Updated: 31 JAN 2022
- Controller and privacy officer
- Purposes and legal basis for the processing of personal data
- Which personal data is being processed?
- Which personal data are processed during download and installation of our apps?
- Which access permissions for features of your device are required to use our apps?
- Storage duration of your personal data
- Recipients of data
- Your rights
- Other special processing
- Registration for events via doo.net
- Participation in affiliate partner programs
- Online meetings, conference calls, and web-based seminars via “Zoom”
- Information on data privacy for virtual events on the platform letsgetdigital
- Google Maps
- Ad- and tracking-free service with Contentpass
- Subscription management via plenigo (incl.:connection payment provider
- Web analysis via Matomo
Controller and privacy officer
Vogel IT-Medien GmbH (hereinafter “Vogel“), Max-Josef-Metzger-Straße 21, 86157 Augsburg, is responsible for processing of personal data within the scope of our apps and the websites accessible through said apps in accordance with EU General Data Protection Regulation (“GDPR”).
For questions or comments on the topic of data protection, please contact Vogel’s privacy officer (address: see above, e-mail: firstname.lastname@example.org).
Purposes and legal basis for the processing of personal data
As part of our range of services we process your personal data in order to be able to offer customer-oriented services. Wherever possible, we give you the opportunity to decide for yourself, which data you would like to share with us. Additionally, we process your personal data for the provision of our apps so you can also use our websites on mobile devices within the respective app and outside of the browser.
We process your data for the purposes mentioned below on the legal basis provided for each case.
As we require your consent for certain processing purposes, we will expressly ask for it when necessary. In these cases, data processing will occur on the legal basis of art. 6, sec. 1, lit. a, GDPR. For example, this is the case when we use direct marketing via telephone or e-mail. Additionally, as part of some of our services, you can for example use e-mail to sign up for further editorial newsletters. Further information on this, including your rights to revoke your consent, can be found in the section editorial newsletters (e.g. via e-mail) and e-mail success measurement.
For analyses, statistical evaluations, targeting and re-targeting, e.g. in order to advertise to you, we use products on the websites accessible via our apps from other providers, which are based on the so-called cookie technology and other features. This also occurs based on your consent. Information regarding data processing based on said cookie-based technologies and corresponding tools, and your rights to prohibit this technical processing, can be found in the cookie-policy section.
If a contract is concluded between you and us, we will process your data for the purpose of fulfilling this contract on the basis of art. 6, sec. 1, lit. b, GDPR. In particular, this is necessary for the following purposes:
- Purchasing products or services on the basis of a contractual arrangement with you.
- Registration for events (on-/offline), e.g. public or non-public fairs or events. In this case, we process your personal data to support the participants of our events with planning, registration, participation, and the follow-up of an event, and to provide them with all necessary and useful information.
- Registration on portals and access to information services, e.g. for the offer of specialist information that you can use to either inform yourself about product and services offered in the respective branches, or to inform others of your products and services.
- Personalization of our offers to improve your user experience on our portals:
- Offer of special services, including consultation in the area of development and execution of marketing campaigns, consultation on how to better reach your marketing goals, including the improvement of your customer master data, market research, consultation and implementation of events for customers or employees, agency services and communication services.
- Empowering you to use our service to market yourself via our communication channels, e.g. in our print products, on our online portals, in our newsletters, or as a cooperation partner at fairs or other events.
- Processing and billing in case you use one of our charged services.
In cases other than those mentioned above, the basis for processing is the protection of our legitimate interests according to art. 6, sec. 1, lit. f, GDPR, in particular offering customer-oriented services and advertising identical and similar products from our product portfolio. In these cases, processing occurs for the following purposes:
- Advertising products and offers to better provide users or customers with information tailored to their interests and needs.
- Demand-oriented design of our offer via apps and the websites available there.
- Conducting advertisement success studies.
- Market research, e.g. online surveys.
- Acquisition of new customers.
- Contacting for event advertising.
