placeholder

Privacy Policy

Notes on data protection


The security and protection of your data is of particular concern to us, Verifino GmbH & Co. KG (hereinafter referred to as “Verifino”, “we” or “website provider”). We therefore provide our website in accordance with the applicable legal provisions for the protection of personal data and data security, in particular the provisions of the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), the German Digital Services Act (DDG) and the German Telecommunication Digital Services Data Protection Act (TDDDG).

At this point, we intend to inform you about what data we collect, process and use when you use our website, for what purpose and on what legal basis this is done in each case, to whom we may make it available and what rights you are entitled to in this respect.



Scope of application, Controller


This data protection notice applies to the websites provided under the domain www.verifino.com (“website”).

The data processing on this website is carried out by Verifino. The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws and other data protection regulations is

Verifino GmbH & Co. KG

Friedensstraße 2

60311 Frankfurt am Main

Amtsgericht Frankfurt am Main, HRA 51023

hello@verifino.com



Contact details of the data protection officer


You can contact our company data protection officer via

Verifino GmbH & Co. KG,

– Data Protection Officer –

Friedensstraße 2

60311 Frankfurt am Main

hello@verifino.com



General information on data processing


We only process your personal data insofar as this is necessary for the provision of our services. In addition, we only process personal data if you actively provide it to us, e.g. as part of a registration, by filling out forms, sending e-mails and enquiries, when you send us your application or when you order a newsletter or other services.

We will only use the personal data provided by you for the purpose of contract fulfilment and processing your enquiries or your application. Your personal data will only be processed and used for other purposes, such as consulting, advertising and market research, if you have previously consented to the corresponding use or if we are authorized or obliged to process the data on the basis of a statutory provision.

Your data will only be processed in a member state of the European Union, in another state party to the Agreement on the European Economic Area or in a third country for which an adequacy decision has been made by the European Commission in accordance with Art. 45 GDPR.

Your data will be processed by us for as long as is necessary to initiate or fulfil a contract or to process your request. If your data is processed for advertising purposes on the basis of a legitimate interest, your data will be stored as long as you have not objected to the processing. If the requirements for storing your data are no longer met, we will delete your data unless we are legally authorized or obliged to retain it.

You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time for the future. You also have the right to request the restriction of the processing of your personal data under certain circumstances. You also have the right to lodge a complaint with the competent supervisory authority. You can contact us at any time regarding this and other questions on the subject of data protection.

If you have consented to data processing, we process your personal data on the basis of Art. 6 para. 1 lit. a GDPR. If you have consented to the storage of cookies or access to information in your end device, the data processing is also carried out on the basis of § 25 (1) TDDDG. Consent can be revoked at any time. If your data is required to fulfil a contract or to carry out pre-contractual measures, we process your data on the basis of Art. 6 para. 1 lit. b GDPR. Furthermore, we process your data if this is necessary to fulfil a legal obligation on the basis of Art. 6 para. 1 lit. c GDPR. Data processing may also be carried out on the basis of our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR.



Data security


We take appropriate technical and organizational measures to ensure that the data collected in the course of using the services we provide is protected against loss, incorrect changes or unauthorized access by third parties. Our security measures are continuously revised and adapted in line with technological developments.



Provision of the website


This website is hosted externally. We use the following hoster:

Ikoula Net SAS

2 Cité Paradis

75010 Paris, France

https://www.ikoula.com/en/confidentiality

The personal data collected on this website is stored on the hoster’s servers. This may include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses and other data generated via a website.

We only analyze this data for statistical purposes. A personal evaluation will not be carried out. The temporary storage of your IP address is necessary to enable delivery of the website to your end device. For this purpose, the user’s IP address must remain stored for the duration of the session. We also use the data to optimize the website and to ensure the security of our IT systems. These purposes also constitute our legitimate interest in data processing in accordance with Art. 6 para. 1 lit. f GDPR. The data is deleted as soon as it is no longer required to fulfil the purpose for which it was collected.

External hosting is carried out for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f GDPR).

We have concluded an order processing contract for the hosting of our website. The contract ensures that the hoster processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR. Our hoster will only process your data to the extent necessary to fulfil its performance obligations and follow our instructions with regard to this data.



