Data privacy statement of io‑consultants GmbH & Co. KG

1. Information on the processing of your personal data pursuant to Art. 13 GDPR

This data privacy statement serves to inform you about the type, scope, purposes and legal basis of the collection and processing of your personal data when using our website, and the rights to which you are entitled under the General Data Protection Regulation (GDPR).

All personal data collected during your visit to our website will be processed in accordance with the legal data protection provisions and in compliance with the protection-related objectives of information security.

The party responsible for the processing of your data related to your visit to our website, pursuant to Art. 4 (7) GDPR, is:

io-consultants GmbH & Co. KG
STADTTOR Speyerer Str. 14
69115 Heidelberg
Germany

If you have any questions, recommendations or complaints regarding the protection of your data, please contact our data protection officer

Protadus GmbH
Kurfürsten-Anlage 59
69115 Heidelberg
dataprotection@io-consultants.com

Your rights

You may request information about the private data we have stored about you at any time using the above-mentioned contact data.

You also have the right to request the correction of incorrect personal data and/or, if legally applicable, the correction, limitation of use or deletion of your data.

You are entitled to file an informal objection against the use of your personal data for the purposes of direct advertising, market research or demand-oriented design of telemedia at any time.

You can object to the use of any web analysis tools, tracking services, retargeting services, and, in general, to the collection of your usage data by re-using our consent tool. The consent tool can be accessed via our Privacy Policy page or by clicking here. In addition, it is possible from now on to withdraw any consent given on our website to any third party by clicking on the respective links of such services in this Privacy Policy.

Furthermore, you are entitled to informally revoke any consent given on this page by notifying the data protection officer at the above-mentioned contact details. The processing of your private data, which has been carried out on the basis of your previously given consent, remains legally unaffected hereby until revocation of such consent.

Upon request, we will send you the data provided to us for processing purposes in a common, structured, and machine-readable format, which you then can use for further processing. Please send your request to the contact address given above.

You may contact our data protection officer at the contact details given above at any time if you have any complaints about the protection of your private data. You may also send your complaint to the competent data protection supervisory authority.

2. Security of transmission

This website uses the so-called TLS protocol (Transport Layer Security) in conjunction with at least 128-bit encryption for the transfer of personal data in order to protect the data against accidental or intentional manipulation, loss, destruction or access by unauthorised parties. These security measures are continuously adapted in line with technological developments. You can recognise the encrypted data transfer by the closed key or lock symbol in the upper status bar of your browser.

3. Collection of usage data when visiting this website

When visiting a website, a series of user data is collected, which can theoretically be referred back to a specific user via the visitor’s IP address, the specific user settings, cookies or other identification options. This data is used for technical purposes to (I) display the site, (ii) optimise the site through statistical recording of user behaviour, and (iii) reload previously displayed information or entries after the user has closed a page. Information about which usage data is collected and which other services are used on this site is provided below.

If third-party services are used on this site, any objection or revocation will be subject to the provisions stipulated for the individual services of such third party.

We use Google AJAX Search API on our website. This tool helps us optimize the loading speed. It calls program libraries from Google servers and uses the Google CDN (content delivery network). This type of data processing is subject to Article 6.1.(f) et seq. GDPR. If you have already used jQuery on a different page of Google CDN, your browser can reaccess a copy thereof in your cache and does not need to download it again. If your browser has not stored a copy in your cache, the data will be transferred from your browser to Google. Further information on data processing by Google is available in Google’s data privacy policy at https://policies.google.com/privacy.

Transmission of browser data and settings

In the event of a purely informational use of the website, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server.

We create and store log files on our servers, including but not limited to general and log-in errors. The respective IP addresses are stored for up to 14 days. This type of data processing is subject to legitimate interest in error analysis and troubleshooting pursuant to Art. 6.1(f) GDPR.

Whenever you view our website, we collect the following data, which is technically necessary for us to display the website and to ensure its stability and safety.

  • IP address
  • Date and time of the request
  • Content of the request (specific page)
  • Access status / https status code
  • Web page on which the request was made
  • Browser used
  • Operating system and its interface
  • Language and version of the browser software

The legal basis for this type of data processing is Article 6.1(f) of the GDPR (legitimate interest).

