Privacy

We are pleased that you have visited our web page. In the following, we would like to inform you about how we handle your data in accordance with Art. 13 of the General Data Protection Regulation (GDPR).

Controller

The controller for the data processing described below is the office named in the legal notice

Usage Data

When you visit our website, our web server temporarily collects so-called usage data. This data record consists of
  • the name and address of the requested content,
  • the date and time of the query,
  • the transferred data volume,
  • the access status (content transferred, content not found),
  • the description of the web browser and operating system used,
  • the referral link, which indicates from which page you reached ours,
  • the IP address of the requesting computer, which is shortened in such a way that a personal reference can no longer be established.
The mentioned protocol data are only evaluated anonymously.

Storage of the IP address for security purposes

In addition, we store the complete IP address transmitted by your web browser for a period of seven days for a strict purpose, in the interest of being able to recognise, limit and eliminate attacks on our web pages. After this period of time has elapsed, we delete or anonymise the IP address. The legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR.

Data security

In order to protect your data as fully as possible from unwanted access, we take technical and organisational measures. We use an encryption procedure on our web pages. Your data is transferred from your computer to our server and vice versa via the Internet using TLS encryption. You can usually recognize this by the closed lock symbol in the status bar of your browser and the address line begins with https://.

Cookies

We use cookies on our websites, which are necessary for the use of our websites. Cookies are small text files which can be stored and read out on your end device. A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session. We do not use these required cookies for analysis, tracking or advertising purposes. Some of these cookies only contain information on certain settings and cannot be linked to a person. They may also be necessary to enable user guidance, security and implementation of the site.
We use these cookies on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR and in the interest of optimising or enabling user guidance and adapting the presentation of our website. You can set your browser to inform you about the placement of cookies. This makes the use of cookies transparent for you. You can also delete cookies at any time using the appropriate browser settings and prevent the setting of new cookies. Please note that our web pages may then not be able to be displayed and some functions may no longer be available for technical reasons.

Job Alert

You can order the notification for new job advertisements on our website under "JobAlert". Please note that we require certain data (at least your e-mail address) to register for the JobAlert. Information on new job advertisements will only be provided if you have given us your express consent in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR. After placing an order on our website, you will receive a confirmation e-mail to the e-mail address you have provided (so-called double opt-in). You can revoke your consent at any time. An easy way to unsubscribe is to use the unsubscribe link in every JobAlert-email.
When you register for the JobAlert, we store additional data in addition to the data already mentioned, if this is necessary for us to prove that you have ordered our JobAlert. This may include the storage of the complete IP address at the time of the order or confirmation of the JobAlerts, as well as a copy of the confirmation email sent by us. The corresponding data processing is carried out on the basis of Art. 6 para. 1 sentence 1 letter f GDPR and is carried out in the interest of being able to account for the legality of the sending of job offers.   

Application

You have the opportunity to apply for the positions advertised by us via the specified e-mail address or our application portal.
To be able to consider your application, at least the following information is required:
  • Name and address
  • E-mail address
  • Curriculum vitae / complete documents (e.g. Cover letter, Certificates)
  • How you found us
These are also marked as mandatory fields in our application portal. We process this information exclusively for the purpose of selecting applicants in accordance with § 26 para. 1 German Federal Data Protection Act (BDSG). Data processing for other purposes does not take place. In addition, you can decide for yourself whether you would like to provide us with further information, such as your telephone number, in order to better evaluate your application or to simplify communication. This information is provided voluntarily and is not mandatory for the application. In our application portal these fields are marked accordingly as voluntary. We then process your voluntary details on the basis of your consent in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future. Please contact the office named in the legal notice for this purpose. We will of course treat your data confidentially. Data will only be transferred within the nord Group, insofar as this is permitted under data protection law in individual cases. If your application is unsuccessful, your documents will be deleted at the latest three months after we have sent the rejection notice. If your application is addressed to FIRST PRIVACY B.V. we will delete your data at the latest one month after sending the rejection notice. The legal basis for this processing is Art. 6 para. 1 sentence 1 letter f GDPR in the legitimate interest to ward off any legal claims.
In the event that your application should also be considered for other or future job advertisements, this will only be done on the basis of your consent. We will then process your data on the basis of Art. 6 para. 1 sentence 1 lit. a GDPR and delete your application after two years or after one year if your application is addressed to FIRST PRIVACY B.V.. You can revoke your consent at any time with effect for the future. Please send your revocation to the office named in the legal notice.

