1 General information on data processing on this website

1.1 Person responsibleResponsible within the meaning of the EU General Data Protection Regulation (GDPR) is: GesBiT - non-profit society for education and participation mbH (hereinafter "GesBiT")

Address: Schönwalder Allee 26/50 13587 Berlin Telephone: 030 203 89 94 0 Email: mobijob@gesbit.de Homepage: www.mobijob-berlin.de

1.2 Data protection officer The data protection officer is: Christian Scholtz from WS Datenschutz GmbH. If you have any questions about data protection, you can contact WS Datenschutz GmbH at the following e-mail address: gesbit@ws-datenschutz.deWS Datenschutz GmbH- Datenschutz -Meinekestraße 13D-10719 Berlinhttps: //webersohnundscholtz.de/

1.3 Protection of your data We have taken technical and organizational measures to ensure that the provisions of the GDPR are observed both by us and by external service providers who work for us.

When we work with other companies, such as email and server providers, to provide our services, we do so only after an extensive selection process. In this selection process, each individual service provider is carefully selected for its suitability in connection with technical and organizational skills in data protection. This selection process is documented in writing and a contract pursuant to Art. 28 (3) GDPR on the processing of personal data on behalf (ADV contract) is only concluded if it meets the requirements of Art. 28 GDPR.

Your information is stored on specially protected servers. Access to it is only possible for a few specially authorized persons.

Our website is SSL/TLS encrypted, which you can recognize by the "https://" at the beginning of the URL. If personal data is involved in e-mail communication, the e-mail is sent encrypted from our side. We also use the integrated SSL certificate for this.

1.4 Deletion of personal data We only process personal data for as long as is necessary. As soon as the purpose of data processing has been fulfilled, blocking and deletion takes place according to the standards of the local deletion concept, unless legal regulations prevent deletion.

2 Data processing on this website and creation of log files

2.1. Description and scope of data processingWhen you visit our website, our web server temporarily saves each access in a log file. The following personal data is recorded and stored until it is automatically deleted:

IP address of the requesting computerDate and time of accessName and URL of the retrieved fileAmount of data transferredNotification of whether the retrieval was successfulIdentification data of the browser and operating system usedWebsite from which access is madeName of your Internet access provider

In addition to this personal data, other personal data may be collected by us and our partners, more on this below.

2.2 Legal basis for data processingThe processing of this data takes place on the basis of Article 6 (1) sentence 1 lit. f) GDPR. Our legitimate interest is based on making our website accessible to you.

2.3 Purpose of data processingData processing is carried out for the purpose of enabling use of the website (connection establishment). It is used for system security, the technical administration of the network infrastructure and the optimization of the Internet offer. The IP address is only evaluated in the event of attacks on our network infrastructure or the network infrastructure of our Internet provider.

2.4 Duration of data storage Personal data will be deleted as soon as they are no longer required for the purposes mentioned above. This is the case when you close the website. Our hosting provider may use the data for statistical surveys. For this purpose, however, the data is anonymized. As soon as the specified data is no longer required to display the website, it will be deleted.

2.5 Possibility of elimination by the person concerned The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user

3 Use of cookies

3.1 Description and scope of data processing

Our website uses cookies. These are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive, assigned to the browser you are using and through which certain information flows to us or to the body that sets the cookie. Cookies cannot run programs or transmit viruses to your computer. They are used by us to analyze the use of our website in anonymous or pseudonymised form and to present you with interesting offers on this website. In this way, various data can be transmitted: • Frequency of website visits • Which functions of the website you use • Search terms used • Your cookie setting • Your language setting When you visit the website, a cookie banner informs you about the use of cookies and referred to the privacy policy.

3.2 Legal basis for data processing

The legal basis for the processing of data by cookies, which does not only serve the functionality of our website, is Article 6 Paragraph 1 Sentence 1 lit. a) GDPR.

The legal basis for data processing for cookies, which solely serve the functionality of this website, is Article 6 Paragraph 1 Clause 1 Letter f) GDPR.

3.3 Purpose of data processing

Our legitimate interest results from the guarantee of a smooth connection establishment and a comfortable use of our website as well as for reasons of evaluating the system security and stability. The data processing also takes place in order to enable a statistical evaluation of the use of the website.