4. Data transfer to recipients outside the EU

The transfer of usage data outside the EU may occur if providers of advertising or analytic services in connection with this website or of services integrated in this website have their headquarters outside the EU and, within the scope of these services, part of the data will be processed on servers outside the EU. These services will be appropriately identified below.

According to the applicable European legislation, for some third countries , such as the United States of America, an appropriate data protection level can no longer be guaranteed by agreements with the provider or by provider guarantees (formerly known as Privacy Shield certification). Pursuant to Art. 49.1 (a) GDPR, your data may therefore only be transferred abroad if you have previously given your express consent. More information on giving such consent is available in the section “Use of Cookiebot for cookie consent”. A transfer of usage data into certain third countries may entail the risk that your data will be read and analyzed by the intelligence and security services of that particular country without adequate legal protection or privacy guarantees under the rule of law. It is therefore possible that personal profiles are created without your knowledge and that the analysis of such profiles may lead to actual restrictions and further investigations by such government.

In order to give you additional legal guarantees, standard contractual clauses are usually agreed for the services used. In some cases, the integrated service may be offered by a company established in Europe, but, for certain processing purposes, it is actually processed by a parent company outside the EU. In these cases, the European office of such company is responsible for ensuring compliance with all legal data protection requirements (e.g. by concluding standard contractual clauses).

For further information, please contact the data protection officer.

5. Own services

If you use the following services on our website, we will store and process the personal data that you provided to us for the respective purposes - e.g. for registration, survey or contract execution.

White Paper
Website users may order white papers from our website. To do so, you must fill out a contact form giving your form of address, last name, company, and e-mail address (required fields are marked with an *). After submitting the contact form, the white paper will be sent to the e-mail address provided in the contact form. If you wish to receive further information about white papers in the future, you will receive an automated e-mail for the purpose of double opting-in after having submitted the completed contact form. The personal data you provide will be used for the correspondence accompanying your white paper online delivery.
The e-mailing of other white papers will be based on your consent as per Art. 6.1 (a) GDPR. Any consent given with regard to future e-mails may be informally revoked at any time using the contact details of the data protection officer.

Events
Website users may register for events on our website. To do so, you must fill out a contact form giving your form of address, first name, last name, e-mail address, position, company, and postal address (required fields are marked with an *). After submitting the contact form, you will receive a confirmation of your registration. If you wish to receive information about other events in the future, you will receive an automated e-mail for the purpose of double opting-in after having submitted the contact form.
The personal data you provide will be used to register your participation in the event, and to send your registration receipt, participation certificate, and any further information regarding the event, if and as applicable. For events that are not free of charge, further data will be collected, including but not limited to payment details, address and name of invoice recipients, and other booking options.
The e-mailing of other event participation options will be based on your consent as per Art. 6.1 (a) GDPR. Any consent given with regard to future e-mails may be informally revoked at any time using the contact details of the data protection officer.

E-mail campaigns
We inform selected customers and stakeholders by e-mail about our services.
E-mails sent to you within the scope of any such campaign include a link at the end of the mail that allows you to change your personal data and/or unsubscribe from receiving any such e-mails in the future.

Tracking in e-mail campaigns
We use tracking functions in our e-mail campaigns to verify that e-mails are correctly delivered, and to see if and when the respective e-mail was opened, whether you clicked on any links included in the mail, and whether you sent a reply. The gathered data is used to better align our automated e-mail campaigns to the needs and interests of our customers and to assess a campaign’s success. The data is processed for these purposes only. Your personal data will not be forwarded to any third parties. If the data is analyzed by a third party processor, such services are subject to a data processing agreement with the respective service provider.
Should the data reveal that you are interested in specific services, we will use such information to contact you specifically with regard to these services. This allows us to tailor our services to your specific needs and improve our offer to you. This process is subject to legitimate interest pursuant to Art. 6.1(f) GDPR.

6. Responsibility for third-party services

All third-party services include data transfers to and data processing by the respective service providers. It is therefore necessary to explain how such responsibilities are distributed between us, as the website operator, and the third-party service providers. This concerns all tools and services as well as analytic and social media services presented here.

Any such service will be operated in joint responsibility pursuant to Art. 26 GDPR, i.e. we are jointly responsible for the purposes and means used for processing the data. Who is responsible for which processing activity will be contractually agreed with the service provider.