Applicant data


We offer you the opportunity to apply for a job with us. We ensure that the collection, processing and use of your personal data collected as part of the application process is carried out in accordance with applicable data protection law and all other statutory provisions and that your data is treated in strict confidence.

If you send us an application, we will process your associated personal data (e.g. contact and communication data, application documents, notes taken during interviews, etc.) insofar as this is necessary to decide on the establishment of an employment relationship. The legal basis for this is § 26 BDSG (initiation of an employment relationship), Art. 6 para. 1 lit. b GDPR (general contract initiation) and – if you have given your consent – Art. 6 para. 1 lit. a GDPR. Consent can be revoked at any time. Your personal data will only be passed on within our company to persons who are involved in processing your application.

If the application is successful, the data submitted by you will be stored in our data processing systems on the basis of Section 26 BDSG and Art. 6 para. 1 lit. b GDPR for the purpose of implementing the employment relationship.

If we do not offer you a job, you reject a job offer or withdraw your application, we reserve the right to retain the data you have submitted on the basis of our legitimate interests (Art. 6 para. 1 lit. f GDPR) for up to 6 months from the end of the application process (rejection or withdrawal of the application). The data will then be deleted and the physical application documents destroyed. The retention serves in particular as evidence in the event of a legal dispute. If it is evident that the data will be required after the 6-month period has expired (e.g. due to an impending or pending legal dispute), the data will only be deleted when the purpose for further storage no longer applies. Longer storage may also take place if you have given your consent (Art. 6 para. 1 lit. a GDPR) or if statutory retention obligations prevent deletion.  



Cookies


We use cookies to optimise the functionality and usability of the website. Cookies are small text files that are stored on your hard drive with the help of your browser and through which certain information flows to the organisation that sets the cookie (in this case, us). Cookies can originate from us (first-party cookies) or from third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services from third-party companies within the website.

Cookies have various functions. Many cookies are technically necessary, as certain functions of the website would not work without these cookies. Other cookies can be used to analyse user behaviour or for advertising purposes.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If you do not want us to recognise your end device, please set your browser so that it deletes cookies from your end device, blocks all cookies or warns you before a cookie is saved. In this case, however, you may not be able to use all functions of the website to their full extent.

We use the following types of cookies for our website (the legal basis for the processing of personal data using cookies is Art. 6 para. 1 lit. f GDPR)

Session cookies or functional cookies (e.g. to keep navigation elements open and for help texts) are automatically deleted when you close your browser. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This allows your end device to be recognised when you visit the website again.

We use language or regional setting cookies to save the country, currency or language settings with which the website is to be accessed. Without the use of these cookies, some functions of the website cannot be offered. These functions require the browser to be recognised. The user data collected by technically necessary cookies is not used to create user profiles. This is also our legitimate interest in the processing of personal data in accordance with Art. 6 para. 1 lit. f GDPR.

Session cookies are automatically deleted when the browser is closed. The other cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete the cookies set by us in the security settings of your browser at any time.



Tools for analysis and advertising


Google Tag Manager

We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

The Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create any user profiles, does not store cookies, and does not carry out any independent analyses. It only manages and runs the tools integrated via it. However, the Google Tag Manager does collect your IP address, which may also be transferred to Google’s parent company in the United States.

The Google Tag Manager is used on the basis of Art. 6(1)(f) GDPR. The website provider has a legitimate interest in the quick and uncomplicated integration and administration of various tools on his website. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link:

https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider of this service is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website provider to analyze the behavior patterns of website visitors. To that end, the website provider receives a variety of user data, such as pages accessed, time spent on the page, the utilized operating system and the user’s origin. This data is summarized in a user-ID and assigned to the respective end device of the website visitor.

Furthermore, Google Analytics allows us to record your mouse and scroll movements and clicks, among other things. Google Analytics uses various modeling approaches to augment the collected data sets and uses machine learning technologies in data analysis.

Google Analytics uses technologies that make the recognition of the user for the purpose of analyzing the user behavior patterns (e.g., cookies or device fingerprinting). The website use information recorded by Google is, as a rule transferred to a Google server in the United States, where it is stored.

