Privacy policy

We look forward to your visit on our websites. Below we would like to inform you about the handling of your data according to Art. 13 General Data Protection Regulation (DSGVO).



Responsible for the following data collection and processing is the place named in the imprint.



Storage of the IP address
We store the IP address provided by your web browser strictly earmarked for a period of seven days, in the interest of detecting, limiting and eliminating attacks on our websites. After this period of time, we delete the IP address. The legal basis is Art. 6 para. 1 lit. f) DSGVO.



Usage data
When you visit our web pages, so-called usage data for statistical purposes are temporarily stored on our web server as a protocol in order to improve the quality of our web pages. This record consists of

  • the page from which the file was requested
  • the name of the file
  • the date and time of the query
  • the amount of data transferred
  • the access status (file transfer, file not found)
  • the description of the type of web browser used
  • the IP address of the requesting computer, which is deleted after seven days so that a personal reference is no longer producible

The mentioned log data are only saved anonymously.



1. Data transmission to third parties

Data transmission to third parties
We transfer your data within the scope of an order processing, as per Art. 28 DSGVO, to service providers who support us in the operation of our websites and related processes. Our service providers are strictly bound to our instructions and contractually obliged. We use the following service providers: Equinix Hosting, Google Analytics.


This website uses the service "Google Analytics", which is provided by Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) to analyse the use of the website by users. The service uses "cookies" - text files which are stored on your end device. The information collected by the cookies is usually sent to a Google server in the USA and stored there. Here you will find further information on the use of data by Google Inc.:


You can prevent tracking by Google Analytics (opt-out) by clicking on the following link. This will set an opt-out cookie which will prevent the future collection of your data when you visit this website: deactivate Google Analytics and change settings.


If you should later delete all cookies in your browser, you will have to click the above link again, as your opt-out decision would also be lost. Opt-out information can only be stored in a cookie. An Opt-Out only works in within the currently used browser. If you visit our website with other browsers, you may need to set an opt-out cookie for these browsers as well by clicking the link above.



Data transmission to third countries
We sometimes transfer personal information to a third country outside the EU. In each case, we have taken care for an appropriate level of data protection.

The level of protection for data transfers to the USA is to be regarded as equivalent on the basis of an adequacy decision of the EU ("EU-US DPF") pursuant to Article 45 (3) of the GDPR. If service providers are not subject to the adequacy decision, the data transfers to the USA are secured by concluding European standard contractual clauses (SCCs) and further technical and organisational measures.



2. Cookies

We use cookies on our websites. Cookies are small text files that are stored on your terminal device and can be read. A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session. Cookies can contain data that make it possible to recognize the device used. In some cases, however, cookies only contain information about certain settings that cannot be related to a specific person.

We use session cookies and permanent cookies on our websites. The processing is based on Art. 6 para. 1 lit. f) DSGVO and in the interest of optimizing or enabling user guidance and adapting the presentation of our website.

You can set your browser to inform you about the placement of cookies. This makes the use of cookies transparent for you. You can also delete cookies at any time via the appropriate browser setting and prevent the setting of new cookies. Please note that our websites may then not be displayed optimally and some functions may no longer be technically available.



3. Explanations of security measures

Data Security
In order to protect your data against unwanted access as comprehensively as possible, we take technical and organizational measures. We use an encryption method on our website. Your information will be transferred from your computer to our server and vice versa via the Internet by means of TLS encryption. You will recognize this by the fact that the lock symbol is closed in the status bar of your browser and the address bar starts with https: //.



4. Rights of the user

When processing your personal data, the DSGVO grants you certain rights as a website user:



Right to information (Art. 15 DSGVO)
You have the right to ask for confirmation of the processing of your personal data; If this is the case, you have a right to be informed about this personal data and to the information listed in detail in Art. 15 DSGVO.



Right to rectification and cancellation (Art. 16 and 17 DSGVO)
You have the right to immediately request the correction of incorrect personal data concerning you and, if necessary, the completion of incomplete personal data.

You also have the right to demand that personal data relating to you be deleted without delay, provided that one of the reasons listed in detail in Art. 17 GDPR applies, e.g. For example, when the data is no longer needed for the purposes pursued.



Right to restriction of processing (Art. 18 DSGVO)
You have the right to demand the restriction of processing if one of the conditions listed in Art. 18 GDPR is met, e.g., if you objected to processing for the duration of any examination.