- Advertising via e-mail to promote similar products or services, granted your e-mail address was provided in the course of the sale of a product or service (cf. art. 7, sec. 3 of the German Act against Unfair Competition (UWG)).
- Ensuring the security of our own IT systems, the optimization, and the functionality of our apps and websites by saving technical usage data in log files.
Generally, you have a corresponding right to object if the processing takes place on the basis of our legitimate interests (see Your rights section below). There is no right to object in the case of the collection of technical usage data for the display of our websites and the storage of this data in log files for the purposes listed in this section.
Some data needs to be collected and processed by us due to mandatory legal regulations. The basis for this case is art. 6, sec. 1, lit. c, GDPR. This is the case, if, for example, we are obligated to transfer data, e.g. to law enforcement on the basis of a legal obligation or if we have to store data for a certain period of time on the basis of legal regulations such as commercial or tax regulations.
What personal data is processed?
For the optimization of our offers, we may store additional data, e.g. publicly accessible data on your company, or compare the topicality of your data with data from suitable, openly available databases.
Additionally, we collect data regarding your interests, which we derive from your inquiries and the use of our online portals, in order to only provide you with offers that match your wishes and interests. If we use any technical methods for this, e.g. cookie-based technology, further information and your corresponding rights can be found in the cookie-policy section.
Some data is also transmitted automatically (mainly technical usage data). Your computer automatically shares information with us, such as IP address, browser type, or access times for your use of our online portals. This data is vital for us to optimally present our offers in accordance with your hardware. When using the app, the User Agent additionally communicates, whether our websites were requested from the app.
Which personal data is processed during download and installation of our apps?
Via Google’s Play Store (Android-compatible devices)
In order to use our Apps on your Android device (e.g. Android smart phone or Android tablet), downloading and installing the App onto your device via Google’s Play Store is required. For this, you need to be logged into your Google user account by providing your user name (your e-mail address) and your password.
Via the App Store or iTunes
In order to use our Apps on your iOS device (e.g. iPhone, iPod, or iPad), downloading and installing the App onto your device via Apple’s Apps Store (or via iTunes for Mac) is required. For this, you need to be logged in at the App Store with your Apple user account by providing your Apple-ID (usually your e-mail address) and your password.
Which access permissions for features of your device are required to use our App?
When installing and using the App, only permissions are requested that are essential for the App to work:
- Running the app on launch (activation required for push-notifications to be receivable)
- Wake up device/deactivate sleep mode (required for reliably receiving push-notifications)
- Vibration alarm control (e.g. for push-notifications)
- Network access / request network connections (to request data from the internet)
- Requesting data from the internet
- Obtaining boot integrity
- Writing external memory
- Push Notifications
If you consent to the access permissions and accesses during or after installation of the respective app, you thereby give us consent to these accesses to your device. The legal basis for processing is art. 6, sec. 1, lit. a (GDPR). Purpose of data processing via certain access permissions to your device is the technical operation and the use of the respective App and all included features.
Storage duration of your personal data
We store your data as long as required in order to provide our services, meet contract obligations, or if we have a legitimate interest in longer storage.
If processing is based on your consent or on one of our legitimate interests, the data concerned will no longer be processed for the associated purpose after your revocation or objection has been receives and will be deleted if necessary, excluding legal grounds for data storage. Regardless, data stored on the basis of commercial or tax law will only be deleted after the statutory periods have expired. With the regular limitation period being three years, the duration of storage also depends on statutory limitation periods, which can be up to thirty years, for example according to §§ 195 ff. of the German Civil Code (BGB).
Under certain circumstances, your data must also be stored longer, e.g. if, in case of official or legal procedures, data deletion is prohibited for the duration of the procedure.
Recipients of data
Joint responsibility of the companies within the Vogel Group
We sometimes hire service providers to help us process personal data on our behalf. We have bound these service providers to us by an order processing contract in such a way that they may only process the data for our business purposes and on our instructions. These service providers primarily include technical service providers (including affiliated companies) for the maintenance, hosting, and support of our IT infrastructure including our websites, as well as service providers for mailings, lead campaigns, and other marketing measures.
