Privacy policy

Privacy policy

We would like to inform you below about the processing of personal data as part of the use of our website. According to Art. 4 of the General Data Protection Regulation (GDPR), “personal data” refers to all information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”). Identifiable is a natural person who identifies directly or indirectly, in particular by assigning it to an identifier such as a name, to a identification number, to location data, to an online identifier or to one or more special features The expression of the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person. The legal basis for data protection can be found in the new Federal Data Protection Act and the General Data Protection Regulation (GDPR).

Responsible

Responsible for these internet pages is Expertist GmbH (Große Elbstraße 42, 22767 Hamburg). Further information about our company and the persons entitled to represent us can be found in our imprint of our website: https://www.expertist.de/impressum.

What data is being processed?

Legal bases for data processing

In order to be able to offer you our website and related services, we process personal data on the basis of the following legal bases:
  • Consent (Article 6 (1) lit. a) GDPR)
  • for the performance of contracts (Art. 6 para. 1 lit. b) GDPR
  • On the basis of a balance of interest (Article 6 (1) lit. f) GDPR)
  • To comply with a legal obligation (Article 6 (1) lit. c) GDPR)
We will refer to the relevant terms in connection with the respective processing, so that you can classify the basis on which we process personal data. If personal data is processed on the basis of your consent, you have the right to revoke this consent at any time with effect for the future. If we process data on the basis of a balance of interests, you as a concerned event have the right to object to the processing of the personal data, taking into account the requirements of Article 21 of the GDPR.

Purpose of processing personal data

We process the data mentioned for the purpose of operating our website and for the fulfilment of contractual obligations towards our customers or for the protection of our legitimate interests. In the case of inquiries from you outside an active customer relationship, we process the data for the purposes of sales and advertising. You can object to the use of your personal data for advertising purposes at any time.

What data is being processed?

Access data

When you visit our website, personal data is processed in order to be able to show you the contents of the website on your device. In order for the pages to be displayed in your browser, the IP address of the device you are using must be processed. In addition, there is more information about the browser of your device. The data is also used to identify and correct errors on the website. We are also obliged under data protection law to ensure the confidentiality and integrity of the personal data processed with our IT systems. For this purpose and from this interest, the following data are logged on the basis of a balance of interests:
  • Anonymised IP address of the calling computer (for a maximum of 5 days)
  • Operating system of the calling computer
  • Browser version of the calling computer
  • Name of the retrieved file
  • Date and Time Of Retrieval
  • Amount of data transferred
  • referring URL
The anonymised IP address will be deleted from all systems used in connection with the operation of these websites at the latest by five days at the latest. The data is also used to identify and correct errors on the website.

Contact form

On our website we offer a contact form which allows you to request information about our products or services or contact us in general. We have marked the data that is necessary for us to answer an inquiry as mandatory fields. Information on other data fields is voluntary.  We need this information to process your inquiry, to address you correctly and to send you an answer. The data processing is carried out for concrete inquiries for the fulfilment of a contract or the initiation of a contract. In the case of general enquiries, processing is based on a weighing of interests.  Inquiries received via the contact form on our website are processed electronically by us to answer your enquiry. In this context, other persons, or departments and possibly third parties may also become aware of the contents of the form you have sent.  The transmission of the form data via the Internet is carried out via encrypted connections.  The processing of the data is carried out in accordance with Art. 6 Par. 1 letter f) GDPR based on our legitimate interest in answering your enquiries. We delete the data as soon as the enquiry has been dealt with. 

Registration function

If you wish to register on our platform as customer or expert/applicant the data processed in the course of this registration will be used These data are: Salutation, title, position, first name, surname, company, type of company, VAT ID, commercial register no., authorized representative, position, industry affiliation, e-mail. We process these data for the purpose of: Mediation of suppliers and demanders of project orders, procurement of contacts In accordance with Art. 6 para. 1 lit.. bGDPRthe data is processed based on a contract or The storage period of the data depends on the legal retention periods naccording to HGB (German Commercial code) or AO (German Fiscal Code). By registering on our site, we will also save the date and time of your registration. This serves as a safeguard on our part in the event that a third party misuses your data and registers with this data without your knowledge on our site. Your data will only be passed on to third parties with your consent and/or in the case of participation in the negotiation process. There will be no comparison of the data collected in this way with data that may be collected by other components of our site.