The service provider (co-data controller) is, in general, responsible for merging and analyzing person-related usage data, providing and substantiating the legal grounds for such processing and, if applicable, providing anonymized results of such analyses for our website.

As a co-responsible party, we are accountable for setting the respective cookies and the transfer of the usage data from our website. However, you can assert your respective rights as a data subject with either responsible party, irrespective of who is responsible for what.

In many cases, service providers offer only outdated or insufficient agreements that do not yet meet the most current requirements of the data protection authorities. However, these agreements will be automatically and bindingly concluded on a regular basis when the services are used. It is assumed that adjustments announced here by the service providers will be made. Irrespective thereof, any data transfers that are currently taking place will be completely based on the consent given to us in the banner.

7. Tools and services

7.1 Functionality and types of cookies

Cookies are small text files that are saved by your browser and thus stored on your end device. They contain various information such as the length of your visit to the website or user data input, but possibly also identification codes for recognition.

They may originate either from us as the website provider (so-called first-party cookies) or, in the event of third-party cooperations, from any such third party (so-called third-party cookies), and may require different storage periods (the duration of your website visit, up to several weeks and years).
You can restrict or deactivate the storage and reading of cookies. In this case, however, the full functionality of the website may no longer be available to you.

First-Party Cookies
Our website uses First-Party Cookies, so-called "session cookies". These cookies serve to save data relevant to your website visit or to recognise your computer during your next visit (e.g. for easier password entry). They guarantee the full technical functionality of the website. The legal basis for this type of processing is Article 6.1(f) of the GDPR.

Third-Party Cookies
For links to third-party websites, information about the use of Third-Party Cookies and the extent of the data collected by the respective third-party service providers is provided in the following paragraphs.

7.2 Use of Cookiebot for cookie consent

To fulfill the GDPR consent requirements regarding the use of cookies and comparable technologies, a banner with relevant information will be displayed on your first use of our website. We use the tool “Cookiebot” by Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark.

This tool allows you to give your consent to the use of specific categories of cookies which will be explained in detail. To save the selected settings and to store them for future use of the site, Cybot A/S also uses cookies that will provide them with your IP address and browser information when you use the tool. The selected settings will be stored on your computer for 12 months unless you clean the cache of your browser before then. This data transfer is based on legitimate interest pursuant to Art. 6.1 (f) GDPR. The legal basis for the storage of your selected cookie settings and your consent is the legitimate interest to comply with the consent requirements of the GDPR and to save such settings for future visits to the site without the need to ask again for your consent, pursuant to Art. 6.1 (f) GDPR.

Further information on the use of the data transmitted during your use of this tool is available at https://www.cookiebot.com/de/privacy-policy/. Withdrawal of consent for specific individual data transfers that were triggered on this page is possible via the respective provider. The required links are listed with the respective individual providers. In addition to the consent forms relating to our pages, many service providers offer their own links for cross-website data privacy related consent withdrawals. For the purpose of completeness, we refer to those in our Privacy Policy. Consent given through Cookiebot on our website does not automatically effect the rescission of any such past or future objections on the websites of other providers.

The transfer of usage data outside the EU may occur if providers of advertising or analytic services in connection with this website or of services integrated in this website have their headquarters outside the EU and part of the data within the scope of these services is processed on servers outside the EU. Therefore, your data may only be legally transferred abroad if you have expressly given your consent, as per Art. 49.1 (a) GDPR. The risks of any such transfer are described under “Data transfer to recipients outside the EU”.

Cookie settings can be adjusted and/or withdrawn at any time at https://de.io-consultants.com/meta/datenschutz/datenschutzerklaerung/cookies.

7.3 Using Google Tag Manager

Google Tag Manager is a tool to organize all third party tags on the company’s website. It also controls at what time these tags are triggered. The so-called Tag Management System (TMS) integrates and updates tracking codes and connected code fragments (so-called tags) on the company’s website. The web-based Tag Manager interface allows its users to set up tracking tags and define triggers for such tags. It is also possible to create variables to simplify and automate the tag configurations.

Although Tag Manager inserts cookies and code fragments, the tool itself does not collect or process personal data. The cookies thus set are indispensable for operating the website and do not require any consent.

