Privacy policy

We are pleased that you are visiting our website and thank you for your interest in our company. It is very important to us to handle your personal data responsibly. It is therefore a matter of course for us to comply with data protection regulations when using your personal data. We want your visit to our website to be safe and for you to feel comfortable.

It is generally possible to use the website without providing any personal data. However, if a data subject wishes to make use of special services of our company via our website, it may be necessary to process personal data. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the data subject.

The processing of personal data, such as the name, address, e-mail address or telephone number of a data subject, is always carried out in accordance with the General Data Protection Regulation and in accordance with the applicable country-specific data protection regulations. By means of this data protection declaration, our company would like to inform the public about the type, scope and purpose of the personal data we collect, use and process. Furthermore, data subjects are informed of their rights by means of this privacy policy.

As the controller, we have implemented numerous technical and organizational measures to ensure the most complete protection possible for personal data processed via this website. Nevertheless, internet-based data transmissions can generally have security gaps, meaning that absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us by alternative means, for example by telephone.

1. Definitions of terms

Our data protection declaration is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our privacy policy should be easy to read and understand for the public as well as for our customers, business partners, applicants and employees. To ensure this, we would like to explain the terms used in advance.

We use the following terms, among others, in this privacy policy

(a) personal data

Personal data is any information relating to an identified or identifiable natural person (hereinafter "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

b) Data subject

Data subject is any identified or identifiable natural person whose personal data is processed by the controller responsible for the processing.

c) Processing

Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, dissemination or alteration.(d) Restriction of processing: the collection, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

d) Restriction of processing

Restriction of processing is the marking of stored personal data with the aim of limiting its future processing.

e) Profiling

Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.

f) Pseudonymization

Pseudonymization is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

g) Controller or controller responsible for the processing

The controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

h) Processor

Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

i) Recipient

Recipient is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.

j) Third party

A third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

k) Consent

Consent is any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

2. Name and address of the controller

The controller within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other provisions of a data protection nature is

persona service AG & Co
Freisenbergstraße 31
58513 Lüdenscheid
Lüdenscheid, Germany

Phone: +49 (2351) 950-0
E-mail: kunde@persona.de
Website: www.persona.de

3. Contact details of the data protection officer

persona service AG & Co KG
Competence Center - Data Protection -
Freisenbergstraße 31
58513 Lüdenscheid
Lüdenscheid, Germany

Phone: +49 (2351) 950-0
E-mail: datenschutz@persona.de
Website: www.persona.de

4. Cookies

On our website, information about the surfing behavior of website visitors is collected and stored for marketing purposes, partly in anonymized or pseudonymized form. This data is stored in cookie text files on your computer. For example, it can be used to track which browser and/or from which location our website is accessed. However, the data collected does not enable individual website visitors to be personally identified under any circumstances. The data collected on our website is used to optimize our online offering. It will only be used for other purposes or passed on to third parties with your express consent.

Depending on their function and purpose, cookies can be categorized as follows: Strictly necessary cookies, performance cookies, functional cookies.

a) Strictly necessary cookies

Strictly necessary cookies serve the smooth use of our website. They guarantee the functionalities that enable you as a user to operate the site.

b) Functional cookies

Functional cookies make it possible to save information entered during a website visit (e.g. location selection in the job search) and thus offer you as a user improved, personalized functionalities. Functional cookies also make it possible to play videos, for example. Only anonymized information is collected, so your movements outside our website cannot be tracked.

c) Performance cookies

Performance cookies are used to collect information on how our website is used, for example which pages users visit most frequently or whether error messages are displayed. The information collected is aggregated and anonymous. The performance cookies are used exclusively to improve the performance of our website and to optimize it for the user.

You have the option of adjusting, restricting or objecting to the use of cookies and the analysis of your surfing behavior. You can manage this yourself in the settings of common browsers:

Google Chrome: Click on the lock (for SSL-certified sites) or the information icon (i) next to the address bar at the top of the page
Firefox: Click on the symbol with the "three dashes" next to the web address in the top right-hand area. Follow the dialog box to the "Settings". You will find cookie management under "Privacy & history".
Internet Explorer: In the upper area, select "Tools" > "Internet options". Click on the "Privacy" tab and select "Advanced" under Settings with the management options for cookies.

To view and change your cookie settings for this site, please click here.

5. Collection of general data and information

Our website collects a series of general data and information each time the website is accessed by a data subject or an automated system. This general data and information is stored in the server log files. The (1) browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system accesses our website (so-called referrer), (4) the sub-websites which are accessed via an accessing system on our website can be recorded.(5) the date and time of access to the website, (6) an internet protocol address (IP address), (7) the internet service provider of the accessing system and (8) other similar data and information that serve to avert danger in the event of attacks on our information technology systems.