Voluntary information

If you provide us with data voluntarily, e.g. in forms, and this data is not required for the fulfilment of our contractual obligations, we process this data on the justified assumption that the processing and use of this data is in your interest. 

Recipients / disclosure of data

Data that you provide to us will only be passed on with your consent but not to third parties. In particular, your data will not be passed on to third parties for their advertising purposes.  However, we may use service providers for the operation of this website or for further products or services from us. It can therefore happen that a service provider gets knowledge of personal data. We select our service providers carefully – especially with regard to data protection and data security – and take all measures required by data protection law for permissible data processing. 

Where is the data processed?

The data will only be processed in data centers in the Federal Republic of Germany. Insofar as personal data is processed outside the European Union, you can find out from the previous statements.

Privacy notices for applicants

The following data is collected in connection with your application in our company: 

Data collection of applicants

We process personal data that you have sent us in connection with your application in order to check your suitability for the position (or other open positions, if applicable) and to carry out the application procedure. The processing of applicant data is based on § 26 GDPR-new. 

Period of data storage

Data relating to candidates applying for internal posts shall be deleted after six months in the event of a refusal, unless deletion would be contrary to any other legitimate interests of the controller.  If you have been accepted for a position during the application procedure, the data will be transferred to our personnel information system.  Data of applicants who apply for project-related positions remain stored in our applicant pool for the entire duration of the placement, as required for the respective task in compliance with the statutory retention periods.  Furthermore, your data will be deleted after two years, unless you have given us your consent for further storage. 

Data transfer

A specially developed software solution is used for the application process. The applicant data is viewed by the personnel department after receipt of the application. Suitable applications are forwarded internally to the departmental managers responsible for the vacant position. The further procedure is then coordinated. Within the company, only those persons who need access to your data for the proper processing of our application procedure have access to your data.  We only collect, store and process the personal data you provide to the extent that is necessary to process inquiries or orders and you have given your prior consent to. You have the right to revoke your consent with the effect for the future at any time.  In order to provide you with the best possible support in your application efforts, we pass on your personal data to our affiliated companies to be able to check for other matching projects. Furthermore, your data will not be passed on to third parties without prior agreement. A transfer of data to third parties beyond the scope of your consent will only take place if we are obligated to do so due to mandatory legal regulations or if you yourself determine this. 

Security

We take all necessary technical and organizational security measures to protect your personal data from loss and abuse. Your data is stored in a secure operating environment that is not accessible to the public. Your data is encrypted during transmission by so-called Transport Layers Security (TLS). This means that the communication between your computer and our servers takes place using a recognised encryption method. 

Existence of automated decision making 

As a responsible company, we avoid automatic decision making or profiling. 

Data protection supervisor

We are not obliged to appoint a data protection officer. Questions about data protection can be sent by e-mail to datenschutzbeauftragter@erxpertist.de. The use of this e-mail address for other purposes is expressly prohibited. 

Your rights as a data subject 

You have the right of access to the personal data concerning you. You can contact us for information at any time. In case of a request for information that is not made in writing, we ask for your understanding that we may require you to provide evidence that proves that you are the person you claim to be. Furthermore, you have the right to correction or deletion or to restriction of processing, as far as you are legally entitled to do so.  Finally, you have the right to object to data processing within the scope of the statutory provisions. The same applies to a right to data transferability. In particular, if you wish to assert your right to object to the processing of your data on the basis of a weighing of interests, you must expect that we will subject this to close scrutiny. We have carefully weighed up our interests here. So please read Art. 21 GDPR carefully and expect that we will also make inquiries about the “special situation” within the meaning of Art. 21 Para. 1 GDPR.  Finally, you also have a right to data transferability. Here too, this is only granted within the framework of the legal requirements. 

Deletion of data

As a matter of principle, we delete personal data when there is no need for further storage. A requirement can exist in particular if the data is still needed to fulfil contractual services, to check and grant or ward off warranty and, if applicable, guarantee claims. In the case of statutory storage obligations, deletion shall only be considered after the expiry of the respective storage obligation. 

Right of appeal to a supervisory authority

You have the right to complain to a supervisory authority about the processing of your personal data by us. The responsible supervisory authority depends on the federal state of your residence, your work or the suspected violation. 

