Data protection information
1. general information
When you visit our website, various personal data are processed depending on the type and scope of your visit. Personal data is information that relates to an identified or identifiable natural person (hereinafter referred to as "person concerned"). An identifiable natural person is one who can be identified, directly or indirectly (e.g. by reference to an online identifier). This includes information such as name, address, telephone number, date of birth or IP addresses.
With this data protection notice, we inform you in accordance with Art. 12 et seq. GDPR about which personal data is processed when you visit and use our website. In particular, you will find information below on what data we collect in connection with your visit to and use of our website, what we use the collected data for and for what purposes the data is collected. You will also find information on the rights to which you are entitled in connection with the processing of your personal data.
We reserve the right to adapt this data protection information with effect for the future, in particular in the event of the further development of our website, the use of new technologies or changes to the legal basis or the corresponding case law. This data protection information applies to all pages of our website (www.fairforce.one). It does not extend to any linked websites or internet presences of other providers.
2. responsible person
The controller pursuant to Art. 4 No. 7 GDPR is the
fairforce.one Rechtsdienstleistungsgesellschaft mbH
Weißenfelser Str. 65J - House 7
04229 Leipzig
e-mail: post@fairforce.one
Phone: 0800 30 111 60
3. data protection officer
If you have any questions about data protection with regard to our company or our website, you can contact our data protection officer. You can reach our data protection officer at the following e-mail address s.schuldt@gp-data.de or at the following postal address:
GP Data GmbH
Contact person: Stephan Schuldt
Mädler Passage, staircase B
Grimmaische Str. 2-4
04109 Leipzig
4. safety
For security reasons and to protect your personal data during transmission to us, we use SSL or TLS encryption to protect your data against access by unauthorised persons. You can recognise an encrypted connection by the character string https:// and the lock symbol in the address bar of your browser.
5. purposes and legal bases of the processing
5.1 Accessing and visiting our website - server log files
For the technical provision of our website, it is necessary for us to process certain information automatically transmitted by your browser so that our website can be displayed and used in your browser. This information is automatically collected each time you visit our website and stored in so-called "server log files". The information transmitted by your browser and stored in the server log files is the following information:
- IP address
- Date and time of the enquiry
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/HTTP status code
- Amount of data transferred
- Website from which the access is made (referrer URL);
- Browser type and browser version;
- Operating system used
The storage of the aforementioned access data is necessary for technical reasons in order to provide our website and to ensure system security. This also applies to the storage of your IP address, which is necessary and, under further conditions, can at least theoretically enable an assignment to your person. In addition to the above-mentioned purposes, we use server log files exclusively for the needs-based design and optimisation of our website for purely statistical purposes and without drawing any conclusions about your person. This data is not merged with other data sources, nor is it analysed for marketing purposes.
The access data collected as part of the use of our website is stored for the period for which this data is required to fulfil the aforementioned purposes. Your IP address is stored on our web server for a maximum of 7 days for IT security purposes.
If you visit our website to find out about our range of services or to use them, the basis for the temporary storage and processing of access data is Art. 6 para. 1 sentence 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or for the implementation of pre-contractual measures. In addition, Art. 6 para. 1 sentence 1 lit. f GDPR serves as the legal basis for the temporary storage of technical access data. Our legitimate interest here is to be able to provide you with a technically functioning and user-friendly website and to ensure the security of our systems.
5.2 Contact
5.2.1 Determination of entitlement
If you use our contact form to have your claims checked, we will process the data you provide in the contact form:
- Vehicle in use
- Indicate whether you or any passengers were injured (slightly injured / seriously injured / not injured)
- Role in the accident (injured party / responsible party / partially at fault / not clarified)
- Indicate whether a lawyer has already been instructed (Yes / No)
- Title, first name, surname, telephone number
In addition to the data you provide in the contact form, we store the time of transmission of your data to us (date, time) and your IP address in order to ensure the security of our systems and to prevent misuse of the contact form.
The legal basis for the processing of your personal data for the purpose of ensuring the security of our systems and preventing misuse is our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR.
We process the personal data provided by you in the context of your enquiry on the basis of Art. 6 para. 1 lit. b GDPR and on the basis of your consent (Art. 6 para. 1 lit. a GDPR), insofar as such consent has been obtained.
The data provided or transmitted by you as part of the enquiry will be stored by us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your enquiry has been processed). Mandatory statutory provisions, in particular statutory retention periods, remain unaffected.