When using this general data and information, we do not draw any conclusions about the data subject. Rather, this information is required to (1) correctly deliver the contents of our website, (2) optimize the contents of our website and the advertising for it, (3) ensure the long-term functionality of our information technology systems and the technology of our website and (4) provide law enforcement authorities with the information necessary for prosecution in the event of a cyber attack. This anonymously collected data and information is therefore evaluated by us both statistically and with the aim of increasing data protection and data security in our company in order to ultimately ensure an optimal level of protection for the personal data processed by us. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.

6. Registration on our website

The data subject has the option of registering on the controller's website by providing personal data. Which personal data is transmitted to the controller is determined by the respective input mask used for registration. The personal data entered by the data subject is collected and stored exclusively for internal use by the controller and for the controller's own purposes. The controller may arrange for the data to be passed on to one or more processors, such as a parcel service provider, who will also use the personal data exclusively for internal use attributable to the controller.

By registering on the controller's website, the IP address assigned by the data subject's Internet service provider (ISP), the date and time of registration are also stored. This data is stored against the background that this is the only way to prevent the misuse of our services and, if necessary, to enable criminal offenses to be investigated. In this respect, the storage of this data is necessary to safeguard the controller. This data will not be passed on to third parties unless there is a legal obligation to pass it on or it serves the purpose of criminal prosecution.

The registration of the data subject with the voluntary provision of personal data serves the controller to offer the data subject content or services which, due to the nature of the matter, can only be offered to registered users. Registered persons are free to change the personal data provided during registration at any time or to have it completely deleted from the controller's database.

The controller shall provide any data subject at any time upon request with information about which personal data relating to the data subject is stored. Furthermore, the controller shall rectify or erase personal data at the request or indication of the data subject, insofar as this does not conflict with any statutory retention obligations. All of the controller's employees are available to the data subject as contact persons in this context.

7. Subscription to our newsletter

On our website, users are given the opportunity to subscribe to a newsletter with current job offers in specific professional fields and locations. The input mask used for this purpose determines what personal data are transmitted to the controller when the newsletter is ordered.

The newsletter of our company can only be received by the data subject if (1) the data subject has a valid e-mail address and (2) the data subject registers to receive the newsletter. For legal reasons, a confirmation e-mail is sent to the e-mail address entered by a data subject for the first time for the newsletter mailing using the double opt-in procedure. This confirmation email is used to check whether the owner of the email address as the data subject has authorized the receipt of the newsletter.

When registering for the newsletter, we also store the IP address assigned by the Internet service provider (ISP) of the computer system used by the data subject at the time of registration, as well as the date and time of registration. The collection of this data is necessary in order to be able to trace the (possible) misuse of a data subject's email address at a later point in time and therefore serves as legal protection for the controller.

The personal data collected when registering for the newsletter is used exclusively to send our newsletter. Furthermore, subscribers to the newsletter may be informed by e-mail if this is necessary for the operation of the newsletter service or a registration in this regard, as could be the case in the event of changes to the newsletter offer or in the event of a change in technical circumstances. The subscription to our newsletter can be canceled by the data subject at any time. The consent to the storage of personal data, which the data subject has given us for the newsletter dispatch, can be revoked at any time. There is a corresponding link in every newsletter for the purpose of revoking consent. It is also possible to unsubscribe from the newsletter at any time directly on the controller's website or to inform the controller of this in another way.

8. Newsletter tracking

Our newsletters contain so-called tracking pixels. A tracking pixel is a miniature graphic that is embedded in emails that are sent in HTML format to enable log file recording and log file analysis. This allows a statistical evaluation of the success or failure of online marketing campaigns to be carried out. Based on the embedded tracking pixel, we can recognize whether and when an e-mail was opened by a data subject and which links in the e-mail were accessed by the data subject.

Such personal data collected via the tracking pixels contained in the newsletters are stored and evaluated by the data controller in order to optimize the newsletter dispatch and to adapt the content of future newsletters even better to the interests of the data subjects. This personal data is not passed on to third parties. Data subjects are entitled at any time to revoke the separate declaration of consent given in this regard via the double opt-in procedure. After revocation, this personal data will be deleted by the controller. Unsubscribing from the newsletter is automatically interpreted as a revocation.

9. Contact option via the website

Due to legal regulations, our website contains information that enables quick electronic contact to our company as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If a data subject contacts the controller by email or via a contact form, the personal data transmitted by the data subject will be stored automatically. Such personal data transmitted on a voluntary basis by a data subject to the controller are stored for the purposes of processing or contacting the data subject. This personal data is not passed on to third parties.

10. Chatbot

The persona service chatbot supports you in your search for information about persona service, such as questions about the application process. You can simply ask your questions in the chat window.

Personal data is neither required nor requested to use our chatbot. We process your data for the purpose of automated processing and answering your questions through the bot application as well as for evaluating and analyzing the user information in order to further refine the bot answers. The evaluations are carried out on an anonymous basis.

What data is recorded and processed?

The message history with the text entries that are recorded in the chat.

