Data protection statement

Privacy Policy

Privacy Policy for the use of our websites

Thank you for visiting our websites. The protection of your personal data (“Data”) is very important to us. This Privacy Policy is designed to give you an overview of which Data we collect and process when you visit our websites and contact us and what rights you have in relation to the processing of your Data.

I. Who are we and how you can contact us?

We,

CPU 24/7 GmbH
August-Bebel-Straße 26-53
14482 Potsdam

are responsible for protecting your Data.

If you have any questions regarding the processing of Data, regarding your rights or this Privacy Policy, please do not hesitate to contact our Group Data Protection Officer. He can be reached

By post at:

CPU 24/7 GmbH
Data Protection Officer
August-Bebel-Straße 26-53
14482 Potsdam

As well as by email at: datenschutzbeauftragter@cpu-24-7.com

II. Data processing in connection with your visit to our websites

Insofar as the Telecommunication-Telemedia-Data-Protection-Act (“TTDSG”) applies to the technologies used on our website and the cookies set by us, we obtain your consent via our cookie banner or the cookie settings (Sec. 25 (1) TTDSG). In other cases, the data processing is technically necessary for the operation of the website designed by us, in particular to ensure the permanent functionality and security of our website and our information technology systems, or it is necessary to meet legal requirements (Sec. 25 (2) TTDSG).
You can access the cookie settings via the menu item of the same name in our website footer – at the bottom of the website.

A. Log Files

Description and scope of the data processing:

When you visit our website your browser automatically transmits the following Data:

  • your IP – address,
  • date and time of access,
  • the website from which access is made (referrer URL),
  • the browser used and its version (if transmitted by the browser).

Purposes of the data processing:

Temporary storage of this data is necessary to enable delivery of the websites to your device and to ensure the functionality of the websites. In addition, we collect the Data in order to trace and prevent unauthorized access to the web server and the misuse of the websites and to ensure the security of our information technology systems.

Legal basis:

We store this Data temporarily on the basis of legitimate interests (Art. 6 sec. 1 f General Data Protection Regulation (“GDPR”)). Our legitimate interest lies in achieving the purposes described above.

Term of storage and control options:

The Data will be erased if they are no longer necessary to achieve the purposes. Log files are usually deleted after 28 days.

B. Third Party Cookies and Tracking Technologies

When you visit our websites, we set so-called cookies. These are small text files that are stored on your device. Cookies typically contain a distinctive string of characters, the so-called cookieID, which identify your browser when revisiting the websites.

 

Borlabs Cookie:

Description and scope of the data processing:

On our websites, we use the cookie content technology of „Borlabs Cookie“, a service of „Borlabs“ – Benjamin A. Bornschein, Georg-Wilhelm-Str.17, 21107 Hamburg.

With the help of Borlabs Cookies we document whether you have consented to the setting of certain cookies in the cookie banner, whether you have withdrawn your consent or have objected to any data processing. The following Data is stored: cookie lifetime, cookie version, domain and path, consent / withdrawal / objection, a randomly generated user ID.

Details about the Borlabs Coookie can be found here.

Purposes of data processing:

Borlabs Cookie is used to meet privacy requirements for the setting and documentation of cookies.

Legal basis:

We use Borlabs Cookie content technology to prove compliance with legal obligations, Art. 6 sec. 1 c GDPR.

Term of storage and control options:

The cookie is valid for 365 days. In any case, the collected Data will be deleted if you ask us to do so or if you delete the Borlabs cookie yourself or if the purpose for which the Data is stored no longer exists. Mandatory legal retention periods remain unaffected.

Matomo (PIWIK)

Description and scope of the data processing:

On our websites, we use the free web analysis software “Matomo”.