The use of these services occurs on the basis of your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TTDSG. You may revoke your consent at any time.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/

Google Analytics IP anonymization is active. As a result, your IP address will be abbreviated by Google within the member states of the European Union or in other states that have ratified the Convention on the European Economic Area prior to its transmission to the United States. The full IP address will be transmitted to one of Google’s servers in the United States and abbreviated there only in exceptional cases. On behalf of the provider of this website, Google shall use this information to analyze your use of this website to generate reports on website activities and to render other services to the provider of this website that are related to the use of the website and the Internet. The IP address transmitted in conjunction with Google Analytics from your browser shall not be merged with other data in Google’s possession.

You can prevent the recording and processing of your data by Google by downloading and installing the browser plugin available under the following link:

https://tools.google.com/dlpage/gaoptout?hl=en

For more information about the handling of user data by Google Analytics, please consult Google’s Data Privacy Declaration at:

https://support.google.com/analytics/answer/6004245?hl=en

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link:

https://www.dataprivacyframework.gov

You can find more information on terms of use and data protection at http://www.google.com/analytics/terms/de

or under

https://www.google.de/intl/de/policies/

Newsletter

If you are a customer of ours, your e-mail address may be used by us to send you newsletters. You can cancel the sending of this newsletter at any time. There is a corresponding link in every newsletter for this purpose. In this case, the legal basis for sending the newsletter is Art. 6 para. 1 lit. f GDPR in conjunction with § 7 para. 3 UWG.

We may offer you the opportunity to subscribe to free newsletters via the website. When you register for the newsletter, the data from the input screen will be transmitted to us. In each case, this is the e-mail address you provide. You must confirm your subscription to our e-mail newsletters by sending a second e-mail. The legal basis for processing the data after registration to receive the e-mail newsletter is Art. 6 para. 1 lit. a GDPR. The purpose of collecting the user’s email address is to send the newsletter.

You can revoke your consent to the sending of the e-mail newsletter at any time with effect for the future by clicking on the link provided in each e-mail newsletter, by e-mail to hello@verifino.com.

After you unsubscribe from the newsletter distribution list, we may store your email address in a blacklist to prevent future mailings to you. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 (1)(f) GDPR). Storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.



Plugins and Tools


YouTube

This website embeds videos of the website YouTube. The website provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

If you visit a page on this website into which a YouTube has been embedded, a connection with YouTube’s servers will be established. As a result, the YouTube server will be notified, which of our pages you have visited.

Furthermore, YouTube will be able to place various cookies on your device or comparable technologies for recognition (e.g. device fingerprinting). In this way YouTube will be able to obtain information about this website’s visitors. Among other things, this information will be used to generate video statistics with the aim of improving the user friendliness of the site and to prevent attempts to commit fraud.

If you are logged into your YouTube account while you visit our site, you enable YouTube to directly allocate your browsing patterns to your personal profile. You have the option to prevent this by logging out of your YouTube account.

The use of YouTube is based on our interest in presenting our online content in an appealing manner. Pursuant to Art. 6(1)(f) GDPR, this is a legitimate interest. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

For more information on how YouTube handles user data, please consult the YouTube Data Privacy Policy under:

https://policies.google.com/privacy?hl=en

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link:

https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

Google Maps

This website uses the mapping service Google Maps. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. With the means of this service, we can integrate map material on our website.

To enable the use of the Google Maps features, your IP address must be stored. As a rule, this information is transferred to one of Google’s servers in the United States, where it is archived. The provider of this website has no control over the data transfer. In case Google Maps has been activated, Google has the option to use Google Fonts for the purpose of the uniform depiction of fonts. When you access Google Maps, your browser will load the required web fonts into your browser cache, to correctly display text and fonts.

We use Google Maps to present our online content in an appealing manner and to make the locations disclosed on our website easy to find. This constitutes a legitimate interest as defined in Art. 6(1)(f) GDPR. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/

For more information on the handling of user data, please review Google’s Data Privacy Declaration under: https://policies.google.com/privacy?hl=en

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link:

https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active



Your rights


Insofar as we process personal data about you, you are entitled to the following rights as a data subject within the meaning of the GDPR:

Right to information, access, correction and deletion

Within the scope of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of the data processing and, if necessary, a right to correction or deletion of this data. You can contact us at any time regarding this and other questions on the subject of personal data.