11. Routine deletion and blocking of personal data

The controller shall process and store the personal data of the data subject only for the period necessary to achieve the purpose of storage, or as far as this is granted by the European legislator or other legislators in laws or regulations to which the controller is subject to.

If the storage purpose no longer applies or if a storage period prescribed by the European legislator or another competent legislator expires, the personal data is routinely blocked or erased in accordance with the statutory provisions.

12. Rights of the data subject

a) Right to confirmation

Each data subject shall have the right granted by the European legislator to obtain from the controller the confirmation as to whether or not personal data concerning him or her are being processed. If a data subject wishes to avail himself of this right of confirmation, he or she may, at any time, contact any employee of the controller.

b) Right to information

Any person affected by the processing of personal data has the right, granted by the European legislator of directives and regulations, to obtain information free of charge at any time from the controller about the personal data stored about him/her and a copy of this information. Furthermore, the European legislator has granted the data subject access to the following information

the purposes of the processing.
the categories of personal data being processed
the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations
where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period
the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing
the existence of the right to lodge a complaint with a supervisory authority
if the personal data are not collected from the data subject: All available information about the origin of the data
the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

Furthermore, the data subject has a right to information as to whether personal data has been transferred to a third country or to an international organization. If this is the case, the data subject also has the right to obtain information about the appropriate safeguards in connection with the transfer.

If a data subject wishes to avail himself of this right of access, he or she may, at any time, contact any employee of the controller.

c) Right to rectification

Any person affected by the processing of personal data has the right granted by the European legislator of directives and regulations to demand the immediate correction of incorrect personal data concerning them. Taking into account the purposes of the processing, the data subject shall also have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

If a data subject wishes to exercise this right to rectification, he or she may, at any time, contact any employee of the controller.

d) Right to erasure (right to be forgotten)

Each data subject shall have the right granted by the European legislator to obtain from the controller the erasure of personal data concerning him or her without undue delay, and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies, as long as the processing is not necessary

The personal data have been collected or otherwise processed for such purposes for which they are no longer necessary.
The data subject withdraws consent on which the processing is based according to point (a) of Article 6(1) of the GDPR, or point (a) of Article 9(2) of the GDPR, and where there is no other legal ground for the processing.
The data subject objects to the processing pursuant to Art. 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Art. 21 (2) GDPR.
The personal data have been processed unlawfully.
The personal data must be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.
The personal data have been collected in relation to the offer of information society services referred to in Article 8(1) GDPR.

If one of the aforementioned reasons applies, and a data subject wishes to request the erasure of personal data stored by us, he or she may, at any time, contact any employee of the controller. The employee will ensure that the request for deletion is complied with immediately.

If the personal data have been made public by us and our company, as the controller, is obliged pursuant to Art. 17 para. 1 GDPR to erase the personal data, we shall, taking account of available technology and the cost of implementation, take reasonable steps, including technical measures, to inform controllers which are processing the personal data that the personal data have been made public that the personal data have been made public.we shall take reasonable steps, including technical measures, to inform other controllers processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data, unless the processing is necessary. Our employee will take the necessary steps in individual cases.

e) Right to restriction of processing

Any person affected by the processing of personal data has the right, granted by the European legislator, to obtain from the controller restriction of processing where one of the following applies

The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.
The processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead.
The controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims.
The data subject has objected to processing pursuant to Article 21(1) GDPR pending the verification whether the legitimate grounds of the controller override those of the data subject.

If one of the aforementioned conditions is met, and a data subject wishes to request the restriction of the processing of personal data stored by us, he or she may at any time contact any employee of the controller. Our employees will arrange for the processing to be restricted.

f) Right to data portability

Any person affected by the processing of personal data has the right, granted by the European legislator, to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format. He or she also has the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where the processing is based on consent pursuant to point (a) of Article 6(1) of the GDPR or point (a) of Article 9(2) of the GDPR or on a contract pursuant to point (b) of Article 6(1) of the GDPR. 6(1)(b) GDPR and the processing is carried out by automated means, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

Furthermore, in exercising their right to data portability pursuant to Art. 20 (1) GDPR, the data subject has the right to have the personal data transmitted directly from one controller to another, where technically feasible and provided that this does not adversely affect the rights and freedoms of others.

To assert the right to data portability, the data subject can contact one of our employees at any time.

g) Right to object

Any person affected by the processing of personal data has the right granted by the European legislator to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on point (e) or (f) of Article 6(1) of the GDPR. This also applies to profiling based on these provisions.

In the event of an objection, we will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims.

If we process personal data for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing. This also applies to profiling insofar as it is associated with such direct advertising. If the data subject objects to the persona service AG & Co KG to the processing for direct marketing purposes, the persona service AG & Co KG will no longer process the personal data for these purposes.