Matomo:

Matomo uses cookies to enable us to analyse your use of the websites. The analysis is based mainly on the following information: visitor numbers, number of returning visitors, visited sites, visitors’ actions on the site (e.g. filling out the contact form), visitors’ time spent on the site, keywords used by visitors to find the site, visitors’ behaviour on the site, visitors’ location, devices used when visiting our site, including device settings (screen resolution, operating system, browser used), visitors’ interests. The information generated by the cookie about your use of the websites (including your IP address) will be transmitted to and stored by a server. The IP address is made anonymous before being stored.

We:

We use this information exclusively for the purpose of evaluating your use of the websites and compiling reports on website activity.

Purposes of data processing:

Matomo:

On our order, the Data collected is used to evaluate the use of our websites, to compile reports on website activity and to provide other services related to website and Internet use.

We:

We use the statistics provided by Matomo to analyze the activities on our websites. This allows us to evaluate our services and improve the quality of our websites and content and adjust them to the needs of our users.

Legal basis:

We use Matomo on the basis of your consent given via our cookie banner or the cookie settings (Art. 6 sec. 1 a GDPR).

Term of storage and control options:

The cookies are automatically deleted after 13 months.

Via the cookie settings you can decide at any time that no unique web analysis cookie may be stored in your browser to enable us to collect and analyze various statistical data. You can access the cookie settings via the menu item of the same name in our website footer – at the bottom of the website.

You have total control over the use of cookies and can delete cookies in your browser, you can deactivate the storage of cookies completely, accept only certain cookies selectively and possibly set up your browser in a way that it notifies you when a cookie is to be set. To learn how to change these settings, please use the help feature of your browser. Please note that this can restrict the functionality of our website.

Deactivate in Firefox

Deactivate in Internet Explorer

Deactivate in Chrome

Social-Media (Twitter, LinkedIn)

We:

On our websites you can find icons of social media platforms. These icons are designed as external links; no data processing is performed. If you click on one of the icons, you will be forwarded to the respective social media platform.

Social media platforms:

If you click on an icon your user Data will be transferred to the website of the social media platform.

You can find further information on data processing on social media platforms, purposes and legal bases for the data processing as well as your rights vis-á-vis the social media platforms under the following links:

OperatorAddressPrivacy Policy
 

 

LinkedIn

 

LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Irland

here

TwitterTwitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA

here

You can also prevent the collection and processing of the Data by the social media platforms by downloading and installing on your devices the browser add-on available under the following links:

LinkedIn Opt-Out
Twitter Opt-Out

III. Which Data is processed when you contact us?

Description and scope of data processing:

We collect and process the Data provided by you, such as your contact Data, your name and your request, when you contact us via a contact form or by e-mail. All Data that you send to us is encrypted between your browser and our server.

Purposes of data processing:

We process your Data exclusively to handle your query.

Legal basis:

We process your Data in order to perform precontractual and contractual measures, that occur on the basis of your query (Art. 6 sec. 1 b GDPR). In all other cases, the processing is based on our legitimate interest in the effective processing of the queries addressed to us (Art. 6 sec. 1 f GDPR).

Term of storage and control options:

We store your Data for as long as we need it for the specific processing purpose. In addition, we store certain Data for the duration of the statutory limitation periods (usually three years, in individual cases up to 30 years) and for as long as is prescribed by statutory retention periods (e.g. as defined in the Commercial Code (HGB), the Fiscal Code (AO)) (usually ten years).

IV. Which Data is processed when you apply for a job with us?

 

Description and scope of data processing:

You can send us your application documents by e-mail at jobs@cpu-24-7.com or by post at

CPU 24/7 GmbH
August-Bebel-Straße 26-53
14482 Potsdam

To participate in an application process we require, depending on the type of application, your contact details, your email address, information on your professional qualifications in the form of education and graduation certificates and/or employer references as well as your CV. If you give us additional Data voluntarily, we use this exclusively for the purpose of processing your application and conducting the application process.

In principle, only those persons have access to your Data who are internally involved in filling the position.

With your consent, we store your application documents in our applicant pool so that your application can also be considered for future job vacancies.

