Data protection statement

Privacy Policy

Privacy Policy for the use of our website

Thank you for visiting our websites. The protection of your personal data („data“) is very important to us. This Privacy Policy is designed to give you an overview of which Data we collect and process when you visit our websites and contact us and what rights you have in relation to the processing of your Data.

Please click on a topic and display the contents of the selected question:

I. Who are we and how you can contact us?

 

We,

CPU 24/7 GmbH
August-Bebel-Straße 26-53
14482 Potsdam

are responsible for protecting your Data. If you have any questions regarding the processing of Data, regarding your rights or this Privacy Policy, please do not hesitate to contact our Group Data Protection Officer. He can be reached

By post at:
CPU 24/7 GmbH
Data Protection Officer
August-Bebel-Straße 26-53
14482 Potsdam

As well as by email at:
datenschutzbeauftragter@cpu-24-7.com

 

 

II. Data processing in connection with your visit to our websites

 

A. Log Files

Description and scope of the data processing:

When you visit our website your browser automatically transmits the following Data:

  • your IP – address,
  • date and time of access,
  • the website from which access is made (referrer URL),
  • the browser used and its version (if transmitted by the browser),
  • and the operating system used.

Purposes of data processing:

The temporary storage of this data is necessary to enable the delivery of the websites to your device and to ensure the functionality of the websites. In addition, we collect the Data in order to trace and prevent unauthorized access to the webserver and the misuse of the websites and to ensure the security of our information technology systems.

Legal basis:

We store this Data temporarily on the basis of legitimate interests (Art. 6 sec. 1 f General Data Protection Regulation (“GDPR”)). Our legitimate interest lies in achieving the purposes described above.

Term of storage and control options:

The Data will be erased if they are no longer necessary to achieve the purposes. Log files are usually deleted after 28 days.

B. Third Party Cookies and Tracking Technologies

When you visit our websites, we set so-called cookies. These are small text files that are stored on your device. Cookies typically contain a distinctive string of characters, the so-called cookieID, which identify your browser when revisiting the websites.

 

Borlabs Cookie:

Description and scope of the data processing:

On our websites, we use the cookie content technology of „Borlabs Cookie“, a service of „Borlabs“ – Benjamin A. Bornschein, Georg-Wilhelm-Str.17, 21107 Hamburg.

With the help of Borlabs Cookies, we document whether you have consented to the setting of certain cookies in the cookie banner, whether you have withdrawn your consent or have objected to any data processing. The following Data is stored: cookie lifetime, cookie version, domain and path, consent/withdrawal/objection, a randomly generated user ID.

Details about the Borlabs Cookie can be found here.

Purposes of data processing:

Borlabs Cookie is used to meet privacy requirements for the setting and documentation of cookies.

Legal basis:

We use Borlabs Cookie content technology to prove compliance with legal obligations, Art. 6 sec. 1 c GDPR.

Term of storage and control options:

The cookie is valid for 365 days. In any case, the collected Data will be deleted if you ask us to do so or if you delete the Borlabs cookie yourself or if the purpose for which the Data is stored no longer exists. Mandatory legal retention periods remain unaffected.

 

Matomo (PIWIK)

Description and scope of the data processing:

On our websites, we use the free web analysis software “Matomo”.

Matomo:

Matomo uses cookies to enable us to analyse your use of the websites. The analysis is based mainly on the following information: visitor numbers, number of returning visitors, visited sites, visitors’ actions on the site (e.g. filling out the contact form), visitors’ time spent on the site, keywords used by visitors to find the site, visitors’ behaviour on the site, visitors’ location, devices used when visiting our site, including device settings (screen resolution, operating system, browser used), visitors’ interests. The information generated by the cookie about your use of the websites (including your IP address) will be transmitted to and stored by a server. The IP address is made anonymous before being stored.

We:

We use this information exclusively for the purpose of evaluating your use of the websites and compiling reports on website activity.

Purposes of data processing:

Matomo:

On our order, the Data collected is used to evaluate the use of our websites, to compile reports on website activity and to provide other services related to website and Internet use.