Right to data portability (Art. 20 DSGVO)
In certain cases, which are listed in detail in Art. 20 DSGVO, you have the right to receive the personal data concerning you in a structured, common and machine-readable format or to request the transmission of this data to a third party.



Right of objection (Art. 21 DSGVO)
Are data based on Art. 6 para. 1 lit. f) (data processing for the protection of legitimate interests), you have the right to object to the processing at any time for reasons that arise from your particular situation. We will then no longer process the personal data unless there are evidently compelling legitimate grounds for processing that outweigh the interests, rights and freedoms of the data subject, or the processing is for the purpose of enforcing, pursuing or defending legal claims.



Right of appeal to a supervisory authority
You have acc. to Art. 77 DSGVO the right to complain to a supervisory authority if you believe that the processing of your data violates data protection regulations. In particular, the right of appeal may be invoked by a supervisory authority in the Member State of your place of residence, your place of work or the place of the alleged infringement.



5. Contact details of the data protection officer

Our company data protection officer is at your disposal for information or suggestions concerning data protection:


Dr. Uwe Schläger
datenschutz nord GmbH
Telephone: 0421 69 66 32 0



6. Contact

You have the opportunity to contact us via a web form. To use our contact form we need your name and your e-mail address. You may or may not provide further information. By submitting your message to us, you agree that we may process your personal data to process your request. Your request will be sent encrypted via https to our server.


The legal basis of the processing is Art. 6 para. 1 lit. b) DSGVO. Your data will only be processed to answer your request and then deleted. A passing on to third does not take place.



7. Online applications

We process your personal data in accordance with the applicable data protection regulations on the basis of § 26 Federal Data Protection Act (BDSG), Art. 6 para. 1 lit. b GDPR. We process the data you provide to us as part of your online application for the sole purpose of selecting applicants. Data processing for other purposes does not take place.


You yourself determine the scope of the data that you would like to submit to us as part of your online application. Online applications are electronically transferred to our personnel department and processed there as quickly as possible. The transmission is encrypted. As a rule, applications are forwarded to the heads of the responsible specialist departments in our company. In addition, there is no disclosure of your data. Your information will be treated confidentially in our house. In case of an unsuccessful application, your documents will be deleted after expiration of 6 months.


In the event that we may also consider your application in other or future job advertisements, we ask for a note on the application. We then process your data on the basis of Art. 6 para. 1 lit. a DSGVO.


Information according to Art. 13 General Data Protection Ordinance for Applicants
The compliance with data protection regulations has a high priority for our company. We would like to inform you about the collection of your personal data with us below:



Responsible body:
Data collection and processing is the responsibility of the company you applied to.



Data we need:
When applying, we process data from you that we need in the context of the application. This can be contact details, all data related to the application (CV, certificates, qualifications, answers to questions, etc.) as well as bank account details (to reimburse travel costs). The legal basis for this arises from § 26 Federal Data Protection Act (BDGS), Art. 6 para. 1 lit. b GDPR. .



Data transfers to third countries:
Our company is part of an international agency network that has personnel responsibilities across departmental, corporate and national boundaries. That's why competent supervisors in the UK and US can access your applicant data. This data processing is required by § 26 BDSG to decide on the creation of an employment relationship.


The level of protection for data transfers to the USA is to be regarded as equivalent on the basis of an adequacy decision of the EU ("EU-US DPF") pursuant to Article 45 (3) of the GDPR. If service providers are not subject to the adequacy decision, the data transfers to the USA are secured by concluding European standard contractual clauses (SCCs) and further technical and organisational measures.



Data deletion:
If no statutory retention period exists, the data will be deleted as soon as storage is no longer required or the legitimate interest in storage has expired. If not hired, this will be the case at least six months after completing the application process.


In individual cases, it may lead to a longer storage of individual data (e.g. travel expenses). The duration of storage then depends on the statutory storage obligations, for example, from the Tax Code (6 years) or the Commercial Code (10 years).

If there has not been a recruitment, but your application continues to be interesting for us, we ask you, if we may keep your application for future appointments.



Confidential treatment of your data:
Of course, we treat your data confidentially and do not transmit it to third parties.


If necessary, we use strictly instruction-bound service providers, who provide us with e.g., in the areas of IT or the archiving and destruction of documents and with which separate contracts for order processing have been concluded.



