Privacy Policy

1. Use of website for informational purposes
If you use our website purely for informational purposes (i.e. if you do not register as a customer or otherwise provide us with information), we will only collect the personal data your browser transmits to our server.

1a. Types of data processed 
If you would like to view our web pages (www.adg-akademie.de, www.adg-campus.de, https://shop.adg-campus.de and www.hotelschlossmontabaur.de), we will collect the following data:

• Information on the type of browser and version you are using;
• Your operating system and its interface;
• Your Internet service provider;
• Your IP address;
• The date and time of access;
• The web pages from which your system is redirected to our website;
• The web pages accessed by your system via our website;
• The volume of data transmitted; and
• Your access status / HTTP status code

1b. Purpose and legal basis of data processing
If you use our website for informational purposes, we will process your data for the purpose of pursuing our legitimate interests on the basis of point (f) of Art. 6 (1) GDPR. We have a legitimate interest because the processing is technically necessary for us to display our web pages and to ensure stability and security.

1c. Retention period
We will erase or anonymise your personal data as soon as it is no longer required for the purposes for which it was originally collected or used, as outlined above. The data stored in log files will be deleted or anonymised after 14 days at the latest.

1d. Disclosure of personal data
We use the following service providers to host our website: netclusive GmbH (Robert-Bosch-Str. 10, Haus I, D-56410 Montabaur) and chamaeleon AG (Robert-Bosch-Str. 12, Haus IV, D-56410 Montabaur). When you access our website, the data listed above will have to be provided to these two service providers.

2. Data processing when you subscribe to our newsletter 

2a.Types of data processed 
We will only process your email address when sending our newsletters. If you voluntarily provide further information when subscribing to our newsletter, this data will also be processed by us. This may particularly include the following data:

Your employer, first name, last name and a unique ID (if you have agreed to newsletter tracking).

2b. Purpose and legal basis of data processing
The personal data listed above will be processed for direct marketing and business development purposes. If you give your consent, we will also analyse your user behaviour through our newsletters. For this purpose, our emails will contain “web beacons” and “tracking pixels” (i.e. single-pixel image files stored on our website). In order to analyse your user behaviour, we will link the data collected automatically when you visit our website (see “Data processing when you visit our website”) and the web beacons with your email address and a unique ID. We will use this data to create a user profile and tailor our newsletter to your personal interests. We will establish your personal interests by recording when you read our newsletter and which links you click on. We will link this information with the way in which you interact with our website. This will be done on the basis of your consent in accordance with point (a) of Art. 6 (1) GDPR.

You can unsubscribe from the newsletter at any time (e.g. by clicking on a link at the bottom of each newsletter). Alternatively, you can unsubscribe at any time by sending a request to service@adg-campus.de.

You may object to tracking at any time by clicking on the separate link provided in each email.

2c. Retention period
The information outlined above will be stored as long as you remain subscribed to our newsletter. If you unsubscribe, your data will no longer be used to send you newsletters.

2d. Disclosure of personal data
ADG sends newsletters using dotdigital, a service provided by dotdigital EMEA Limited (Evert van de Beekstraat 354, 1118 CZ Schiphol, Netherlands). The data you provide when subscribing to the newsletter will be passed on to dotdigital for the purpose of sending you the newsletter. 

3. Data processing when you use our online store 

3a. Types of data processed 
If you use our online store (https://shop.adg-campus.de/), we will process your data to enable you to select, book and pay for seminars, workshops, qualification programmes and other products and services, and to enable such products and services to be delivered. We will process the following data:

Your name, log-in details, email address, inventory data, communication data, billing address and shipping address

3b. Purpose and legal basis of data processing
The data listed above will be processed for the purpose of providing contractual services through our online store, as well as for billing purposes, delivery and customer services. This will be done on the basis of point (b) of Art. 6 (1) GDPR (order processes) and point (c) of Art. 6 (1) GDPR (archiving required by law).

3c. Retention period 
Your data will be deleted as soon as our statutory warranty obligations and similar duties no longer apply; if we have to comply with statutory archiving requirements, your data will be deleted as soon as such obligations no longer apply (6 years under commercial law and 10 years under tax law). 

