deliver the content of this website correctly, to optimize the content of this website and the advertising for it (if applicable), to ensure the long-term functionality of these information technology systems and the technology of this website, and to provide law enforcement authorities with the information necessary for prosecution in the event of a cyber attack. Therefore, the data and information collected anonymously will be used for statistical purposes only and for the purpose of increasing the data protection and data security of our enterprise so as to ensure an optimal level of protection for the personal data we process. These purposes are also our legitimate interest according to Art. 6 para. 1 lit. f DSGVO.

The anonymous data of the server log files are stored separately from any personal data provided by a data subject.

Storage period: The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected, unless contractual or legal obligations prevent deletion.

4. COOKIES

Description and scope of data processing: Our website uses cookies. Cookies are text files that are placed and stored on a computer system via an Internet browser.

Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters by which Internet pages and servers can be assigned to the specific Internet browser in which the cookie was stored. This enables the websites and servers visited to distinguish the individual browser of the person concerned from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified via the unique cookie ID.

Cookies do not harm your computer and do not contain viruses.

Browsers allow you to block and delete cookies. The following links show you how to adjust the settings in the following popular browsers:

- Chrome: https://support.google.com/chrome/answer/95647?hl=de

- Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen

- Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies -

- Safari: https://support.apple.com/de-de/guide/safari/sfri11471/mac

Blocking cookies may impair the functionality of this website.

In order to obtain and document your consent to the use of technically unnecessary cookies, e.g. to analyze your user behavior, we use the consent management service of Borlabs GmbH (Rübenkamp 32, 22305 Hamburg; "Borlabs"). When you visit our website, a consent cookie is stored locally in your browser's cache (so-called "local storage"), in which the consents you have given or refused, or the revocation of these consents, are stored. The following data is processed by Borlabs:

-Information about the device you are using

-Information about the browser you are using

-IP address in anonymized form

-opt-in and opt-out; and

-Date and time of the declarations.

Borlabs' privacy notice can be found at https://de.borlabs.io/datenschutz/.

Legal basis for data processing: If personal data is processed using technically necessary cookies, the legal basis is Art. 6 (1) lit. f DSGVO.

The use of cookies, which are not absolutely technically necessary, constitutes data processing that is only permitted with your explicit and active consent. The legal basis is then Art. 6 para. 1 lit. a DSGVO. This applies in particular to the use of advertising, targeting or sharing cookies. In addition, we will only share your personal data processed through cookies with third parties if you have given your express consent to do so in accordance with Art. 6 (1) (a) DSGVO.

Purpose of data processing: Through the use of cookies, we can provide the users of our website with more user-friendly services that would not be possible without the cookie setting.

By means of a cookie, the information and offers on our website can be optimized in the sense of the user. Cookies allow us to recognize the users of our website. The purpose of this recognition is to make it easier for users to use our website. For example, the visitor to a website using Coo-kies does not have to re-enter his or her access data each time he or she visits the website, because this is done by the website and the cookie stored on the user's computer system.

We use the following cookies on our website:

Name Function

borlabs Cookie Consent Manager (technically necessary)

1P_JAR Ad placement or retargeting

CONSENT Storage of cookie settings

NID Provision of advertising or retargeting, storage of user preferences.

The data subject can prevent the setting of cookies by our website at any time by means of an appropriate setting of the Internet browser used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programs. This is possible in all common Internet browsers. If the data subject deactivates the setting of cookies in the Internet browser used, not all functions of this website may be fully usable.

Duration of storage: Cookies are stored on the user's computer and transmitted from it to our website. The described technically necessary Coo-kies are usually deleted when your browser session expires. In addition, you can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been stored can be deleted at any time. This can also be done automatically.

5. DATA PROCESSING BY THIRD-PARTY PROVIDERS

Google Tag Manager

We use the service called Google Tag Manager from Google. "Google" is a group of companies and consists of Google Ireland Ltd. (provider of the service), Gor-don House, Barrow Street, Dublin 4, Ireland and Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA and other affiliated companies of Google LLC.

