Privacy Policy

Thank you for visiting our website. In the following, we would like to inform you about the handling of your data according to Art. 13 of the General Data Protection Regulation (DSGVO).

1. Person responsible

diesdas.digital GmbH is responsible for the data processing described below in accordance with data protection regulations.

Contact requests can be made via e-mail to [email protected].

2. Processing of log files

When you visit our website, our web server stores standardized information about your terminal device and the browser used in a log file. We process this data in order to be able to analyze errors of our server and abuse attempts. In detail, this data record consists of

• the name of the requested website
• the date and time of the request,
• the amount of data transferred,
• the message about the successful retrieval,
• the IP address of the requesting computer,
• the specific address of the page called up from us,
• if applicable, the page from which you reached us,
• the transmitted identifier of the browser.

From these data you are not identifiable for us, the log data are evaluated only anonymously. Log data is regularly deleted in a timely manner, but at the latest after seven days. The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 (1) f) DSGVO.

2.1 SSL or TLS encryption

This website uses SSL or TLS encryption for security reasons and to protect the transmission of personal data and other confidential content (e.g. inquiries to the person responsible). You can recognize an encrypted connection by the string "https://" and the lock symbol in your browser line.

3. Hosting

We host our website with our contract processors:

Salesforce, Inc.
Salesforce Tower
415 Mission Street
3rd Floor
San Francisco
CA 94105
United States

and

Google Ireland Limited
Gordon House, Barrow Street
Dublin 4
Ireland

4. Newsletter

On our website you are offered the possibility to subscribe to a newsletter on various topics. You can sign up for this via a link at the bottom of our website. We use Buttondown for newsletter management, a DSGVO compliant tool for sending newsletters. To use this service, the following information is stored by Buttondown:

• IP address
• Open and click events
• Subscriber information (email address, name).

This information will only be used for the operation of the newsletter and neither Buttondown nor Diesdas will use it for commercial purposes or share the data with third parties.

5. Contact by e-mail

If you contact us by e-mail, your request including all resulting personal data (name, first name, request, etc.) will be stored and processed by us for the purpose of processing your request.

The processing of this data is based on Art. 6 (1) lit. b DSGVO, provided that your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures.

In all other cases, the processing is based on our legitimate interest in the effective processing of the requests sent to us (Art. 6 (1) (f) DSGVO) or on your consent (Art. 6 (1) (a) DSGVO) if this has been requested.

The data you send to us via contact requests will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after your request has been processed). Mandatory legal provisions - in particular legal retention periods - remain unaffected.

6. Use of cookies & tracking tools

We use tracking technologies such as cookies on our website to measure and evaluate our website and to continuously improve our content. For the protection of our users and partners, we can also detect and prevent fraud and security risks.

Cookies are small text files used by websites to simplify and speed up the management of your visit to our website or are necessary to allow you to use and access secure areas of the website.

Depending on where a cookie comes from, we can first distinguish between so-called first-party cookies and third-party cookies:

• First-party cookies - cookies that are generated and stored locally by the website operator as the controller or by a processor commissioned by the operator. Only the operator has access to these cookies.
• Third-party cookies - cookies that are generated, set and accessed by third-party providers that are not acting as processors on behalf of the website operator.

Depending on the validity period, a distinction can also be made between so-called transient and persistent cookies:

• Transient cookies - cookies that are automatically deleted when you close the browser. These include, in particular, session cookies.
• Persistent cookies - cookies that remain stored on your terminal device for a specified period of time after you close the browser.

Depending on their nature and purpose, the user's consent may be required for the use of certain cookies. In this respect, cookies can then be differentiated according to whether the user's consent is mandatory for their use:

• Consent-free cookies - cookies that are absolutely necessary for the website operator, which has been expressly requested by the subscriber or user, to provide this service ("Absolutely Necessary Cookies").
• Consent-required cookies - cookies that are used for all purposes other than those mentioned above.

Insofar as your consent is required, we use these very cookies alone if you have given your consent in advance. The legal basis for processing personal data is regularly Art. 6 para. 1 lit. a DSGVO. When you call up our website, we display a so-called "cookie banner" in this regard, in which you can declare your consent to the use of cookies on the website by pressing a button.

We use cookies that are absolutely necessary on the basis of Art. 6 (1) lit. f DSGVO in the legitimate interest of ensuring the functionality of our website. These cookies cannot be disabled via the cookie banner of this website. However, you can generally manage and deactivate these cookies in your browser at any time.

You can object to data processing at any time with effect for the future by preventing the storage of cookies through the setting in your browser.