Contact

You have the possibility to contact us via our contact form. In order to use our contact form, we first need the data marked as mandatory fields.
We use this data on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR to answer your enquiry.
Furthermore, you can decide for yourself whether you wish to provide us with further information. This information is provided voluntarily and is not mandatory for establishing contact. We process your voluntary details on the basis of your consent in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR. Your data will only be processed to answer your request. We delete your data as long as they are no longer required and no legal obligations to retain them exist.
Your data will only be processed to answer your request. We delete your data as long as they are no longer required and no legal obligations to retain them exist. Insofar as your data transmitted via the contact form are processed on the basis of Art. 6 Para. 1 S. 1 lit. f GDPR, you can object to the processing at any time. In addition, you can revoke your consent to the processing of the voluntary information at any time. Please contact the e-mail address mentioned in the legal notice.
You can also contact our contact persons directly by e-mail or telephone. We process the data that you transmit in this process exclusively for the processing of your enquiry, also on the basis of Art. 6 Para. 1 S. 1 lit. f GDPR. In this case you also have the right to object.
If you contact us by e-mail, depending on the configuration of your mail server, this is done without transport encryption. If you wish to communicate confidential data to us, we recommend that you use our encryption procedure. For this purpose we provide you with appropriate PGP keys, for example:
You can download our public key for the address office@datenschutz-nord.de here: public PGP key. This PGP key is signed with our own root key, which has the following fingerprint:
EB06 FFFE D7A8 62A5 CC7E 43BF BE9A 5007 DE05 F802

Registration for seminars

During your visit to our website, you have the opportunity to register for the seminars from Akademie der datenschutz nord GmbH. For this purpose we first need the data marked as mandatory fields. This data is processed on the basis of Art. 6 para. 1 sentence 1 lit. b GDPR, or, in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, is used to be able to contact you if necessary.
Furthermore, you can decide for yourself whether you wish to provide us with further information. This information is provided voluntarily and is not mandatory for registration. We process your voluntary information on the basis of your consent in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR. Your data will only be processed for the purpose of processing your registration. We delete your data as long as they are no longer required and no legal obligations to retain them exist. We delete your data as long as they are no longer required and no legal obligations to retain them exist.
If the data processing is based on Art. 6 para. 1 sentence 1 letter f GDPR, you can object to the processing at any time. In addition, you can revoke your consent to the processing of the voluntary information at any time. Please contact the e-mail address mentioned in the legal notice.

Storage duration

If we have not already informed you in detail about the storage period, we will delete personal data if they are no longer required for the aforementioned processing purposes and no legal storage obligations prevent deletion.

Other contract processors

In the context of order processing in accordance with Art. 28 GDPR, we pass on your data to service providers who support us in the operation of our websites and related processes. These are, for example, hosting service providers. Our service providers are strictly bound by instructions and contractually bound to us accordingly.

Your rights as a user

When processing your personal data, the GDPR grants you as a data subject certain rights:

Right of information (Art. 15 GDPR)
You have the right to obtain confirmation as to whether personal data concerning you are being processed; if this is the case, you have the right to be informed of this personal data and to receive the information specified in Art. 15 GDPR.

Right to rectification (Art. 16 GDPR)
You have the right to request without delay the rectification of incorrect personal data concerning you and, if necessary, the completion of incomplete data.

Right to deletion (Art. 17 GDPR)
You have the right to demand that personal data concerning you be deleted immediately if one of the reasons listed in Art. 17 GDPR applies.

Right to restrict processing (Art. 18 GDPR)
You have the right to request the restriction of the processing if one of the conditions listed in Art. 18 GDPR is met, e.g. if you have lodged an objection to the processing, for the duration of the examination by the controller.

Right to data portability (Art. 20 GDPR)
In certain cases, which are listed in detail in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, common and machine-readable format or to request the transfer of such data to a third party.

Right of object (Art. 21 GDPR)
If data is collected on the basis of Art. 6 Para. 1 S. 1 lit. f GDPR (data processing to safeguard legitimate interests) or on the basis of Art. 6 Para. 1 S. 1 lit. e GDPR (data processing to safeguard public interests or in the exercise of official authority), you have the right to object to the processing at any time for reasons arising from your particular situation. We will then no longer process the personal data unless there are demonstrably compelling reasons for processing which are worthy of protection and outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)
Under Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of data concerning you is in breach of data protection regulations. In particular, the right of complaint may be lodged with a supervisory authority in the Member State of your habitual residence, place of employment or place of the suspected infringement.

Contact details of data protecion officers

Our company data protection officer will be happy to provide you with information or suggestions on the subject of data protection:

Joanna Maxine Stünkel
Data Protection Officer of the nord Group
Konsul-Smidt-Straße 88
28217 Bremen
E-Mail:  dsb@datenschutz-nord-gruppe.de
Telefon: +49 421 696632-0