We:

We use the statistics provided by Matomo to analyze the activities on our websites. This allows us to evaluate our services and improve the quality of our websites and content and adjust them to the needs of our users.

Legal basis:

We use Matomo on the basis of Art. 6 sec. 1 f GDPR. Our legitimate interest lies in evaluating the use of our websites and adjusting their content and design to your needs.

Term of storage and control options:

The cookies are automatically deleted after 13 months.

You can decide here that no unique web analysis cookie may be stored in your browser to enable us to collect and analyze various statistical data.

Opt-out:

You have total control over the use of cookies and can delete cookies in your browser, you can deactivate the storage of cookies completely, accept only certain cookies selectively and possibly set up your browser in a way that it notifies you when a cookie is to be set. To learn how to change these settings, please use the help feature of your browser. Please note that this can restrict the functionality of our website.

Deactivate in Firefox
Deactivate in Internet Explorer
Deactivate in Chrome

 

Social-Media (Twitter, LinkedIn)

We:
On our websites, you can find icons of social media platforms. These icons are designed as external links; no data processing is performed. If you click on one of the icons, you will be forwarded to the respective social media platform.

Social media platforms:

If you click on an icon your user Data will be transferred to the website of the social media platform.

You can find further information on data processing on social media platforms, purposes and legal bases for the data processing as well as your rights vis-á-vis the social media platforms under the following links:

LinkedIn
LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Irland
Datenschutzerklärung LinkedIn

Twitter
Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA
Datenschutzerklärung Twitter

You can also prevent the collection and processing of the Data by the social media platforms by downloading and installing on your devices the browser add-on available under the following links:

LinkedIn Opt-Out
Twitter Opt-Out

 

III. Which Data is processed when you contact us?

 

Description and scope of data processing:

We collect and process the Data provided by you, such as your contact Data, your name and your request, when you contact us via a contact form or by e-mail. All Data that you send to us is encrypted between your browser and our server.

Purposes of data processing:

We process your Data exclusively to handle your query.

Legal basis:

We process your Data in order to perform pre-contractual and contractual measures, that occur on the basis of your query (Art. 6 sec. 1 b GDPR). In all other cases, the processing is based on our legitimate interest in the effective processing of the queries addressed to us (Art. 6 sec. 1 f GDPR).

Term of storage and control options:

We store your Data for as long as we need it for the specific processing purpose. In addition, we store certain Data for the duration of the statutory limitation periods (usually three years, in individual cases up to 30 years) and for as long as is prescribed by statutory retention periods (e.g. as defined in the Commercial Code (HGB), the Fiscal Code (AO)) (usually ten years).

 

IV. Which Data is processed when you apply for a job with us?

 

Description and scope of data processing:

You can send us your application documents by e-mail at jobs@cpu-24-7.com or by post at

CPU 24/7 GmbH
August-Bebel-Straße 26-53
14482 Potsdam

To participate in an application process we require, depending on the type of application, your contact details, your email address, information on your professional qualifications in the form of education and graduation certificates and/or employer references as well as your CV. If you give us additional Data voluntarily, we use this exclusively for the purpose of processing your application and conducting the application process.
In principle, only those persons have access to your Data who are internally involved in filling the position.
With your consent, we store your application documents in our applicant pool so that your application can also be considered for future job vacancies.

Purposes of data processing:
The purpose of processing the Data provided by you is to select an applicant for employment. Applicants are required to provide the above-mentioned Data. Without providing the Data, participation in the application process is not possible.

Legal basis:
The legal basis for the data processing is Sec. 26 Federal Data Protection Act (BDSG) in conjunction with Art. 6 sec. 1 b GDPR. We process voluntary information on the basis of Sec. 26 para. 1 BDSG in conjunction with Art. 6 1 f GDPR. Participation in the applicant pool is on the basis of your consent according to Article 26. para. 2 BDSG in conjunction with Art. 6 1 a GDPR.

Term of storage and control options:
If we decline your application, we will store your application documents for a maximum of six months from the time of notification of the unsuccessful application. The data in the applicant pool will be deleted after 12 months unless you agree to a longer storage period.
Should you wish to withdraw any of the consents given during the application process for the processing of your data, you can contact us at the above address by letter or by e-mail to jobs@cpu-24-7.com.