6.1 Use of Google services for web analysis and advertising purposes

We use the technologies of Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"), as described below. The information automatically collected by Google technologies about your use of our website is generally transmitted to a server of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA and stored there. There is no adequacy decision of the European Commission for the USA. Our cooperation with them is based on standard data protection clauses of the European Commission. If your IP address is collected via Google technologies, it is shortened by activating IP anonymisation before being stored on Google's servers. Only in exceptional cases will the full IP address be transmitted to a Google server and shortened there. Unless otherwise stated for the individual technologies, the data processing is based on an agreement concluded for the respective technology between jointly responsible parties in accordance with Art. 26 DSGVO. Further information on data processing by Google can be found in Google's privacy policy.

6.2 Google Analytics

For the purpose of website analysis, Google Analytics automatically collects and stores data (IP address, time of visit, device and browser information as well as information on your use of our website), from which usage profiles are created using pseudonyms. Cookies may be used for this purpose. Your IP address will not be merged with other Google data. Data processing is carried out on the basis of an order processing agreement by Google.

6.3 Google Ads

For advertising purposes in Google search results as well as on third-party websites, the so-called Google Remarketing Cookie is set when you visit our website, which automatically enables interest-based advertising by collecting and processing data (IP address, time of visit, device and browser information as well as information on your use of our website) and by means of a pseudonymous CookieID and on the basis of the pages you visit. Any further data processing will only take place if you have activated the "personalised advertising" setting in your Google account. In this case, if you are logged in to Google while visiting our website, Google will use your data together with Google Analytics data to create and define target group lists for cross-device remarketing.

For website analysis and event tracking, we measure your subsequent usage behaviour via Google Ads Conversion Tracking if you have reached our website via an advertisement from Google Ads. For this purpose, cookies may be used and data (IP address, time of visit, device and browser information as well as information about your use of our website based on events specified by us, such as visiting a website or subscribing to a newsletter) may be collected, from which usage profiles are created using pseudonyms.

6.4 MUX

Our website uses the “Mux” video service provided by Mux, Inc (1182 Market St. Suite 425, San Francisco, CA 94102, USA). Mux is a user experience real-time analysis platform (API, application programming interface) for the creation of videos by developers. If you have activated Java script in your browser and have not installed a Java script blocker, your browser may transmit personal data to Mux. You can find more information on the handling of user data in the Mux privacy policy at https://mux.com/privacy.

7. Online application

In the course of your online application by e-mail, we collect and process personal data for the purpose of handling the application process and for the implementation of pre-contractual measures. When you send an application, the following data is transmitted:

• Name (first as well as last name),
• date of birth,
• address,
• e-mail address,
• telephone number,
• cover letter,
• curriculum vitae and certificates
• If applicable, further personal data not listed here.

Your data will initially be processed exclusively for the purpose of implementing and reviewing the application process. The legal basis for this results from Art. 88 (1) DSGVO in conjunction with Section 26 (1) Sentence 1 BDSG. As a rule, we do not require any special categories of personal data (e.g. information about a severe disability) as defined by Art. 9 DSGVO for the application process. However, if you voluntarily provide us with such data, the processing will be carried out on the legal basis of Art. 9 (2) b DSGVO in conjunction with Section 26 (3) BDSG.

If an employment relationship arises between you and us, we will process your data in accordance with Art. 88 DSGVO in conjunction with. § 26 BDSG in the following for the implementation of the employment relationship with you.

We store your personal data as long as this is necessary for the decision on your application. If you are not hired, your personal data or application documents will be deleted six months after the end of the application process, unless longer storage is legally required or permitted (e.g. for the assertion, exercise or defense of legal claims for the duration of a legal dispute, travel expense accounting, etc.). Afterwards, the data is only available to us as so-called metadata without direct personal reference for statistical evaluations (for example, proportion of women or men in applications, number of applications per period, etc.).

If an employment relationship is established following the application process, we will store your data for the duration of the employment relationship with you. However, you will receive further information about the processing of your data in the employment relationship as soon as the employment relationship with us begins.

7.1 Recipients of the data | Personio

On our website, we post our job advertisements on Personio. This is an HR applicant management system of Personio GmbH, Rundfunkplatz 4, D-80335 Munich. Personio is integrated by embedding the service on our website using a so-called "iFrame". When loading this iFrame, data may be transmitted automatically by your respective browser, so-called server logs. These data are usually pseudonyms and therefore do not allow any conclusions to be drawn about a natural person. This includes the following data:

• Domain name of the retrieved website,
• Browser type and version, operating system used,
• IP address of the requesting computer,
• date and time of the request.

This data is stored solely for technical reasons and the scope of this logging does not exceed the usual scope of any other website on the Internet. The storage period of these access logs is up to 7 days. The legal basis is Art. 6 para. 1 p. 1 lit. f DSGVO. This ensures that Personio only transmits the information to servers within the EU. You can find more information about Personio’s data protection here.