Further information regarding the use of the transmitted data is available at https://policies.google.com/privacy?gl=DE&hl=de.

7.4 Google services

We use various services offered by Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). Further information about Google is available in Google’s Privacy Policy: https://policies.google.com/privacy?hl=de&gl=de and in their Terms of Service: https://policies.google.com/terms?hl=de&gl=de.

By integrating the Google services listed below, Google receives specific device IDs, type and settings of browser and device used, information regarding the network used, your IP address and your operating system. Google also records the reference URL of the service request, in this case, the use of our website including the times of usage. If you are logged into your Google account when surfing on our website, this data will be linked to your account.

Its purpose is to make sure that settings like language remain the same on all web pages you visit and that optimal display settings are selected. The data will also be used to optimize Google services.

In so far as cookies or any comparable technologies are used to collect data and to identify you, these are subject to the consent settings that you selected on your first use of the site. Therefore, your consent as per Art. 6.1 (a) GDPR is the legal basis for this type of data processing. The legal basis for data transfers that merely arise from retrieving services from Google servers is the legitimate interest to offer the site by using services that optimize its use, as per Art. 6.1 (f) GDPR.

These services are exclusively acquired from Google Ireland Ltd. If any such data is transferred to servers in the USA or elsewhere outside Europe, Google is responsible for the lawfulness of such transfers, in particular for giving sufficient data privacy guarantees. By giving your consent to the service mentioned above, you also consent to the transfer of your data outside the EU even if there are no further guarantees and no adequacy decision provided to ensure the appropriate data protection level; see also Art. 49.1 (a) GDPR. For further information on security risks, please refer to “Data transfer to recipients outside the EU”.

7.4.1 Google Fonts

We use web fonts from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter referred to as "Google").

Google is certified under the "Privacy Shield" Agreement, which was designed to ensure compliance with the data protection level applicable in the EU.

When you call up a page, your browser loads the required web fonts into your browser to display texts and fonts correctly. To do this, your browser connects to Google, and Google learns that our websites have been accessed via your IP address.

The use of Google Fonts facilitates a uniform and appealing presentation of our website. If your browser does not support Google Fonts or Web Fonts, your device will use a default font. The legal basis for the processing of personal data using Google Fonts is Art. 6.1 (f) of the GDPR (legitimate interest).

For more information about Google Fonts and Google's privacy policy, please visit the following websites: https://fonts.google.com/, https://policies.google.com/privacy?hl=en&gl=ZZ

7.4.2 Google reCAPTCHA

We use data security services such as CAPTCHA services (Completely Automated Public Turing Test To Tell Computers And Humans Apart) to prevent non-human and automated input. Captchas are relatively easy to read for humans, but not for computers. The numbers and letters used in a captcha are distorted so that IT systems cannot decipher them.

We use the reCAPTCHA service of Google Ireland Limited, Gordon House, 4 Barrow St., Dublin, D04 E5W5, Ireland (“Google”). When using reCAPTCHA, your IP address and, if applicable, other data required for the reCAPTCHA service will be sent to Google. This practice is based on our legitimate interest to establish individual accountability for actions on the internet and the prevention of abuse and spam pursuant to Art. 6. 1 (f) GDPR.

When using Google reCAPTCHA, personal data may also be transfered to servers of Google LLC in the U.S.A. For personal data that is sent to Google LLC in the USA, Google LLC has self-certified and committed itself to the EU-US Privacy Shield which guarantees compliance with the level of data protection applicable in the EU. The certificate is available here: https://www.privacyshield.gov/list. For further information on Google reCAPTCHA and Google’s privacy policy, please refer to https://www.google.com/intl/de/policies/privacy/.

7.4.3 Google Maps

We use the Google Maps map service (API) from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter "Google") to show website users our location.

Google is certified under the Privacy Shield Agreement (https://www.privacyshield.gov/), which was designed to ensure compliance with the data protection level applicable in the EU.

If you open the page where Google Maps is integrated, our website sends various information including your IP address to Google in the U.S., where it is stored on its servers. If you have a Google user account and are logged in when you visit our website, the information will be directly associated with your account. But even without a user account, Google will create a user profile about you. This happens regardless of whether Google provides a user account with which you have logged in or whether no user account exists. The legal basis for this type of processing is Article 6.1.(f) et seq. of the GDPR. Our transmission of data to Google is based on our legitimate interest in offering you the map function of Google Maps on our website.