 

V. Who receives your Data?

 

A. Departments within CPU 24/7 GmbH

Within CPU 24/7 GmbH, access to your Data shall only be provided to those departments/persons who require this for the purposes described (“Need-to-know principle”).

B. Service providers that support us

We will transmit your Data to our service providers, e.g. in the fields of

  • IT services,
  • telecommunications,
  • advice, legal advice,
  • compliance and data protection,
  • distribution and advertising,
  • operation and maintenance of our websites,
  • as well as communication, e.g. via our contact form and customer service (telephone and e-mail).

These service providers are contractually obliged to maintain confidentiality and fulfill the requirements under data protection law. Service providers that are processors have signed a corresponding contract, which guarantees that Data will be processed strictly according to our instructions.

 

VI. What rights do you have and how can you exercise these?

 

A. Withdrawal of consent

You can withdraw any consent you have granted to the processing of your Data at any time and with effect for the future. Please note that the withdrawal will have no impact on the legality of the previous data processing and that it does not extend to such data processing for which statutory authorisation exists and which can therefore be performed without your consent.

B. Other rights of data subjects

According to Art. 15 to 21 and 77 of the GDPR and if the conditions are met, you are furthermore entitled to the following rights.

Access:

You can at any time demand provision of information on the Data of yours that we process and demand a copy of the Data stored on you, Art. 15 GDPR. Please note that further copies of the Data stored on you may be subject to a charge.

Correction:

You can demand the correction of incorrect Data as well as the completion of incomplete Data according to Art. 16 GDPR.

Erasure:

You can demand the erasure of your Data. Please note that the erasure does not include Data required for the execution and processing of contracts and to assert, exercise and defend against legal claims as well as Data for which statutory, supervisory or contractual retention obligations exist, Art. 17 GDPR.

Restriction of processing:

You can under certain circumstances demand the restriction of the processing, e.g. if you believe that your Data is incorrect if the processing is illegal or you have raised a complaint about the data processing. This will mean that without your consent your Data may only be processed in a very restricted way, e.g. to assert, exercise or defend against legal claims or to protect the rights of other natural or legal entities, Art. 18 GDPR.

Objection to data processing:

You have the option to object to the data processing for direct advertising purposes at any time. In addition, you can object at any time to data processing performed on the basis of a legitimate interest if there is a particular reason for doing so, Article 21 GDPR.

Data portability:

You have the right to receive the Data provided by you, which was processed based on your consent or in order to fulfil a contract, in a structured, commonly used and machine-readable format and the right to demand a direct transfer of this Data to third parties within the realms of what is technically possible, Article 20 GDPR.

C. Contact routes

You can assert your rights by means of the following Contact details:

by post at:

CPU 24/7 GmbH
Data Protection Officer
August-Bebel-Straße 26-53
14482 Potsdam

As well as by email at: datenschutzbeauftragter@cpu-24-7.com.

D. Right to appeal to the competent data protection supervisory authority

If you, for example, consider that the processing of your Data is illegal or that your rights described above are not granted to you to the required extent, you have the right to file a complaint to the competent data protection supervisory authority.

 

VII. Privacy Policy for the use of our Twitter profile

 

Thank you for visiting our Twitter profile. The protection of your personal data (“Data”) is very important to us. This Privacy Policy is designed to give you an overview of which Data we collect and process when you visit our Twitter profile and contact us and what rights you have in relation to the processing of your Data.

A) Who are we and how you can contact us?

We,

CPU 24/7 GmbH
August-Bebel-Straße 26-53
14482 Potsdam

and

Twitter International Company
One Cumberland Place
Fenian Street
Dublin 2
D02 AX07
Ireland

are responsible for protecting your Data.

If you have any questions regarding the processing of data by Twitter and your relevant rights, please contact Twitter (you can find more information here).

If you have any questions regarding the processing of data by us, regarding your rights or this Privacy Policy, please do not hesitate to contact our Group Data Protection Officer. He can be reached

by post at:

CPU 24/7 GmbH
Data protection officer
August-Bebel-Straße 26-53
14482 Potsdam

As well as by email at: datenschutzbeauftragter@cpu-24-7.com.