In addition, the data subject has the right, on grounds relating to his or her particular situation, to object to processing of personal data concerning him or her by us for scientific or historical research purposes, or for statistical purposes pursuant to Article 89(1) of the GDPR, unless the processing is necessary for the performance of a task carried out for reasons of public interest.

To exercise the right to object, the data subject may contact us directly. The data subject is also free, in the context of the use of information society services, and notwithstanding Directive 2002/58/EC, to exercise his or her right to object by automated means using technical specifications.

h) Automated decisions in individual cases including profiling

Each data subject shall have the right granted by the European legislator not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her, or similarly significantly affects him or her, as long as the decision (1) is not is necessary for entering into, or the performance of, a contract.is necessary for entering into, or performance of, a contract between the data subject and a data controller, or (2) is authorized by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject's rights and freedoms and legitimate interests, or (3) is based on the data subject's explicit consent.

If the decision (1) is necessary for entering into, or the performance of, a contract between the data subject and a data controller, or (2) it is based on the data subject's explicit consent, we shall implement suitable measures to safeguard the data subject's rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express his or her point of view and contest the decision.

If the data subject wishes to exercise the rights concerning automated individual decision-making, he or she may, at any time, contact any employee of the controller.

i) Right to withdraw consent under data protection law

Any person affected by the processing of personal data has the right granted by the European legislator of directives and regulations to withdraw consent to the processing of personal data at any time.

If the data subject wishes to exercise the right to withdraw the consent, he or she may, at any time, contact any employee of the controller.

j) Right to lodge a complaint with a supervisory authority

Every data subject has the right to lodge a complaint with a data protection supervisory authority.

13. Legal basis of the processing

Art. 6 I lit. a GDPR serves our company as the legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is party, as is the case, for example, with processing operations necessary for the supply of goods or the provision of any other service or consideration, the processing is based on Art. 6 I lit. b GDPR. The same applies to such processing operations that are necessary to carry out pre-contractual measures, for example in cases of inquiries about our products or services. If our company is subject to a legal obligation which requires the processing of personal data, such as for the fulfillment of tax obligations, the processing is based on Art. 6 I lit. c GDPR. In rare cases, the processing of personal data may become necessary in order to protect the vital interests of the data subject or another natural person.

This would be the case, for example, if a visitor were injured in our company and their name, age, health insurance details or other vital information would have to be passed on to a doctor, hospital or other third party. The processing would then be based on Art. 6 I lit. d GDPR. Ultimately, processing operations could be based on Art. 6 I lit. f GDPR. Processing operations that are not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary to safeguard a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject do not prevail. We are permitted to carry out such processing operations in particular because they have been specifically mentioned by the European legislator. In this respect, it took the view that a legitimate interest could be assumed if the data subject is a customer of the controller (Recital 47 Sentence 2 GDPR).

14. Legitimate interests in the processing pursued by the controller or a third party

Where the processing of personal data is based on Article 6 I lit. f GDPR, our legitimate interest is to carry out our business in favor of the well-being of all our employees and our shareholders.

15. Duration for which the personal data is stored

The criterion for the duration of the storage of personal data is the respective statutory retention period. Once this period has expired, the corresponding data is routinely deleted if it is no longer required for the fulfillment or initiation of a contract.

16. Legal or contractual provisions for the provision of personal data; necessity for the conclusion of the contract

We inform you that the provision of personal data is partly required by law (e.g. tax regulations) or can also result from contractual regulations (e.g. information on the contractual partner). Sometimes it may be necessary for a contract to be concluded for a data subject to provide us with personal data that must subsequently be processed by us. For example, the data subject is obliged to provide us with personal data if our company concludes a contract with them. Failure to provide the personal data would mean that the contract with the data subject could not be concluded. Before personal data is provided by the data subject, the data subject must contact one of our employees. Our employee will inform the data subject on a case-by-case basis whether the provision of the personal data is required by law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data and what the consequences would be if the personal data were not provided.

17. Existence of automated decision-making

As a responsible company, we do not use automated decision-making or profiling.

18. Data protection for applications and in the application process

The controller collects and processes the personal data of applicants for the purpose of handling the application process. Processing may also be carried out electronically. This is particularly the case if an applicant submits the relevant application documents to the controller electronically, for example by email or via a web form on the website.

In order to process an application, persona service collects and processes all information and documents communicated verbally or in writing as part of the application process and all information and documents that can be derived from it using the "HR4YOU" applicant management software.

If the controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If the controller does not conclude an employment contract with the applicant, the application documents will be automatically deleted six weeks after notification of the rejection decision, provided that no other legitimate interests of the controller stand in the way of deletion. Other legitimate interest in this sense is, for example, a burden of proof in proceedings under the General Equal Treatment Act (AGG).

Further information on data protection in our application process can be found here.

