Privacy Policy

Dierks+Company Operations GmbH, Dierks+Company Consulting GmbH and Dierks+Company Rechtsanwaltsgesellschaft mbH ("Dierks+Company", "we") would like to use this Privacy Policy to inform you about how we process personal data in connection with our online presence at www.dierks.company, such as names and e-mail addresses as well as information about your visit on our website.

1. Controller

Controllers for the processing of your personal data within the meaning of article 4 (7) of the EU General Data Protection Regulation (Regulation (EU) 2016/679) ("GDPR") are

Dierks+Company Operations GmbH
HELIX HUB, Invalidenstr. 113
10115 Berlin, Germany
Email: operations@dierks.company
Phone: +49 30 586 930-000
Fax: +49 30 586 930-251

Dierks+Company Consulting GmbH
HELIX HUB, Invalidenstr. 113
10115 Berlin, Germany
Email: consulting@dierks.company
Phone: +49 30 586 930-000
Fax: +49 30 586 930-251

Dierks+Company Rechtsanwaltsgesellschaft mbH
HELIX HUB, Invalidenstr. 113
10115 Berlin, Germany
Email: law@dierks.company
Phone: +49 30 586 930-000
Fax: +49 30 586 930-251

You can find further information about us in the imprint.

As so-called joint controllers according to article 26 GDPR, we are jointly responsible for the processing of your data, unless otherwise stated in this Privacy Policy. To ensure your rights and to comply with the GDPR, we have entered into an agreement that sets out rules on the processing of your personal data. We have jointly agreed on how to ensure your rights and specified in more detail which obligations each party fulfils in order to comply with the obligations of the GDPR. Dierks+Company Operations GmbH is available as your contact for asserting your rights under section 8 of this Privacy Policy. However, you may contact any participating company.

2. Data Protection Officer

We have appointed an external data protection officer. You can reach him under

Dierks+Company
z.H. Data Protection Officer
HELIX HUB, Invalidenstr. 113,
10115 Berlin, Germany
Email: datenschutz@dierks.company

3. Data processing when visiting the website

3.1 Log files

To make our website available and to ensure its functionality, the web server automatically records your visit in so-called server log files when you visit our website. The following data is processed in the process: Browser type and version, the operating system used by the terminal device, the IP address of the requesting computer, access date and time of the server request, the duration of the stay on the website, the amount of data transferred, the location from which the user retrieves data from the website, connection data and sources and from which page the access is made.

Purpose

This data is processed for the purpose of providing our website and for statistical analysis as well as for the purpose of identifying and tracing unauthorised access to the web server and other criminal offences.

The legal basis of the data processing is article 6 (1) (f) GDPR. Our legitimate interests are to ensure IT security and the operation of our website.

Recipients

The recipients of the data are our hosting service providers.

Storage period

Log file information is stored from the end of your respective website visit for a maximum of 30 days and then deleted.

Objection

The data processing is necessary for the security and operation of the website. You exercise your right to object by no longer accessing our website.

Obligation to provide the data

The provision of the personal data is neither legally nor contractually required. Without the provision, however, the service and the functionality of our website are not guaranteed. In addition, individual services may not be available or may be limited.

3.2 General information about cookies

Cookies are small text files that can be used to identify the user's terminal device. Cookies are stored on your device when you use our website. Cookies can transmit information from our web server or third-party web servers to the user's web browser, where it is stored for later retrieval. A cookie usually contains the name of the domain from which the cookie data was sent, information about the age of the cookie and an alphanumeric identifier.

Purpose

We use cookies to ensure the proper functioning of our website and to optimize your website experience.

The legal basis for data processing is article 6 (1) (f) GDPR. Our legitimate interests consist in the technical provision and guarantee of the operation of our internet presence and IT security as well as in the optimisation of the presentation of our offer and direct marketing measures.

Recipients

In addition to the individual transfers described below, we pass on your data to our IT service and hosting providers for strictly specific purposes - if at all necessary - and only to the extent required.

Storage period

We store the data for as long as it is needed to fulfil the aforementioned purposes, or you delete the cookies.