As per Art. 26 GDPR, Google and we are jointly responsible for any data protection in connection with Google Maps. Both parties individually determine the purposes and tools for processing your personal data and comply with the requirements established by the GDPR. The allocation of the data processing related responsibilities is available in the Controller-Controller Data Protection Terms at https://privacy.google.com/intl/de/businesses/mapscontrollerterms/. If you want to prevent the data transferred by us being connected to your user account, you can do so by logging out of your Google account before visiting our site. In order to prevent the transfer of your data completely, you must switch off the JavaScript application in your browser. If you do so, no maps will be displayed.

For further information about Google and the use of Google Maps, please go to:

7.5 Job application portal

If you are interested in applying for a job at our company, our job portal https://io-consultants.careers/ offers you the possibility to do so via the Concludis online job application tool. Concludis is responsible for collecting the usage data relating to this portal. Concludis will record your application data on our behalf and forward it to selected employees of io-consultants only. The data you enter is transmitted via a secure TLS connection.

Data that is mandatory for the acceptance of your application is marked with an asterisk.
The documents that you have submitted will be completely deleted no later than three months after completion of the application process unless an employment contract has been concluded with you.

If we have an interest in keeping your documents (e.g. for future consideration for other job offers), we will request your consent beforehand. If you agree, your data will be stored for a further three months.

The legal basis for this is your consent as per Art. 6.1 (a) GDPR.

8. Analytic services

We use a variety of analytic services in order to design our website according to the needs of our users, to measure the reach, and to analyze general user behavior on our website,  provided that you have given your consent on our banner during your first visit to our website, as per Art. 6.1 (a) GDPR.

Any such analytic service will be operated in joint responsibility pursuant to Art. 26 GDPR, i.e. we and the service provider are both responsible for the purposes and means used for processing the data. The responsibility for any duties regarding the data subjects’ rights lies, unless otherwise provided, with the respective service provider. The obligation to inform the data subject about the collection and processing of his or her personal data generally no longer lies with the website operator but with the respective operator of the analytic service.

A detailed description of the analytic services used on this website is given below.

8.1 Google Analytics

Google Analytics, a web analysis service of Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) is used for the purposes of demand-oriented website design, reach measurement, analysis of general user behaviour on the website, and optimization of website efficiency.

Google is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with the European data protection laws.

Google Analytics uses so-called "cookies" to enable the analysis of your use of the website. The information generated by the cookie about your use of the website is usually transmitted to and stored on servers operated by Google in the USA. We have activated IP anonymisation on this website. This activates the truncation of your IP address by Google within member states of the European Union and all other countries party to the Agreement on the European Economic Area prior to use and further transmission.

Under special circumstances only, the full IP address will be transmitted to a server in the USA and truncated there. IP anonymization does not, however, result in the anonymization of your usage data because allocation is, for example, still possible via the installed cookies, etc.

The use of Google Analytics is the joint responsibility of Google and the website operator. Therefore, we have concluded a data processing agreement with Google which currently makes both parties responsible for the processing tasks assigned to them. Google combines your usage data with data collected elsewhere and uses the profiles created this way for personalized advertising and analyses. On behalf of the operator of this website, Google will use this information for the purpose of analyzing your use of the site, compiling reports on your website activity and providing other services relating to website activity and Internet usage for the website operator. The data that Google processes includes the settings and data of your device, the exact times of usage of the site, including individual parts thereof, and, therefore, your user behavior.

Further information on how Google uses data, and options for settings and objection purposes can be found on the following Google websites: https://policies.google.com/privacy/partners?hl=en ("How Google Uses Information From Sites Or Apps That Use Our Services"), https://policies.google.com/technologies/ads?hl=en ("Technologies and Principles/Advertising"), https://adssettings.google.com/authenticated?hl=en ("Ad Settings").

Google will not associate your IP address, which has been transmitted by your browser within the scope of Google Analytics, with any other data held by Google. You may object to the use of cookies by selecting the appropriate settings on your browser, but please note that you may consequently not be able to use all functions of this website.