We have concluded an order processing agreement with Google. The Google Tag Manager is an auxiliary service and processes personal data itself only for technically necessary purposes. The Google Tag Manager takes care of loading other components, which in turn may collect data. The Google Tag Manager does not access this data. For more information on the Google Tag Manager, please refer to Google's privacy policy (https://policies.google.com/privacy?hl=de).

Please note that American authorities, such as intelligence agencies, could potentially gain access to personal data that is inevitably exchanged with Google due to the Internet Protocol (TCP) when this service is integrated, due to American laws such as the Cloud Act.

Facebook Fanpage

We operate one or more corporate websites ("fan pages") on the professional social media network Facebook, in particular for self-presentation, branding, but also for the purpose of customer communication and recruiting.

According to the ruling of the European Court of Justice (ECJ) of 05.06.2018, Ref. C-210/16, the operator of social media sites is at least jointly responsible for data processing on Facebook fanpages within the meaning of Art. 26 DSGVO. We have concluded a joint responsibility agreement with Facebook.

We only process your data - apart from any further procedures below - if you contact us via the platform. In this case, Facebook collects your data and makes it available to us. In this case, we may also store and further process the data. The processing of your personal data in the event of an inquiry or application is governed by sections 6 and 7 of this privacy policy.

The legal basis for the processing of personal data is, depending on the case constellation, the processing for the initiation and execution of a contract with you according to Art. 6 para. 1 lit. b) DSGVO or on the basis of our legitimate interest in communicating with users and our external presentation for the purpose of advertising according to Art. 6 para. 1 lit. f) DSGVO. If you have given your consent to the social network provider for the aforementioned data processing with effect for us, the legal basis is Art. 6 (1) a) DSGVO.

We would like to point out that for any further processing on our fan pages, the privacy policy of Facebook Inc. (1601 S. California Ave, Palo Alto, CA 94304, USA) or Facebook Ireland Ltd. (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) is applicable. Data transfers to third countries are based on the use of standard contractual clauses according to the European Commission: https://de-de.facebook.com/help/566994660333381.

You can find more detailed information on data processing by Facebook and the corresponding objection options at https://www.facebook.com/about/privacy/ and at https://www.facebook.com/legal/terms/dataprocessing. Facebook is the provider of this service and is solely authorized to provide complete information on data processing on Facebook.

We would like to point out that the assertion of data subject rights and requests for information are best directed to Facebook. Only Facebook has access to your data and can take immediate action to delete or restrict the data, etc., or to provide information. Of course, we will support you in asserting your rights if necessary.

Opt-out options can be found at: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com.

Instagram Channel

We maintain one or more presences on the social network Instagram in order to communicate with users registered there and to provide information about our company as well as products and services.

We process your data that you send us via these networks to communicate with you and to reply to your messages there. We have concluded a shared responsibility agreement with Instagram in accordance with Art. 26 DSGVO. In this context, storage and further processing by us may also take place. The processing of your personal data in the event of an inquiry or application is governed by sections 6 and 7 of this privacy policy.

The legal basis for the processing of personal data is our legitimate interest in communicating with users and our external presentation for the purpose of advertising in accordance with Art. 6 (1) lit. f DS-GVO. If you have given consent to the provider of the social network to the aforementioned data processing with effect for us, the legal basis is Art. 6 para. 1 lit. a DSGVO.

For any processing beyond this, we point out that the privacy policy of Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA applies on our company page. The transfer of data to third countries is based on the use of standard contractual clauses in accordance with the European Commission. For more information, the purpose and scope of the data collection and the further processing and use of the data by Instagram, as well as your rights in this regard and settings options for protecting your privacy, please refer to the Instagram privacy policy: http://instagram.com/about/legal/privacy/ or https://help.instagram.com/155833707900388/.

XING

We operate one or more corporate websites on the professional social media network XING, in particular for self-presentation, but also for recruiting.

We only process your data if you contact our HR department via the XING platform or apply for an advertised position via XING. In this case, XING collects your data and makes it available to us.

Under certain circumstances, we may also store and further process your personal data. The processing of your personal data in the event of an inquiry or application is governed by sections 6 and 7 of this privacy policy.