5.2.2 Telephone, e-mail
If you contact us by e-mail or telephone via the contact options provided on our website, the content of your enquiry, including all personal data resulting from it, will be processed for the purpose of processing your enquiry, insofar as this is relevant or necessary for answering your enquiry.
The processing of the personal data provided by you in the context of your enquiry is based on Art. 6 para. 1 lit. b GDPR, insofar as your enquiry is related to the establishment or execution of a contractual relationship. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR), insofar as such consent has been obtained.
The data provided or transmitted by you as part of the enquiry will be stored by us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your enquiry has been processed). Mandatory statutory provisions, in particular statutory retention periods, remain unaffected.
5.2.3 Making an appointment - Calendly
To make it easier to arrange appointments, we provide the option on our website of displaying free appointments and booking a free appointment immediately.
For this purpose, we use the Calendly service provided by Microsoft Calendly LLC, 15 E Main St., Ste A1B Buford, GA 30518, USA.
You are not obliged to use Calendly to make an appointment. Of course, you can also make an appointment using the other contact options provided on our website.
A connection to Calendly is only established when you call up the appointment booking function via a corresponding appointment booking button. If you use Calendly to make an appointment, the following personal data will be processed:
- Date and time of the selected appointment
- Name
- E-mail address
- Information on preparing for the meeting
- Technical data (IP address, device and browser information)
The processing of the aforementioned data is carried out on the basis of Art. 6 para. 1 lit. b GDPR, insofar as the appointment is made in connection with the establishment or execution of a contractual relationship. In all other cases, the processing is based on our legitimate interest in the effective processing of the appointments made with us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if such consent has been requested.
The personal data processed in connection with the appointment will be stored by us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after the agreed appointment has been made). Mandatory statutory provisions, in particular statutory retention periods, remain unaffected.
We have concluded an order processing agreement with Calendly LLC in connection with the use of Calendly. In the event that personal data is processed in the USA in connection with the use of Calendly, we have concluded the standard contractual clauses (Implementing Decision (EU) 2021/914, Module 3) with Calendly LLC in accordance with Art. 46 para. 2 lit. c GDPR in order to ensure that the data is processed in accordance with the level of protection guaranteed by the GDPR. The agreement we have concluded with Calendly LLC can be viewed at the following link
https://calendly.com/legal/data-processing-addendum
In addition, on 10 July 2023, the European Commission adopted an adequacy decision pursuant to Art. 45 GDPR for the USA, the so-called EU-U.S. Data Privacy Framework. According to this, companies that are certified under the EU-U.S. Data Privacy Framework offer an adequate level of data protection.
Calendly LLC is certified according to the EU-U.S. Data Privacy Framework:
5.3 Newsletter
With your consent, you can subscribe to our newsletter, with which we will inform you regularly about the latest developments relating to fairforce.one:
5.3.1 Application form
We use the "Brevo" service of Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin Germany ("Sendinblue") to subscribe to our newsletter.
When you call up a page on our website on which a form for registering for our newsletter is integrated, a connection is established to the Brevo servers (www.sibforms.com) in order to load the data required to provide the registration form. As a result, (personal) data is transmitted to Brevo. The data transmitted to Brevo is in particular your IP address, which basically enables Brevo to recognise that you have visited our website. In addition, information such as language settings, the version of the browser you are using and the name of the browser you are using are automatically transmitted to Brevo.
Data processing in connection with the provision of the registration form is carried out on the basis of our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in providing a simple and functional option for registering for our newsletter.
5.3.2 Registration for our newsletter
We use the so-called double opt-in procedure to subscribe to our newsletter. This means that after you have registered, we will send you an e-mail to the e-mail address you have provided in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm your registration, your information will be blocked and automatically deleted after one month. We also store the IP addresses you use and the times of registration and confirmation. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify any possible misuse of your data.
The only information required for registration is your e-mail address. After confirming your registration, we will save your e-mail address for the purpose of sending you the newsletter.
5.3.3 Dispatch of our newsletter
Our newsletter is sent on our behalf by Brevo. The e-mail address you provide to receive our newsletter is therefore stored on Sendinblue's servers.