3.4 Duration of Data Storage

There are two types of cookies. Both are used on this website:

• Transient cookies (see a)• Persistent cookies (see b)

a) Transient cookies, they are automatically deleted when you close the browser. This includes in particular session cookies. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This allows your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.

b) Persistent cookies, they are automatically deleted after a specified period of time, which may differ depending on the cookie.

3.5 Possibilities of elimination by the data subject

You have the option at any time to revoke your consent to data processing using cookies, which do not only serve the functionality of the website. In addition, we only set cookies after you have consented to the setting of cookies when accessing the site. In this way you can prevent data processing via cookies on our website. You can also delete the cookies in the security settings of your browser at any time. We would like to point out that you may not be able to use all the functions of this website. The setting of cookies can also be prevented at any time by making the appropriate settings in your Internet browser.

5 Data processing in the context of applications

5.1 Description and scope of data processing

It is possible to apply to us via our website by sending an email to bewerbung@gesbit.de. For this purpose, personal data is processed and stored for further processing for the respective application process.

5.2 Legal basis for data processing

The legal basis for data processing is Art. 88 GDPR and Section 26 BDSG (2018).

5.3 Purpose of Data Processing

We process your data exclusively for the purpose of carrying out the application process.

5.4 Duration of Data Storage

If the application should lead to the start of an employment relationship, the personal data will be stored in compliance with the statutory provisions. If the application is not considered when selecting a potential candidate, it will be deleted according to the rules of the local deletion concept, taking into account the provisions of the AGG, in particular the existing burden of proof according to § 22 AGG. This does not apply if there are legal provisions for deletion to the contrary or you have given your consent to longer storage. In this case, the further storage of your personal data takes place on the basis of Article 6 (1) sentence 1 lit. c) or lit. a) GDPR.

5.5 Possibility of elimination by the data subject

You can contact us at any time and object to further processing of your data. All personal data processed by us in the course of the application process will be deleted in this case, unless mandatory statutory provisions prevent deletion.

6 social media on our website

We have included the social media platform Facebook on our website via a link, which means that the social media provider may receive data from you. We break these down for you in detail below.

6.1 Facebook

6.1.1 Description and scope of data processing

We have integrated Facebook as a link on this website. The Facebook link can be found on the website at the top right. The data processing is carried out by:

Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA.

If a data subject lives outside of the USA or Canada and Facebook processes the data, the person responsible for this is: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

If you click on the Facebook link, the Facebook website will be called up. By accessing the Facebook website via our website, we transmit the respective reference data to Facebook. Facebook receives the information that you have visited our website.

Note on data processing in the USA by Facebook: If you click on the Facebook link and the Facebook website is accessed, data processing may take place in the USA by Facebook. According to the ECJ, the data protection standard in the USA is inadequate and there is a risk that your data will be processed by the US authorities for control and monitoring purposes, possibly without the possibility of legal redress. If you do not click on the Facebook link, no data will be processed by Facebook.

For more information on the subject of data protection at Facebook, we refer to the following data policy from Facebook: https://de-de.facebook.com/about/privacy/

6.1.2 Legal basis for data processing

The data processing is based on our legitimate interest in drawing your attention to our presence in social media in accordance with Article 6 Paragraph 1 Clause 1 Letter f) GDPR.

6.1.3 Purpose of Data Processing

Our interest in using the service arises from the advertising function of social media. We use this to increase the level of awareness of our company.

6.1.4 Duration of Data Retention

According to their own statements, Facebook stores your data for a period of 90 days. After the 90 days have expired, the data will be anonymized so that it can no longer be linked to you.

6.1.5 Possibility of elimination by the data subject

You have the option to object to data processing by Facebook at any time. You can reach Facebook's data protection officer via the following linked contact form: https://www.facebook.com/help/contact/540977946302970. Further settings and objections to the use of data for advertising purposes are possible within the Facebook profile settings or via the US page or the EU page of Facebook. The settings are platform-independent, ie they are adopted for all devices, such as desktop computers or mobile devices.