Purposes of the data processing:
The purpose of processing the Data provided by you is to select an applicant for employment. Applicants are required to provide the above-mentioned Data. Without providing the Data, participation in the application process is not possible.

Legal basis:
The legal basis for the data processing is Sec. 26 Federal Data Protection Act (BDSG) in conjunction with Art. 6 sec. 1 b GDPR. We process voluntary information on the basis of Sec. 26 para. 1 BDSG in conjunction with Art. 6 1 f GDPR. Participation in the applicant pool is on the basis of your consent according to Article 26. para. 2 BDSG in conjunction with Art. 6 1 a GDPR.

Term of storage and control options:
If we decline your application, we will store your application documents for a maximum of six months from the time of notification of the unsuccessful application. The data in the applicant pool will be deleted after 12 months, unless you agree to a longer storage period.

Should you wish to withdraw any of the consents given during the application process for the processing of your data, you can contact us at the above address by letter or by e-mail to jobs@cpu-24-7.com.

V. Who receives your Data?

A. Departments within CPU 24/7 GmbH

Within CPU 24/7 GmbH, access to your Data shall only be provided to those departments/persons who require this for the purposes described (“Need-to-know principle”).

B. Service providers that support us

We will transmit your Data to our service providers, e.g. in the fields of

  • IT services,
  • telecommunications,
  • advice, legal advice,
  • compliance and data protection,
  • distribution and advertising,
  • operation and maintenance of our websites,
  • as well as communication, e.g. via our contact form and customer service (telephone and e-mail).

These service providers are contractually obliged to maintain confidentiality and fulfill the requirements under data protection law. Service providers that are processors have signed a corresponding contract, which guarantees that Data will be processed strictly according to our instructions.

VI. What rights do you have and how can you exercise these?

A. Withdrawal of consent

You can withdraw any consent you have granted to the processing of your Data at any time and with effect for the future. Please note that the withdrawal will have no impact on the legality of the previous data processing and that it does not extend to such data processing for which statutory authorisation exists and which can therefore be performed without your consent.

B. Other rights of data subjects

According to Art. 15 to 21 and 77 of the GDPR and if the conditions are met, you are furthermore entitled to the following rights.

Access:

You can at any time demand provision of information on the Data of yours that we process and demand a copy of the Data stored on you, Art. 15 GDPR. Please note that further copies of the Data stored on you may be subject to a charge.

Correction:

You can demand the correction of incorrect Data as well as the completion of incomplete Data according to Art. 16 GDPR.

Erasure:

You can demand the erasure of your Data. Please note that the erasure does not include Data required for the execution and processing of contracts and to assert, exercise and defend against legal claims as well as Data for which statutory, supervisory or contractual retention obligations exist, Art. 17 GDPR.

Restriction of processing:

You can under certain circumstances demand the restriction of the processing, e.g. if you believe that your Data is incorrect, if the processing is illegal or you have raised a complaint about the data processing. This will mean that without your consent your Data may only be processed in a very restricted way, e.g. to assert, exercise or defend against legal claims or to protect the rights of other natural or legal entities, Art. 18 GDPR.

Objection to data processing:

You have the option to object to the data processing for direct advertising purposes at any time. In addition, you can object at any time to data processing performed on the basis of a legitimate interest if there is particular reason for doing so, Article 21 GDPR.

Data portability:

You have the right to receive the Data provided by you, which was processed based on your consent or in order to fulfill a contract, in a structured, commonly used and machine-readable format and the right to demand a direct transfer of this Data to third parties within the realms of what is technically possible, Article 20 GDPR.

C. Contact routes

You can assert your rights by means of the following Contact details:

by post at:

CPU 24/7 GmbH
Data Protection Officer
August-Bebel-Straße 26-53
14482 Potsdam

As well as by email at: datenschutzbeauftragter@cpu-24-7.com.