 

B) Data processing in connection with your visit to our Twitter profile

How we jointly process your Data

To interact with you on Twitter and align our Twitter profile to the interests of our followers, we use the Twitter functions described below. The processing of the data collected by us in this process is carried out exclusively by employees entrusted with the operation of our Twitter profile.

Twitter Analytics and Audience Insights

Description and scope of data processing:

We:
We use the function of “Twitter Analytics”. This function provides us with information on the number of profile visits, tweet impressions, tweet interactions and overviews of the number of followers won and lost for the last 28 days. We also learn how often our videos are shown and how long the viewed video frequencies are.

We can also use the “Audience Insights” function to view anonymous statistics on our followers. We cannot identify any specific persons from this Data. The statistical reports contain various information, e.g.:

  • gender,
  • interests,
  • country / Region,
  • language,
  • device type.

Twitter:

In order to generate the page insights anonymously provided to us, Twitter will collect among other information, the following:

  • views of a page, post or video on a page,
  • subscribing to or unsubscribing from a Twitter profile,
  • interact with a Twitter profile or a tweet (e.g. tagging a page or a post as „liked“),
  • demographic characteristics,
  • interests,
  • the information about whether the page visit or interaction happened from a computer or a mobile device.

Further information about the scope and the purpose, as well as the legal basis of Twitter’s data processing, can be found on Twitter Privacy Policy.

Purpose and legal basis of data processing:

These statistics help us learn how our Twitter profile is being used. This enables us to improve the activities on our Twitter profile as well as the design and the contents of our Twitter profile, our advertising activities, our posts and our events. Hereon our legitimate interest is based (Art. 6 sec. 1f GDPR).

 

Notifications

Description and scope of data processing:

We:

When you interact with our Twitter profile or one of our posts, advertising activities or events (for example, „Liking“, commenting), subscribe to our Twitter profile or follow us, we get a notification from Twitter with your name, your profile picture and your interaction.
We are not able to delete the Twitter notifications, your tweets or other interactions.

Twitter:

Twitter collects information about how you use our Twitter profile (amongst others, interactions with tweets) and notifies us about it.

Further information about the scope and the purpose, as well as the legal basis of Twitter’s data processing, can be found on Twitter Privacy Policy.

Purpose and legal basis of the data processing

We will use the provided Data to learn about how you interact with regard to our Twitter profile and to be able to react to your interactions (for example, comments, „Likes“). The data processing is based on the aforementioned legitimate interest (Art. 6 sec. 1f GDPR).

 

Contacting us

Description and scope of data processing:

We:

When you contact us via Twitter, for example, when you send us messages via Twitter, we will receive the information provided by Twitter that includes your user name, your profile picture, your query as well as your contact data and will process these.
We will not be able to delete your making contact via Twitter.

Twitter:

Twitter will process the Data provided by you and will make them available to us.

Further information about the scope and the purpose, as well as the legal basis of Twitter’s data processing, can be found on Twitter Privacy Policy.

Purpose and legal basis of data processing:

We will process your Data as part of processing your query. The data processing is based on the aforementioned legitimate interest (Art. 6 sec 1f GDPR).

 

How Twitter will process your Data

When you visit our Twitter profile, Twitter will collect and process the Data previously described, as well as other different Data provided by you, through cookies and other tracking technologies, for example, to provide advertisers with statistics and analyses, market research, customization of features and contents. Twitter shares these Data with other companies and third parties and transmits Data to third countries outside of the European Union, such as the USA.
Further information about the scope and the purpose, as well as the legal basis of Twitter’s data processing, can be found in the Twitter Privacy Policy.

C) What rights do you have and how can you exercise these?

Withdrawal of consent

You can withdraw any consent you have granted to the processing of your Data at any time and with effect for the future. Please note that the withdrawal will have no impact on the legality of the previous data processing and that it does not extend to such data processing for which statutory authorisation exists and which can therefore be performed without your consent.

Other rights of data subjects

According to Art. 15 to 21 and 77 of the GDPR and if the conditions are met, you are furthermore entitled to the following rights.