7.1 Google Analytics

7.1.1 Description and scope of data processing

Our website uses Google Analytics. This is a service for analyzing access to Google LLC websites. ("Google") and enables us to improve our website. Data processing for the European Economic Area and for Switzerland is carried out by:

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland.

Cookies enable us to analyze your use of our website. The information collected using a cookie is:

• IP address, • time of access, • duration of access

and are transmitted to a Google server in the USA and stored there. The evaluation of your activities on our website is sent to us in the form of reports. Google may pass on the information collected to third parties if this is required by law or if third parties process this data on behalf of Google. The Google tracking codes on our website use the "_anonymizeIp()" function, which means that IP addresses are only processed in abbreviated form in order to rule out any possible direct personal connection to you.

At https://www.google.de/intl/de/policies/ and at http://www.google.com/analytics/terms/de.html you will find more detailed information on the terms of use and data protection of Google Analytics.

7.1.2 Legal basis for data processing

The legal basis for the processing of personal data is your consent in accordance with Article 6 Paragraph 1 Clause 1 Letter a) GDPR.

7.1.3 Purpose of Data Processing

The processing of your personal data enables us to analyze your surfing behavior. By evaluating the data obtained, we are able to compile information about the use of the individual components of our website. This helps us to constantly improve our website and its user-friendliness.

7.1.4 Duration of Data Storage

The data will be deleted 14 months after your [last] visit to our website.

7.1.5 Possibility of elimination by the data subject

You have the option at any time to revoke your consent to data processing with effect for the future. Please contact our data protection officer for this. You can also prevent the installation of cookies from Google Analytics yourself by setting your browser software accordingly. In this case, however, it may happen that you cannot use all the functions of our website to their full extent. Google Analytics can also be deactivated and controlled through browser extensions, for example http://tools.google.com/dlpage/gaoptout?hl=de.

8 Other Third-Party Tools

Furthermore, we use third-party providers who help us with the presentation of the pages and the functionality of the website. These are listed below:

8.1 Google Maps

8.1.1 Description and scope of data processing

This website uses the Google Maps product from Google LLC. Data processing for the European Economic Area and for Switzerland is carried out by:

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland.

When you call up a page, your browser loads the required geographic information into your browser cache in order to display the map correctly. For this purpose, the browser you are using must connect to the Google servers. This gives Google knowledge that our website was accessed via your IP address and which map was displayed. You can find the Google Maps terms of use at https://www.google.com/intl/de_de/help/terms_maps.html

8.1.2 Legal basis for data processing

The legal basis for data processing is your consent in accordance with Article 6 Paragraph 1 Clause 1 Letter a) GDPR.

8.1.3 Purpose of Data Processing

Using Google Maps makes it easier for you to find our location and to interact with it in different ways, for example by planning routes.

8.1.4 Duration of Data Retention

The data will be deleted as soon as they are no longer required for the purpose of data processing, unless legal, official or contractual provisions prevent deletion.

8.1.5 Possibility of elimination by the data subject

You have the option to revoke your consent to data processing at any time. For this purpose, please contact our data protection officer.

8.2 Mapbox

8.2.1 Description and scope of data processing

We use the Mapbox service to show you maps with locations. The data processing is carried out by:

MapBox Inc., 740 15th St Nw Suite 500 Washington, DC 20005, USA.

The following data can be processed here:

• Browser Information• IP Address• Referrer URL• Geographical Location• Device Type• Operating System• Date and Time of Visit• Usage Data

Further information on data processing by Mapbox can be found in their data protection declaration: https://www.mapbox.com/legal/privacy/

8.2.2 Legal basis for data processing

The legal basis for data processing is your consent in accordance with Article 6 Paragraph 1 Clause 1 Letter a) GDPR.

8.2.3 Purpose of Data Processing

We use Mapbox to be able to display geographic information to you.

8.2.4 Duration of Data Retention

The data will be deleted as soon as the purpose of the data processing has been achieved and there are no legal, contractual or official regulations to prevent deletion.

8.2.5 Possibility of elimination by the data subject

You have the option at any time to revoke your consent with effect for the future. For this purpose, please contact our data protection officer.