Our newsletter sent with Brevo enables us to analyse the behaviour of the recipients of our newsletter. In particular, we can analyse how many recipients have opened the newsletter and how often which link within the newsletter was clicked on. With the help of so-called "conversion tracking", it is also possible to define whether a predefined action has taken place on our website after clicking on a link in the newsletter. Further information on data analysis in connection with the use of Brevo can be found under the following link:
The legal basis for the processing of your personal data in connection with the subscription to our newsletter is your consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR. You can revoke your consent at any time and unsubscribe from the newsletter. You can revoke your consent by clicking on the link provided in every newsletter, by e-mail to post@fairforce.one or by sending a message to the contact details provided in this privacy policy.
Your data processed for the purpose of subscribing to our newsletter will be stored by us or Sendinblue until you unsubscribe from the newsletter and will be deleted from our newsletter distribution list after you unsubscribe from the newsletter.
After unsubscribing from our newsletter, your e-mail address may be stored by us or Sendinblue in a so-called "blacklist" in order to prevent you from receiving further e-mails after unsubscribing from our newsletter. The email addresses stored in the blacklist are used exclusively for this purpose and are not merged with other data. The storage of your e-mail address within the blacklist serves both your interest and our interest in complying with the legal requirements when sending newsletters. The processing is therefore carried out on the basis of a legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR.
5.4 Use of cookies and associated plugins/tools
5.4.1 Cookies
We use so-called "cookies" on our website. Cookies are small text files that are stored on the hard drive of the device you use to access our website. The characteristic character strings contained in the cookies can be used to identify the browser you are using when you access our website. Cookies cannot execute programmes or transmit viruses to the end device you are using. They serve to make our website more user-friendly, effective and secure and to enable the provision of certain functionalities of our website.
Cookies may contain data that enables the device you are using to be recognised. In some cases, cookies only contain information on certain settings (e.g. language settings) that are not personally identifiable.
You can refuse the use of cookies and delete cookies at any time by making the appropriate settings on your device:
Most browsers are preset to accept cookies automatically. You can change this default setting by activating the "Do not accept cookies" setting in your browser. For more information, please contact your browser provider.
Cookies that have already been saved can be deleted at any time. For more information on deleting cookies, please contact your browser provider.
Like the use of cookies, their rejection or deletion is also linked to the device and browser used. You must therefore reject or delete cookies for each of your devices and, if you use multiple browsers, for each browser separately.
If you activate the "do not accept cookies" function in your browser, it is possible that not all functions of our website or individual functions will only be available to you to a limited extent.
A distinction is made between so-called "session cookies", which are deleted as soon as you close your browser, and so-called "permanent cookies", which are stored beyond the individual session and are only deleted after a defined period of time. We have categorised the cookies used on our website into the following categories according to their functions:
- Essential cookies
Essential cookies enable basic functions and are necessary for the proper functioning of the website.
- Statistics cookies
Statistics cookies collect information anonymously. This information helps us to understand how our visitors use our website.
- Marketing cookies
Marketing cookies are used by third-party providers or publishers to display personalised advertising. They do this by tracking visitors across websites.
- External media
Content from video platforms and social media platforms is blocked by default. If cookies from external media are accepted, access to this content no longer requires manual consent.
5.4.2 Cookies used
Below you will find more information about the cookies used on our website:
Name of the cookies |
Provider |
Category |
Intended use |
Storage duration |
borlabs-cookie |
|
Essential cookies |
Saves the settings of the visitors selected in the Cookie Box of Borlabs Cookie. |
1 year |
_ga,_gat,_gid |
Google Ireland Limited |
Statistics cookies |
Cookie from Google to control advanced script and event handling. |
2 years |
_hjClosedSurveyInvites, _hjDonePolls, _hjMinimisedPolls, _hjDoneTestersWidgets, _hjIncludedInSample, _hjShownFeedbackMessage, _hjid, _hjRecordingLastActivity, hjTLDTest, _hjUserAttributesHash, _hjCachedUserAttributes, _hjLocalStorageTest, _hjptid |
Hotjar Ltd |
Statistics cookies |
Cookies from Hotjar for website analyses. |
1 year |
IDE, _gcl_au, _gcl_aw |
Google Ireland Limited |
Marketing cookies |
Display adverts on other websites in a more targeted manner in order to present users only with adverts that potentially match their interests. |
Session / 1 year |
Google Optimise |
Google Ireland limited |
Marketing cookies |
Used to unlock Google Optimise content. |
6 months |
vuid |
Vimeo |
External media |
Used to unblock Vimeo content. |
2 years |
The legal basis for the storage of essential cookies is § 25 para. 2 no. 2 TTDSG. We store statistics and marketing cookies as well as cookies from external media exclusively on the basis of your express and active consent in accordance with Section 25 (1) TTDSG in conjunction with Art. 6 (1) lit. a GDPR.
