Privacy policy

activeMind AG and activeMind.legal Rechtsanwaltsgesellschaft mbH manage an application portal for submitting applications online. activeMind AG and activeMind.legal Rechtsanwaltsgesellschaft mbH place great importance on the protection of privacy and comply with the legal data protection regulations. The following is an explanation of how we handle your personal data.

1. Who is responsible?

The responsible party pursuant to data protection law is:

activeMind AG
Management- und Technologieberatung
Potsdamer Strasse 3
80802 Munich

Telephone: +49 (0)89 / 418 56 01 70
www.activemind.de

CEO: Klaus Foitzick
Chairman of the Supervisory Board: Manfred Kessler
District Court Munich HRB 135796

and

activeMind.legal Rechtsanwaltsgesellschaft mbH
Potsdamer Strasse 3
80802 Munich

Telephone: +49 (0)89 / 418 56 01 70
www.activemind.legal

Managing Director: Klaus Foitzick
District Court Munich HRB 185355

The data are processed collectively in many areas, which are also outlined in this document. As such, both companies are responsible for the respective processing (Art. 26 GDPR).

As our data protection officers, we have appointed:

activeMind AG data protection officers
Telephone: +49 (0)89 / 418 56 01 70
E-mail: datenschutz@activemind.de

2. Which processing activities are carried out?

Contact formula and application

Purpose and legal basis

You can submit your online application to activeMind AG (Munich) and activeMind.legal Rechtsanwaltsgesellschaft mbH via our application portal. We will process the data provided by you solely for the purpose of evaluating professional suitability and for contacting you.

The processing occurs in order to establish an employment relationship within the scope of implementing the precontractual measures, which are carried out upon request, § 26 of the Federal Data Protection Act [Bundesdatenschutzgesetz (BDSG)]

Data recipients

Within the companies, the parties who need your data to fulfil their contractual, legal and regulatory obligations, as well as to safeguard legitimate interests, will have access to your data.

For our application process, we use personnel management software from Personio (see below) to help us manage this process and the job postings. For this we have a commissioned-processing contract with the service provider.

Third-country transfers

The processing does not take place outside of the European Union (EU) or the European Economic Area (EEA).

Retention period

Should your application be rejected, deletion thereof will occur six months after notification of the decision. If your application is successful, the application documents will be saved at least for the duration of your employment at activeMind AG or activeMind.legal Rechtsanwaltsgesellschaft mbH.

Mandatory or required provision

The provision of your personal data is neither legally nor contractually required. However, processing the application is not possible without this provision.

Accessing our website

Purpose, legal basis and legitimate interest

 

When you access our website – i.e. if you do not register or submit information – information of a general nature will be collected automatically. This information (server log files) contains the type of web browser, the operating system used, the domain name of your Internet service provider, your IP address and the like.

It is processed in particular for the following purposes:

  • Ensuring an unproblematic website connection
  • Ensuring seamless use of our website
  • Analysis of system security and stability as well as
  • For additional administrative purposes.

We also reserve the right to review the server log files retrospectively, should concrete evidence point to illegal use.

The processing occurs according to Art. 6 Para. 1 (f) GDPR, based on our legitimate interest in improving the stability and functionality of our website.

Data recipients

We use technical service providers for the operation and maintenance of our website, who are commissioned as our processors.

Retention period

The data will be deleted as soon as they are no longer required for the reason they were collected. This is generally the case for the data used to make the website available when the respective session has ended.

Mandatory or required provision

The provision of the aforementioned personal data is neither legally nor contractually mandatory. Without the IP address and cookie ID however, the service and functionality of our website are not guaranteed. Furthermore, individual services can be unavailable or limited.

Use of cookies

Like many other websites, we use so-called ‘cookies’. Cookies are small text files that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our website.

1. Use of technically required cookies

Purpose, legal basis and legitimate interest

We use cookies to make our website more user-friendly. Some elements of our website require that the respective browser be identified, even after a page change.

The following data will be saved and transmitted in the cookies:

  • Language settings

The purpose of using technically required cookies is to simplify the use of websites for users. Some features of our website cannot be provided without the use of cookies. For these features, identifying the browser again is necessary, even after a page change.

We require cookies for the following applications:

  • Applying language settings
  • Remembering search terms

The processing occurs according to Art. 6 Para. 1 (f) GDPR, based on our legitimate interest in the user-friendly design of our website.

Data recipients

Recipients of the data may be technical service providers, who work on the operation and maintenance of our website as the processor. For this we have the corresponding commissioned-processing contracts with the service providers.

Retention period

For the details on the retention period of the cookies and the technologies used within the scope of these tracking tools, see the cookie and opt-out notices.

Mandatory or required provision

The provision of the aforementioned personal data is neither legally nor contractually mandatory. Without these data however, the service and functionality of our website are not guaranteed. Furthermore, individual services can be unavailable or limited.

2. Use of cookies that are not technically required

Purpose and legal basis

Some of our websites use ‘cookies’. Small text files are hidden behind this standard technology that are stored on the device you’re using, which – among other things – make visiting a website more comfortable or more secure. Cookies can also be used to better tailor the offering on a website to the interests of the visitors or generally to improve the offer on the basis of statistical evaluations.