8.3 Google Web Fonts

8.3.1 Description and scope of data processing

We use so-called web fonts on the website for the uniform display of fonts. Data processing for the European Economic Area and for Switzerland is carried out by:

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland.

When you call up a page, your browser loads the required web fonts into your browser cache in order to display text and fonts correctly. For this purpose, the browser you are using must connect to the Google servers. This gives Google knowledge that our website was accessed via your IP address. If your browser does not support web fonts, a standard font will be used by your computer.

You can find more information about Google Web Fonts at https://developers.google.com/fonts/faq and in Google's privacy policy: https://www.google.com/policies/privacy/.

8.3.2 Legal basis for data processing

The legal basis for data processing is your consent in accordance with Article 6 Paragraph 1 Clause 1 Letter a) GDPR.

8.3.3 Purpose of Data Processing

The purpose of data processing is the uniform display of fonts on this website. Otherwise we would not be able to effectively present our online offer to you.

8.3.4 Duration of Data Retention

The data will be deleted as soon as they are no longer required for the purpose of data processing, unless legal, official or contractual provisions prevent deletion.

8.3.5 Possibility of elimination by the data subject

You have the option to revoke your consent at any time. For this purpose, please contact our data protection officer. You can set your browser so that the fonts are not loaded from the Google servers. If your browser does not support Google Fonts or you prevent access to the Google servers, the text will be displayed in the system's standard font.

8.4 Google reCAPTCHA

8.4.1 Description and scope of data processing

We use Google reCAPTCHA to protect us from excessive spam. This program is designed to ensure that the requester is a human and not an automated program.

Data processing for the European Economic Area and for Switzerland is carried out by:

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland.

Google automatically records the IP address, the place of access and the time of access. In addition, the behavior of the website visitor is analyzed based on various characteristics (e.g. length of time the visitor stays on the website, mouse movements made, cookies stored in the browser history).

For more information on how personal data is handled, see Google's privacy policy at https://www.google.de/intl/de/policies/privacy/, at https://policies.google.com/technologies/partner-sites and at https://www.google.com/recaptcha

8.4.2 Legal basis for data processing

The data is processed on the basis of your consent in accordance with Article 6 (1) sentence 1 lit. a) GDPR.

8.4.3 Purpose of Data Processing

Google reCAPTCHA ensures that there is a natural person with potential interest behind the requests. By restricting the number of requests, we can respond to individual requests faster and more efficiently and at the same time protect our website against automatically distributed malware.

8.4.4 Duration of Data Retention

Your personal data will only be processed for as long as is necessary. As soon as the purpose of the data processing has been fulfilled, it will be blocked and deleted according to the standards of the local deletion concept, unless legal regulations prevent deletion.

8.4.5 Possibility of elimination by the data subject

You have the option at any time to revoke your consent with effect for the future. For this purpose, please contact our data protection officer.

8.5 Domain Factory

8.5.1 Description and scope of data processing

We use the services of the hosting provider Domain Factory. The data processing is carried out by:

domainfactory GmbH, Oskar-Messter-Str. 33, 85737 Ismaning, Germany.

Domain Factory processes the following data in connection with the hosting of our website:

• IP address of the requesting computer • Date and time of access • Name and URL of the retrieved file • Amount of data transferred • Notification of whether the retrieval was successful • Identification data of the browser and operating system used • Website from which access is made • Name of your Internet access providers• Order and request logs• Server logs

Further information on data protection at Domain Factory can be found at the following link: https://www.df.eu/de/datenschutz/

8.5.2 Legal Basis for Data Processing

Data processing is based on Article 6 Paragraph 1 Sentence 1 Letter f) GDPR and is based on our legitimate interest in making our offers available on our own website.

8.5.3 Purpose of Data Processing

The data is processed in order to be able to show you our website and to ensure the functionality of our website.

8.5.4 Duration of Data Retention

The data will be deleted as soon as they are no longer required for the above-mentioned purposes and there are no legal or official storage requirements to prevent deletion.

8.5.5 Possibility of elimination by the data subject

The collection of the data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user. If you want to exercise your rights or have questions about data protection, please contact our data protection officer or Domain Factory at support@df.eu.