Please note that we can only assist you in exercising your rights with regard to our data processing previously mentioned in II. A.

To exercise your rights with regard to Twitter´s data processing, please contact Twitter.

Access:

You can at any time demand provision of information on the Data of yours that we process and demand a copy of the Data stored on you, Art. 15 GDPR. Please note that further copies of the Data stored on you may be subject to a charge.

Correction:

You can demand the correction of incorrect Data as well as the completion of incomplete Data according to Art. 16 GDPR.

Erasure:

You can demand the erasure of your Data. Please note that the erasure does not include Data required for the execution and processing of contracts and to assert, exercise and defend against legal claims as well as Data for which statutory, supervisory or contractual retention obligations exist, Art. 17 GDPR.

Restriction of processing:

You can under certain circumstances demand the restriction of the processing, e.g. if you believe that your Data is incorrect if the processing is illegal or you have raised a complaint about the data processing. This will mean that without your consent your Data may only be processed in a very restricted way, e.g. to assert, exercise or defend against legal claims or to protect the rights of other natural or legal entities, Art. 18 GDPR.

Widerspruch gegen die Datenverarbeitung:

You have the option to object to the data processing for direct advertising purposes at any time. In addition, you can object at any time to data processing performed on the basis of a legitimate interest if there is a particular reason for doing so, Art. 21 GDPR. This also applies to profiling based on this provision according to Art. 4 No. 4 GDPR. In case of an objection your Data will no longer be processed, unless there are compelling and legitimate reasons for the processing that prevail over your interests, rights and freedoms or unless the processing serves to assert, exercise or defend against legal claims or to protect the rights of other natural or legal entities.

Data portability:

You have the right to receive the Data provided by you, which was processed based on your consent or in order to fulfil a contract, in a structured, commonly used and machine-readable format and the right to demand a direct transfer of this Data to third parties within the realms of what is technically possible, Article 20 GDPR.

Contact routes

You can assert your rights by means of the Contact details stated above.

Right to appeal to the competent data protection supervisory authority

If you, for example, consider that the processing of your Data is illegal or that your rights described above are not granted to you to the required extent, you have the right to file a complaint to the competent data protection supervisory authority.

 

Last revision: October 2020

 

 

VIII. Privacy Policy for the Use of Our LinkedIn page

 

Thank you for visiting our LinkedIn page. The protection of your personal data (hereinafter: Data) is very important to us. This Privacy Policy is designed to give you an overview of which Data we collect and process when you visit our LinkedIn page and contact us and what rights you have in relation to the processing of your Data.

A) Who are we and how you can contact us?

We,

CPU 24/7 GmbH
August-Bebel-Straße 26-53
14482 Potsdam

and

LinkedIn Ireland Unlimited Company
Wilton Place,
Dublin 2, Ireland

are responsible for protecting your Data.

If you have any questions regarding the processing of Data by LinkedIn and your relevant rights, please contact LinkedIn’s Data Protection Officer by means of the LinkedIn Data Policy.

If you have any questions regarding the processing of Data by us, regarding your rights or this Privacy Policy, please do not hesitate to contact our Group Data Protection Officer. He can be reached

by post at:

CPU 24/7 GmbH
Data Protection Officer
August-Bebel-Straße 26-53
14482 Potsdam

As well as by email at: datenschutzbeauftragter@cpu-24-7.com.

 

B) Data processing in connection with your visit to our LinkedIn page

How we process your Data

To interact with you on LinkedIn and align our LinkedIn page to the interests of our followers, we use the LinkedIn functions described below. The processing of the Data collected here is done by the staff responsible for the support of our LinkedIn page.

Analytics

Description and scope of data processing:

In the administrator view of our LinkedIn page, we receive information from LinkedIn about visitors, followers and updates to our LinkedIn page.

Purpose and legal basis of data processing:

These statistics help us learn how our LinkedIn page is being used. This enables us to improve the activities on our LinkedIn page as well as the design and the contents of our LinkedIn page, our advertising activities, our posts and our events. Hereon our legitimate interest is based (Art. 6 sec. 1f GDPR).