The legal basis for the processing of personal data is, depending on the case, the processing for the initiation and execution of a contract with you pursuant to Art. 6 para. 1 lit. b DSGVO or on the basis of our legitimate interest in communication with users and our external presentation for the purpose of advertising pursuant to Art. 6 para. 1 lit. f DSGVO. If you have given your consent to the aforementioned data processing to the provider of the social network with effect for us, the legal basis is Art. 6 para. 1 lit. a DSGVO.

We would like to point out that the privacy policy of XING SE, Dammtorstraße 30, DE-20354 Hamburg, Germany, Tel.: +49 40 419 131-0 , Fax: +49 40 419 131-11, E-Mail: in-fo@xing.com, is applicable for any further processing on our XING company website. Further information on the processing of personal data by XING can be found here: https://privacy.xing.com/de/datenschutzerklaerung.

LinkedIn

We operate one or more company websites on the professional social media network LinkedIn, in particular for self-presentation, but also for recruiting.

We only process your data if you contact our HR department via the LinkedIn platform or apply for an advertised position via LinkedIn for these very purposes. In this case, LinkedIn collects your data and makes it available to us. We have concluded a joint responsibility agreement with LinkedIn in accordance with Art. 26 DSGVO.

The legal basis for the processing of personal data is, depending on the case constellation, the processing for the initiation and execution of a contract with you pursuant to Art. 6 para. 1 lit. b DSGVO or on the basis of our legitimate interest in communication with users and our external presentation for the purpose of advertising pursuant to Art. 6 para. 1 lit. f DSGVO. If you have given your consent to the provider of the social network to the aforementioned data processing with effect for us, the legal basis is Art. 6 para. 1 lit. a DSGVO.

The processing of your personal data in the event of an inquiry or application is governed by Sections 6 and 7 of this Privacy Policy.

For any further processing, please note that the privacy policy of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (hereinafter: LinkedIn) applies to our LinkedIn company page. The transfer of data to third countries is based on the use of standard contractual clauses in accordance with the European Commission. Further information on the processing of personal data by LinkedIn can be found at https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy.

With the ECJ ruling of July 16, 2020 (C-311/18), the (partial) adequacy decision for the USA, the so-called Privacy Shield, was declared null and void. We would like to point out once again that the USA does not offer a level of data protection comparable to that in the EU. If personal data is transferred to the U.S., there is a risk that U.S. authorities may gain access to personal data. EU citizens have no effective legal protection against such access in the USA or the EU. We therefore recommend that you contact us directly via our contact form or by e-mail.

6. CONTACT BY MAIL OR CONTACT FORM

Description and scope of data processing: When contacting us by e-mail, the data provided by the user will be stored by us. The data is stored and used exclusively for the purpose of responding to the request or for the associated technical processing.

On our website we offer the possibility to contact us via a contact form. Necessary information in this respect are first and last name as well as e-mail address. Here, the same applies with regard to data processing as when contacting us by e-mail.

All other information is voluntary. It is the free decision of the user, which data he would like to communicate in this respect. The e-mail address is provided in particular in order to be able to assign the request and respond to the user.

Legal basis for data processing: The legal basis for the processing of data in both variants is Art. 6 (1) lit. f DSGVO and Art. 6 (1) lit. a DSGVO. If the contact is made for the purpose of concluding a contract or leads to the conclusion of a contract, another legal basis is Art. 6 (1) (b) DSGVO.

Purpose of data processing: The processing of your personal data serves to handle your contact request.

Duration of storage: The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected, unless contractual or legal obligations prevent deletion. For data sent by e-mail, this is the case when the respective conversation with you has ended, unless contractual or legal obligations prevent deletion. The conversation is ended when the circumstances indicate that the matter in question has been conclusively clarified.

7. INFORMATION ON THE USE OF APPLICANT DATA

Description and scope of data processing: We collect the following data from our applicants:

- Salutation, first name, last name,

- Address

- Email address

- Telephone number (landline and/or mobile number)

- Personal and educational background, academic career and previous professional positions, if any; annual salary; certificates, degrees or diplomas; proof of any qualifications required by law.

This data is used to introduce the applicant to potential employers and/or to create or revise application documents. The first contact with a potential employer is always anonymized. Only if the potential employer signals interest and the applicant agrees to the transfer of his data to the potential employer, the application documents will be sent to him.