9 Data transfer to a third country

In order to be able to provide our services, we use the support of service providers from Europe and from third countries. In order to ensure the protection of your personal data even in the case of data transmission to a third country, we conclude special order processing contracts with each of the carefully selected service providers. All of the service providers we use have sufficient evidence that they ensure data security through appropriate technical and organizational measures. Our service providers from third countries are either located in countries that have an adequate level of data protection recognized by the EU Commission (Article 45 GDPR) or have provided suitable guarantees (Article 46 GDPR).

Adequate level of protection: The provider comes from a country whose adequate level of data protection has been recognized by the EU Commission. For more information see: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en

EU standard contractual clauses: Our provider has submitted to the EU standard contractual clauses to ensure secure data transfer. For more information, see: https://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2010:039:0005:0018:DE:PDF

Binding Corporate Rules: Art. 47 of the GDPR provides for the possibility of guaranteeing data protection when data is transferred to a third country by means of binding internal data protection regulations. These are checked and approved by the competent supervisory authorities as part of the consistency procedure in accordance with Art. 63 GDPR.

Consent: In addition, data will only be transferred to a third country without an adequate level of protection if you have given us your consent in accordance with Article 49 (1) (a) GDPR.

11 How to exercise these rights

To exercise these rights, please contact our data protection officer:

Christian Scholtz from WS Datenschutz GmbH

gesbit@ws-datenschutz.de

or by post:

WS Datenschutz GmbH Meinekestrasse 13D-10719 Berlin

12 Subject to change

We reserve the right to change this data protection declaration in compliance with the statutory provisions.

Stand September 2020

I. Joint responsible with us social media

GesBiT - Society for Education and Participation mbH

Address: Karl-Marx-Strasse 122, 12043 Berlin

Phone: 49 (0) 30 - 203 89 94 – 0

Email: mobijob@gesbit.de

Homepage: www.mobijob-berlin.de

operates the following social media sites of its own:

Facebook: https://www.facebook.com/MobiJobBerlin/

We use the services of

Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA beziehungsweise Facebook Ireland Ltd., 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Irland (“Facebook”)

return.

Based on the judgment of the European Court of Justice of 05.06.2018 (available at http://curia.europa.eu/juris/document/document.jsf?text=&docid=202543&pageIndex=0&doclang=DE&mode=req&dir=&occ=first&part=1&cid=298398 ) Operators of social media sites and the operators of the social media themselves are jointly responsible for data processing.

We would like to point out that you use our appearances in social media and their functions at your own risk. This applies in particular to the use of the interactive functions (e.g. commenting, sharing, rating). Alternatively, you can access the information that we make available on social media on our own website at www.mobijob-berlin.de.

II. Data Protection Officer

GesBiT's data protection officer is:

Christian Scholtz from WS Datenschutz GmbH

If you have any questions about data protection, you can reach him at the following e-mail address:

gesbit@ws-datenschutz.de

or by post:

WS Data Protection GmbH

- Data protection -

Meinekestraße 13

D-10719 Berlin

https://www.ws-datenschutz.de/

You can reach the data protection officers of the respective social media via the respective social media.

You can reach Facebook's data protection officer via the following linked contact form: https://www.facebook.com/help/contact/540977946302970

III. Data processed by social media

When you visit our social media sites, the social media operators record, among other things, your IP address and other information that is available on your PC in the form of cookies. This information is used to provide us, as the operator of the website, with statistical information about the use of the site. The data collected about you in this context will be processed by the social media operators and, if necessary, transferred to countries outside the European Union. What information the operator of the respective social network receives and how it is used is described in the data protection declarations of the respective social network. There you will also find information on contact options.

You can find more information on this under the following links:

Facebook:   

https://de-de.facebook.com/help/pages/insights.

https://de-de.facebook.com/about/privacy

https://de-de.facebook.com/full_data_use_policy

https://www.xing.com/app/share?op=data_protection

How the social media operators use data from visiting our social media presence for their own purposes, to what extent activities on the social media sites are assigned to individual users, how long the operators store this data and whether data from a visits to the social media sites are passed on to third parties is not finally and clearly named by the operators of the social media and is not known to us.