Notifications

Description and scope of data processing:

When you interact with our LinkedIn page or one of our posts, advertising activities or events (for example, „Liking“, commenting), subscribe to our LinkedIn page or follow us, we get a notification from LinkedIn with your name, your profile picture and your interaction.

We are not able to delete the LinkedIn notifications, your posts or other interactions.

Purpose and legal basis of the data processing:

We will use the provided Data to learn about how you interact with regard to our LinkedIn page and to be able to react to your interactions (for example, comments, „Likes“). The data processing is based on the aforementioned legitimate interest (Art. 6 sec. 1f GDPR).

Contacting us

Description and scope of data processing:

When you contact us via LinkedIn, for example, when you send us messages via LinkedIn, we will receive the information provided by LinkedIn that includes your user name, your profile picture, your query as well as your contact data and will process these.
We will not be able to delete your making contact via LinkedIn.

Purpose and legal basis of data processing:

We will process your Data as part of processing your query. The data processing is based on the aforementioned legitimate interest (Art. 6 sec 1f GDPR).

How LinkedIn will process your Data

When you visit our LinkedIn page, LinkedIn will collect and process the Data previously described, as well as other different Data provided by you, through cookies and other tracking technologies, for example, to provide advertisers with statistics and analyses, market research, customization of features and contents. LinkedIn shares these Data with other companies and third parties and transmits Data to third countries outside of the European Union, such as the USA.
Further information about the scope and the purpose, as well as the legal basis of LinkedIn’s data processing, can be found in the LinkedIn Data Policy.

 

C) What rights do you have and how can you exercise these?

Withdrawal of consent

You can withdraw any consent you have granted to the processing of your Data at any time and with effect for the future. Please note that the withdrawal will have no impact on the legality of the previous data processing and that it does not extend to such data processing for which statutory authorisation exists and which can therefore be performed without your consent..

Other rights of data subjects

According to Art. 15 to 21 and 77 of the GDPR and if the conditions are met, you are furthermore entitled to the following rights.

Please note that we can only assist you in exercising your rights with regard to our data processing previously mentioned in II. A.

To exercise your rights with regard to LinkedIn´s data processing, please contact LinkedIn.

Access:

You can at any time demand provision of information on the Data of yours that we process and demand a copy of the Data stored on you, Art. 15 GDPR. Please note that further copies of the Data stored on you may be subject to a charge.

Correction:

You can demand the correction of incorrect Data as well as the completion of incomplete Data according to Art. 16 GDPR.

Erasure:

You can demand the erasure of your Data. Please note that the erasure does not include Data required for the execution and processing of contracts and to assert, exercise and defend against legal claims as well as Data for which statutory, supervisory or contractual retention obligations exist, Art. 17 GDPR.

Restrictions of processing:

You can under certain circumstances demand the restriction of the processing, e.g. if you believe that your Data is incorrect if the processing is illegal or you have raised a complaint about the data processing. This will mean that without your consent your Data may only be processed in a very restricted way, e.g. to assert, exercise or defend against legal claims or to protect the rights of other natural or legal entities, Art. 18 GDPR.

Objection to the data processing:

You have the option to object to the data processing for direct advertising purposes at any time. In addition, you can object at any time to data processing performed on the basis of a legitimate interest if there is a particular reason for doing so, Art. 21 GDPR. This also applies to profiling based on this provision according to Art. 4 No. 4 GDPR. In case of an objection your Data will no longer be processed, unless there are compelling and legitimate reasons for the processing that prevail over your interests, rights and freedoms or unless the processing serves to assert, exercise or defend against legal claims or to protect the rights of other natural or legal entities.

Data portability:

You have the right to receive the Data provided by you, which was processed based on your consent or in order to fulfil a contract, in a structured, commonly used and machine-readable format and the right to demand a direct transfer of this Data to third parties within the realms of what is technically possible, Article 20 GDPR.

Contact routes

You can assert your rights by means of the Contact details stated above.

Right to appeal to the competent data protection supervisory authority

If you, for example, consider that the processing of your Data is illegal or that your rights described above are not granted to you to the required extent, you have the right to file a complaint to the competent data protection supervisory authority.

Last revision: July 2019

 

Last revision: October 2020