You may also prevent the collection and transmission of the data, which is created by the cookies and reflects your use of the website (including your IP address), to Google as well as the processing of such data by Google, by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en

The Google marketing services we use also include the online advertising program "Google Ads". When using Google Ads, every Google Ads customer (i.e. site operators like us) receives a different "conversion cookie". These cookies cannot be tracked by the websites of Google Ads customers. We are therefore unable to evaluate the conversion cookie ourselves. The information collected with the help of this cookie is used to create so-called conversion statistics for our website. Conversion statistics are evaluation of previously defined actions that a user has carried out on the website. Google tells us the total number of users who clicked on our ad and were redirected to a page with a conversion tracking tag. However, we do not receive any information that personally identifies the user. We also use Google Analytics to evaluate data from Google Ads and the double-click cookie for statistical purposes. If you do not wish to use the Google Ads evaluation, you can deactivate the function via the Google Ads Preferences Manager.

The legal basis for the use of Google Analytics on our website and for the resulting data transfer to the USA is your consent given on the first use of this site according to Art. 6.1 (a) and Art. 49.1 (a) GDPR. The risks of transmitting personal data to the USA are listed in the section “Data transfer to recipients outside the EU”.

8.2 LinkedIn Insight Tag

We use the conversion tool LinkedIn Insight Tag by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, for marketing purposes such as optimizing campaigns, retargeting website visitors for the purpose of increasing the success rate of product placement and improving advertisement relevance by using member data, and reaching members across a variety of devices. The legal basis for using this tool is your consent given in the cookie settings as per Art. 6.1 (a) GDPR. Forwarding such data to countries outside the EU is the sole responsibility of LinkedIn Ireland Unlimited Company.

The LinkedIn Insight Tag creates a cookie in your web browser that collects, among others, the following data: IP address, device and browser features, and page-related events (e.g. page requests). This data will be encrypted and pseudonymized within seven days, and the pseudonymized data will be deleted within 180 days after collection.

LinkedIn does not share any data with us that allows any personal identification (anonymized reports on website target group and ad performance). In addition, LinkedIn offers the possibility of retargeting via the Insight Tag. With the help of this data, we can show you personalized advertising outside the scope of our website without you being personally identified as a website user. Further information about data protection at LinkedIn is available at the company’s privacy policy: https://www.linkedin.com/legal/privacy-policy?src=or-search&veh=www.google.de and https://www.linkedin.com/help/lms/answer/65521.

9. Social Media services

Our website contains links to the social media services listed below. To non-members, social media services may present themselves like conventional marketing services, but if you are a member of any such platform, the data collected on this website may be linked to your social media account.

A distinction must be made between the various social media services and functionalities. Social media services can place advertising on their platforms s pecifically adapted to the users’ interests or show personalized advertisements on linked pages taking into consideration your user profiles. In addition, they offer plug-ins such as “like ” buttons that allow users to distribute and promote site content. In addition to this website, we have specific pages to present our company on such social media platforms (Facebook, LinkedIn, Xing, Twitter, YouTube, kununu).

Data processing triggered on this website or on our pages on such social media platforms is, on principle, a joint responsibility as per Art. 26 GDPR, i.e. we and the respective service providers are jointly responsible for the purposes and means of data processing. The responsibility for any duties regarding the data subjects’ rights lies, unless otherwise provided, with the respective service provider. The obligation to inform the data subject about the collection and processing of his or her personal data generally no longer lies with the website operator but with the operator of the respective social media service.

Further information on the purpose and scope of the related data collection, processing and use by social media networks, and on your rights and settings options to protect your privacy is available in the privacy policies of the respective social media networks which are described in detail below.

Links to the corresponding pages can be found on our website. Since these are links leading to other websites, they are not subject to the consent requirements pursuant to Art. 6.1 (a) GDPR.

9.1 Social media platforms used by io-consultants GmbH & Co. KG

Facebook (see 8.2)

LinkedIn
LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland) is a service that connects professionals and executives around the world. Registered users may interact with each other to increase business and career opportunities. On our website, we offer you the possibility to be redirected directly to our LinkedIn profile.

Our LinkedIn profile
When you visit our LinkedIn profile, you will be browsing the LinkedIn platform. The usage data analyzed by the site operator will only be provided to us in anonymized form (statistics). As described above, we are jointly responsible for the respective data processing.