19. Consent with Usercentrics

This website uses the consent technology of Usercentrics to obtain your consent to the storage of certain cookies on your end device or to the use of certain technologies and to document this in compliance with data protection regulations. The provider of this technology is Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, Germany, website:

https://usercentrics.com/de/ (hereinafter referred to as "Usercentrics").

When you visit our website, the following personal data is transmitted to Usercentrics:

Your consent(s) or the withdrawal of your consent(s)
Your IP address
Information about your browser
Information about your end device
Time of your visit to the website
Geolocation

Furthermore, Usercentrics stores a cookie in your browser in order to be able to assign the consents you have given or revoke them. The data collected in this way is stored until you ask us to delete it, delete the Usercentrics cookie yourself or the purpose for storing the data no longer applies. Mandatory statutory retention obligations remain unaffected.

Usercentrics is used to obtain the legally required consent for the use of certain technologies. The legal basis for this is Art. 6 para. 1 lit. c GDPR.

Order processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract required by data protection law, which ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

20. Facebook Custom Audience

The website also uses the remarketing function "Custom Audiences" of Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook"). This allows users of the website to be shown interest-based advertisements ("Facebook ads") when they visit the Facebook social network or other websites that also use the process. We are interested in showing you advertisements that are of interest to you in order to make our website more interesting for you.

Due to the marketing tools used, such as Facebook Pixels, your browser automatically establishes a direct connection with the Facebook server. We have no influence on the scope and further use of the data collected by Facebook through the use of this tool and therefore inform you according to our level of knowledge: Through the integration of Facebook Custom Audiences, Facebook receives the information that you have accessed the corresponding website of our Internet presence or have clicked on an advertisement from us. If you are registered with a Facebook service, Facebook can assign the visit to your account. Even if you are not registered with Facebook or have not logged in, it is possible for the provider to find out and store your IP address and other identifying features.

You can deactivate the "Facebook Custom Audiences" function [here and] for logged-in users at www.facebook.com/settings/.
The legal basis for the processing of your data is Art. 6 para. 1 sentence 1 lit. f GDPR. Further information on data processing by Facebook can be found at www.facebook.com/about/privacy

21. LinkedIn Insight Tag

We also use conversion tracking on our website with LinkedIn Insights Tag, a tool from LinkedIn Ireland, Wilton Plaza, Wilton Place, Dublin 2, Ireland. For this purpose, the LinkedIn Insight Tag is integrated on our pages and a cookie is set on your end device by LinkedIn. This informs LinkedIn that you have visited our website, whereby your IP address is also collected. Timestamps and events such as page views are also stored. This enables us to statistically evaluate the use of our website in order to constantly optimize it. For example, we find out which LinkedIn ad or interaction on LinkedIn brought you to our website. This allows us to better control the display of our advertising.

Further information on conversion tracking can be found at https://www.linkedin.com/help/linkedin/answer/67595/linkedin-conversion-trackingubersicht. Please note that the data may be stored and processed by LinkedIn so that a connection to the respective user profile is possible and LinkedIn can use the data for its own advertising purposes. Further information on this can be found in LinkedIn's privacy policy at https://www.linkedin.com/legal/privacy-policy. You can prevent LinkedIn from analyzing your usage behavior and from displaying interest-based recommendations via https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

22. Data protection provisions about the application and use of etracker

The provider of this website uses services of etracker GmbH from Hamburg, Germany(www.etracker.com) to analyze usage data. etracker does not use cookies by default. If you explicitly agree to the setting of analysis cookies, cookies are used that enable a statistical analysis of the use of this website by its visitors and the display of usage-related content or advertising. Cookies are small text files that are stored by the Internet browser on the user's end device. etracker cookies do not contain any information that enables a user to be identified.
The data generated with etracker is processed and stored by etracker exclusively in Germany on behalf of the provider of this website and is therefore subject to the strict German and European data protection laws and standards. etracker has been independently audited and certified in this respect and has been awarded the ePrivacyseal data protection seal of approval.
Data processing is carried out on the basis of the legal provisions of Art. 6 para. 1 lit. f (legitimate interest) of the General Data Protection Regulation (GDPR). Our concern within the meaning of the GDPR (legitimate interest) is the optimization of our online offer and our website. Since the privacy of our visitors is important to us, the data that may allow a reference to an individual person, such as the IP address, login or device identifiers, are anonymized or pseudonymized as soon as possible. No other use, merging with other data or disclosure to third parties takes place.

You can object to the data processing described above at any time. The objection has no negative consequences.

My visit data is not included in the web analysis.

Further information on data protection at etracker can be found here

23. Google Tag Manager

We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create any user profiles, does not store any cookies and does not carry out any independent analyses. It is only used to manage and display the tools integrated via it. However, Google Tag Manager records your IP address, which may also be transmitted to Google's parent company in the United States.

The Google Tag Manager is used on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the fast and uncomplicated integration and management of various tools on its website. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

24. Google Analytics 4

This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyze the behavior of website visitors. In doing so, the website operator receives various usage data, such as page views, length of visit, operating systems used and origin of the user. This data is assigned to the user's end device. It is not assigned to a user ID.