Tracking and other cookie technology service providers
Transfer of your data to third parties
With your consent, we also pass on your data to those customers whose services you have accessed using one of our online portals (e.g. the white paper of a particular manufacturer). When accessing the service, we inform you which company this concerns and prior to downloading corresponding content, you can decide whether you consent to this company using your data and whether you want to download this external service. When it comes to privacy law, these companies are responsible. This transfer only occurs for the purposes of advertising, market or opinion research.
Articles and other published information about the authors can be accessed by registered users worldwide. When articles are published in digital media, they can be found by search engines and linked to other information, which may be used to create personality profiles of the authors. If you consent to publications, content may, without us having any influence on the distribution through users, “multiply” through sharing of the original publication and be used for purposes beyond our control.
Transfer of data to third countries
Generally, we do not transfer your data to other countries or third countries (countries that are neither members of the European Union nor of the European Economic Area) or to international organizations. Exceptionally, data may be transferred to third countries if this is necessary to provide services to you, if it is required by law, or if we have your consent. Some of the service providers that process personal data on our behalf are located in third countries that do not offer the same level of protection for your personal data as in the EU, due to – amongst others – the lack of laws, lack of rights, or lack of supervision in said countries. Some recipients, especially the providers of social media channels or registered users who process your data, are also located in said third countries. Personal data is only transferred to said third-countries outside of the EU if the European Commission has adopted a so-called adequacy decision in this regard (art. 45, sec. 3, GDPR) (see here) or if safeguards in accordance with article 46 GDPR are in place, in particular standard data protection clauses issued by the European Commission in accordance with article 46, sec. 2, lit. c, GDPR (see here). You can obtain a copy of these upon request (e.g. by e-mail) – for contact details see section controller and data protection officer above, or at https://contact.vogel.de/en
Information on possible transfers of your data to third countries can also be found in the privacy policies of the recipients that make transfers to third countries. You can also find information on this under advanced settings of our cookie management tool, where our cookie-based processing is explained.
Provided that the legal requirements are met, you as a data subject are entitled to the following rights in accordance with articles 12 to 21, GDPR.
You have the right to request information about your personal data stored and the scope of our data processing and transfer and to receive a copy of your stored personal data.
You have the right to request without delay the rectification of personal data concerning you and stored about you, if this data is incomplete or incorrect.
You have the right to demand the immediate erasure of your personal data stored by us if the legal requirements are met. This is particularly the case if your personal data are no longer needed for the purposes for which they were collected; the legal basis for data processing was solely your consent which you since have revoked; you have objected to processing on the basis of legitimate interests (art. 6, sec. 1, lit. f, GDPR) for personal reasons and we are unable to prove that there are overriding legitimate reasons for processing; your personal data have been processed unlawfully; or your personal data must be erased to comply with laws and regulations. If we have passed on your data to third parties, we will inform them about the erasure, within the scope required by law. Please note the restrictions regarding your right of erasure. For example, we are not allowed to erase data that we are required to retain by law. Data that we need to assert, exercise, or defend legal claims are also excluded from your right of erasure.
Restriction of processing:
You have the right to request restriction of processing if one of the following conditions is met: You dispute the accuracy of the personal data, and we need to verify the accuracy of the personal data. The processing is unlawful, you object to the erasure of personal data and instead demand the use of personal data be restricted. Whereas we no longer need your personal data for the purposes of processing, you need the data to assert, exercise, or defend legal claims. You have filed an objection to the processing, and it is yet to be determined whether our legitimate reasons override yours. In the event of a restriction of processing, the data will be blocked centrally and – apart from your own copies – processed only with your consent or for the purpose of asserting, exercising, or defending legal claims or protecting the rights of another natural or legal person or for reasons of important public interest of the EU or an EU Member State.