Cookies

We use cookies on our Internet pages. By using cookies it is possible to optimize the website in the interest of the user and to provide user-friendly services. Cookies are small text files that are stored on your computer system. Some of the cookies we use are deleted after the end of the browser session, i.e. after closing your browser (so-called session cookies). Other cookies remain on your end device and enable us or our partner companies (third-party cookies) to recognize your browser the next time you visit us. If cookies are set, they collect and process certain user information to an individual extent, such as browser and location data and IP address values. Cookies are automatically deleted after a specified period of time, which may vary depending on the cookie.  In some cases, cookies are used to simplify the visit to the website by saving settings. Insofar as personal data is processed using individual cookies implemented by us, the processing is carried out in accordance with Art. 6 Para. 1 letter b) GDPR either for the execution of the contract or in accordance with Art. 6 Para. 1 letter f) GDPR to safeguard our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the site visit. In the case of cookies that are not necessary, but for the purpose of marketing measures and their tracking, cookies are processed on the basis of consent in accordance with Art. 6 Para. 1 letter a GDPR.   This means that you must give your consent in advance to the processing and use of these cookies. For this purpose we use a so-called consensus management tool (often also called “cookie banner”), which allows you to change your decision.    The following cookies are used by us: 

Google Webfont

We use so-called Google Web Fonts on our Internet pages. These fonts are loaded from Google servers, which serve to improve the design of the website. The data processing is based on a balancing of interests, whereby our interest lies in an attractive design of the website. 

The fonts in question are loaded from Google’s servers, which are usually located in the USA. The appropriate level of data protection is guaranteed by Google (list entry “Privacy Shield”). 

 

Google reCAPTCHA 

In order to ensure sufficient data security during the transmission of forms, we use the service reCAPTCHA of the company Google Inc. in certain cases. This serves primarily to distinguish whether the input is made by a natural person or abusively by machine and automated processing. The service includes the sending of the IP addresses and possibly other data required by Google for the service reCAPTCHA to Google. For further information about the privacy policy of Google Inc. you can find more information about the privacy policy of Google Inc. at https://www.google.de/intl/de/privacy or https://www.google.com/intl/de/policies/privacy/. 

 

Google Re/Marketing Services

On the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offering) pursuant to Art. 6 para. 1 lit. f) GDPR, we use the marketing and remarketing services (in short “Google Marketing Services”) of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (“Google”). Google is certified under the Privacy Shield Agreement and thereby provides a guarantee of compliance with European data protection law. For more information, please visit the Google LLC website in the privacy section (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active). 

Google’s marketing services enable us to display ads for and on our website in a more targeted manner. Users are thus presented with ads that potentially match their interests. Remarketing” is when a user is shown ads for products that they have been interested in on other websites, for example. For these purposes, when you visit our website and other websites on which Google marketing services are active, a code is executed directly by Google and so-called (re)marketing tags (invisible graphics or code, also known as “web beacons”) are integrated into the website. This means that an individual cookie, i.e. a small file, is stored on the user’s device. The cookies can be set by various domains, including google.com, invitemedia.com, doubleclick.net, admeld.com, googleadservices.com or googlesyndication.com. This file records what content the user is interested in and which website he has visited. Furthermore, it is noted which offers the user has clicked on, which referring websites, technical information about the browser and operating system, visiting time and other information about the use of the online offer. 

 

Use of Google Adwords

We use the Google advertising tool “Google-Adwords” to promote our website. Within the scope of this, we use the “Conversion Tracking” analysis service of the company Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter “Google”. If you have reached our website via a Google ad, a cookie will be placed on your computer. These so-called “conversion cookies” lose their validity after 30 days and are not used for your personal identification. If you visit certain pages of our website and the cookie has not yet expired, we and Google can recognize that you, as a user, clicked on one of our ads placed on Google and were redirected to our site. The information collected through the “conversion cookies” is used by Google to compile visit statistics for our site. These statistics tell us the total number of users who clicked on our ads and which pages of our site were subsequently visited by each user. However, we or others who advertise via “Google Adwords” do not receive any information with which users can be personally identified. 

You can prevent the installation of “conversion cookies” by adjusting your browser settings accordingly, for example by changing your browser settings to generally disable the automatic setting of cookies or specifically block only cookies from the domain “googleadservices.com”. You can obtain the relevant data protection information from Google under the following link: https://services.google.com/sitestats/en.html. 