5.4.3 Cookie management
Insofar as consent is required for the storage of cookies on your end device, this website uses the cookie consent technology of Borlabs GmbH, Hamburger Straße 11, 22083 Hamburg (hereinafter referred to as "Borlabs") is used to obtain your consent and document it in compliance with data protection regulations.
In connection with the use of Borlabs' cookie consent technology, information is stored in the local memory of your browser (cookie duration, cookie version, domain and path of the website, consents, UID) in order to manage and store the consents you have given. The UID is a randomly generated ID.
If you wish to revoke the consent you have given or change your selection, simply delete the information stored by Borlabs in your browser's local memory. As soon as you visit our website again, you will be asked again for your cookie selection (consent). Alternatively, you can revoke the consent you have given or change your selection by clicking on the button below:
[borlabs-cookie type="btn-cookie-preference" title="Cookie settings"/]
The legal basis for storing information on your end device and accessing it in connection with the use of Borlabs is Section 25 (2) No. 2 TTDSG.
5.4.4 Google Analytics
If you have given your consent, this website uses the Google Analytics 4 service, which is provided for the European area by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter "Google").
Google Analytics 4 uses JavaScript and pixels to read information from your end device and cookies to store information on your end device. The following data is processed in connection with the use of Google Analytics 4:
- IP address
- User ID and device ID
- Referrer URL (previously visited page)
- Pages accessed (date, time, URL, title, length of visit)
- Downloaded files
- Clicked links to other websites
- Achievement of specific goals (conversions)
- Technical information (operating system, browser type, version and language, device type, brand, model and resolution)
- Approximate location (country, region and, if applicable, city, based on the anonymised IP address)
The IP address is shortened by the last two digits by default. The IP address is truncated on servers within the European Union.
Google processes the data collected on our behalf in order to analyse the use of our website and to compile reports on the activities on our website. We use the information provided by Google to analyse the use of our website and to improve our website.
The data collected may be transferred by Google to a Google server in the USA for analysis and stored there.
The storage of cookies in connection with the use of Google Analytics is based on your consent in accordance with Section 25 (1) of the GDPR. The legal basis for the processing of your data in connection with the use of Google Analytics is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. You can withdraw your consent at any time with effect for the future. You can find more information on revoking your consent in this privacy policy under the section ("Cookie management").
We have concluded an order processing agreement with Google Ireland Limited in connection with the use of Google Analytics. In the event that personal data is transferred from Google Ireland Limited to the USA, Google Ireland Limited and Google LLC have concluded the standard contractual clauses (Implementing Decision (EU) 2021/914, Module 3) in accordance with Art. 46 para. 2 lit. c GDPR in order to ensure that the data is processed in accordance with the level of protection guaranteed by the GDPR.
In addition, on 10 July 2023, the European Commission adopted an adequacy decision pursuant to Art. 45 GDPR for the USA, the so-called EU-U.S. Data Privacy Framework. According to this, companies that are certified under the EU-U.S. Data Privacy Framework offer an adequate level of data protection.
Google LLC is certified in accordance with the EU-U.S. Data Privacy Framework:
5.4.5 Google Optimise
We use the web analysis and optimisation service Google Optimize on our website, which is provided for the European region by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter "Google"). We use Google Optimize to increase the attractiveness, content and functionality of our website by displaying new functions and content to a percentage of visitors to our website and statistically analysing the change in usage. Google Optimize is a sub-service of Google Anlaytics (see section 5.4.4).
Google Optimize uses cookies to enable optimisation and analysis of your use of our website. The information generated by the use of cookies about the use of our website is usually transferred to a Google server in the USA and stored there. However, if IP anonymisation is activated on this website, your IP address will be shortened by Google beforehand within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. We would like to point out that Google Optimize has been extended to include IP anonymisation on this website in order to ensure anonymised collection of IP addresses (so-called IP masking).
The storage of cookies in connection with the use of Google Analytics is based on your consent in accordance with Section 25 (1) of the GDPR. The legal basis for the processing of personal data in connection with the use of Google Optimise is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. You can withdraw your consent at any time with effect for the future. You can find more information on revoking your consent in this data protection information under the section ("Cookie management").