8. Social media channels

We also promote presences on our website on the social networks listed below.

• Facebook
• Github
• Instagram
• LinkedIn
• Medium
• Twitter

The integration takes place via a linked graphic of the respective network. The use of this linked graphic prevents the automatic establishment of a connection to the respective server of the social network when the website is called up.

This means that you will only be redirected to the service of the respective social network by clicking on the corresponding graphic. After the forwarding, information about you will be collected by the respective network. This is initially data such as IP address, date, time and page visited. It cannot be ruled out that the data collected in this way is processed in the USA.

If you are logged into your user account of the respective network during this time, the network operator may be able to assign the collected information to your personal account. If you interact, for example, via a "Share" button of the respective network, this information can also be stored in your personal user account and possibly published.

If you want to prevent the collected information from being directly assigned to your user account, you must log out before clicking on the graphic or configure the respective user account accordingly. For more information on the processing of your data, please refer to our social media notices.

9. your data subject rights

With regard to the data processing listed here, you are entitled to various data subject rights that are regulated in the GDPR.

9.1 Right to information

Pursuant to Art. 15 EU-DSGVO, you have the right to request confirmation from us as to whether personal data relating to you is being processed. If this is the case, you have a right to information about this personal data and the information specified in Art. 15 (1) Hs. 2 EU-DSGVO. This includes in particular the purpose of the processing, the categories of data processed, the recipients to whom data has been or will be disclosed, as far as possible the planned duration of storage or the criteria for the duration of storage.

9.2 Right to rectification

Pursuant to Art. 16 EU-DSGVO, you have the right to demand that we correct any inaccurate personal data concerning you without undue delay. Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data - also by means of a supplementary declaration.

9.3 Right to deletion

Pursuant to Art. 17 EU-DSGVO, you have the right to demand that we delete personal data concerning you without undue delay. We are obliged to delete personal data without undue delay if one of the reasons set out in Art. 17 (1) EU-DSGVO applies. These reasons include, for example, that the data is no longer necessary for the purposes for which it was collected or otherwise processed.

9.4 Right to restriction of processing

Pursuant to Art. 18 EU-DSGVO, you have the right to demand that we restrict processing if one of the conditions listed in Art. 18 EU-DSGVO applies. This includes, for example, that you dispute the accuracy of the personal data. Then we may only process the data in a restricted manner for as long as it takes to verify the accuracy of the personal data.

9.5 Right to data portability

Pursuant to Art. 20 EU-DSGVO, you have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format. You have the right to transfer this data to another responsible party i.e. another entity that processes data, without hindrance, provided that the original processing was based on consent or was necessary for the performance of a contract.

9.6 Right of objection

Pursuant to Art. 21 EU-DSGVO, you have the right to object at any time to the processing of personal data relating to you if such data is processed on the basis of Art. 6(1)(e) or (f) EU-DSGVO and there are grounds for doing so based on your personal situation. You may object to the processing of data for the purpose of direct marketing at any time. Personal data will then no longer be processed for this purpose. The right to object can be exercised by means of an informal declaration. A written statement or, optionally, an e-mail to the above contact address is sufficient.

9.7 Right to revoke the declaration of consent

Pursuant to Art. 7 (3) EU-DSGVO, you have the right to revoke your consent to processing at any time. The lawfulness of the processing carried out on the basis of the consent until the revocation is not affected. The right of revocation can be exercised by an informal declaration. A written declaration or, optionally, an e-mail to the above contact address is sufficient. You can withdraw your consent to the use of cookies via our banner, which is displayed when you call up our privacy policy.

9.8 Right to complain to a supervisory authority

Pursuant to Art. 77 EU-DSGVO, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, your place of work or the place of the alleged infringement, without prejudice to any other administrative or judicial remedy, if you are of the opinion that the processing of personal data concerning you violates this Regulation. In the present case, the competent supervisory authority is:

Berlin Commissioner for Data Protection and Freedom of Information
Friedrichstr. 219
10969 Berlin

Tel.: +49 (0)30 13889-0
E-mail: [email protected]

10. Data Protection Officer

Our external data protection officer will be happy to provide you with information on the subject of data protection under the following contact details:

Ali Tschakari, LL.M.
Bitkom Servicegesellschaft mbH
Albrechtstrasse 10
10117 Berlin
E-mail: [email protected]

If you contact our data protection officer, please indicate the responsible office in the imprint.

11. Concluding provisions

diesdas.digital GmbH reserves the right to adapt this data protection declaration at any time so that it always complies with the current legal requirements or in order to implement changes to the services in the data protection declaration, e.g. when new services are introduced or changes are made to the website. The new data protection declaration will then apply to a renewed access to this website.