Doubleclick Ad Exchange 

This website uses the online marketing tool Doubleclick. As soon as Doubleclick Ad Exchange, a web advertising service of Google Inc, USA (“Google”), places advertisements (text ads, banners, etc.) on this website, your browser may store a cookie sent by Google Inc. or third parties. The stored information may be recorded, collected and evaluated by Google Inc. or third parties. In addition, Doubleclick Ad Exchange also uses so-called “WebBeacons” (small invisible graphics) to collect information, which can be used to record, collect and evaluate simple actions such as visitor traffic on the website. The information generated (by cookie and/or WebBeacon) about your use of this website is transferred to a Google server in the USA and also stored there. Google uses the information obtained in this way to evaluate your use of Doubleclick Ad Exchange ads. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. 

If IP addresses are transmitted and stored in this context, this is only done to combat and filter spam/fraud (ad impression spam and click spam). 

This data is only accessible to the anti-fraud teams. The IP address will not be linked by Google with other data stored by Google. 

 

Indeed

This website may use the web analytics tools from Indeed (Indeed Ireland Operations, Ltd., 124 St. Stephen’s Green, Dublin 2, Ireland) – Conversion Tracker. In order to analyze the use of the website and Indeed.com (if applicable), certain usage data provided by your browser is collected and analyzed by Indeed. Indeed may use one or more cookies to collect this usage data. In addition, the IP address assigned to your device at that time and a browser-specific identifier will be transmitted. The IP address is used solely for session identification and geolocation (down to city level). 

 

Matomo

This website uses Matomo, an open source, self-hosted software to collect anonymous usage data for this website. The data on visitor behavior is collected to identify possible problems such as unfound pages, search engine problems or unpopular pages. As soon as the data (number of visitors who see error pages or just one page, etc.) is processed, Matomo generates reports for the website operators so that they can react.  

 

Matomo processes the following data: 

  • Cookies
  • Anonymized IP addresses by removing the last 2 bytes (i.e. 198.51.0.0 instead of 198.51.100.54)
  • Pseudo-anonymisedsite (based on theanonymised IP address 
  • Date and time
  • Title of the page called up
  • URL of the called page
  • URL of the previous page (if this is allowed)
  • Screen resolution
  • Local time
  • Files that were clicked and downloaded
  • External links
  • Duration of the page setup
  • Country, region, city (with low accuracy due to IP address)
  • Main language of the browser
  • User agent of the browser
  • Interactions with forms (but not their content)

All your data can be requested from Matomo at any time. You can also request at any time that Matomo deletes all your data completely and object to the data collection by selecting DoNotTrack in your browser. 

 

Social media online presence 

We maintain online presences within social networks and platforms to be able to communicate with customers, interested parties and active users. We use social media to inform our customers about our services. The terms and conditions and the data processing guidelines depend on the respective operators of the networks when accessed. 

We process the data of users only if they communicate with us within the social networks. This would be the case if users write articles on our online presences or send us messages. 

 

Consent to newsletters 

It is also possible to subscribe to an e-mail newsletter on our website to inform you about new offers. In addition to the voluntary information in the respective form, we only process your e-mail address for this purpose. However, your email address is also absolutely necessary. The processing of the data for the newsletter is based on a consent pursuant to Art. 6 para. 1 lit. a) GDPR, whereby the e-mail address must be confirmed by a so-called “double-opt-in procedure”.  

In order to be able to analyze the popularity of our newsletter mailings and to optimize them, we log when e-mails are opened and links are clicked on. This usage analysis is carried out on the basis of a weighing of interests in accordance with Art. 6 Para. 1 lit f) GDPR. You can object to the processing at any time by unsubscribing from the newsletter. 

 

Newsletter via CleverReach

We use the CleverReach component to send our newsletters. CleverReach is a service provided by CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede, Germany. Your data stored at the newsletter registration (e-mail address, name, IP address, date and time of your registration) will be transferred to a server of The company CleverReach GmbH & Co. KG in Germany and stored there. The data protection regulations of the shipping service provider can be viewed at the following link: https://www.cleverreach.com/de/datenschutz/. The legal basis for the establishment of the shipping service provider is based on Article 6 Abs.1 lit.f) GDPR for the protection of our legitimate interests and an order processing contract in accordance with Art. 3 P.1 GDPR. The shipping service provider does not use the data of our newsletter recipients to write it down or to pass on data to third parties. You can unsubscribe from the newsletter at any time. Alternatively, you will find a link to unsubscribe in each newsletter email.