Withdrawal and objection

Insofar as the data processing is based on your consent pursuant to article 6 (1) (a) GDPR, you have the right to withdraw your consent at any time. You can delete the cookies in your browser.

If the legal basis is article 6 (1) (f) GDPR, you can object to the data processing. You can exercise your right to object by configuring your browser according to your wishes, for example, so that no cookies from third-party providers (so-called third-party cookies) or no cookies at all are stored or a notice always appears before a new cookie is created. Furthermore, cookies that have already been stored can be deleted at any time via the browser.

You can find out how to configure cookies for the most popular browsers by following the links below:

Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen

Chrome: https://support.google.com/chrome/answer/95647?hl=de&hlrm=en

Safari: https://support.apple.com/de-de/guide/safari/sfri11471/13.0/mac/10.15

Opera: https://help.opera.com/de/latest/web-preferences/#cookies

Obligation to provide the data

The provision of your personal data is neither legally nor contractually required. Without the provision, however, the service and the functionality of our website may not be guaranteed. In addition, individual services may not be available or may be limited.

3.3 Analysis and Tracking

3.3.1 Google Analytics

We use Google Analytics from Google Ireland Limited, Gordon House, Barrow Street Dublin 4, Ireland ("Google") to analyze the traffic on our website. In doing so, data about your behavior as a visitor to our website is collected, collated and analyzed. Among other things, the web analytics service collects data about the referrer URL (the website from which a visitor came), which subpages were visited or how often and how long a subpage was visited. The web analytics service is mainly used to optimize a website and for cost-benefit analysis of internet advertising. Google will also use this information for the purpose of evaluating your use of the website, compiling reports on website activity for us and providing other services relating to website activity and internet usage. The data processed in this way is generally not assigned to you personally, but is given a separate user ID.

Purpose

The usage of the website is evaluated and reports are generated so that we can further optimize our online presence.

The legal basis for the processing is your consent pursuant to article 6 (1) (a) GDPR.

Recipients

Through Google Analytics, personal data and information - including the IP address (anonymized) - are transmitted to Google, under certain circumstances also to the USA. The transfer is secured by a data processing agreement and the conclusion of the EU standard contractual clauses, which in individual cases allow a transfer to so-called third countries outside the EU. Information on data protection at Google can be found here https://policies.google.com/privacy.

Storage period

The cookies are stored for up to 60 days.

Withdrawal

You can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de. You can also revoke your consent via our Consent Management Tool.

Obligation to provide the data

The provision of your data is voluntary. Please note that individual features of our website may not be functional if you do not consent to the processing or have disabled the use of cookies in your browser.

3.3.2 Google Ads Conversion

We use the Google Ads Conversion service by Google Ireland Limited, Gordon House, Barrow Street Dublin 4. Ireland ("Google"). Google Ads collects information via a cookie about the successful completion of order transactions based on advertising experiences (conversions), possible sales and touch points with advertising materials (usage data). These cookies enable Google Ads to perform an anonymous statistical analysis of your use of our website. If you access our website via a Google Ad, Google Ads will store a cookie on your terminal device. These cookies are not intended to identify you personally. For this cookie, the unique cookie ID, the number of so-called ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information (marking that the user no longer wishes to be addressed) are usually stored as analysis values. We ourselves do not collect and process any personal data in the aforementioned advertising measures. We only receive statistical evaluations from Google. Based on these evaluations, we can see which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising media; in particular, we cannot identify users on the basis of this information.

Purpose

We use this service to draw attention to our offers with the help of advertising media (so-called Google Ads) on external websites. We evaluate the information to create conversion statistics and to check and optimize the quality and success of our ads campaigns. For example, we can statistically analyze how many users clicked on which Google Ads using which keywords and how many users performed which conversion actions on our websites after clicking on a specific ad.

The legal basis for the processing is your consent pursuant to article 6 (1) (a) GDPR.

Recipients

By using Google Ads, your data will be transmitted to Google, under certain circumstances also to the USA. The transfer is secured by a data processing agreement and the conclusion of the EU standard contractual clauses, which in individual cases allow a transfer to so-called third countries outside the EU. Information on data protection at Google can be found here https://policies.google.com/privacy.