3d. Disclosure of personal data 
We will disclose your data to third parties to facilitate the payment and delivery process, and to legal advisers and authorities to obtain legal permits and comply with our legal obligations. Your data will only be processed in third countries if this is necessary to perform the contract (e.g. at the customer’s request for delivery or payment).

In addition, your data will be disclosed to service providers who provide technical support for our online store. We have concluded data processing agreements with those service providers in accordance with Art. 28 GDPR. In this context, we use Magento Commerce, a service provided by Adobe Systems Software Ireland Limited (4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland) and comwrap GmbH (Hanauer Landstr. 126-128, D-60314 Frankfurt am Main).

4. Data processing with plug-ins 

A “plug-in” is a software component embedded in a website that provides a link to third-party content. As our plug-ins are embedded with the “two-click solution”, your personal data will not be automatically passed on to the respective third-party provider when you visit our website.

We give you the opportunity to communicate directly with third-party providers via plug-ins. Each third-party provider will only be informed that you have accessed the corresponding page on our website when you enable the relevant plug-in. They will also receive the data collected automatically when you visit our website. If you enable a plug-in, your personal data will be transmitted to the respective third-party provider and stored there. As third-party providers mainly collect data through cookies, we recommend that you delete all cookies via your browser’s security settings before clicking on a plug-in.

We have no control over the processes used by third-party providers to collect and process data, and we do not know the full scope of data collection, the purposes of data processing or the data retention periods. Moreover, we do not have any information on the erasure of data collected by third-party providers.

4a. Types of data processed 
We use the following plug-ins:

When you visit our website, the third-party providers will be informed that you have accessed a particular sub-page. If you use any of the services, the following information will also be transmitted to the respective third-party provider:

Information on the type of browser and version you are using, your operating system and its interface, your Internet service provider, your IP address, the date and time of access, the web pages from which your system is redirected to our website, the web pages accessed by your system via our website, the volume of data transmitted and your access status / HTTP status code.

This will happen regardless of whether you are logged in to your account with the third-party provider or whether you even have such a user account. If you are logged in to your account with the third-party provider, your data will be directly linked to your account. If you do not want your data to be linked to your profile with the third-party provider, you will have to log out before pressing the button. The third-party providers will save your data as a user profile and use it to create advertising, conduct market research and/or tailor the design of their websites to users’ needs. Your data will be used in this way (even if you are not logged in) particularly to show targeted advertising and inform other social network users about your activities on our website. You have the right to object to the creation of user profiles, which you may exercise by contacting the third-party providers.

4b. Purpose and legal basis of data processing
We will process your personal data to make such third-party services available on our website and to improve the user-friendliness of our website on the basis of point (f) of Art. 6 (1) GDPR. We have a legitimate interest in providing and improving a website that is easy to use.

4c. Retention period
We will not store any data generated through the use of plug-ins. If you would like to know how long your data may be stored by each third-party provider, please refer to their privacy policies (see above).

4d. Data processing outside the European Union
We have established EU standard contractual clauses with the third-party providers in case your personal data is ever transferred to third countries. The standard contractual clauses can be viewed here: https://eur-lex.europa.eu/legal-content/DE/TXT/?qid=1487055654356&uri=CELEX:32010D0087.

5 Data processing when enquiries are submitted via contact forms 

5a. Types of data processed 
If you submit an enquiry via a contact form, the following data will be processed in particular:

Your employer, name, address, telephone number, email address and personal message

5b. Purpose and legal basis of data processing
We will process your personal data to process and respond to your enquiry (i.e. for communication purposes). This will be done on the basis of our legitimate interest in accordance with point (f) of Art. 6 (1) GDPR. We have a legitimate interest in enabling our existing and prospective customers to contact us.

5c. Retention period 
Your information will be stored for as long as necessary for us to respond to your enquiry.

6. Data processing using cookies

We use cookies on our website. These are small files that will be automatically created by your browser and stored on your device (e.g. laptop, tablet, smartphone) when you visit our website. Our cookies do not contain any viruses, Trojan horses or other malware and will not cause any harm to your device.

We will use cookies to store information that arises in connection with your specific device. However, this does not mean that we will be directly informed of your identity.