Furthermore, we can use Google Analytics to record your mouse and scroll movements and clicks, among other things. Google Analytics also uses various modeling approaches to supplement the collected data records and uses machine learning technologies for data analysis.

Google Analytics uses technologies that enable the recognition of the user for the purpose of analyzing user behavior (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is generally transmitted to a Google server in the USA and stored there.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 10 / 21 25 para. 1 TTDSG. Consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https: //privacy.google.com/businesses/controllerterms/mccs/.

Browser plugin

You can prevent the collection and processing of your data by Google by downloading and installing the browser plugin available at the following link: https: //tools.google.com/dlpage/gaoptout?hl=de.

You can find more information on how Google Analytics handles user data in Google's privacy policy: https: //support.google.com/analytics/answer/6004245?hl=de.

25. Google Ads

The website operator uses Google Ads. Google Ads is an online advertising program of Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Ads enables us to display advertisements in the Google search engine or on third-party websites when the user enters certain search terms into Google (keyword targeting). Furthermore, targeted advertisements can be displayed based on the user data available at Google (e.g. location data and interests) (target group targeting). As the website operator, we can evaluate this data quantitatively, for example by analyzing which search terms led to the display of our advertisements and how many advertisements led to corresponding clicks.

The use of Google Ads is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in marketing its service products as effectively as possible.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https: //policies.google.com/privacy/frameworks and https://privacy.google.com/businesses/controllerterms/mccs/.

26. Google Remarketing

This website uses the functions of Google Analytics Remarketing. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Remarketing analyzes your user behavior on our website (e.g. clicks on certain products) in order to classify you into certain advertising target groups and then display suitable advertising messages to you when you visit other online offers (remarketing or retargeting).

Furthermore, the advertising target groups created with Google Remarketing can be linked to Google's cross-device functions. In this way, interest-based, personalized advertising messages that have been adapted to you depending on your previous usage and surfing behavior on one device (e.g. cell phone) can also be displayed on another of your devices (e.g. tablet or PC).

If you have a Google account, you can object to personalized advertising by clicking on the following link: https: //www.google.com/settings/ads/onweb/.

The use of Google Remarketing is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in marketing its products as effectively as possible. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.

Further information and the data protection provisions can be found in Google's privacy policy at: https: //policies.google.com/technologies/ads?hl=de.

27. Google conversion tracking

This website uses Google Conversion Tracking. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

With the help of Google conversion tracking, Google and we can recognize whether the user has carried out certain actions. For example, we can evaluate which buttons on our website were clicked how often and which products were viewed or purchased particularly frequently. This information is used to create conversion statistics. We find out the total number of users who have clicked on our ads and what actions they have taken. We do not receive any information with which we can personally identify the user. Google itself uses cookies or comparable recognition technologies for identification purposes.

The use of Google Conversion Tracking is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the analysis of user behavior in order to optimize both its website and its advertising. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.

You can find more information about Google Conversion Tracking in Google's privacy policy: https: //policies.google.com/privacy?hl=de.

28. Data protection provisions about the application and use of Facebook

This website uses social media functions from Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. you can share content on the Facebook social network using the Facebook Like buttons integrated on it. The legal basis for the processing of the data is Art. 6 para. 1 subpara. 1 letter f) GDPR the legitimate interest in optimizing the website offer. When a page with an integrated Facebook Like button is accessed, a connection is always established between the browser used and the Facebook servers. In order to prevent this immediate connection, this website uses a solution in which this transmission only takes place when the Facebook Like button is clicked. Data is only transmitted to Facebook when the Facebook Like button is clicked a second time. If you have a Facebook account, this data can be linked to it. If you do not wish this data to be linked to your Facebook account, please log out of Facebook before visiting our site and delete the cookies in your browser. Facebook has submitted to the "Privacy Shield" data protection agreement between the USA and the EU. You can find out more about Facebook's data protection at de-de.facebook.com/privacy/explanation.

29. Data protection provisions about the application and use of LinkedIn

The controller has integrated components of LinkedIn Corporation on this website. LinkedIn is an internet-based social network that enables users to connect with existing business contacts and make new business contacts. over 400 million registered people use LinkedIn in more than 200 countries. This makes LinkedIn currently the largest platform for business contacts and one of the most visited websites in the world.

The operating company of LinkedIn is LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA. LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is responsible for data protection matters outside the USA.

Each time you visit our website, which is equipped with a LinkedIn component (LinkedIn plug-in), this component causes the browser used by the data subject to download a corresponding representation of the LinkedIn component. Further information about the LinkedIn plug-ins may be accessed under developer.linkedin.com/plugins. During the course of this technical procedure, LinkedIn gains knowledge of what specific sub-page of our website was visited by the data subject.