Storage period

The storage period of the conversion cookies is 30 days.

Withdrawal

You can prevent this data processing in various ways:

  • permanently by appropriate settings in your browser;
  • by suppressing third-party cookies (here cookies from the domain www.googleadservices.com) in your browser;
  • by installing the plug-in provided by Google at the following link: https://www.google.com/settings/ads/plugin;
  • by disabling the interest-based ads of the providers that are part of the "About Ads" self-regulatory campaign, through the link http://www.aboutads.info/choices, this setting being deleted when you delete your cookies;
  • by revoking the consent given in our Consent Management Tool.

Obligation to provide the data

The provision of your data is voluntary. Please note that individual features of our website may not be functional if you do not consent to the processing or have disabled the use of cookies in your browser.

3.4 Online marketing

3.4.1 Google Ads Remarketing

This website uses the "Remarketing" function of Google Ads from Google Ireland Limited, Gordon House, Barrow Street Dublin 4. Ireland ("Google") in conjunction with the cross-device functions of Google Ads and Google DoubleClick. These make it possible to determine whether several end devices (e.g. tablet and smartphone) can be assigned to a single user. The assignment is made via a user’s Google account. Each end device on which the user logs into their Google account can be clearly assigned to them. If you have given your consent, Google will link your web and app browsing history with your Google account for this purpose. tThis way, interest-based, personalized advertising messages that have been adapted to you depending on your previous usage and surfing behavior on one end device (e.g. smart phone) can also be displayed on another of your end devices (e.g. tablet or PC).

Purpose

This feature allows us to reach our target audiences across devices with personalized advertising.

The legal basis for the processing is your consent pursuant to article 6 (1) (a) GDPR.

Recipients

By using Google Ads, your data will be transmitted to Google, under certain circumstances also to the USA. The transfer is secured by a data processing agreement and the conclusion of the EU standard contractual clauses, which in individual cases allow a transfer to so-called third countries outside the EU. Information on data protection at Google can be found here https://policies.google.com/privacy.

Storage period

The data processed by Google can be viewed by us for 12 months.

Withdrawal

You can prevent this data processing in various ways:

  • permanently by appropriate settings in your browser;
  • by suppressing third-party cookies (here cookies from the domain www.googleadservices.com) in your browser;
  • by installing the plug-in provided by Google at the following link: https://www.google.com/settings/ads/plugin;
  • by disabling the interest-based ads of the providers that are part of the "About Ads" self-regulatory campaign, through the link http://www.aboutads.info/choices, this setting being deleted when you delete your cookies;
  • by revoking the consent given in our Consent Management Tool.

Obligation to provide the data

The provision of your data is voluntary. Please note that individual features of our website may not be functional if you do not consent to the processing or have disabled the use of cookies in your browser.

3.4.2 Meta Custom Audiences

We use Meta Custom Audiences (so-called Meta Pixel) of Meta Platforms Ireland Ltd, 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland ("Meta"). The Meta Pixel may process data about the actions you take on our website (e.g., visits to our website, product purchases, abandoned product purchases, etc.) (event data). Meta may process the information collected via the Meta Pixel and match it with any existing user ID on Facebook or Instagram. In addition, Meta may process the event data to provide measurement and analytics that enable us to assess the success of our advertising campaigns and our other online content and to optimize our website and advertising efforts. In addition, Meta processes event data to create specific audiences for our various advertising efforts and online services, to which we can then send advertising appropriate for that audience. Meta also processes the event data in order to personalize our measures for you. If necessary, the event data will be used in combination with your Facebook or Instagram user ID in order to display our advertising to you on Facebook, Instagram, Facebook Messenger and other Meta products. If you are registered with a Meta service, Meta can associate your event data, including, for example, your visit to our website, with your Facebook or Instagram account. Even if you are not registered with Facebook or Instagram or have not logged in, there is a possibility that Meta can, for example, by linking the event data collected via our meta pixel with event data of other website operators, make an assignment to you personally.