The following types of cookies are used on our website:

• Necessary cookies
• Functional and performance cookies
• Advertising and targeting cookies

You can decide for yourself whether cookies should be saved and retrieved on your device by changing your browser settings. For example, you can completely stop cookies from being stored in your browser, you can limit the storage of cookies to certain websites, or you can configure your browser to automatically notify you when a cookie is about to be stored, so that you can give your permission.

The data collected by each cookie will have to be passed on to the respective cookie provider.

6.1 Technically necessary cookies

6.1.1. Purpose and legal basis of data processing
Necessary cookies are absolutely essential for you to navigate around our website and use its basic functions and also for us to ensure the security of our website; they will not collect any information about you for marketing purposes, nor will they record which websites you have visited. Our necessary cookies ensure that our website can be used by enabling its basic functions. This is done on the basis of our legitimate interest in accordance with point (f) of Art. 6 (1) GDPR. We have a legitimate interest in providing a functioning website.

6.1.2. Disclosure of personal data
The data collected by each cookie will have to be passed on to the respective cookie provider.   

6.1.3. What will happen if you do not provide your data?
If you disable necessary cookies, we will not be able to ensure the full functionality and usability of our website.

6.1.4. Cookies used

6.2 Functional and performance cookies

6.2.1. Purpose and legal basis of data processing

Functional and performance cookies improve the performance of our website (e.g. by accelerating loading times) or provide you with additional, non-essential features (e.g. remembering your log-in details). These cookies will collect information about how you use the website. You will not be identified; the information will only be used to determine what interests our users and how we could optimise our website in the future. This will be done on the basis of your consent in accordance with point (a) of Art. 6 (1) GDPR.

6.2.2. Cookies used

6.3 Advertising and targeting cookies

6.3.1. Purpose and legal basis of data processing
Advertising and targeting cookies are used to display targeted advertising or third-party products and services on our website and to measure the effectiveness of such advertising, products and services. These cookies will allow you to see personalised ads. We may also collect data concerning the effectiveness of such advertising. This will be done on the basis of your express consent, which you will actively give in accordance with point (a) of Art. 6 (1) GDPR. You may withdraw your consent at any time. However, this will not affect the lawfulness of any processing carried out up to that point.

6.3.2.  Data processing outside the European Union

We use Google Analytics on our website. The cookies used as part of Google Analytics may process usage data on the servers operated by Google LLC in the USA. We have established EU standard contractual clauses with the third-party providers in case your personal data is ever transferred to the USA. The standard contractual clauses can be viewed here: https://eur-lex.europa.eu/legal-content/DE/TXT/?qid=1487055654356&uri=CELEX:32010D0087.

6.3.3. Table of cookies used

1. Types of data processed 
We will process your personal data if you participate in our seminars, workshops, qualification programmes and other digital learning activities.

We will process the following data: your first name, last name, username, email address, communication data, contract details (seminar topic, venue and time), video and audio data recorded during the learning activity, and payment and billing data.

2. Purpose and legal basis of data processing
We will process your data for the purpose of providing contractually agreed services when holding, billing and concluding our seminars, workshops, live online training courses (hereinafter referred to collectively as “webinars”), qualification programmes and other digital learning activities. This will be done on the basis of point (b) of Art. 6 (1) GDPR (performance of a contract) and point (c) of Art. 6 (1) GDPR (archiving required by law).

3. Retention period
Your data will be deleted as soon as our statutory warranty obligations and similar duties no longer apply; we will check whether we have to continue storing your data every three years. If we have to comply with statutory archiving requirements, your data will be deleted as soon as such obligations no longer apply (6 years under commercial law and 10 years under tax law).

4. Disclosure of personal data
If our seminars are ever recorded, we will use GoToMeeting, a service provided by LogMeIn Ireland Limited (Bloodstone Building Block C, 70 Sir John Rogerson’s Quay, Dublin 2, Ireland), and Adobe Connect, a service provided by Adobe Systems Software Ireland Limited (4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland). These technical service providers will receive your personal data to the extent necessary.

If you give your consent, our seminars will be recorded and subsequently made available for participants to stream.