The legal basis for this type of processing, as per Art. 6.1 (a) GDPR, is the legitimate interest to count the users on our LinkedIn profile, which is connected to our interest to measure and analyze the effectiveness of such profile.

LinkedIn Marketing Services
LinkedIn collects data about the use of our site using pixels and the link to our LinkedIn profile (browser and device settings, usage times and objects, existing identifiers) for the purpose of personalized advertising on the LinkedIn platform. The basis for this data transfer from our website, pursuant to Art. 6.1 (a) GDPR is the consent given at your first use of our website.

Further information on such data processing and the respective responsibilities and information duties are available at: https://legal.linkedin.com/pages-joint-controller-addendum, at: https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv and at:https://legal.linkedin.com/dpa/.

XING
XING is a social network that offers the opportunity to create private profiles as well as company profiles and to publish corporate information (e.g. description of services, contact details, photos). XING users have access to this information. In addition, users can write their own posts and share content. The functions are used at the sole responsibility of the user.   As described above, we are jointly responsible for the respective data processing.

Our XING profile
When you visit our XING profile, you will be browsing the XING platform. The usage data analyzed by the site operator will only be provided to us in anonymized form (statistics). As described above, we are jointly responsible for the respective data processing.

The legal basis for this type of processing, as per Art. 6.1 (a) GDPR, is the legitimate interest to count the users on our XING profile, which is connected to our interest to measure and analyze the effectiveness of such profile.

Further information can be found in the privacy policy at: https://privacy.xing.com/de/datenschutzerklaerung.

Twitter
Twitter International Company (hereinafter referred to as Twitter) offers so called microblogging services where registered users can post short messages. The individual messages are called "tweets". io-consultants GmbH & Co. KG has a Twitter account for the purpose of publishing general corporate information, job advertisements, event invitations, etc. As described above, we are jointly responsible for the respective data processing.

On our website, we offer you the possibility to be redirected directly to our Twitter page. If you click on the link, you will leave our website. Further information on the purpose and scope of the related data collection, processing and use by Twitter and on your rights and settings options to protect your privacy is available in Twitter’s privacy policy: https://twitter.com/de/privacy.

YouTube
io-consultants GmbH & Co. KG has a YouTube account at https://www.youtube.com/user/ioconsultants?hl=de&gl=DE. As described above, we are jointly responsible for the respective data processing.

The responsible party is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Purpose and scope of data collection, further processing and usage of data by social networks and further information regarding your respective privacy rights and possible settings to protect your data are available at https://policies.google.com/privacy and https://www.youtube.com/t/terms respectively.

On our website, we offer you the possibility to be redirected directly to our YouTube page. If you click on the link, you will leave our website. Further information on the purpose and scope of the related data collection, processing and use by YouTube and on your rights and settings options to protect your privacy is available in the respective privacy policies:
https://policies.google.com/privacy?hl=de&gl=de resp. https://www.youtube.com/static?gl=DE&template=terms&hl=de.

kununu
kununu (kununu GmbH, Neutorgasse 4-8, Top 3.02, 1010 Vienna, Austria) is an employer rating platform which offers (i) its users various services as a so-called feedback platform (employer ratings by current and former employees), and (ii) employers the opportunity to present their company brand. As described above, we are jointly responsible for the respective data processing.

Operator of the kununu website and controller in the sense of the applicable data protection regulations is New York SE, Dammtorstraße 30, 20354 Hamburg, Germany. Further information is available in their privacy policy at https://privacy.xing.com/de/datenschutzerklaerung.

9.2 Privacy notice for io-consultants’ Facebook page

io-consultants GmbH & Co. KG, STADTTOR Speyerer Straße 14, 69115 Heidelberg, Germany, offers  a so-called fan page on the social media platform Facebook, to be found under https://de-de.facebook.com/ioconsultants/.
When operating the Facebook fan page, io consultants GmbH & Co. KG uses the technical platform and services of Facebook Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland. Facebook Ireland Ltd. and io consultants GmbH & Co. KG are therefore jointly responsible for the processing of personal data when using this fan page in accordance with Article 26 of the General Data Protection Regulation (GDPR) (see ECJ, C 210/16).
This Data Privacy Statement informs about the data use for which io consultants GmbH & Co. KG is responsible and your data protection rights when using such fan page.
The responsibility for the data processed when visiting our Facebook fan page is governed by an agreement with Facebook, which can be viewed at: https://www.facebook.com/legal/terms/page_controller_addendum. Facebook Ireland assumes full responsibility under such agreement for any processing of personal data that is not the responsibility of io-consultants as listed below. Please note that you are using this Facebook page and its features based on your user agreement with Facebook. This applies in particular to the use of interactive functions (e.g. commenting, sharing, rating).