Purpose

By using Meta Custom Audiences, users of the website can be shown interest-based advertisements ("Meta Ads") when visiting the social networks Facebook and Instagram or other websites that also use the method. This way, we ensure that advertisements for our offers are targeted based on the interests of our customers and are thus displayed in a more tailored manner.

The legal basis for the processing is your consent pursuant to article 6 (1) (a) GDPR.

Recipients

Personal data is transferred to Meta's servers in the USA and stored there. The transfer is secured by a data processing agreement and the conclusion of the EU standard contractual clauses, which in individual cases allow a transfer to so-called third countries outside the EU. For more information about Meta's privacy practices, please visit https://www.facebook.com/about/privacy/.

Storage period

The data collected via the Meta Pixel is not stored in our data in connection with Meta Custom Audiences. Meta stores your data for a maximum of 2 years.

Withdrawal

You can prevent this data processing in various ways:

  • permanently, through appropriate settings in your browser;
  • by suppressing third-party cookies (in your browser);
  • by revoking the consent given in our Consent Management Tool;
  • users logged in to Facebook can also exercise their revocation here https://www.facebook.com/settings/?tab=ads.

Obligation to provide the data

The provision of your data is voluntary. Please note that individual features of our website may not be functional if you do not consent to the processing or have disabled the use of cookies in your browser.

3.5 Media

3.5.1 YouTube

We integrate videos on our website via YouTube, a service of Google Ireland Limited, Gordon House, Barrow Street Dublin 4. Ireland ("Google"). The integration of the respective video takes place via iframe. In doing so, the specific video content from YouTube is displayed in a window embedded in our website. If you call up our website on which such a video is embedded in this way, a connection to YouTube servers is established. The content of the video is displayed by communication from the YouTube server to your browser. We embed these YouTube videos exclusively in the extended privacy mode. Google asserts that it will not initially store any cookies on your device in this context. Nevertheless, the log data including the IP address are transmitted to Google. If you are not logged in to YouTube or another Google service when you visit our website, this information cannot be assigned to you personally by YouTube. By clicking on the video, Google states that it then stores cookies on your device, but these also do not receive any personal data, unless you are logged in to YouTube or another Google service at the same time. If you are logged in at the same time, all this information can be assigned to your YouTube or Google user account.

Purpose

We process your data in order to make the videos available to you and to further optimize our internet presence.

The legal basis for the processing is your consent pursuant to article 6 (1) (a) GDPR.

Recipient

The collected data may be transmitted to Google. Information on data protection at Google can be found at https://policies.google.com/privacy.

Storage period

We store your data until the purposes have been achieved.

Withdrawal

You can prevent the collection of data generated by cookies and related to your use of the website by preventing the setting of cookies via the settings in your browser.

Obligation to provide your data

There is no legal obligation to provide your data. However, if you do not provide us with your data, you will not be able to view the videos embedded via YouTube on our site.

3.5.2 Podigee

We use the podcast hosting service Podigee from the provider Podigee GmbH, Schlesische Straße 20, 10997 Berlin, Germany (“Podigee”). The podcasts are loaded by Podigee or transmitted via Podigee. When you call up our website on which such a podcast is embedded, a connection to Podigee servers is established. Podigee processes IP addresses and device information to enable podcast downloads/playbacks and to determine statistical data, such as call-up figures. This data is anonymised or pseudonymised before being stored in Podigee's database, unless it is necessary for the provision of the podcasts.

Purpose

We process your data in order to make the videos available to you and to further optimize our internet presence.

The legal basis for the processing is article 6 (1) (f) GDPR. The use is based on our legitimate interests, i.e. interest in a secure and efficient provision, analysis and optimisation of our podcast offer.

Recipient

The collected data may be transmitted to Podigee. Information on data protection at Podigee can be found at https://www.podigee.com/de/about/privacy/.

Storage period

We store your data until the purposes have been achieved.

Objection

You can prevent the collection of data generated by cookies and related to your use of the website by preventing the setting of cookies via the settings in your browser.

Obligation to provide your data

There is no legal obligation to provide your data. However, if you do not provide us with your data, you may not be able to access the audio streams embedded via Podigee on our site.

