EUREF AG Privacy Policy

EUREF company group data protection information

  1. DATA PROTECTION POLICY AT A GLANCE

GENERAL INFORMATION

The following information provides a general overview of what happens with your personal data when you visit the operator’s website. Personal data are all data by which you can be personally identified. Detailed information on data protection can be found below.

DATA COLLECTION ON THIS WEBSITE
Who is responsible for data collection on this website?

Data on this website is processed by the operator of this website. You can find the operator’s contact data in the website’s legal notice.

How are your data collected?

Firstly, your data are collected by your providing them to the operator. This involves data which you enter in a contact form, for example.

Other data are collected automatically by the operator’s IT systems when you visit the website. These are primarily technical data (e.g., Internet browser, operating system or time of the page view). These data are collected automatically, as soon as you visit this website.

What are your data used for?

Some of the data are collected to ensure error-free provision of the website. Other data can be used to analyse your use behaviour.

What rights do you have concerning your data?

You have the right at any time to obtain information about the origin, recipient and purpose of your stored personal data free of charge. You also have the right to request the correction, blocking or deletion of these data. If you have any questions about this or data protection in general, you can contact datenschutz@euref.de at any time. In addition, you have the right to lodge a complaint with the competent supervisory authority.

ANALYSIS TOOLS AND TOOLS FROM THIRD-PARTY PROVIDERS.

Your use behaviour can be statistically analysed when you visit this website. This is done primarily with the aid of cookies and analytics programs. As a rule, your use behaviour is analysed anonymously; the use behaviour cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. You can find detailed information in the following data protection policy.

  1. general Information and mandatory information

Data protection

The operator of this site takes the protection of your personal data very seriously. It treats your personal data confidentially and in compliance with the statutory data protection regulations and this data protection policy.

When you use this website, various personal data will be collected. Personal data are data by which you can be personally identified. This data protection policy explains which data are collected by the operator and what they are used for.

The operator points out that data transmission on the Internet (for example, when communicating via email) may have security gaps. Complete protection of your data against third party access is not possible.

information about the controller

The controller for the processing of data on this website is:

EUREF AG
EUREF Campus 3
10829 Berlin
Email: datenschutz@euref.de

Data Protection Officer

mip Consult GmbH
Jan Käding
Wilhelm-Kabus-Str. 9
10829 Berlin
E-Mail:  j.kaeding@mip-consult.de

revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke any consent you have granted at any time with effect for the future. This only requires an informal notification by email to datenschutz@euref.de. The legality of the data processing carried out up to the revocation remains unaffected by the revocation.

right of complaint to the competent supervisory authority

In the event of data protection violations, you as the data subject have the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority in data protection issues is the state data protection officer in Berlin.

information, blocking, deletion

Under the applicable legal provisions, you have the right to information about your stored personal data, their origin and recipients and the purpose of the data processing free of charge at any time and, where appropriate, a right to correction, blocking or deletion of those data. If you have any questions about this or personal data in general, you can contact at any time:

EUREF AG
EUREF Campus 3
10829 Berlin
Email: datenschutz@euref.de

  1. data collection on this website

COOKIES

Web pages sometimes use cookies. Cookies do not cause any harm to your computer and do not contain any viruses. Cookies help to make the offerings more user friendly, more effective and more secure. Cookies are small text files placed on your computer and saved by your browser.

Most of the cookies used by the operator are “session cookies”. They are deleted automatically when you end your visit. Other cookies remain stored on your end device until you delete them. These cookies enable your browser to be identified the next time you visit the website.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or generally, and enable the automatic deletion of cookies when closing your browser. Deactivating cookies can impair the functionality of this website.

Cookies necessary for carrying out electronic communication processes or providing certain functions you desire (e.g. shopping basket function) are stored on the basis of Art. 6 (1) lit. f) GDPR. The operator has a legitimate interest in the storing of cookies for the technically error-free and optimized provision of its services. In so far as other cookies (e.g. cookies for analysing your use behaviour) are stored, this is covered separately in this data protection policy.

SERVER LOG files

The provider of the pages automatically collects and stores information in server log files, which your browser automatically transmits to the operator. This information includes:

Requested URL

Time of the server request

Anonymized IP address

These data are not merged with other data sources.

The basis for the data processing is Art. 6 (1) lit. f) GDPR, which allows the processing of data for the performance of a contract or pre-contractual measures.

The data are automatically deleted after 6 months.

contact form

If you send the operator inquiries via the contact form, your details from the inquiry form including the contact data you provide in it are stored by the operator for processing the inquiry and for the event of follow-up questions. The operator will not pass these data on without your consent.

The data entered in the contact form are processed under Art. 6 (1) lit. a) and b) GDPR.

The data you entered in the contact form are retained by the operator, until you request their deletion, revoke your consent for storage or the purpose for storing the data no longer applies (e.g., after your inquiry has been dealt with). This shall be without prejudice to mandatory statutory provisions – especially retention periods.