We have concluded an order processing agreement with Google Ireland Limited in connection with the use of Google Optimise. In the event that personal data is transferred from Google Ireland Limited to the USA, Google Ireland Limited and Google LLC have concluded the standard contractual clauses (Implementing Decision (EU) 2021/914, Module 3) in accordance with Art. 46 para. 2 lit. c GDPR in order to ensure that the data is processed in accordance with the level of protection guaranteed by the GDPR.
In addition, on 10 July 2023, the European Commission adopted an adequacy decision pursuant to Art. 45 GDPR for the USA, the so-called EU-U.S. Data Privacy Framework. According to this, companies that are certified under the EU-U.S. Data Privacy Framework offer an adequate level of data protection.
Google LLC is certified in accordance with the EU-U.S. Data Privacy Framework:
5.4.6 Google Tag Manager
This website uses the Google Tag Manager. The Google Tag Manager is a solution for managing website tags. The "Tag Manager" tool is a cookie-free domain and does not collect any personal data. The tool ensures the resolution of other tags, which in turn may collect data. Google Tag Manager does not access this data. If a deactivation has been made at domain or cookie level, this remains in place for all tracking tags that are implemented with Google Tag Manager.
5.4.7 Google reCAPTCHA
We use the service "Google reCAPTCHA" (hereinafter "reCAPTCHA") on our website, which is provided for the European area by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter "Google").
The use of reCAPTCHA checks whether data is entered on our website (e.g. in a contact form) by a human or by an automated programme. For this purpose, reCAPTCHA analyses the behaviour of the website visitor based on various characteristics. This analysis begins automatically as soon as the user accesses a page of our website on which reCAPTCHA is integrated. To analyse this, reCAPTCHA evaluates various information (e.g. IP address, time spent on the website by the website visitor or mouse movements made by the user). The data collected during the analysis is forwarded to Google.
The reCAPTCHA analyses run completely in the background. You will not be informed that an analysis is taking place.
The data is stored and analysed on the basis of Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in protecting our website from abusive automated spying and SPAM. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.
We have concluded an order processing agreement with Google Ireland Limited in connection with the use of Google reCAPTCHA. In the event that personal data is transferred from Google Ireland Limited to the USA, Google Ireland Limited and Google LLC have concluded the standard contractual clauses (Implementing Decision (EU) 2021/914, Module 3) in accordance with Art. 46 para. 2 lit. c GDPR to ensure that the data is processed in accordance with the level of protection guaranteed by the GDPR.
In addition, on 10 July 2023, the European Commission adopted an adequacy decision pursuant to Art. 45 GDPR for the USA, the so-called EU-U.S. Data Privacy Framework. According to this, companies that are certified under the EU-U.S. Data Privacy Framework offer an adequate level of data protection.
Google LLC is certified in accordance with the EU-U.S. Data Privacy Framework:
https://www.dataprivacyframework.gov/
For more information about Google reCAPTCHA, please refer to the Google Privacy Policy and the Google Terms of Use at the following links:
https://policies.google.com/privacy?hl=de
and
5.4.8 Hotjar
If you have given your consent, this website uses the Hotjar service, which is provided by Hotjar Ltd, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe.
Hotjar is a tool for analysing your user behaviour when you visit our website. In particular, Hotjar allows us to record your mouse and scroll movements as well as your clicks. Hotjar can also determine how long you remain with the mouse pointer on a certain position. Hotjar uses this information to create so-called heat maps, which can be used to determine which areas of the website were viewed most frequently.
The storage of cookies in connection with the use of Hotjar is based on your consent in accordance with § 25 para. 1 TTDSG. The legal basis for the processing of your data in connection with the use of Hotjar is your consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR. You can withdraw your consent at any time with effect for the future. You can find more information on revoking your consent in this data protection information under the section ("Cookie management").
5.4.9 Vimeo
This website uses plugins from the video portal Vimeo. The provider is Vimeo Inc, 555 West 18th Street, New York, New York 10011, USA.
When you visit one of our pages equipped with a Vimeo plugin, a connection to the Vimeo servers is established. The Vimeo server is informed which of our pages you have visited. Vimeo also obtains your IP address. This also applies if you are not logged in to Vimeo or do not have a Vimeo account. The information collected by Vimeo is transmitted to the Vimeo server in the USA.