If we automatically process the personal data you have provided to us on the basis of your consent or a contract with you (including your employment contract), you have the right to receive the data in a structured, common, and machine-readable format and to transfer this data to another controller without our interference. You also have the right to request direct transfer of personal data to another controller, given technical feasibility.
If we process your personal data for legitimate interests or in the public interest, you have the right to object to the processing of your data for personal reasons. Furthermore, you have an unlimited objection right if we process your data for our direct advertising. Please see our separate note in the section “Your right of objection” below.
Revocation of consent:
Additionally, you have the right of lodging a complaint with a supervisory authority in accordance with art. 77, GDPR, § 19 Bundesdatenschutzgesetz (BDSG), if you believe that your personal data is being processed unlawfully. The right of complaint is independent of any other administrative or judicial remedy.
Your right to object
Based on your personal situation, you have the right to object to the processing of your personal data which is carried out on the basis of article 6, sec. 1, lit. f, GDPR at any time, including profiling based on these provisions.
We will no longer process your personal data unless we can provide compelling reasons worthy of protection for processing which outweigh your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend legal claims.
If your personal data are processed for the purpose of direct advertising, you have the right to object at any time to the processing of your personal data for the purpose of said marketing, including profiling related to said direct advertising.
If you object to processing for direct advertising purposes, your personal data will no longer be processed for these purposes.
You may exercise your right to object in connection with the use of information society services by means of automated procedures involving technical specifications, regardless of directive 2002/58/EC.
To exercise your rights, you can contact the controller. The contact details can be found in section Controller and Privacy Officer or by using the contact form https://contact.vogel.de/en
“Cookies” are files stored on your computer when you visit the websites available via our apps and which your browser “remembers”. A cookie file is saved in your web browser and allows the website or a third-party provider to identify you and to better tailor the website to you on your next visit. Cookies and tracking pixels allow us to better and more efficiently provide our services to you, and to optimize your experience on our website.
Counting pixels are small graphics files that are connected to our servers and allow us to track your use of our website and its features. Additionally, we use tracking pixels or GIF files to support online advertising and to measure reach if necessary. Thus, we can evaluate the number of visitors to our website and the advertisements accessed by them. The information collected through cookies or GIF files does not contain your name, address, telephone number, or e-mail address.
How are cookies used?
When you access and use our websites via our apps, a number of cookie files are saved on your device which are essential to the operation and presentation of our websites. These cookies are absolutely technically necessary, e.g. session cookies or cookies that store certain settings for your device (e.g. language, resolution, volume, page transitions). Additionally, we use not technically necessary cookies which are mainly implemented by third parties in order to compile statistics on the use of the website and to make our marketing efforts more targeted.
Detailed information regarding cookie-based applications can be found in the advanced settings of our cookie management tool. You will find a list of cookies used on our websites under Cookies in our cookie management tool.
Your options regarding cookies and the legal basis for cookie use?
The legal basis for this permission-based cookie-based processing is § 25, sec. 1, s. 1, TTDSG, art. 6, sec. 1, lit. a, GDPR, otherwise art. 6, sec.,1, lit. f, GDPR (our legitimate interest in the purposes described in detail in our cookie management tool).
In order to delete cookies yourself or to set up your web browser to delete or prevent cookies, access the help section of your web browser and choose the appropriate settings.
Other special processing
Editorial newsletters (e.g. by e-mail) and e-mail success measurement
We offer the possibility to subscribe to editorial newsletters on our website for free Thereby, the data required for your registration is transmitted to us:
We offer the possibility to subscribe to editorial newsletters on our websites available via our apps for free Thereby, the data required for your registration is transmitted to us:
- First and last name
- Company name
- Business e-mail address
- Job title
- Field of activity
- Career level
- Main and subbranch
- Company size
- Potentially: interests
Additionally, the following (usually technical) data is collected during the registration:
- Accessing computer IP address
- Date and time of registration
The legal basis for the processing of data after registration by the user is the fulfillment of the contract in accordance with art. 6, sec. 1, lit. b, GDPR, or the consent of the user (art. 6, sec. 1, lit a, GDPR). The same applies to the dispatch of editorial newsletters; the additional legal basis here is § 7, sec. 2, nr. 3, UWG.