„Sollte der Bewerber uns Daten zu seiner ethnischen Herkunft, Parteizugehörigkeit, Religion oder anderen Informationen übermitteln, werden diese Daten von uns grundsätzlich nicht gespeichert. Insbesondere werden alle Daten, die nicht zwingend notwendig für eine Bewerbung sind und die im Rahmen einer Bewerbung möglicherweise sogar gegen die Regelungen des Allgemeinen Gleichbehandlungsgesetzes verstoßen, nicht gespeichert oder verarbeitet. Personenbezogene Daten besonderer Kategorien, wie bspw. eine körperliche Einschränkung, verarbeiten wir im Rahmen der Vermittlung eines Arbeitsverhältnisses ausschließlich dann, wenn dies zwingend für die Auswahl der jeweiligen Position erforderlich ist.

Rechtsgrundlage für die Verarbeitung: Rechtsgrundlage für diese Datenverarbeitung ist Art. 6 Abs. 1 lit. a und b DSGVO und sofern einschlägig Art. 9 Abs. 2 lit. a DSGVO.“

Purpose of data processing: The purpose of processing your personal data is to contact you and to arrange an employment relationship between an applicant and one of our customers.

Duration of storage: We process and store applicant data only for the period of time required to achieve the storage purpose or insofar as this has been provided for by the European Directive and Regulation or another legislator in laws or regulations to which the controller is subject. If the storage purpose ceases to apply or if a storage period prescribed by the European Directive and Regulation Maker or another competent legislator expires, the personal data will be routinely blocked or deleted in accordance with the statutory provisions.

8. automated decision making including profiling

No automated decision making or profiling takes place.

9. RIGHTS OF THE DATA SUBJECTS

The GDPR gives rise to the following rights for visitors to our website and applicants whose personal data is processed by us:

a. the right to information as to whether and which data concerning the user are processed by us. In particular, the user may request information about the processing purposes, the categories of personal data, the categories of recipients to whom the data have been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of the data if it was not collected by us, about a transfer to third countries or international organizations and about the existence of automated decision-making, including profiling and, if applicable, meaningful information about its details.

b. the right to rectification or deletion: The user may immediately request the rectification of inaccurate or the completion of personal data stored by us. The user may request the deletion of personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims.

c. the right to restriction of processing: The user can demand the restriction of the processing of his personal data, insofar as the correctness of the data is disputed by him, the processing is unlawful, we no longer need the data and he refuses their deletion because he needs them for the assertion, exercise or defense of legal claims.

d. the right to data portability: the user may receive his personal data that he has provided to us in a structured, common and machine-readable format or he may request that it be transferred to another controller.

e. Right of objection: The user has the right to object at any time to the processing of personal data relating to him that is carried out on the basis of Art. 6 (1) f DS-GVO for reasons arising from his particular situation.

If personal data relating to him/her are processed for the purpose of direct marketing, he/she has the right to object at any time to the processing of personal data relating to him/her for the purpose of such marketing.

f. Right of revocation: The user has the right to revoke at any time any consent given by him for the processing of his personal data. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation. The revocation must be sent to info@intenture-group.de or by post using the address given above.

9. DATA SECURITY AND SECURITY MEASUREMENTS

We are committed to protecting the privacy of the users of our website and to treating your personal data confidentially. In order to prevent manipulation, loss or misuse of your data stored with us, we take extensive technical and organizational security precautions, which are regularly reviewed and adapted to technological progress. However, we would like to point out that, due to the structure of the Internet, it is possible that the rules of data protection and the above-mentioned security measures are not observed by other persons or institutions outside our sphere of responsibility. In particular, data disclosed in unencrypted form - e.g. if this is done by e-mail - can be read by third parties. We have no technical influence on this. It is the user's responsibility to protect the data he or she provides against misuse by encrypting it or in some other way.

10. CHANGES TO OUR PRIVACY POLICY

We reserve the right to adapt this data protection declaration so that it always complies with the current legal requirements or to implement changes to our services in the data protection declaration, e.g. when introducing new services. The current data protection declaration will apply to your next visit to our website.

Status: July 2022

‍