 

YouTube 

Our website incorporates YouTube videos that are stored by YouTube LLC with headquarters at 901 Cherry Avenue, San Bruno, CA 94066, USA (hereinafter YouTube) on http://www.YouTube.com and can be played directly from our website. YouTube, LLC is a subsidiary of Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. 

By visiting the website, YouTube is informed that you have accessed the appropriate subpage of our website. This occurs regardless of whether this third party provider provides a user account through which you are logged in or whether no user account exists. 

If you are logged in on YouTube, this information is associated directly with your account. If you do not want the assignment to your profile on YouTube, you must log out before activating the button. YouTube stores this data as user profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out (also for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have a right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right. 

For more information about the purpose and extent of data collection and processing by YouTube and Google, please visit their websites in the privacy section. There you will find further information about your rights and settings to protect your privacy. 

You can object to the use of YouTube videos if you set this in our Cookie Conset Manager. 

The legal basis for this processing of the data is your consent in accordance with Art. 6 para. 1 lit. a) GDPR. 

 

Facebook Pixel / Facebook Conversion Tracking

On our website, Facebook Conversion Tracking, the so-called “Facebook pixel” of the social network Facebook, is used for the purpose to  analyze and optimize our website. The provider of these services is Facebook Inc, 1 Hacker Way, Menlo Park, CA 94025, USA. If you are resident in the EU, the provider of the services is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter “Facebook”). 

By using the Facebook pixel, Facebook is able to identify and determine visitors to our website as a potential target group for the display of advertisements (so-called “Facebook Ads”). Therefore, we use the Facebook pixel to display the Facebook Ads placed by us only to those Facebook users who have also shown an interest in our website or who have certain characteristics (interests determined on the basis of visited websites, etc.). We transmit this information to Facebook and thereby form so-called “custom audiences”. By using the Facebook pixel, we want to ensure that our Facebook ads correspond to the potential interest of visitors and are not perceived as a nuisance. By using the Facebook Pixel, we can track the effectiveness of the Facebook Ads statistically and for market research purposes. We analyze whether visitors are redirected to our website after clicking on a Facebook Ad, i.e. whether a so-called “conversion” takes place. 

General information on the processing of data by Facebook can be found here https://www.facebook.com/policy.php. Further information and details about the Facebook pixel can be found here: https://www.facebook.com/business/help/651294705016616. Facebook is certified under the Privacy-Shield and thus offers a guarantee to comply with the European data protection level (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active). 

You can object to the collection by the Facebook pixel and use of your data to display Facebook ads. To control what types of ads are displayed to you within Facebook, you can go to the page set up by Facebook and follow the instructions for usage-based advertising settings: https://www.facebook.com/settings?tab=ads. The settings are platform-independent, which means they apply to all devices, such as desktop computers or mobile devices. 

You can object to the use of the Facebook pixel if you set this in our Cookie Conset Manager. 

The legal basis for this processing of the data is your consent in accordance with Art. 6 para. 1 lit. a) GDPR. 

 

Use of LinkedIn 

We use conversion tracking technology on our website and the retargeting feature of LinkedIn Corporation. 

This technology allows visitors to this site to see personalized ads on LinkedIn. It also provides the ability to generate anonymous reports on ad performance and website interaction information. LinkedIn Insight tag is embedded in this website, which connects to the LinkedIn server when you visit this website and are logged into your LinkedIn account. 

Please see the LinkedIn privacy policy at https://www.linkedin.com/legal/privacy-policy for more information about data collection and use, and the choices and rights you have to protect your privacy. If you are logged in to LinkedIn, you may opt out of the collection of your information at any time by following this link: https://www.linkedin.com/psettings/enhanced-advertising. 

You can object to the use of the LinkedIn pixel if you set this in our cookie-conset manager. 

The legal basis for this processing of data is your consent in accordance with Art. 6 para. 1 lit. a) GDPR. 

 

Training

If you take part in one of our trainings or courses, we process your name and e-mail address for the purpose of planning and conducting the event. 

If you have booked the event via a corresponding partner portal, the information will be made available to us by that partner portal. We will then process your data on the basis of the legal basis Art. 6 Para. 1 lit. b) GDPR. 

 

Amendment of this privacy policy 

We will revise this privacy policy whenever changes are made to this website or other matters require it. You will always find the current version on this website. 

As a responsible company, we refrain from automatic decision-making or profiling.