Your e-mail address is collected in order to send the newsletter. The collection of other personal data during the registration process is used to prevent misuse of the services or of the e-mail address used.
Data will be deleted as soon as the reason for their collection no longer exists or if you exercise your right of revocation. Therefore, your e-mail address will be stored as long as there is a subscription to editorial newsletters.
Right of revocation regarding newsletter subscription
You can revoke your subscription to editorial newsletters and any according consent at any time. For this, every editorial newsletter includes a corresponding link which can be used to unsubscribe. Alternatively, you can unsubscribe via our contact form https://support.vogel.de, or you can unsubscribe from certain newsletters via your account settings (e.g. under “My Account”), provided this is a feature of the portal where you have registered and from which you receive editorial newsletters via e-mail. Revocation does not change the lawfulness of data processing that occurred up to the time of revocation.
In our editorial newsletters, success is measured by evaluating the access rate and the click through rate. We use this to determine the level of interest in certain topics and to measure the effectiveness of our communication measures. We use data derived from this success measurement to fulfill our contractual obligation to provide you with a personalized user experience in our media world on the basis of the user agreement that you enter into when registering for our services (see section purposes and legal basis). Here, the legal basis is art. 6 sec. 1 lit. b GDPR. If the evaluation does not serve the fulfilment of the contract, the legal basis is our legitimate interest in the evaluation in accordance with art. 6 sec. 1 lit f GDPR.
Right to object with regard to performance measurement
When you have on of our apps installed and use it, we can send push-notifications to your mobile device. This occurs only given your prior consent which we request from you upon your initial us of the App. For access permissions required for push-notifications, please see section which access permissions for features of your device are required to use our apps?
The legal basis for push-notifications is art. 6, sec. 1, lit. a (GDPR). You can turn off push-notifications at any point by blocking or disabling push-notifications in the app settings of your device Revocation does not change the lawfulness of data processing that occurred up to the time of revocation.
Registration for events via doo.net
You can register for events on our websites available via our apps. When you register for and participate in an event, we process your data that was either provided by you during the registration process, or collected in the course of your participation in the respective event, for the purpose of carrying out the registration and participation in the event. We send information via mail or e-mail to the contact information you provide as part of the registration to and participation in an event.
Here, the legal basis is art. 6, sec. 1, lit. b, GDPR, meaning the fulfillment of the contract for participation in the respective event or the implementation of pre-contractual measures carried out at your request.
Participation in affiliate partner programs
Online meetings, conference calls, and web-based seminars via “Zoom”
We use the tool “Zoom” for conference calls, online meetings, video conferences, and/or web-based seminars (hereinafter: “online meetings”). “Zoom” is a service provided by Zoom Video Communications, Inc., located in the USA.
Controller for processing data directly connected to “online meetings” is Vogel Communications Group GmbH & Co. KG, Max-Planck-Str. 7/9, 97082 Würzburg.
If you access the “Zoom” website, the provider of “Zoom” is responsible for data processing. However, accessing the website in order to use “Zoom” is only necessary to download the software required to use “Zoom”. You can also use “Zoom” by entering the respective meeting ID and potential additional access data for the meeting directly in the “Zoom” app.
In case you do not wish to use the “Zoom” app, all basic functions are available using a browser version which can also be found at the “Zoom” website.
Different types of data are being processed when using “Zoom”. The range of data depends on your personal data preferences specified prior to or during your participation in an “online meeting”.
The following personal data are subject to processing:
User information: First name, last name, telephone (optional), email address, password (if “Single-Sign-On” is not being used), profile picture (optional), department (optional).
Meeting meta data: Topic, description (optional), participants’ IP addresses, device / hardware information.
For recorded sessions (optional): MP4 file of all video, audio, and presentation recordings, M4A file of all audio recordings, text file of the online meeting chat.