1.  Types of data processed
If a seminar is recorded, the following personal data will be processed:
Video and audio recordings, your first name, last name and chat content

2. Purpose and legal basis of data processing
We will process the data listed above to make our seminars available to you after they have taken place. This will be done on the basis of your consent in accordance with point (a) of Art. 6 (1) GDPR.

3. Retention period
The data listed above will be stored and made available to all participants as a stream for 12 weeks after the seminar takes place or until you withdraw your consent.

4. Disclosure of personal data
If our seminars are ever recorded, we will use GoToMeeting, a service provided by LogMeIn Ireland Limited (Bloodstone Building Block C, 70 Sir John Rogerson’s Quay, Dublin 2, Ireland), and Adobe Connect, a service provided by Adobe Systems Software Ireland Limited (4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland). These technical service providers will receive your personal data to the extent necessary.

You can take part in courses in ADG’s digital learning environment (https://elearning.adg-international.com/).

1. Types of data processed
If you provide your personal data when using ADG’s digital learning environment, it will be processed. This includes the following:

Your first name, last name, email address, course details, evaluation data, usage data, IP address, date and time of each browser session, and forum posts

2. Purpose and legal basis of data processing
We will process your data to enable you to use the ADG learning environment. This will be done on the basis of point (b) of Art. 6 (1) GDPR.

3. Retention period
The data in your user profile (log-in details) will be stored until your user profile is deleted. The data generated during your participation in courses (content data) will be stored until the respective course is deleted, unless certain legal regulations allow or require the data to be stored for longer in exceptional cases. You can delete your user data and voluntary entries in your user profile yourself whenever you like.

4. Disclosure of personal data
We use a learning platform known as “Moodle” to provide the ADG digital learning environment (https://elearning.adg-international.com/). Moodle is hosted on the servers operated by our hosting service provider: Mastersolution AG (Postplatz 12, D-08523 Plauen). This service provider will have to receive your personal data that is processed in relation to ADG’s digital learning environment.

1. Types of data processed 
Various types of data may be processed during the application process:

Your name, salutation, title, address, telephone number, fax number, email address, date of birth, work experience, metadata (e.g. IP address or hardware information), CV, certificates, criminal records check, application photograph, proof of qualifications, cover letter, previous employers and any other data that you send us for your application

2. Purpose and legal basis of data processing
The data you send us will be used to process your application, in particular to check whether you are suitable for the vacancy. This will generally be done on the basis of the first sentence of Section 26 (1) of the Federal Data Protection Act (BDSG).

Any application photographs and other data that you send us in connection with your application but that is not directly related to your application will be processed on the basis of your consent in accordance with point (a) of Art. 6 (1) GDPR. You may withdraw your consent at any time. If you withdraw your consent, this will not affect the lawfulness of any data processing carried out on the basis of your consent up to that point.

3. Retention period
We will store your personal data for the duration of the application process. If your application is unsuccessful, we will continue to store your data for a further 6 months after delivering the rejection letter to answer any questions you might have about the application process and to defend ourselves against any allegations made under the German General Act on Equal Treatment (AGG). If your application is successful, we will continue to process your data in connection with your employment.

4. Disclosure of personal data
We use an applicant management tool developed and provided by PERBILITY GmbH (Starkenfeldstraße 21, D-96050 Bamberg). As a result, your personal data will be collected, processed and used on our behalf by PERBILITY GmbH in accordance with the relevant legal regulations as our processor commissioned under Art. 28 GDPR. Your personal data will not be transferred to “third parties”, as defined in data protection law. We will remain responsible for the processing of your personal data as the controller.

1. Types of data processed
As part of our business relationships, we will process any personal data we may receive from you as a customer / contractual partner or as an (authorised) representative / contact of a company with which we do business. This will usually include the following personal data:

Your name, salutation, title, address, telephone number, fax number, email address, account details, company (including VAT ID), department, position, date of birth, subject of contract, and enquiries and correspondence for the conclusion, management and performance of the contract and for billing purposes

2. Purpose and legal basis of data processing
We will process your personal data for the purpose of establishing, performing and fulfilling the contract and performing pre-contractual measures. We will use your personal data in particular to prepare a quote, process your order and get in touch with you on the basis of point (b) of Art. 6 (1) GDPR.