Right to restriction of processing

You may request the restriction of the processing of your personal data under the following conditions:

  1. if you contest the accuracy of your personal data for a period enabling us to verify the accuracy;

    • the processing is unlawful and you oppose the erasure of your personal data and request the restriction of their use instead

    • we no longer need your personal data for the purposes of the processing, but you require it for the establishment, exercise or defence of legal claims; or

    • you have objected to processing pursuant to Art. 21 (1) GDPR pending the verification whether our legitimate grounds as the controller override your interests and rights as the data subject.

If the processing of your personal data has been restricted, this data – apart from its storage – may only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.

If the restriction of processing has been restricted in accordance with the above conditions, we will inform you before the restriction is lifted.

Right to data portability

You have the right to have data that we process on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a commonly used, machine-readable format. If you request the direct transfer of the data to another controller, this will only take place if it is technically feasible.

Right to lodge a complaint with a supervisory authority

Without prejudice to any other legal remedies, you have the right to lodge a complaint with a competent supervisory authority if you believe that the processing of your personal data violates applicable data protection law.

Revocation of consent

As far as the processing of personal data is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR, you can revoke your consent at any time with effect for the future by e-mail to hello@verifino.com.

Right to object

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1). This right to object also applies to profiling based on these provisions. We will no longer process your personal data after your objection unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

Objection to direct marketing

If your personal data are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. If you object, your personal data will subsequently no longer be used for the purpose of direct marketing.



Request by e-mail, telephone, or fax


If you contact us by e-mail, telephone or fax, your request, including all resulting personal data (name, request) will be stored and processed by us for the purpose of processing your request. We do not pass these data on without your consent.

These data are processed on the basis of Art. 6(1)(b) GDPR if your inquiry is related to the fulfillment of a contract or is required for the performance of pre-contractual measures. In all other cases, the data are processed on the basis of our legitimate interest in the effective handling of inquiries submitted to us (Art. 6(1)(f) GDPR) or on the basis of your consent (Art. 6(1)(a) GDPR) if it has been obtained; the consent can be revoked at any time.

The data sent by you to us via contact requests remain with us until you request us to delete, revoke your consent to the storage or the purpose for the data storage lapses (e.g. after completion of your request). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.



Online-based Audio and Video Conferences


We use online conference tools, among other things, for communication with our customers. The tools we use are listed in detail below. If you communicate with us by video or audio conference using the Internet, your personal data will be collected and processed by the provider of the respective conference tool and by us.

The conferencing tools collect all information that you provide/access to use the tools (email address and/or your phone number). Furthermore, the conference tools process the duration of the conference, start and end (time) of participation in the conference, number of participants and other “context information” related to the communication process (metadata).

Furthermore, the provider of the tool processes all the technical data required for the processing of the online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or loudspeaker and the type of connection.

Should content be exchanged, uploaded, or otherwise made available within the tool, it is also stored on the servers of the tool provider. Such content includes, but is not limited to, cloud recordings, chat/ instant messages, voicemail uploaded photos and videos, files, whiteboards, and other information shared while using the service.

Please note that we do not have complete influence on the data processing procedures of the tools used. Our possibilities are largely determined by the corporate policy of the respective provider.

Conference tools are used to communicate with prospective or existing contractual partners or with applicants (Art. 6 para. 1 lit. b GDPR). The use of the tools serves the general simplification and acceleration of communication with us or our company (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). If consent has been requested, the tools in question are used on the basis of this consent; consent can be withdrawn at any time with effect for the future.

The data collected directly by us via the video and conference tools will be deleted from our systems as soon as you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Stored cookies remain on your end device until you delete them. Mandatory statutory retention periods remain unaffected.

We have no influence on the storage period of your data that is stored by the provider of the conference tools for their own purposes. For details, please contact the provider of the conference tools directly.

Microsoft Teams

The provider is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland. Details on data processing can be found in the Microsoft Teams privacy policy:

https://privacy.microsoft.com/de-de/privacystatement

Microsoft is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link:

https://www.dataprivacyframework.gov

We have concluded an order processing contract with Microsoft and fully implement the requirements of the GDPR when using Google Tag Manager.



Privacy policy for our social media presence


If you visit one of our social media sites, we are jointly responsible with the provider of the social media platform for the data processing activities triggered by your visit. You can find the details of the person responsible for data processing on the social media platform via the links in the relevant section below. The following information relates to the data processing for which we are responsible.