Joining via telephone: Information regarding Inbound and outbound phone number, country name, start and end time. Further connection data such as the device’s IP address can be saved where necessary.
Text, audio, and video data: You may have the option to use the chat, question, and survey features during an “online meeting”. In this case, your messages will be processed in order to display them in the “online meeting” and to log them if necessary. In order to allow video or audio to be played, the respective data of your device’s microphone and video camera will be processed for the duration of the meeting. Using the “Zoom” app, you can personally turn off or mute the camera or the microphone at any point.
In order to participate in an “online meeting” or to enter the “meeting room”, you need to at least provide information regarding your name.
Range of processing: We use “Zoom” to have “online meetings”. To ensure transparency, we will inform you ahead of time if we wish to record “online meetings” and will ask for your consent if needed. Additionally, the “Zoom” app will inform you of any recording taking place.
We will log chat files in case they are vital to protocol the outcomes of an online meeting. Usually, however, this will not be the case.
For web-based seminars, we can also process the questions asked by seminar participants for recording and post-processing purposes.
For registered “Zoom” users, “online meeting” reports (meeting meta data, telephone data, questions and answers in web-based seminars, survey feature in web-based seminars) can be stored for up to one month at “Zoom”.
An automated individual decision-making according to Art. 22 GDPR is not used.
Legal basis of data processing: In case of Vogel Communications Group employees processing personal data, §26 BDSG (Federal Data Protection Act) is the legal basis of data processing. If, in connection with the use of “Zoom”, personal data is not required for the establishment, realization, or termination of the employment relationship, but is nevertheless an integral part of the use of “Zoom”, art. 6 sec. 1 lit. f GDPR constitutes the legal basis for data processing. We are focused on the effective conduct of “online meetings” in these cases.
Additionally, the legal basis for data processing in connection with “online meetings” is art. 6 sec. 1 lit. b GDPR for meetings held within the framework of contractual relationships.
If no contractual relationship exists, the legal basis is art. 6 sec. 1 lit. f GDPR. Here too, we are focused on the effective conduct of “online meetings”.
Recipient / transfer of data: Personal data processed in connection with participation in “online meetings” will strictly not be shared with third parties, unless they are explicitly intended to be shared. Please note that contents from “online meetings” – as is the case with personal meetings – are often used to share information with customers, interested parties, or third parties and are therefore intended to be shared.
Other recipients: The provider of “Zoom” necessarily obtains knowledge of the above-mentioned data, within the scope of our data processing agreement with “Zoom”.
Data processing outside of the European Union: “Zoom” is a service offered by a provider from the USA. Thus, personal data is also processed in a third country. We have formed a data processing contract with the provider of “Zoom” which meets the requirements of art. 28 GDPR and is based on the standard EU contract clauses.
Information on data privacy for virtual events on the platform letsgetdigital
1. Purpose of processing
We use the platform letsgetdigital (hereinafter “platform”) to conduct virtual events. This includes online meetings, video conferences, and/or web-based seminars, as well as live discussions (hereinafter: “virtual events”).
2. Object and scope of personal data processing
Different types of data are being processed when using this platform. The scope of the data hinges on, among other things, the data you provide before or during your participation in a particular session as part of the virtual event or in certain areas of the platform (e.g. in the public event area or in the breakout room accessible to a certain number of participants).
The following personal data are subject to processing:
via the user (query at registration):
- First and last name
- Telephone number(optional)
- Profile picture (optional)
- Department (optional)
Event session meta data:
- Participants’ IP addresses
- Device / hardware info
For recorded sessions (optional):
- MP4 file of all video, audio, and presentation recordings
- M4A file of all audio recordings
- Text file of chats during the virtual event
- Joining via telephone:
- Info regarding incoming and outgoing phone number
- Country name
- Start and end time
- Further connection data such as the device’s IP address can be saved where necessary.