If you are logged into your Vimeo account, you enable Vimeo to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your Vimeo account.
We have concluded an order processing contract with Vimeo Inc. in connection with the use of Vimeo. In the event that personal data is processed in the USA in connection with the use of Vimeo by Vimeo Inc., we have concluded the standard contractual clauses (Implementing Decision (EU) 2021/914, Module 3) with Vimeo Inc. in accordance with Art. 46 para. 2 lit. c GDPR in order to ensure that the data is processed in accordance with the level of protection guaranteed by the GDPR. The agreement we have concluded with Vimeo Inc. can be viewed at the following link
https://www.vhx.tv/data-processing
In addition, on 10 July 2023, the European Commission adopted an adequacy decision pursuant to Art. 45 GDPR for the USA, the so-called EU-U.S. Data Privacy Framework. According to this, companies that are certified under the EU-U.S. Data Privacy Framework offer an adequate level of data protection.
Vimeo Inc. is certified in accordance with the EU-U.S. Data Privacy Framework:
https://www.dataprivacyframework.gov/
The use of Vimeo is in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time. The storage of cookies in connection with the use of Vimeo is based on your consent in accordance with § 25 para. 1 TTDSG.
Further information on the handling of user data can be found in Vimeo's privacy policy at:
5.4.10. Trustpilot
On our website, we use the rating portal of Trustpilot A/S, Pilestræde 58, 5, 1112 Copenhagen, Denmark (hereinafter "Trustpilot"). Users of our website can rate our services via Trustpilot. Users who have used our services are asked to give their consent to the sending of a review request. If consent has been given, the user will receive a link to a review page. In order to ensure that the respective user has actually used our services, we transmit the necessary data to Trustpilot with regard to the user and the services used (name, email address, reference number). The data is processed by Trustpilot for the purpose of verifying authenticity and addressing the respective user.
To submit a review, you need to open a customer account with Trustpilot. Trustpilot's terms and conditions and privacy policy apply. In order to maintain the neutrality and objectivity of the reviews, we have no direct influence on the reviews and cannot delete them ourselves. If you wish to delete a review you have submitted, please contact Trustpilot directly.
The legal basis for the processing of your personal data in connection with the evaluation procedure is your consent pursuant to Art. 6 para. 1 lit. a GDPR.
We have also integrated a Trustpilot widget on our website to display Trustpilot content (e.g. seal of approval, collected reviews) on our website. A connection to the Trustpilot servers is established to display Trustpilot content. In this context, technical data (access data, IP address) is transmitted to Trustpilot. Trustpilot is also informed that our website has been accessed via your IP address. This information can be stored in a cookie and used by Trustpilot to recognise which online offers that participate in the Trustpilot evaluation process have been visited by the user. The information may be stored in a user profile and used for advertising or market research purposes.
The legal basis for the processing of your personal data in connection with the integration of the widget is your consent in accordance with Art. 6 para. 1 lit. a GDPR. The storage of cookies in connection with the widget is based on your consent in accordance with § 25 para. 1 TTDSG.
5.4.11. Fontawesome
Our website uses so-called web fonts or icons provided by Fonticons, Inc. for the standardised display of fonts or icons. When you call up a page, your browser loads the required web fonts or icons into your browser cache in order to display texts, fonts and icons correctly.
For this purpose, the browser you are using must connect to the servers of Fonticons, Inc. As a result, Fonticons, Inc. becomes aware that our website has been accessed via your IP address.
If your browser does not support Font Awesome, a standard font will be used by your computer. You can find more information about Font Awesome at https://fontawesome.com/help and in the data protection information of Fonticons, Inc: https://fontawesome.com/privacy.
If you have given your consent to the use of Font Awesome, the processing and transmission of your personal data is based on your consent, Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future. You can find more information on revoking your consent in this data protection information under the section ("Cookie management").
In addition, we have a legitimate interest in using Font Awesome to improve our online service, Art. 6 para. 1 lit. f GDPR. Nevertheless, we only use Font Awesome if you have given us your consent to do so.
Insofar as personal data is transferred to the USA when using Font Awesome, further protective mechanisms are required to ensure the level of data protection required by the GDPR. To ensure this, we have agreed standard data protection clauses with the provider in accordance with Art. 46 para. 2 lit. c GDPR. These oblige the recipient of the data in the USA to process the data in accordance with the level of protection in Europe. In cases where this cannot be ensured even by this contractual extension, we endeavour to obtain additional regulations and assurances from the recipient in the USA.