D. Right to appeal to the competent data protection supervisory authority

If you, for example, consider that the processing of your Data is illegal or that your rights described above are not granted to you to the required extent, you have the right to file a complaint to the competent data protection supervisory authority.

Last revision: December 2021

VII. Privacy Policy for the Use of Our Social Media
A. Privacy Policy for the Use of Our LinkedIn page

Thank you for visiting our LinkedIn page. The protection of your personal data (”Data”) is very important to us. This Privacy Policy is designed to give you an overview of which Data we collect and process when you visit our LinkedIn page and contact us and what rights you have in relation to the processing of your Data.

 

  1. Who are we and how you can contact us?

We,

CPU 24/7 GmbH
August-Bebel-Straße 26-53
14482 Potsdam

 and

LinkedIn Ireland Unlimited Company (“LinkedIn”)
Wilton Place,
Dublin 2, Ireland

are responsible for protecting your Data.

If you have any questions regarding the processing of Data by LinkedIn (as described in II. B.) and your relevant rights, please contact LinkedIn ‘s Data Protection Officer by means of the .

If you have any questions regarding the processing of Data by us (as described in II. A.), regarding your rights or this Privacy Policy, please do not hesitate to contact our Group Data Protection Officer. He can be reached

By post at:
CPU 24/7 GmbH
Data Protection Officer
August-Bebel-Straße 26-53
14482 Potsdam

As well as by email at:       datenschutzbeauftragter@cpu-24-7.com.

II. Data processing in connection with your visit to our LinkedIn page

A. How we process your Data

To interact with you on LinkedIn and align our LinkedIn page to the interests of our followers, we use the LinkedIn functions described below. The processing of the Data collected here is done by staff responsible for the support of our LinkedIn page.

 

  1. Analytics

 Description and scope of the data processing:

In the administrator view of our LinkedIn page, we receive information from LinkedIn about visitors, followers and updates to our LinkedIn page.

Purpose and legal basis of the data processing:

These statistics help us learn how our LinkedIn page is being used. This enables us to improve the activities on our LinkedIn page as well as the design and the contents of our LinkedIn page, our advertising activities, our posts and our events. Hereon our legitimate interest is based (Art. 6 sec. 1f GDPR).

2. Notifications

Description and scope of the data processing:

When you interact with our LinkedIn page or one of our posts, advertising activities or events (for example, „Liking“, commenting), subscribe to our LinkedIn page or follow us, we get a notification from LinkedIn with your name, your profile picture and your interaction.

We are not able to delete the LinkedIn notifications, your posts or other interactions.

Purpose and legal basis of the data processing:

We will use the provided Data to learn about how you interact with regard to our LinkedIn page and to be able to react to your interactions (for example, comments, „Likes“). The data processing is based on the aforementioned legitimate interest (Art. 6 sec. 1f GDPR). 

3. Contacting us

Description and scope of the data processing:

When you contact us via LinkedIn, for example, when you send us messages via LinkedIn, we will receive the information provided by LinkedIn that include your user name, your profile picture, your query as well as your contact data and will process these.We will not be able to delete your making contact via LinkedIn.

Purpose and legal basis of the data processing:

We will process your Data as part of processing your query. The data processing is based on the aforementioned legitimate interest (Art. 6 sec 1f GDPR).

B. How LinkedIn will process your Data

When you visit our LinkedIn page, LinkedIn will collect and process the Data previously described, as well as other different Data provided by you, through cookies and other tracking technologies, for example to provide advertisers with statistics and analyses, market research, customization of features and contents. LinkedIn shares these Data with other companies and third parties and transmits Data to third countries outside of the European Union, such as the USA.Further information about the scope and the purpose as well as the legal basis of LinkedIn ‘s data processing can be found in the .

III. What rights do you have and how can you exercise these?

A. Withdrawal of consent

You can withdraw any consent you have granted to the processing of your Data at any time and with effect for the future. Please note that the withdrawal will have no impact on the legality of the previous data processing and that it does not extend to such data processing for which statutory authorisation exists and which can therefore be performed without your consent.