Text, audio, and video data:
- For chat, question, or survey features: Text input in order to display or potentially log it
- Potentially, data of the device’s microphone or video camera for the duration of the presentation, web-based seminars or the like during the virtual event (you can use the platform’s settings to turn off or mute your input devices yourself at any point)
To participate in a virtual event or to for example join an event session or other meeting room you must at least provide your name. In the public event area, only your first name is displayed to other participants; in the breakout room (limited to a certain number of people) your full name is displayed.
3. Legal basis for data collection:
Art. 6 sec. 1 lit. b GDPR is the legal basis for data processing during virtual events and the sessions and functions offered during the event (e.g. breakout room, participation in virtual lectures/web-based seminars). It is mandatory to enter into a user agreement to participate in the respective virtual event, which comes into effect with your registration on the platform or when accepting the respective general terms and conditions during your separate registration for the virtual event.
If no contractual relationship exists, the legal basis is art. 6 sec. 1 lit. f GDPR. Here too, we are focused on the effective conduct of the respective virtual event.
If we ask you to consent to any data processing on the platform (e.g. for recordings of a video conference), the legal basis for your consent shall be art. 6, sec. 1, lit. a, GDPR. You can revoke your consent at will with effect for the future.
4. Data transfer to third parties, other recipients
As a rule, personal data processed in connection with participation in “online meetings” will not be transferred to third parties, unless they explicitly intended to be transferred. Your full name will only be made available to other participants of the virtual event in the breakout room. Other contact information (e.g. from your registration/login) will not be published unless you have expressly consented to publication.
Other recipients: If intended within the framework of processing agreements with our technology partners for the hosting of the event platform, for the technical conduct of virtual events, and for offering respective event features, said partners necessarily receive knowledge of the above-mentioned data.
5. Deletion of data
On principle, we always delete personal data when continued storage is not required. In particular, it may be required to store data if it is still needed to fulfil contractual services. For statutory storage obligations, deletion only comes into consideration after the expiration of respective storage obligation.
6. Rights of the data subject and right to object
The websites available via our apps may feature forms which you can use to apply online for job offers advertised by us or by other companies in the Vogel Group. Via the application form, you can provide your relevant personal data and upload your application documents to share with us.
Purpose of processing
We process the data you provide when sending the application form in order to assess your suitability for the position (or potentially for other vacant positions in our companies) and to run the application procedure.
We only process information that is essential to the application at hand and its processing.
Data categories in the application process
The categories of processed personal data include data that you voluntarily share with us via the application, e.g. first name, last name, and your contact information (home address, (mobile) telephone number, e-mail address). This may also include special categories of personal data such as your religious affiliation, if you have indicated this, for example, in your CV.
Legal basis of the processing
The primary purpose of processing is to handle the application process and to potentially initiate an employment relationship, without this constituting a claim to the conclusion of such an employment relationship. The primary legal basis for processing is art. 6, sec. 1, lit. b, GDPR in conjunction with art. 26, sec. 1, BDSG.
If special categories of personal data are processed in accordance with art. 9, sec. 1, GDPR, this serves exclusively to process your application and the subsequent selection procedure within the framework of the application process. Here, the legal basis is art. 9, sec. 2, lit. b, GDPR.
We will inform you ahead of time if we would like to process your personal data for a purpose other than the ones stated above.
Recipients of data
Upon sending your application for a vacant position, only the human resources department and the department that advertised the position will have access to your data, unless you have expressly consented to the transfer of your data to other recipients. If you have submitted an unsolicited application, your data will be made available to departments where vacancies clearly match your profile.
We use a specialized technology partner for the application process that provides the online form for integration into our websites and supports the internal administration of applications electronically. We have expressly committed the technology partner to conform to the data privacy regulations.
Storage duration and deletion
In the event of employment, all data will be transferred to your personnel file or to our personnel information system. If your application does not result in employment, all of your data will be deleted after six months, or stored in our candidate pool for a period of two years given your express consent.
To make it easier for you to find us, we have integrated maps from the Google Maps service of Google LLC into our websites available via our apps using an API. Google can only present this integrated content in your browser when collecting your IP address.