When you visit our Facebook fan page, Facebook collects your IP address and other information available on your PC in the form of cookies. This information is used to provide us, the Facebook fan page operator, with statistical information about the use of our Facebook page. Further information please refer to https://www.facebook.com/help/pages/insights.
The data collected about you in this context will be processed by Facebook Ireland Ltd., and may also be transferred to countries outside the European Union. The type of information received and how it is used is described in general terms by Facebook in its Data Use guidelines. You will also find information about how to contact Facebook and advertisement setting options there. Facebook’s data use guidelines can be found here: https://www.facebook.com/about/privacy. Facebook’s complete data use policies can be found here: https://www.facebook.com/full_data_use_policy.
According to Facebook, when you access a Facebook page from a “German” IP address, the IP address assigned to your computer and transmitted to Facebook is anonymized and deleted after 90 days. Facebook also stores information about its users' devices (e.g. as part of the “registration notification” function). This may enable Facebook to assign IP addresses to individual users.
If you are currently logged on to Facebook as a user, a cookie with your Facebook identification is stored on your computer, which enables Facebook to track that you have visited this page and how you have used it. Facebook can record your visits to these websites and assign them to your Facebook profile via Facebook buttons integrated in websites. This information can be used to tailor content or advertising to you. The legal basis for this type of data processing by io consultants GmbH & Co. KG is the legitimate interest to check and optimize the effectiveness and use of the fan page, and to use the fan page and Facebook services to advertise its own offers (Article 6.1 (f) of the GDPR).
If you want to avoid the type of data processing described above, you should log off from Facebook or deactivate the “stay logged in” function, delete the cookies on your device, close your browser and reboot the device. This deletes Facebook information that immediately identifies you. It allows you to use our Facebook page without revealing your Facebook identifier. When you access interactive features of the page (such as ‘like’, comment, share, message), a Facebook login screen appears. Once you have logged in, Facebook will recognize you again as a specific user. More information about how to manage or delete existing information about you can be found here: https://www.facebook.com/about/privacy.

How io consultants GmbH & Co. KG uses data

As the provider of an information service, we collect and process the following data when you use this service:
Contact us via our Facebook fan page
The Data Privacy statement on our website – https://en.io-consultants.com/meta/data-protection/privacy-statement – describes how we handle data from enquiries and contacts. The same rules on data use apply here. The legal basis for our processing of your personal data is Article 6.1.(f) of the GDPR. Our interest in data processing lies in responding to submitted enquiries, optimizing our website, and recommending our services to users.

Your rights

You may request information about the private data we have stored about you at any time using the contact data given above or by e-mailing us at: dataprotection@io-consultants.com.
You also have the right to request the correction of incorrect personal data and/or, if legally applicable, the correction, limitation of use or deletion of your data.
You are entitled to file an informal objection against the use of your personal data for the purposes of direct advertising, market research or demand-oriented design of telemedia at any time.
You may contact our data protection officer at: dataprotection@io-consultants.com at any time if you have any complaints about the protection of your private data. You may also send your complaint to the competent data protection supervisory authority: https://www.baden-wuerttemberg.datenschutz.de/die-aufsichtsbehorden-der-lander/.

10. Automated decision-making, including profiling

As a company concerned with the protection of your personal data, we do not carry out any profiling or automated processing of your data for analyzing or predicting aspects relating e.g. to health or personal preferences. Therefore, Art. 22 GDPR on automated individual decision-making, including profiling, does not apply.

Last update: June 30, 2021

Please contact us 

Bernadette Abel Business Unit Manager General Administration Phone: +49 (0) 62 21 / 379-294 dataprotection@io-consultants.com