  1. Other rights of data subjects

According to Art. 15 to 21 and 77 of the GDPR and if the conditions are met, you are furthermore entitled to the following rights. Please note that we can only assist you in exercising your rights with regard to our data processing previously mentioned in II. A. To exercise your rights with regard to LinkedIn´s data processing, please contact .

Access:

You can at any time demand provision of information on the Data of yours that we process and demand a copy of the Data stored on you, Art. 15 GDPR. Please note that further copies of the Data stored on you may be subject to a charge.

Correction:

You can demand the correction of incorrect Data as well as the completion of incomplete Data according to Art. 16 GDPR.

Erasure:

You can demand the erasure of your Data. Please note that the erasure does not include Data required for the execution and processing of contracts and and to assert, exercise and defend against legal claims as well as Data for which statutory, supervisory or contractual retention obligations exist, Art. 17 GDPR.

Restriction of processing:

You can under certain circumstances demand the restriction of the processing, e.g. if you believe that your Data is incorrect, if the processing is illegal or you have raised a complaint about the data processing. This will mean that without your consent your Data may only be processed in a very restricted way, e.g. to assert, exercise or defend against legal claims or to protect the rights of other natural or legal entities, Art. 18 GDPR.

Objection to the data processing:

You have the option to object to the data processing for direct advertising purposes at any time. In addition, you can object at any time to data processing performed on the basis of a legitimate interest if there is particular reason for doing so, Art. 21 GDPR. This also applies to a profiling based on this provision according to Art. 4 No. 4 GDPR. In case of an objection your Data will no longer be processed, unless there are compelling and legitimate reasons for the processing that prevail over your interests, rights and freedoms or unless the processing serves to assert, exercise or defend against legal claims or to protect the rights of other natural or legal entities.

Data portability:

You have the right to receive the Data provided by you, which was processed based on your consent or in order to fulfill a contract, in a structured, commonly used and machine-readable format and the right to demand a direct transfer of this Data to third parties within the realms of what is technically possible, Article 20 GDPR.

C. Contact routes

You can assert your rights by means of the Contact details stated above in I.

D. Right to appeal to the competent data protection supervisory authority

If you, for example, consider that the processing of your Data is illegal or that your rights described above are not granted to you to the required extent, you have the right to file a complaint to the competent data protection supervisory authority.

Last revision: January 2022

B. Privacy policy for the use of our Xing page

Thank you for visiting our Xing page. The protection of your personal data (hereinafter: data) is very important to us. This privacy policy helps you to obtain an overview of what data we collect and process when you visit our Xing page and contact us, what rights you have in relation to the processing of your data and how you can exercise these rights.

  1. Who we are and how to contact us

 We,

CPU 24/7 GmbH (“CPU”)
August-Bebel-Straße 26-53
14482 Potsdam

 and

New WorkSE (“Xing”)
Am Strandkai 1
20457 Hamburg, Germany

are responsible for the processing of your data.

If you have any questions about data processing by Xing (see also II. B. below) and your related rights, please contact Xing’s data protection officer via .

If you have any questions about the data processing by us (see II. A.), about your rights or the privacy policy, our corporate data protection officer will be pleased to help. He can be reached

by post at:
CPU 24/7 GmbH
Data protection officer
August-Bebel-Straße 26-53
14482 Potsdam

as well as by email at:        datenschutzbeauftragter@cpu-24-7.com.

II. Data processing related to your visit to our Xing page

A. How we process your data

We use the Xing functions described in the following to interact with you on Xing and to align our Xing page with the interests of our followers. The data collected is processed by our employees entrusted with handling our Xing page.