Your privacy rights:
As the data subject, you have the right to obtain information about personal data concerning you, as well as the correction of incorrect data or cancellation, provided that one of the reasons stated in Art. 17 GDPR exists, e.g. if the data is no longer needed for the purposes pursued. There is also the right to restrict processing if one of the conditions set out in Art. 18 GDPR exists and, in the case of Art. 20 GDPR, the right to data portability.


Each data subject has the right to complain to a supervisory authority if it considers that the processing of the data concerning them is contrary to data protection provisions. In particular, the right of appeal may be invoked by a supervisory authority in the Member State of the residence or the workplace of the person concerned or the place of the alleged infringement.



Our data protection officer:
You also have the right to contact our data protection officer at any time, who is obliged to maintain secrecy regarding your request. You will find the contact details of our data protection officer in section 5 above.



8. Whistleblower system

Our internal whistleblowing system gives employees, suppliers and business partners the opportunity to point out grievances without having to come forward themselves. This concerns in particular the following issues within the company:


  • Crimes or misconduct
  • Serious and flagrant violations of applicable law and/or international agreements
  • Serious threats or endangerments to the public interest of which the whistleblowers have personal knowledge
  • Breach of any code of conduct or policy of the Company
  • Dangers to the health of employees

You do not have to provide any personal data about yourself. However, depending on the content of your contribution, your report may contain personal data of third parties. Data that is irrelevant or immaterial to the report will not be processed in the subsequent investigation of the incident. You can remain anonymous if you do not disclose any personal data about yourself.


Legal basis for the processing
The processing of the data serves the fulfilment of a legal obligation, Art. 6 (1) sentence 1 lit. c DSGVO, which follows from the so-called Whistleblower Directive (Directive (EU) 2019/1937 on the protection of persons who report infringements of Union law) and national laws of the EU Member States based on this. The data processing is also carried out in the legitimate interest of the company to be informed about unlawful and reportable events and to be able to clarify them internally, Art. 6 para. 1 p. 1 lit. f DSGVO.

The reports are checked and answered within the legally specified deadlines. The deletion of the data takes place no later than 3 years after the conclusion of the proceedings, provided that there are no retention obligations as a result of any subsequent legal proceedings.



Data recipient
The data collected is forwarded to persons in the company responsible for processing reports and may also be made available to other third parties (lawyers, experts and auditors) for analysis and investigation purposes. If necessary, authorities and courts may also be involved.


The management receives an annual summary report on the number and type of reports for inclusion in the report pursuant to the Supply Chain Due Diligence Act. CONFDNT ensures that the protection of the person making the report is guaranteed.


In addition, your data is transferred to the service company CONFDNT, which supports the operation of the website and the associated processes, within the scope of order processing pursuant to Art. 28 DSGVO. The service company works strictly according to instructions and has been contractually obligated accordingly.



Transfer of data to countries outside the European Union
The data collected may be made available to recipients outside the European Union on a case-by-case basis to the extent that this is strictly necessary to process the notifications received, in particular to determine the materiality of the infringements. Prior to the transfer of personal data, all measures necessary to ensure that the level of protection of natural persons guaranteed by the GDPR is not undermined shall be taken.



9. Data Protection Declaration for our Facebook Site

We operate our Facebook company page ( on the basis of Article 6 (1) lit. f DSGVO. Facebook provides us with statistical data via so-called “Insights", which enable us to recognize user interactions on or with the page. We use this data in aggregated form to make our contributions and activities on our Facebook page more attractive to users.


Facebook also uses so-called web tracking methods on this page. Please be aware that: It cannot be ruled out that Facebook may use your profile data to analyze your habits, personal relationships, preferences, etc. We have no influence whatsoever on the processing of your data by Facebook.


We will not conduct or initiate any other data processing. The data you enter on our Facebook page, such as comments, videos or images, will not be used or processed by us for any other purpose at any time.



Users' rights
According to the decision of the European Court of Justice, the operator of a Facebook page is jointly responsible with Facebook for the processing of personal data. With regard to the provisions of the DSGVO on joint responsibility, we have reached an agreement with Facebook under which Facebook assumes responsibility for the processing of "Insights" data and will fulfill all resulting obligations towards users under the DSGVO.


You can find out more about Facebook's privacy statement here:


Requests for information about "Insights" that are addressed to us will be forwarded directly to Facebook.