5.5 Application
On our website, we provide the opportunity to apply for open positions in our company. In order to complete the application process, you as the applicant must provide us with more detailed information about yourself. The personal data required to carry out the application process can be found in the application form for the respective job advert. This relates in particular to the following personal data:
- First name, surname
- E-mail address
- Telephone number
You also have the option of uploading informative documents such as a cover letter, your CV and certificates. These may contain further personal data such as date of birth, address, etc.
In addition to the data provided by you, we may process further information about you that we obtain during the application process. This may include information from a job interview conducted with you as well as information that we have legitimately obtained from publicly accessible sources (e.g. professional networks).
We process your personal data in accordance with the provisions of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act, insofar as this is necessary for the decision on the establishment of an employment relationship. The legal basis for this is Art. 88 GDPR in conjunction with Section 26 BDSG and, if applicable, Art. 6 para. 1 lit. b GDPR for the initiation or execution of contractual relationships.
Furthermore, your personal data may be processed if this is necessary for the fulfilment of legal obligations (Art. 6 para. 1 lit. c GDPR) or for the defence of asserted legal claims. The legal basis for this is Art. 6 para. 1 lit. f GDPR. The legitimate interest results, among other things, from the burden of proof in proceedings under the General Equal Treatment Act (AGG). If you have given your express consent to the processing of personal data for specific purposes, the lawfulness of the processing follows from the consent you have given. Any consent given can be revoked at any time with effect for the future.
If there is an employment relationship between you and us or between you and a company affiliated with us, the personal data you provide during the application process may be further processed in accordance with Art. 88 GDPR in conjunction with Section 26 BDSG, insofar as this is necessary for the execution or termination of the employment relationship or for the exercise or fulfilment of the rights and obligations of the employee representation arising from a law or a collective agreement, a works or service agreement (collective agreement).
Your data will be stored for a period of 90 days after the end of the application process. This is usually done to fulfil legal obligations or to defend against any claims arising from legal regulations. We are then obliged to delete or anonymise your data. In this case, the data will only be available to us as so-called metadata without direct personal reference for statistical analyses (e.g. proportion of women or men in applications, number of applications per period, etc.).
If you give your consent after the application process has been completed, we will store the personal data collected during the application process in our "talent pool" for a period of 180 days after the end of the application process. This gives us the opportunity to consider you for future vacancies. You have the right to withdraw your consent at any time with effect for the future. Once you have withdrawn your consent or 180 days have passed since the end of the application process, your data will no longer be used for the application process and will be deleted from our "talent pool".
If you receive an offer of employment with us during the application process and accept it, we will store the personal data collected during the application process for at least the duration of the employment relationship.
5.6 Hosting
Our website is hosted by an external service provider, Raidboxes GmbH, Hafenstraße 32, 48153 Münster, Germany. The data collected when you use our website is stored on our host's servers. This data includes, in particular, IP addresses, contact requests, meta and communication data, contact data, website access and other data that is collected when a website is used.
The use of our hoster is for the purpose of contract fulfilment vis-à-vis our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f GDPR).
Our hoster will only process your data to the extent necessary to fulfil its contractual obligations.
5.7 Further processing purposes
5.7.1 Compliance with legal regulations
5.7.2 Enforcement of rights
We also process your personal data in order to assert our rights and enforce our legal claims. We also process your personal data in order to be able to defend ourselves against legal claims. Finally, we process your personal data if this is necessary for the defence or prosecution of criminal offences. We process your personal data to protect our legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, insofar as we assert legal claims or defend ourselves in legal disputes or we prevent or investigate criminal offences (legitimate interest).
6. recipients of data
Within our company, those departments that require your data to fulfil our contractual and legal obligations will have access to it. Service providers and vicarious agents employed by us (e.g. technical service providers, shipping companies, waste disposal companies) may also receive data for these purposes. We limit the transfer of your personal data to what is necessary in accordance with data protection regulations. In some cases, the recipients receive your personal data as processors and are then strictly bound by our instructions when handling your personal data. In some cases, the recipients act independently under their own responsibility under data protection law and are also obliged to comply with the requirements of the GDPR and other data protection regulations.
Finally, in individual cases we transmit personal data to our consultants in legal or tax matters, whereby these recipients are obliged to maintain special confidentiality and secrecy due to their professional status.