  1. Profile analysis

 Description and scope of the data processing:

Through the “Profile analysis” function, we receive overviews provided by Xing as well as anonymised results of the analysis of visitors and followers of our Xing page during the past 30 days. The anonymised analyses contain different information, e.g.:

  • Company,
  • Industry,
  • Career levels,
  • Age groups.

Purpose and legal basis of the data processing:

The profile analysis helps us to find out who or which groups of people use our Xing page. This enables us to adjust the design of our Xing page, advertising campaigns, posts and events to the interests of our visitors and followers. The data processing is based on these legitimate interests (Art. 6 (1) (f) GDPR).

2. Contacting us

Description and scope of the data processing:

If you contact us via Xing, e.g. send messages through Xing, we receive from Xing the information provided by you, such as your user name, your profile image, your request or concern and your contact details and we process these. We cannot delete your contact through Xing.

Purpose of the data processing and legal basis:

We process your data in order to handle your enquiry. The data processing is based on this legitimate interest (Art. 6 (1) (f) GDPR).

B. How Xing processes your data

When you visit our Xing page, Xing collects and processes various personal data, which are obtained through cookies and other tracking technologies and are made available by you and third parties, e.g. for providing Xing services, measurement and optimisation of advertising, for creating statistics. Xing shares these data with other companies and third parties and transfers data to third countries outside the European Union, such as the USA. Further information on the scope, purpose and the legal basis of the Xing data processing and your rights can be found in .  

III. What rights do you have and how can you exercise these?

A. Withdrawal of consent

You can withdraw any consents you have granted us to use your personal data at any time with effect for the future. Please note that the withdrawal has no effects on the lawfulness of the data processing based on consent before the withdrawal and it does not extend to data processing for which statutory authorization exists and which can therefore be performed without your consent.

  1. Other rights of data subjects

In addition, you have the following data subject rights according to Articles 15 to 21 and 77 GDPR where the legal preconditions are fulfilled.  Please note that we can only assist you in asserting your rights with regard to the data processing by us described in II. A above. To exercise your rights with regard to data processing by Xing, please contact directly.

Access:

You can at any time demand to be given information about which of your data are processed and how, and that you be issued a copy of your stored data, Art. 15 GDPR. Please note that further copies of the data stored on you may be subject to a charge.

Correction:

You can demand the correction of incorrect data and the completion of incomplete data, Article 16 GDPR.

Erasure:

You can demand the erasure of your data. Please note that the erasure does not include data required for the execution and processing of contracts and for the establishment, exercise and defence of legal claims as well as data for which statutory, supervisory or contractual retention obligations exist, Article 17 GDPR.

Restriction of processing:

You can, under certain circumstances, demand the restriction of the processing, e.g. if you believe that your data is incorrect, if the processing is illegal or you have raised a complaint about the data processing. This will mean that without your consent your data may only be processed in a very restricted way, e.g. to assert, exercise or defend against legal claims or to protect the rights of other natural or legal entities, Article 18 GDPR.

Objection to data processing:

You have the option to object to data processing for direct advertising purposes at any time. In addition, you can object at any time to data processing performed on the basis of a legitimate interest if there is particular reason for doing so, Article 21 GDPR. This also applies to profiling based on this provision, as defined in Art. 4 No. 4 GDPR. In case of an objection, your data will no longer be processed, unless compelling legitimate grounds for the processing can be demonstrated, which override your interests, rights and freedoms or the purpose of the processing is for the establishment, exercise or defence of legal claims.

Data portability:

You have the right to receive the data you have provided and which are processed on the basis of your consent or in order to fulfil the contract in a structured, commonly used and machine-readable format and the right to demand direct transfer of this data to third parties within the scope of what is technically feasible, Article 20 GDPR.

C. Contact routes

You can exercise your rights via the contact routes named above in I.

D. Right to lodge a complaint with a supervisory authority

If, for example, you believe that the data processing is illegal or that your above-mentioned rights are not granted to the required extent, you have the right to lodge a complaint with the competent supervisory authority.

Last updated: March 2022