Data processing by social networks

We maintain publicly accessible profiles on social networks. The individual social networks we use are listed below.

Social networks such as LinkedIn etc. can generally analyse your user behaviour comprehensively when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). Visiting our social media presences triggers numerous data protection-relevant processing activities. In detail:

If you are logged into your social media account and visit our social media presence, the provider of the social media portal can assign this visit to your user account. However, your personal data may also be collected if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies that are stored on your end device or by recording your IP address.

With the help of the data collected in this way, the providers of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-based advertising can be displayed to you inside and outside the respective social media presence. If you have an account with the respective social network, the interest-based advertising can be displayed on all devices on which you are logged in or have been logged in.

Please also note that we cannot track all processing activities on the social media portals. Depending on the provider, further processing activities may therefore be carried out by the providers of the social media portals. For details, please refer to the terms of use and data protection provisions of the respective social media portals.

Legal basis

Our social media presence is intended to ensure that we have as comprehensive a presence as possible on the internet. This is a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. The analysis processes initiated by the social networks may be based on different legal bases, which must be specified by the providers of the social networks (e.g. consent within the meaning of Art. 6 para. 1 lit. a GDPR).

Collection of data and purposes of processing

Selectable by time period and various categories, the provider of the social media portal (e.g. LinkedIn) provides us with data relating to our social media presence: Total number of page views, “likes”, comments, shared content, page activity, post interactions, reach, video views, post reach, replies. Due to the constant development of the providers of the social media portals, the availability and processing of the data changes, so we refer to the privacy policy of the respective provider of the social media portal for further details.

We use the data provided to us by the provider of the social media portal to make our social media presence more attractive to users.

In accordance with the social media portal provider’s terms of use, which every user has agreed to when creating a profile (e.g. with LinkedIn), we can identify our network partners and followers and view their profiles and other shared information.

Controller and assertion of rights

If you visit one of our social media sites (e.g. LinkedIn), we are jointly responsible with the provider of the social media platform for the data processing activities triggered during this visit. You can assert your rights (information, rectification, erasure, restriction of processing, data portability and complaint) both against us and against the provider of the respective social media portal (e.g. LinkedIn).

Please note that, despite the joint responsibility with the social media portal providers, we do not have full influence on the data processing activities of the social media portals. Our options depend largely on the company policy of the respective provider.

Storage period

The data collected directly by us via the social media presence will be deleted from our systems as soon as the purpose for its storage no longer applies, you request us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Stored cookies remain on your end device until you delete them. Mandatory statutory provisions – in particular retention periods – remain unaffected.

We have no influence on the storage period of your data that is stored by the providers of social networks for their own purposes. For details, please contact the providers of the social networks directly (e.g. in their privacy policy, see below).

LinkedIn

We provide an online presence on LinkedIn, a so-called LinkedIn company page. If you visit our LinkedIn company page, we are jointly responsible with LinkedIn for the data processing activities triggered by this visit. The agreement on joint responsibility pursuant to Art. 26 GDPR can be found here: https://legal.linkedin.com/pages-joint-controller-addendum. This agreement was made available in this form by LinkedIn and accepted by us as the owner of the LinkedIn company page by using LinkedIn.

Controller for data processing

The controller responsible for data processing on the social media platform is
LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.

Purposes of processing by LinkedIn

We are aware that LinkedIn processes users’ data for the following purposes:

  • Provision, support, personalisation and development of its services

    • Display of customised ads from LinkedIn & external parties

    • Display of news, events and ideas regarding professional topics

    • Recommendation of jobs or groups

    • Displaying interesting network partners

    • Enabling the search function

    • Forwarding to TeamLink and Elevate (sponsoring content via social media).

    • Use member data and content for invitations and communications

    • communications to promote the expansion of their membership and network, interaction with them and their services

    • Research

    • Provision of measurements, analyses and other

    • business services

    • Promotion of protection, integrity and security

LinkedIn provides us with statistics and insights for our LinkedIn company page in anonymised form, which we use to gain insights into the types of actions people take on our LinkedIn company page (so-called “Page Insights”). These Page Insights are created based on certain information about people who have visited our LinkedIn Company Page.