In addition, we will store your personal data as part of our business relationship to comply with our statutory archiving obligations on the basis of point (c) of Art. 6 (1) GDPR.

3. Retention period
Your personal data will be processed and stored for as long as necessary for us to comply with our contractual and legal obligations. Once we have performed our contractual and legal obligations, your personal data will be erased as part of our regular deletion process. However, please note the following exceptions:

• Compliance with retention periods under commercial and tax law (2-10 years);
• The preservation of evidence during the applicable limitation period (up to 30 years under Section 195 et seq. of the German Civil Code [BGB]). The usual limitation period is three years until the end of the year.
  
  

4. Disclosure of personal data to third parties
Your personal data will be accessed by those who need it to comply with our contractual and legal obligations.

We will transfer your personal data to the tax office if we are legally obliged to do so. This will be done on the basis of point (c) of Art. 6 (1) GDPR.

We will also transfer your personal data to our authorised tax advisers and auditors on the basis of our legitimate interest in effective and economic bookkeeping. This will be done on the basis of point (f) of Art. 6 (1) GDPR.

As part of our customer management, we use an ERP system for which technical support is provided by GOB Software & Systeme GmbH & Co. KG (Europark Fichtenhain A 5, D-47807 Krefeld). This service provider will receive your personal data to the extent necessary for support services.

1. Types of data processed
If you use Microsoft Office applications (MOA) to communicate with us (e.g. in a video conference), the following personal data will be processed:

If you use MOA, your personal data may be processed. For example, this will be the case if the content of your communication via MOA contains your personal data. This data may particularly include your basic information and contact details, as well as data related to transactions, contracts, other processes and their content. Your usage data (e.g. IP address or access data) may also be collected and processed.

We also use MOA as part of our in-house communications to exchange information among employees and to manage and store data and documents. Such data and documents may also contain personal data concerning you. For example, data and documents containing your personal data may be stored on Microsoft servers for further processing (e.g. if a quote has been prepared for you and shared within our company via Microsoft Teams). This data may particularly include information related to transactions, contracts, other processes and their content.

2. Purpose and legal basis of data processing
The data processing related to the use of MOA will be carried out for the purpose of storing and managing documents, managing calendar entries, sending emails, making use of spreadsheets and presentations, exchanging documents, content and information, and participating in audio and video conferences. If the use of MOA is necessary for the establishment, performance or processing of contracts or pre-contractual measures, the legal basis will be point (b) of Art. 6 (1) GDPR.

If your personal data is processed further in connection with the use of MOA, this will be done for the purpose of pursuing our legitimate interests on the basis of point (f) of Art. 6 (1) GDPR. We have a legitimate interest in using MOA to streamline and simplify our in-house communication channels.

Microsoft will also process metadata and authentication data on our behalf for the purpose of ensuring security and optimising the service on the basis of point (f) of Art. 6 (1) GDPR. We have a legitimate interest in using MOA to streamline our in-house data and documentation management and to simplify our communication channels.

3. Retention period
We will erase or anonymise your personal data as soon as it is no longer required for the purposes for which it was originally collected or used, as outlined above. We will usually store your personal data for the duration of our contractual relationship with you, unless we are entitled or obliged to store your data for longer.

4. Disclosure of personal data
Microsoft will have to receive the data listed above if this is stipulated in our data processing agreement with Microsoft.

5. Data processing outside the European Union
In principle, the data listed above will not be processed outside the European Union (EU). However, we cannot rule out the possibility of data being routed via Internet servers located outside the EU, particularly if video conference participants are located in a third country. We have established EU standard contractual clauses with the third-party providers in case your personal data is ever transferred to third countries. The standard contractual clauses can be viewed here: https://eur-lex.europa.eu/legal-content/DE/TXT/?qid=1487055654356&uri=CELEX:32010D0087.

In addition, the data processing associated with the use of MOA is based on Microsoft’s privacy statement, which you can view here: https://privacy.microsoft.com/de-de/privacystatement.