  1. ANALYSis TOOLS and advertising

MATOMO

With your consent, the operator uses the Matomo open-source software to analyse and statistically evaluate the use of the website.

Purposes of the processing

The operator uses the data to statistically evaluate the use and analysis of the website.

It thus pursues the legitimate interest in optimising the website for external presentation.

Legal base

The data are processed on the basis of Art. 6 (1) S. 1 lit. a) GDPR.

Recipients / categories of recipients

The resulting information about the use of the website is transmitted exclusively to the operator’s servers and summarized in pseudonymous user profiles.

The IP addresses are anonymized (IP masking), so that an assignment to individual users is not possible.

Transfer of data

Matomo is hosted as a web analysis tool on the operator’s own servers. The collected data do not belong to any third-party providers and they will not be passed on to or viewed by any third parties. The data will be passed on only after your express consent, unless this is contrary to other legal requirements imposed by the authorities which oblige the operator to pass the said data on.

Duration of data storage

The data sent by the operator and data linked to cookies, user identifiers (such as user IDs) or advertising IDs will be automatically deleted after 2 months. Data whose retention period has been reached will be deleted automatically once a month.

Affected parties’ rights

You can revoke your consent at any time with effect for the future by activating the “Do Not Track” function in your browser or by deselecting (sic) the opt-out checkbox.

The legality of the data processing carried out up to the revocation remains unaffected by the revocation.

  1. NEWSLETTER

NEWSLETTER DATa

If you wish to receive the newsletter offered on the website, the operator needs an e-mail address and information from you that allows the verification that you are the owner of the specified email address and agree to receive the newsletter. Further data will not be collected or only on a voluntary basis. The operator uses these data solely for sending the requested information and will not pass them on to third parties.

The data entered in the newsletter subscription form are processed solely on the basis of Art. 6 (1) lit. a) + b) GDPR. You can revoke the consent you gave for storing the data, the email address and their use for sending the newsletter at any time with effect for the future – via the “unsubscribe” link in the newsletter. The revocation will not affect the legality of the already effected data processing operations.

The operator will retain the data you provide for receiving the newsletter until you are unsubscribed from the newsletter and they will be deleted after the cancellation of the newsletter. This shall be without prejudice to data stored for other purposes by the operator (e.g. email addresses for the members’ area).

  1. PLUGINS aND TOOLS

YOUTUBE

The operator’s website uses plugins from the YouTube site operated by Google. The operator of the site is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

If you visit one of the pages in which the operator has placed a YouTube plugin, this will open a connection to the YouTube servers. The YouTube server will be informed about which of the operator’s pages you have visited.

If you are logged into your YouTube account, you enable YouTube to assign your usage behaviour directly to your personal profile. You can prevent this by logging out from your YouTube account.

YouTube is used in the interest of providing an appealing presentation of the operator’s online offers. This constitutes a legitimate interest within the meaning of Art. 6 (1) lit. f) GDPR.

You can find further information on the handling of user data in the YouTube privacy policy at: https://www.google.de/intl/de/policies/privacy.

VIMEO

Some content is also integrated from the Vimeo platform. Such integration always presumes that the providers of this content (hereinafter referred to as “third-party providers”) know the users’ IP address. Because they would not be able to send the content the pertinent user’s browser without the IP address. The IP address is thus required for showing this content. https://vimeo.com/privacy

  1. use of GOOGLE WEB FONTS

Google Web Fonts (local hosting)

The operator uses Google Web Fonts to ensure that the operator’s pages are presented to you without restriction and in the best quality. These Web Fonts are provided by Google and downloaded to the operator’s server where they are stored before being locally integrated. There is no connection to Google servers and hence no transmission of the IP address to the USA.

You can find further information about Google Web Fonts at https://developers.google.com/fonts/faq and in the Google data protection policy: https://policies.google.com/privacy?hl=de.

The Open Sans is font licensed under the SIL Open Font License (OFL) 1.1, see also https://scripts.sil.org/cms/scripts/page.php?site_id=nrsi&id=OFL.

  1. VIDEO surveillance on the EUREF CAMPUS

The roads and paths on the EUREF Campus are monitored by video for property protection. The property protection service has contractually agreed to abide by the applicable data protection regulations.

All cameras are mounted so that they do not cover the windows of your leased areas or offices. The cameras on the property boundary cover only the immediate vicinity of the perimeter fences and walls and not public urban space or neighbouring buildings.

The purpose of this surveillance is the protection of property rights Art. 6 (1) lit. f) GDPR and Section 4 FDPA.

This serves to protect you and your investments in the EUREF Campus and to prevent vandalism, burglary and theft.

The recordings are erased automatically after 48 hours. Image material is only passed on when an offence has been recorded. Recipients are solely the investigating law enforcement authorities.

  1. ONLINE SHOP

If you initiate an order in the operator’s online shop, your details from the inquiry form including the contact data you provide in it are stored by the operator for processing the inquiry, shipping the order and for the event of follow-up questions. These data will not be passed on without your consent.