If the data subject is logged in at the same time on LinkedIn, LinkedIn detects with every call-up to our website by the data subject-and for the entire duration of their stay on our Internet site-which specific sub-page of our Internet page was visited by the data subject. This information is collected by the LinkedIn component and assigned by LinkedIn to the respective LinkedIn account of the data subject. If the data subject clicks on one of the LinkedIn buttons integrated on our website, LinkedIn assigns this information to the personal LinkedIn user account of the data subject and stores this personal data.

LinkedIn always receives information via the LinkedIn component that the data subject has visited our website if the data subject is logged in to LinkedIn at the same time as accessing our website; this takes place regardless of whether the data subject clicks on the LinkedIn component or not. If the data subject does not want this information to be transmitted to LinkedIn, they can prevent the transmission by logging out of their LinkedIn account before accessing our website.

LinkedIn offers the option to unsubscribe from email messages, SMS messages and targeted ads and to manage ad settings at www.linkedin.com/psettings/guest-controls. LinkedIn also uses partners such as Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua and Lotame, which may set cookies. Such cookies can be rejected at www.linkedin.com/legal/cookie-policy. The applicable data protection provisions of LinkedIn may be retrieved under www.linkedin.com/legal/privacy-policy LinkedIn's cookie policy is available at www.linkedin.com/legal/cookie-policy

30. Data protection provisions about the application and use of Xing

We would like to inform you here about the processing of personal data via the XING share button function.

The "XING Share button" is used on this website. When you access this website, your browser establishes a short-term connection to XING servers, which are used to provide the "XING Share Button" functions (in particular the calculation/display of the counter value). XING does not store any of your personal data when you access this website. In particular, XING does not store any IP addresses. There is also no evaluation of your usage behavior through the use of cookies in connection with the "XING Share Button". The current data protection information on the "XING Share button" and additional information can be found on this website:
https://www.xing.com/app/share?op=data_protection

31. Data protection provisions about the application and use of YouTube

The controller has integrated YouTube components on this website. YouTube is an Internet video portal that allows video publishers to post video clips free of charge and other users to view, rate and comment on them free of charge. YouTube allows the publication of all types of videos, which is why complete film and television programs as well as music videos, trailers or videos made by users themselves can be accessed via the Internet portal.

The operating company of YouTube is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

Each time one of the individual pages of this website is accessed, which is operated by the data controller and on which a YouTube component (YouTube video) has been integrated, the Internet browser on the information technology system of the data subject is automatically prompted by the respective YouTube component to download a representation of the corresponding YouTube component from YouTube. Further information about YouTube can be found at www.youtube.com/yt/about/de/. During the course of this technical procedure, YouTube and Google gain knowledge of what specific sub-page of our website was visited by the data subject.

If the data subject is logged in to YouTube at the same time, YouTube recognizes which specific sub-page of our website the data subject is visiting by calling up a sub-page that contains a YouTube video. This information is collected by YouTube and Google and assigned to the respective YouTube account of the data subject.

YouTube and Google always receive information via the YouTube component that the data subject has visited our website if the data subject is logged in to YouTube at the same time as accessing our website; this takes place regardless of whether the data subject clicks on a YouTube video or not. If the data subject does not want this information to be transmitted to YouTube and Google, they can prevent the transmission by logging out of their YouTube account before accessing our website.

The data protection provisions published by YouTube, which can be accessed at www.google.de/intl/de/policies/privacy/, provide information about the collection, processing and use of personal data by YouTube and Google.

32. Data protection provisions about the application and use of Vimeo

This website uses plugins from the video portal Vimeo. The provider is Vimeo Inc, 555 West 18th Street, New York, New York 10011, USA. When you visit one of our pages featuring a Vimeo video, a connection to the Vimeo servers is established. This tells the Vimeo server which of our pages you have visited. Vimeo also obtains your IP address. This also applies if you are not logged in to Vimeo or do not have a Vimeo account. The information collected by Vimeo is transmitted to the Vimeo server in the USA. If you are logged into your Vimeo account, you enable Vimeo to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your Vimeo account. Vimeo uses cookies or comparable recognition technologies (e.g. device fingerprinting) to recognize website visitors. The use of Vimeo is in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time. Data transfer to the USA is based on the standard contractual clauses of the EU Commission and, according to Vimeo, on "legitimate business interests". You can find details here: https: //vimeo.com/privacy. Further information on the handling of user data can be found in Vimeo's privacy policy at: https: //vimeo.com/privacy

33. Web font tracking

What information do we collect from you?
When you access our website, a web font tracking script is activated and the ID (anonymized) is transmitted to Monotype GmbH. This IP address is transmitted in order to count page views for our billing with the web font provider and to prevent illegal use of the web font software (Art. 6 para. 1 letter F GDPR). However, the IP addresses are not transmitted to us, stored or otherwise processed by our third-party provider.