In addition to the data processing carried out by social network providers themselves, we also collect and process personal data on our social media pages and channels. This will happen regardless of whether you are logged in to the platform you visit or whether you are even a member there.

1. Types of data processed

1a. ADG on Facebook
If you visit our Facebook page, which is run by Facebook Ltd. (4 Grand Canal Square, Grand Canal Harbour, D2 Dublin, Ireland) at https://de-de.facebook.com/meineADG/, we will process the following types of data:

Your username, comments posted on our page, messages sent to us, activities on our channel provided by Facebook Insights (volume of interactions, visits, average duration of video views, country and city of origin, and statistics about general circumstances)

You can find Facebook’s privacy policy here: https://www.facebook.com/policy.php.

You can find more information about Facebook Insights here: https://www.facebook.com/legal/terms/information_about_page_insights_data

Due to the joint data processing, ADG and Facebook are “joint controllers”, as defined in Art. 26 GDPR. The agreement, more information on data processing and a guide to asserting your rights as a data subject can be found here:

https://www.facebook.com/legal/terms/page_controller_addendum

ADG has no control over the processing of personal data when you use the Facebook page beyond the types of data specified above.

1b. ADG on Instagram
If you visit our Instagram page, which is run by Facebook Ltd. (4 Grand Canal Square, Grand Canal Harbour, D2 Dublin, Ireland), we will process the following types of data:

Your username, comments on our posts, messages, activities on our channel provided by Instagram Insights (volume of interactions, visits, average duration of video views, country and city of origin, statistics about general circumstances)

You can find Instagram’s privacy policy here: https://help.instagram.com/519522125107875.

1c. ADG on Twitter
If you visit our Twitter channel, which is run by Twitter Inc. (1355 Market Street, Suite 900, San Francisco, CA 94103, USA), we will process the following types of data:

Your username, comments on posts, messages, anonymous information on channel activities provided by Twitter Insights (visits to our channel, volume of interactions, country and city of origin, statistics on the gender ratio of our visitors)

You can find Twitter’s privacy policy here: https://twitter.com/de/privacy.

You can find more information about Twitter Insights here: https://analytics.twitter.com/about.

1d. ADG on LinkedIn
If you visit our LinkedIn page, which is run by LinkedIn Ireland Unlimited Company (Wilton Place, Dublin 2, Ireland) at https://de.linkedin.com/company/akademie-deutscher-genossenschaften-ev-, we will process the following types of data:

Your first name, last name, title (if any), occupation, current employer, comments on our posts, messages sent to us, activities on our LinkedIn page provided by LinkedIn Analytics (volume of interactions, visits, average duration of video views, country and city of origin, statistics about general circumstances)

You can find LinkedIn’s privacy policy here: https://www.linkedin.com/legal/privacy-policy.

Due to the joint data processing, ADG and LinkedIn are “joint controllers”, as defined in Art. 26 GDPR. The agreement, more information on data processing and a guide to asserting your rights as a data subject can be found here:

https://legal.linkedin.com/pages-joint-controller-addendum

1e. ADG on XING
If you visit our XING page, which is run by XING SE (Dammtorstraße 30, 20354 Hamburg, Germany), we will process the following types of data:

Your first name, last name, title (if any), occupation, employer, comments posted on our page, messages sent to our channel, activities on our XING page provided by the XING statistics tool (volume of interactions, statistics on age and employment circumstances of our visitors)

You can find XING’s privacy policy here: https://privacy.xing.com/en/privacy-policy.

1f. ADG on YouTube
If you visit our YouTube channel, which is run by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) at http://www.youtube.com/user/Montabaurful, we will process the following types of data:

Your username, comments posted on our YouTube channel, activities on our YouTube channel provided by YouTube Analytics (visits, volume of interactions, average duration of video views, information on video views, country and city of origin, statistics on the gender ratio of our visitors)

You can find YouTube’s privacy policy here: https://policies.google.com/privacy?hl=de.

1g. ADG on kununu
If you visit our kununu page, which is run by kununu GmbH (Neutorgasse 4-8, Top 3.02 A-1010 Wien), we will process the following types of data:

Ratings on our kununu page (provided in pseudonymised form; we have no way of matching them to a specific person), pseudonymised enquiries about ADG shared with the Kununu community, content of any questions we answer

You can find kununu’s privacy policy here: https://privacy.xing.com/de/datenschutzerklaerung.