When you access our social media presence, the IP address assigned to your end device is transmitted to the operator of the respective social network. The social networks also store information about the end devices of the users (e.g. as part of the "registration notification" function); this may enable the social media operators to allocate IP addresses to individual users.

If you are currently logged in to the respective social network as a user, there will be a cookie on your end device with your unique identifier in this social network. This enables the operator of the social network to understand that you have visited a specific page and how you have used it. This data can be used to tailor content or advertising to your previous website visits.

If you want to avoid this, you should log out of the respective social network or deactivate the "stay logged in" function, delete the cookies on your device and exit and restart your browser. In this way, registration information that can be used to identify you directly is deleted. This allows you to use our social media presence without revealing your user ID. When you access interactive features of the site (like, comment, share, message, etc.), a login screen appears. After a possible registration, you are again recognizable as a specific user for the social network used.

Information on how you can manage or delete existing information within the social network can be found on the support pages of the respective social network mentioned above.

IV. Data processed by GesBiT

1. Type and scope of data processing

The data you enter on social networks, in particular your user name and the content published under your account, will be processed by us insofar as we may react to your messages. In addition, your published contributions, ratings and comments refer to your account in the respective social network. If you mention us using an @ or # or similar, that mention will be published on our site under your username, if applicable. The data you freely published and distributed on the respective social network may be included in our offer and made accessible to other users of the respective social network. If you mark our presence on social media with "Like" or "Follow" or a similar interaction, we will be informed of this by the respective social network with your user name and link to your account.

As the provider of the information service, we also collect and process the following data from your use of our social media presence:

contact requests

2. Legal Basis for Processing.

Data processing on our part is based on Article 6 Paragraph 1 Clause 1 Letter f) GDPR. Our legitimate interest results from the advertising function of social media. We use this to increase the level of awareness of our company.

3. Purpose of Processing

The data you provide in this context and which we may have access to (e.g. user name, images, any interests, contact data) will be processed by us exclusively for the purpose of communicating with customers and interested parties. Our legitimate interest lies in offering you a platform on which we can show you up-to-date information and with which you can address your concerns to us and we can respond to your concerns as quickly as possible.

4. Duration of storage

As far as possible, your data will be deleted when we stop appearing on social media.

V. Your Rights

According to the General Data Protection Regulation you have the following rights:

1. Right to revoke consent (cf. Art. 7 GDPR)

If you have given your consent to the processing of your data, you can revoke this at any time. Such a revocation affects the admissibility of the processing of your personal data for the future after you have given it to the person responsible. It can be given to us verbally (by telephone) or in writing by post or e-mail.

2. Right to information (cf. Art. 15 GDPR)

In the event of a request for information, you must provide sufficient information about your identity and provide evidence that the information is yours. The information concerns the following information:

the purposes for which the personal data are processed; the categories of personal data that are processed; the recipients or categories of recipients to whom the personal data concerning you have been disclosed or will be disclosed; the planned duration of the storage of the Personal data concerning you or, if specific information on this is not possible, criteria for determining the storage period; all available information about the origin of the data if the personal data is not collected from the person concerned; the existence of automated decision-making, including profiling in accordance with Art. 22 para. 1 and 4 GDPR and - at least in these cases - meaningful information about the logic involved as well as the scope and intended effects of such processing for the data subject.

3. Right to rectification or erasure (cf. Art. 16, 17 GDPR)

You have a right to correction and/or completion to those responsible if the processed personal data concerning you is incorrect or incomplete. The person responsible must make the correction immediately.

In addition, you can request the deletion of your personal data if one of the following reasons applies to you:

The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed. or Article 9 (2) (a) GDPR and there is no other legal basis for the processing. You object to the processing in accordance with Article 21 (1) GDPR and there are no overriding legitimate reasons for the processing processing, or you object to the processing in accordance with Art. 21 (2) GDPR. The personal data concerning you were processed unlawfully. The deletion of the personal data concerning you is necessary to fulfill a legal obligation under Union law or the law of the Member States are required to which the person responsible is subject. The personal data concerning you were collected in relation to the information society services offered pursuant to Art according to Art. 8 Para. 1 GDPR.