How does the web font provider use the information we collect from you? It stores the anonymized Webfont project identification number for 30 days in encrypted log files with this data to extract the monthly number of page views. After extracting and saving the number of page views, the log files are deleted. Further information on the web font provider can be found at: https: //www.monotype.com/legal/privacy-policy/web-font-tracking-privacy-policy

34. Data protection provisions about the application and use of Google Web Fonts

We use external fonts on the website, so-called Google Web Fonts. Google Fonts is a service of Google Inc ("Google"). These web fonts are integrated by a server call, usually a Google server in the USA. This tells the server which of our web pages you have visited. The IP address of the browser of the end device of the visitor to this website is also stored by Google. You can find more information in Google's privacy policy, which you can access here:

https://fonts.google.com/about
https:// policies.google.com/privacy?hl=de

35. Data protection provisions about the application and use of Google Maps

We use Google Maps on our website to display our location. This is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as "Google".

By being certified under the EU-US Privacy Shield https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active, Google guarantees that it will follow the EU's data protection regulations when processing data in the USA.

In order to enable the display of certain fonts on our website, a connection to the Google server in the USA is established when our website is accessed.

If you call up the Google Maps component integrated into our website, Google stores a cookie on your end device via your Internet browser. Your user settings and data are processed in order to display our location and create directions. We cannot rule out the possibility that Google uses servers in the USA.

The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in optimizing the functionality of our website.

The connection to Google established in this way enables Google to determine from which website your request has been sent and to which IP address the directions are to be transmitted.

If you do not agree to this processing, you have the option of preventing the installation of cookies by making the appropriate settings in your Internet browser. Details on this can be found above under "Cookies".

In addition, the use of Google Maps and the information obtained via Google Maps is governed by the Google Terms of Use https://policies.google.com/terms?gl=DE&hl=de and the Terms and Conditions for Google Maps https://www.google.com/intl/de_de/help/terms_maps.html.

in addition, Google offers further information at https://adssettings.google.com/authenticated and https://policies.google.com/privacy.

36. Microsoft Bookings

You have the option of making appointments with us. We use Microsoft Bookings to book appointments. The provider is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland, https://learn.microsoft.com/de-de/microsoft-365/bookings/?view=o365-worldwide.

To book an appointment, enter the requested data and the desired date in the form provided. The data entered will be used for the planning, execution and, if necessary, follow-up of the appointment. The appointment data is stored for us on the servers of Microsoft Bookings, whose privacy policy you can view here: https: //privacy.microsoft.com/de-de/privacystatement.

The data you enter will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Mandatory statutory provisions - in particular retention periods - remain unaffected.

The legal basis for data processing is Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in making appointments with interested parties and customers as uncomplicated as possible. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. for device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. 7 / 9 Details can be found here: https: //learn.microsoft.com/de-de/compliance/regulatory/offering-eu-model-clauses.

37. Use of the SalesViewer® technology

This website uses SalesViewer® technology from SalesViewer® GmbH to collect and store data for marketing, market research and optimization purposes on the basis of the website operator's legitimate interests (Art. 6 (1) (f) GDPR).

For this purpose, a javascript-based code is used to collect company-related data and the corresponding use. The data collected using this technology is encrypted using a non-reversible one-way function (known as hashing). The data is immediately pseudonymized and is not used to personally identify the visitor to this website.

The data stored by Salesviewer is deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations.

You can object to the collection and storage of data at any time with effect for the future by clicking on this link https://www.salesviewer.com/opt-out to prevent SalesViewer® from collecting data on this website in the future. An opt-out cookie for this website will be stored on your device. If you delete your cookies in this browser, you must click on this link again.

38. Kununu

Our website contains a link to Kununu. This link is executed by activating the button. You will be redirected to the external website https://www.kununu.com/de/persona-service. This website is operated by Kununu (kununu GmbH represented by Xing SE, Dammtorstr. 30, 20354 Hamburg, Germany). We would like to point out that we have no knowledge of the content of the transmitted data or its use by Kununu.

Insofar as consent has been obtained, the use of the above-mentioned service is based on Art. 6 para. 1 lit. a GDPR and § 25 TTDSG. Consent can be revoked at any time. If no consent has been obtained, the service is used on the basis of our legitimate interest in the widest possible visibility in social media.

You can find Kununu's privacy policy at https://privacy.xing.com/de/datenschutzerklaerung.

39. Glassdoor

Our website contains a link to Glassdoor. This link is executed by activating the button. You will be redirected to the external website https://www.glassdoor.com/Overview/Working-at-persona-service-EI_IE594203.11,26.htm. This website is operated by Glassdoor Inc. (100 Shoreline Highway, Mill Valley California, USA). We would like to point out that we have no knowledge of the content of the transmitted data or its use by Glassdoor.

You can find Glassdoor's privacy policy at https://www.glassdoor.de/privacy/index.htm.

Lüdenscheid, updated in November 2025

Note: All terms refer to all genders.