1h. ADG on GOODJOBS
If you visit our GOODJOBS page, which is run by GoodJobs GmbH (Joachimstraße 10, D-10119 Berlin) at https://goodjobs.eu/de/companies/akd-akademie-deutscher-genossenschaften-e-v, we will process the following types of data:

Your name, salutation, title, address, telephone number, fax number, email address, date of birth, work experience, metadata (e.g. IP address or hardware information), CV, certificates, criminal records check, application photograph, proof of qualifications, cover letter, previous employers and any other data that you send us for your application.

You can find GOODJOBS’ privacy policy here: https://goodjobs.eu/de/privacy.

2. Purpose and legal basis of data processing
We will process your data via ADG social media channels for the purpose of presenting ADG to the outside world, communicating and interacting with prospective customers, employees and other business partners, and processing any enquiries made via social media channels. We will also collect statistical information about the reach of our social media channels to improve our marketing activities. This will be done on the basis of our legitimate interest in marketing our products and services through our social media channels in accordance with point (f) of Art. 6 (1) GDPR.

3. Retention period
We will delete your personal data as soon as it is no longer required for the purposes specified above, unless the erasure or blocking would constitute an infringement of our statutory retention requirements, such as those stipulated in commercial or tax law. Any messages you send via our social media channels will be deleted no later than 3 months after the conversation has ended, provided that your enquiry has been answered and there is no other reason to retain your messages.

4. Disclosure of personal data
As part of the data processing described above, the operators of the social media channels will have to receive your data.

5. Data processing outside the European Union
If your personal data is ever processed via our social media channels, please note that this processing may take place outside the European Union (EU). This may pose certain risks; for example, it may be difficult for you to assert your rights. You can find more information in the privacy policy for each social media channel.

We have established EU standard contractual clauses with the third-party providers in case your personal data is ever transferred to third countries. The standard contractual clauses can be viewed here: https://eur-lex.europa.eu/legal-content/DE/TXT/?qid=1487055654356&uri=CELEX:32010D0087.

Your Rights 

As a “data subject”, you have the following rights with regard to your personal data in accordance with Art. 15 et seq. GDPR:

Right of access
You have the right to request confirmation as to whether we are processing any personal data concerning you; this being the case, you have the right to access any such personal data and the information detailed in Art. 15 GDPR.

Right to rectification
You have the right to request the immediate rectification of any incorrect personal data concerning you and the supplementation of any incomplete personal data (Art. 16 GDPR).

Right to erasure
You have the right to request the immediate erasure of your personal data on one of the grounds listed in Art. 17 GDPR, such as if your data is no longer required for the purpose for which it was collected (right to erasure).

Right to the restriction of processing
You have the right to request the restriction of processing if any of the requirements listed in Art. 18 GDPR are met (e.g. if you have objected to processing) while we check your request.

Right to object
You always have the right to object to the processing of your personal data on grounds relating to your particular situation. If you file an objection, we will only continue to process your personal data if we can demonstrate compelling legitimate grounds for processing which override your interests, rights and freedoms, or if your personal data is processed for the establishment, exercise or defence of legal claims (Art. 20 GDPR). Please note that this will only apply with future effect. It will not affect the lawfulness of any processing that may have been carried out up to that point.

Right to data portability
You have the right to receive any personal data you have provided to us in a structured, commonly used and machine-readable format, or to have this data transferred to another controller (Art. 20 GDPR).

Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you also have the right to lodge a complaint with a supervisory authority if you believe the processing of your personal data constitutes a violation of the GDPR (Art. 77 GDPR). You may exercise this right with a supervisory authority in the EU Member State of your habitual place of residence, your place of work or the location of the alleged infringement.

Right to withdraw consent
If you have consented to the processing of personal data, you may withdraw your consent at any time. This also applies to any consent you may have given before the GDPR entered into force on 25 May 2018. Please note that this will only apply with future effect. It will not affect the lawfulness of any processing that may have been carried out up to that point.

Last updated: February 2022