As the owner of a LinkedIn company page, we do not make any decisions regarding the processing of Insights data and all other determinations, such as the storage duration of cookies on user end devices. The primary responsibility for the processing of Insights data lies with LinkedIn. In this regard, we refer to the agreement on joint responsibility pursuant to Art. 26 GDPR and the obligations assumed by LinkedIn thereafter: https://legal.linkedin.com/pages-joint-controller-addendum.

Data transfer to countries outside the European Data Protection Area

The LinkedIn services require the transfer of data to the USA. LinkedIn uses these data transfers to provide the services set out in the LinkedIn Terms of Use and to operate globally and provide its products to users.

For details on how they handle your personal data, please refer to LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy.

Security of data processing

LinkedIn ensures the security of the processing of member data and the provision of page insights by implementing appropriate technical and organisational measures. You can find more information on this here: https://security.linkedin.com/.

Cookies

LinkedIn uses cookies to store and further process this information, i.e. small text files that are stored on the user’s various end devices. If the user has a LinkedIn profile and is logged in to it, the information is also stored and analysed across devices.

LinkedIn is responsible for effectively obtaining your consent to the use of cookies; we have no influence over this. For details on how they handle your personal data, please refer to LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy.

Xing

We provide an online presence on Xing, a so-called Xing employer profile. If you visit our Xing employer profile, we are jointly responsible with Xing for the data processing activities triggered by this visit. For details on how they handle your personal data, please refer to Xing’s privacy policy: https://privacy.xing.com/en/your-privacy.

Controller for data processing

The controller responsible for data processing on the social media platform is
New Work SE, Dammtorstraße 30, 20354 Hamburg, Deutschland („Xing“) 

Purposes of processing by Xing

We are aware that Xing processes user data for the following purposes, among others:

  • Provision, support, personalisation and development of its services

    • Display of customised advertisements by Xing & external parties

    • Display of news, events and ideas relating to professional topics

    • Recommendation of jobs or groups

    • Display of interesting network partners

    • Enabling the search function

    • Forwarding to developers and “API partners”, ad server operators, email dispatch service providers, email marketing service providers, marketing automation service providers, CRM service providers, agencies (e.g. for the implementation of competitions), sales service providers and call centres, service providers for advertising campaigns and the display of advertising, providers of usage analysis tools, other cooperation partners, Google

    • Use of member data and content, including for invitations and communications, to promote the expansion of their membership numbers and network, interaction with them and their services

    • Research

    • Provision of measurements, analyses and other

    • business services

    • Promoting protection, integrity and security

For a complete overview of the processing of your data by Xing, please refer to Xing’s privacy policy: https://privacy.xing.com/en/your-privacy.

Xing provides us with statistics and insights for our Xing employer profile in anonymised form, which we use to gain insights into the types of actions people take on our Xing employer profile. This data is generated on the basis of certain information about people who have visited our Xing employer profile.

As the owner of a Xing employer profile, we do not make any decisions regarding the processing of data and all other determinations, such as the storage duration of cookies on user end devices. The primary responsibility for processing lies with Xing. Please refer to Xing’s privacy policy: https://privacy.xing.com/en/your-privacy.

Data transfer to countries outside the European Data Protection Area

By using Xing, your personal data will be collected, transferred, stored, disclosed and used by New Work SE and transferred to, stored and used in third countries, regardless of your place of residence.

For details on how they handle your personal data, please refer to Xing’s privacy policy: https://privacy.xing.com/en/your-privacy.

Security of data processing

Xing ensures the security of the processing of member data and the provision of page insights by implementing suitable technical and organisational measures. For more information, please refer to Xing’s privacy policy: https://privacy.xing.com/en/your-privacy.

Cookies

Xing uses so-called cookies to store and further process this information, i.e. small text files that are stored on the user’s various end devices. If the user has a Xing profile and is logged in to it, the information is also stored and analysed across devices.

Xing is responsible for effectively obtaining your consent to the use of cookies; we have no influence over this. For details on how they handle your personal data, please refer to the Xing privacy policy: https://privacy.xing.com/en/your-privacy.


Contact / Information


All enquiries, explanations and queries regarding the use of data can be sent by e-mail to our data protection officer

hello@verifino.com

or by mail to

Verifino GmbH & Co. KG,

– Data Protection Officer –

Friedensstraße 2

60311 Frankfurt am Main

hello@verifino.com

 

Version: April 2024