We use the following provider’s web-analysis technologies:

  • Google Analytics

The respective legal basis for this processing is your consent (Art. 6 Para. 1 (a) GDPR).

Data recipients

Recipients of the data may be technical service providers, who work on the operation and maintenance of our website as the processor. For this we have the corresponding commissioned-processing contracts with the service providers.

In the cookie and opt-out notices you’ll find additional recipients and the details on the technical functionality of the tools and information used as well as how you can prevent the data transfer (tracking).

Retention period

For the details on the retention period of the cookies and the technologies used within the scope of these tracking tools, see the cookie and opt-out notices.

Third-country transfers

Information on third-country transfers can also be found in the cookie and opt-out notices.

Mandatory or required provision

Of course, you can view our website without cookies. Internet browser are regularly configured to accept cookies. In general, you can disable the use of cookies via your browser settings at any time (see ‘Withdrawal of consent’).

Please keep in mind that individual features of our website may not work if you have disabled the use of cookies.

Withdrawal of consent

You’ll find details on the available opt-out options with these tracking tools in the cookie and opt-out notices.

Profiling

With the assistance of the tracking tools, the browsing behaviour of the website visitors can be evaluated and their respective interests analysed. For this analysis, we create a pseudonymous user profile.

Localisation service: Google Maps

We use Google Maps on this website. Google Maps is operated by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (hereinafter ‘Google’). With this service, we can show you interactive maps directly on the website and allow you to conveniently use the map feature.

By visiting the website, Google receives information that you have accessed the corresponding subpage of our website. This occurs regardless of whether Google provides a user account that you are logged into or if there is no user account. When you’re logged into Google, your data will be directly assigned to your account.

If you do not want this assignment in your Google profile, you must log out of Google before activating the button. Google stores your data as usage profiles and uses them for advertising, market research and/or tailor-made design of its website. Such an analysis occurs in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the formation of these user profiles, but you must submit this objection to Google.

You’ll find additional information about Google’s data processing on the Google privacy policy page, where you can also change your personal privacy settings in the data protection center.

Click here for detailed instructions on how to manage your own data related to Google products.

If you do not want Google to collect, process or use information about you via our website, you can disable JavaScript in your browser settings. NoScript allows JavaScript, Java and other plugins to run only on trusted domains of your choice. Your browser provider will provide you with information and instructions on how to edit this feature, (e.g. for Mozilla Firefox: https://addons.mozilla.org/en-GB/firefox/addon/noscript/).

In this case however, you cannot use our website, or only to a limited extent.

Third-country transfers

Google processes your data in the United States of America and is subject to the EU-US Privacy Shield https://www.privacyshield.gov/EU-US-Framework.

3. Which data protection rights do you have?

Every data subject has the right of access according to Art. 15 GDPR, right to rectification (Art. 16 GDPR), right to erasure (Art. 17 GDPR), right to restriction of processing (Art. 18 GDPR), right to object (Art. 21 GDPR) as well as the right to data portability (Art. 20 GDPR).

With the right of access and the right of erasure, the restrictions according to §§ 34 and 35 of the BDSG apply.

You may withdraw your consent to process personal data at any time. This also applies to the withdrawal of declarations of consent that were given to us before the effective date of the General Data Protection Regulation, i.e. prior to 25 May 2018. Please note that the withdrawal is only valid for the future. Processing that occurred before the withdrawal is not affected.

Furthermore, there is a right to lodge a complaint with a supervisory data protection supervisory authority (Art. 77 GDPR, compare with § 19 BDSG). You’ll find a list of supervisory authorities (for the non-public sector) with their respective addresses at: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

4. Data security

We only handle personal data as permitted by data protection regulations. We also endeavour to provide all necessary, technical and organisational security measures in order to adequately protect your personal data against unauthorised access and misuse at all times.

If we store or process personal data, this occurs in a high-security data centre. In order to protect the security of your data during transfer, we use encryption techniques (e.g. SSL) over HTTPS. Our servers are secured by firewall and virus protection. Back-up and recovery procedures as well as roles and authorisation policies are a given for us.

When handling data, our employees are obliged to comply with the regulations of the GDPR and the BDSG.

5. Changes to our data protection provisions

We reserve the right to modify this Privacy Policy so that it is always in compliance with the current legal requirements or to implement changes to services in the Privacy Policy, e.g. when introducing new services. In this case, your future visits to our website will be subject to the updated Privacy Policy.

Information on your right to object according to Art. 21 GDPR

Case-specific right to object

You have the right at any time, for reasons that arise from your particular situation, to object to the processing of personal data pertaining to you, which occurs pursuant to 6 Para. 1 (f) GDPR (data processing on the basis of a balance of interests); this also applies to profiling based on this provision in accordance with Art. 4 No. 4 GDPR.

If you file an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or if the processing is for the purpose of enforcing, carrying out or defending legal claims.

Recipient of an objection

The objection can be made without any form requirements. Simply send us a letter or e-mail with ‘Objection’ in the subject line, your name, address and date of birth, and address it to:

activeMind AG
Management- und Technologieberatung
Potsdamer Strasse 3
80802 Munich
E-mail: datenschutz@activemind.de