The legal basis for this data processing is article 6 sec. 1 lit. b GDPR, as the IP address is required to provide you with content. For this processing, our cooperation with Google is based on a contract on joint responsibility in accordance with art. 26 GDPR which can be found here.
Ad- and tracking-free service with Contentpass
Log into your contentpass account here, and sign up to contentpass here.
Subscription management via plenigo (incl.: connection payment provider
For managing our charged subscription offers, we use a software-as-a-service-platform provided by our technology partner plenigo GmbH, Agnesstraße 37, 80798 Munich (hereinafter: “plenigo”). We use plenigo’s platform as our processor to process contracts with customers using our charged offers. plenigo processes the personal data required for this, i.e. surname, first name, billing / shipping address (private or business), e-mail, and any other personal data relevant for the registration of a user account on our portals (see section which personal data is being processed?).
The payment methods we offer, particularly those using external payment providers, are technically implemented into the payment process on our websites and connected to the relevant processes via the platform of plenigo. For connected online payment systems via external payment providers, a connection to the online payment system of the respectively chosen payment provider is automatically established upon your order which you yourself will then use to authorize the payment process, providing your personal login data for this provider if necessary. In this case, data processing exclusively occurs for the purpose of payment processing, whereas the payment information needs to be regularly forwarded by the payment provider to the bank indicated by you in order to trigger and authorize the payment process.
The processing by plenigo is required for the performance of the contract with you. The legal basis is art. 6, sec. 1, lit. b, GDPR.
Web analysis via Matomo
We use two technical variants of the open source web analysis software Matomo on our websites available via our apps:
- without cookies
Web analysis and reach measurement via Matomo can take place on our websites without your consent, too, based on anonymized data. For this web analysis, merely statistical statements regarding a group of users on our websites are measured. For this, Matomo generates and then processes with a time stamp a temporary fingerprint consisting of anonymized IP address, browser, operating system, and location. For this, your device is not accessed in any way and no cookies or other identifiers are used on your device or in your browser, either. Matomo only accesses those types of data technically relevant for each visit to a website; the fingerprint is automatically deleted after 24 hours.
We use this information to evaluate the usage of websites and to compile reports on website activities. Thus, data is only being collected and stored for our own statistics and optimization purposes. This data cannot be used to personally identify you as user of our websites.
We utilize the cookie-less Matomo variant based on legitimate interests. The legal basis is art. 6, sec. 1, lit. f ,GDPR.
Additionally, we would like to inform you that Matomo is used on our websites in conjunction with the anonymizeIP extension, meaning only shortened IP addresses are processed, ensuring no personal identification to be possible. Furthermore, we configured Matomo to take into account any active “do-not-track” setting in your browser. In this case, no web analysis via Matomo takes place.
Right of revocation
You have the right to object to the web analysis via Matomo at any point by using the following link to adjust individual settings regarding Matomo’s web analysis: Matomo-Settings.
Further information regarding Matomo’s functionality and the relevant privacy policies for this service can be found at https://matomo.org/matomo-cloud-privacy-policy/ and at https://matomo.org/matomo-cloud-terms-of-service/. Our Matomo entity is being hosted in the Matomo Analytics Cloud. The Matomo Analytics Cloud is operated by InnoCraft Ltd., Waterloo Quay, PO Box 625, 6140 Wellington, New Zealand. Via an order processing agreement, we contractually bound InnoCraft Ltd. to compliance with privacy requirements. The order processing agreement can be found at https://matomo.org/matomo-cloud-dpa/ Additionally, an adequacy decision of the EU Commission for New Zealand as so-called third country is in place, which certifies the comparability of New Zealand’s data privacy level to the EU’s in accordance with art. 45, sec. 2, GDPR. The adequacy decision by the EU Commission can be found at https://eur-lex.europa.eu/legal-content/DE/TXT/PDF/?uri=CELEX:32013D0065&from=EN.