The data entered in the online shop are processed on the basis of Art. 6 (1) lit. a) + b) GDPR. You can revoke your consent at any time with effect for the future. This only requires an informal notification by email to datenschutz@euref.de. The legality of the data processing operations carried out up to the revocation remains unaffected by the revocation.

The data you entered in the online shop are retained by the operator, until you request their deletion, revoke your consent for storage or the purpose for storing the data no longer applies (e.g. after your order has been dealt with). This shall be without prejudice to mandatory statutory provisions – especially retention periods.

Links to other sites

The operator’s pages contains links to external third-party websites, over whose content the operator has no influence. Thus no guarantee can be provided for such third-party content. The pertinent provider or operator of those sites is responsible for the content of the linked pages. The linked pages were examined for potential illegal activity when the link was created. No illegal content was apparent at the time the link was made. Permanent inspection of the linked pages’ content is not reasonable, however, without concrete evidence of a corresponding illegal activity. Such links shall be removed without undue delay once such violations become known.

data protection information for job applicants

Information about the processing of job applicant data

The operator hereby provides you as job applicant and thus as the party affected by the data processing with information about the processing of your personal data by the companies in the EUREF company group and the rights you have under data protection law. Furthermore, the operator’s general data protection policy also applies.

controller for data processing and data protection officer

The data processing controller is:

EUREF AG
EUREF Campus 3
10829 Berlin
Email: datenschutz@euref.de

EUREF AG acts as a central HR department for the companies in the EUREF company group.

The data protection officer IS:

mip Consult GmbH
Jan Käding
Wilhelm-Kabus-Str. 9
10829 Berlin
E-Mail:  j.kaeding@mip-consult.de

SCOPE OF DATA COLLECTION AND ORIGIN

During the course of the application process, we process the following personal data:

– your master data (such as first name, surname, name affixes, date of birth) – work permit / residence permit

– contact data (such as private address, (mobile) telephone number, email address),

– “skills” data (e.g. special knowledge and skills)

– if relevant for the advertised position: health suitability

Your personal data will be collected from you during the course of the recruitment process, especially from the application documents, the job interview, where appropriate, from the agreement of a trial period and the personnel questionnaire.

The operator will also receive data from third parties (e.g. the Employment Agency during the course of a job placement).

PURPOSE AND LEGAL BASIS OF DATA PROCESSING

The operator processes your personal data in compliance with the provisions of the EU General Data Protection Regulation (GDPR) and the Federal Data Protection Act (FDPA).

Primarily, the data processing serves the establishment of the employment relationship. The principle legal base herefor is Art. 88 (1) GDPR in combination with Section 26 (1) FDPA.

Your data will be processed solely to fill the specific vacancy for which you have applied.

If your application is to be considered for other vacancies in the company, the operator will require your express consent thereto.

If you want to be included in an applicant pool should your application not be successful, the operator will require your express consent thereto.

Duration of data storage

If your application is not successful, your application documents will be deleted six months after the end of the application process at the latest, unless you have given us separate consent for longer retention (applicant pool).

If you are recruited, we will transfer your data from the application process and the application documents to your personnel file. Once the employment relationship ends, those personal data which we have to retain by law will continue to be stored. This arises as a rule from legal requirements for proof and retention, which are regulated, inter alia, in the Commercial Code and the Tax Code. The retention periods therein are up to ten years. In addition, personal data may be stored for the period during which claims can be asserted against us (statutory limitation period of three or up to thirty years).

recipients of your personal data

Within the operator’s company, only those persons and departments involved in the decision to hire you will receive your personal data (HR department, specific department in question, company management).

Your rights as data subject:

You have the rights under Articles 15-22 GDPR:

– right to information (Art. 15 GDPR)

– right to correction (Art. 16 GDPR)

– right to deletion (Art. 17 GDPR)

– right to restriction of the processing (Art. 18 GDPR)

– right to object to processing (Art. 21 GDPR)

– right to data portability (Art. 20 GDPR)

To that end, please contact:

EUREF AG

EUREF Campus 3

10829 Berlin

Email: datenschutz@euref.de

your right to complain

You can submit your complaint to the aforementioned data protection officer or a data protection supervisory authority. The data protection supervisory authority responsible for the operator is:

Berliner Beauftragte für Datenschutz und Informationsfreiheit [Berlin Commissioner for Data Protection and Freedom of Information]

Friedrichstraße 219

10969 Berlin

Email: mailbox@datenschutz-berlin.de

data transmission to third countries

Applicant data are not transmitted to third countries.

AUTOMATED INDIVIDUAL DECISIONS OR MEASURES FOR PROFILING

Automated processing operations to bring about a decision are not used by the operator.

Changes to these data protection information

The operator revises this data protection information when there are changes to this website or for other reasons that render this necessary. You can always find the latest version on this website.

If you have any questions about data protection, please do not hesitate to contact the operator.

Last amended: 4 April 2023