7. duration of data storage
We initially process and store your personal data for the duration of the respective purpose of use (see above for the individual processing purposes). This may also include the periods for the initiation of a contract (pre-contractual legal relationship) and the fulfilment of a contract. On this basis, personal data is regularly deleted as part of the fulfilment of our contractual and/or legal obligations, unless its temporary further processing is necessary for the following purposes:
- Fulfilment of statutory retention obligations arising, for example, from the German Commercial Code (Sections 238, 257 (4) HGB) and the German Fiscal Code (Section 147 (3), (4) AO). The retention and documentation periods specified there are up to ten years.
- Preservation of evidence, taking into account the statute of limitations. According to Sections 194 et seq. of the German Civil Code (BGB), these limitation periods can be up to 30 years, whereby the regular limitation period is three years.
8. your rights
8.1 Right to information
In accordance with Art. 15 GDPR, you are entitled at any time to request confirmation from us as to whether we are processing personal data concerning you; if this is the case, you are also entitled in accordance with Art. 15 GDPR to receive information about this personal data and certain other information (in particular the purposes of processing, categories of personal data, categories of recipients, planned storage period, the origin of the data, the use of automated decision-making and, in the case of third country transfers, the appropriate guarantees) and a copy of your data. The restrictions of § 34 BDSG apply.
8.2 Right to rectification
In accordance with Art. 16 GDPR, you are entitled to demand that we correct any personal data stored about you if it is inaccurate or incorrect.
8.3 Right to cancellation
You are entitled, under the conditions of Art. 17 GDPR, to demand that we erase personal data concerning you without undue delay. The right to erasure does not exist, among other things, if the processing of your personal data is necessary, e.g. to fulfil a legal obligation (e.g. statutory retention obligations) or for the assertion, exercise or defence of legal claims. In addition, the restrictions of § 35 BDSG apply.
8.4 Right to restriction of processing
You are entitled to demand that we restrict the processing of your personal data under the conditions of Art. 18 GDPR.
8.5 Right to data portability
Under the conditions of Art. 20 GDPR, you are entitled to demand that we provide you with the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format.
8.6 Right of cancellation
You can withdraw your consent to the processing of personal data at any time. This also applies to the revocation of declarations of consent given to us before the GDPR came into force, i.e. before 25 May 2018. Please note that the revocation is only effective for the future. Processing that took place before the revocation is not affected by the revocation of consent. An informal notification, e.g. by email to us, is sufficient to declare the revocation.
8.7 Right of objection
You are entitled to object to the processing of your personal data under the conditions of Art. 21 GDPR, so that we must stop processing your personal data. The right to object exists only within the limits provided for in Art. 21 GDPR. In addition, our interests may conflict with the termination of processing, so that we are authorised to process your personal data despite your objection. We will consider an objection to any direct marketing measures immediately and without weighing up the existing interests again.
Information about your right to object in accordance with Art. 21 GDPR
You have the right to object at any time to the processing of your data on the basis of Art. 6 para. 1 lit. f GDPR (data processing on the basis of a balancing of interests) or Art. 7 para. 1 sentence 1 lit. e GDPR (data processing in the public interest) if there are reasons for doing so that arise from your particular situation.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defence of legal claims.
The objection can be made informally and should preferably be addressed to:
fairforce.one Rechtsdienstleistungsgesellschaft mbH
Weißenfelser Str. 65J - House 7
04229 Leipzig
e-mail: post@fairforce.one
Phone: 0800 30 111 60
8.8 Right to lodge a complaint with a supervisory authority
Under the conditions of Art. 77 GDPR, you have the right to lodge a complaint with a competent supervisory authority. In particular, you can lodge a complaint with the supervisory authority responsible for us (Saxon Data Protection and Transparency Officer; https://www.datenschutz.sachsen.de/kontakt.html) or any other competent supervisory authority. A list of data protection supervisory authorities and their contact details can be found at the following link:
https://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html
8.9 Other concerns
For further data protection questions and concerns, please contact our data protection officer using the contact details given above.
9. obligation to provide data
In principle, you are not obliged to provide us with your personal data. However, if you do not do so, we will not be able to make our website available to you without restriction or answer your enquiries to us. Personal data that we do not necessarily require for the above-mentioned processing purposes is labelled accordingly as voluntary information.
10. automated decision-making/profiling
We do not use automated decision-making or profiling (an automated analysis of your personal circumstances).