If the personal data concerning you has been made public and the person responsible is obliged to delete it in accordance with Article 17 (1) GDPR, we will take all reasonable measures to also inform other persons responsible for data processing that you have requested the deletion of all links to, or copies or replications of, such personal information.

The right to erasure does not exist if processing is necessary:

to exercise the right to freedom of expression and information; to fulfill a legal obligation that requires processing under Union or Member State law to which the controller is subject, or to perform a task that is in the public interest or in the exercise of public authority For reasons of public interest in the field of public health pursuant to Art. 9 Para. 2 lit. h and i as well as Art. 9 Para. 3 GDPR; for archiving purposes in the public interest, scientific or historical Research purposes or for statistical purposes in accordance with Art. 89 (1) GDPR, insofar as the above-mentioned law is likely to make it impossible or seriously impair the achievement of the objectives of this processing, or to assert, exercise or defend legal claims.

4. Right to restriction of processing (cf. Art. 18 GDPR)

Under the following conditions, you can request the restriction of the processing of your personal data from the person responsible:

if you dispute the accuracy of your personal data for a period that enables us to verify the accuracy of your personal data; the processing is unlawful and you refuse to delete the personal data and instead request that the use of the personal data be restricted; we no longer need the personal data for the purposes of processing, but you need them to assert, exercise or defend legal claims, or if you have lodged an objection to the processing in accordance with Art. 21 Para. 1 DSGVO and it is not yet clear whether our legitimate Reasons outweigh your reasons.

If the processing of personal data concerning you has been restricted, this data - apart from its storage - may only be used with your consent or to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State are processed.

If the restriction of processing has been restricted according to the above conditions, you will be informed by the person responsible before the restriction is lifted.

5. Right to information (cf. Art. 19 GDPR)

If you have asserted your right to correction, deletion or restriction of data processing to a person responsible, he is obliged to inform all recipients of your personal data of the correction, deletion or restriction of data processing. This only applies insofar as this notification does not prove impossible or would involve a disproportionate effort.

You have the right to know which recipients have received your data.

6. Right to data portability (cf. Art. 20 GDPR)

You have the right to receive your personal data from the person responsible in a common, machine-readable format in order to have them forwarded to another person responsible if necessary

the processing is based on consent pursuant to Article 6 Paragraph 1 Clause 1 Letter a) GDPR or Article 9 Paragraph 2 Letter a) GDPR or on a contract pursuant to Article 6 Paragraph 1 Clause 1 Letter b) DSGVO is based and the processing is carried out using automated procedures.

When exercising your right to data portability, you have the right to have the personal data transmitted directly from one controller to another, where technically feasible.

The right to data portability does not apply to the processing of personal data that is necessary for the performance of a task that is in the public interest or in the exercise of official authority that has been delegated to us.

7. Right to object to processing (cf. Art. 21 GDPR)

If the processing of your personal data is based on a legitimate interest (according to Art. 6 Para. 1 lit. f) GDPR), you can object to the processing. The same applies if data processing is based on Article 6 (1) sentence 1 lit. e) GDPR.

If you exercise such an objection, please explain why your personal data should not be processed. In the event of your justified objection, the situation will be examined and either the data processing will be discontinued or adjusted, or you will be shown the compelling reasons worthy of protection on the basis of which the processing will be continued.

8. Right to lodge a complaint with the competent supervisory authority (cf. Art. 77 GDPR)

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your place of residence, your place of work or the place of the alleged infringement, if you believe that the processing of your personal data is contrary to violates the GDPR.

The supervisory authority to which the complaint was lodged will inform you of the status and the results of the complaint, including the possibility of a judicial remedy under Art. 78 GDPR.

9. How to exercise these rights

You can assert your rights with the data protection officer of the respective person responsible, whose contact details can be found under point 2. If you make use of the rights mentioned, the person responsible will check whether the legal requirements for this are met.

If you have any questions about the information we offer, you can reach us using the contact details given under point 1.

Further information on social networks and how you can protect your data can also be found at https://youngdata.de.

VI. Subject to change

We reserve the right to change this data protection declaration in compliance with the statutory provisions.

Stand September 2020