3.6 Social Media Buttons

This website uses simple graphics with html links as social media buttons to the social media platforms LinkedIn and Twitter. In contrast to some widespread social media plugins, no data is transmitted to the provider of the social media platforms when accessing our website and without clicking on the social media buttons.

Only when you click on the respective social media button does your browser establish a direct connection with the respective provider of the social media platform. We have no influence on the data requested by the provider of the social media platform on its website. If you are logged in to the respective social media platform when you click on the social media button, the respective provider can assign the visit to this website to your user account. For further information, please refer to the data protection information of the respective provider of the social media platform.

3.6.2 Share Buttons with Shariff

We also integrate share button plug-ins from the social media platforms LinkedIn and Twitter on our website. With the help of these buttons, you can share references to our posts and articles on LinkedIn and Twitter. We integrate these share buttons using the so called ‚Shariff‘ solution. The integration via Shariff prevents the integrated buttons from transmitting data to the respective social media provider when you first enter our website. With this technical solution, only when you click on the share button, the log data, and the information that you have accessed the corresponding post on our website are transmitted to the respective social media platform. If you are already registered and logged in to the respective social media platform at the moment of the forwarding, you can share the post immediately. If you are not already logged in at this moment, you will first be redirected to the respective registration page of the social media platform. As soon as you are logged in, you can share the post immediately. After activating the plug-in, your browser establishes a direct connection to the servers of the respective provider. The provider receives the information that your browser has accessed the corresponding page, even if you do not have a profile with this provider or are not currently logged in there. This information (including your IP address) is transmitted by your browser directly to a server of the provider and stored there. If you are logged in to the provider, he can directly assign the visit to our website to your profile.

The legal basis for the processing is your consent pursuant to article 6 (1) (a) GDPR, whereby you provide the consent by activating the respective share button.

Withdrawal

You can prevent cookies from being set at any time by closing the respective page. You can delete cookies from the cache of your browser or withdraw your consent with the respective provider.

Obligation to provide your data

There is no legal obligation to provide your data. However, if you do not provide your data, you will not be able to share our content directly via the share buttons.

Information on the providers

LinkedIn

We use plugins from the provider LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland ("LinkedIn"). We have no influence on the type and scope of the further collection of personal data. Information on data protection at LinkedIn can be found at https://www.linkedin.com/legal/privacy-policy.

Twitter

We use plugins from the provider Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 IRELAND ("Twitter"). We have no influence on the type and scope of the further collection of personal data. Information on data protection at Twitter is available at https://twitter.com/de/privacy.

4. Data processing in connection with our content and offers

4.1 Contact by e-mail, fax, or telephone

You can contact us via our website using the e-mail addresses, fax and telephone numbers provided by us. If you make use of this possibility, your personal data transmitted with the e-mail or by means of fax or in the telephone call will be processed.

Purpose

The processing is conducted for the purpose of dealing with your inquiry.

If the contact is aimed at concluding a contract or if your contact is about an existing contract with you, article 6 (1) (b) DSGVO is the legal basis for the processing.

The legal basis for the processing of your data in the other cases is article 6 (1) (f) GDPR. The legitimate interest in these cases results from the fact that we can only conduct the action requested by you (e.g., answering enquiries) by processing your data accordingly.

Recipient

In the course of processing your request, your data will be transferred to our IT service providers and to our employees who will process your inquiry.

Storage period

We store your data in principle up to the complete answer of your inquiry.

Obligation to provide your data

There is no legal obligation to provide your data. However, if you do not provide us with your data, it is not possible to contact us.

4.2 Whitepapers and digital content

On our website, we offer you the opportunity to subscribe to digital content on specific topics, e.g., our whitepapers. When you request the provision of digital content, you enter into a contract with us about digital content that you pay with your personal data. To do so, you must provide your name and e-mail address. Further details, e.g., your profession, are optional. You will then receive an e-mail with a link that will allow you to download the coveted content.

Purpose

We process your data in order to make the desired content available to you.

The legal basis for the processing is article 6 (1) (c) GDPR.

Recipient

As part of the processing of your registration, your data will be forwarded to our IT service providers.

Storage period

We store your data until you object to e-mail advertising, see section 4.3 below.

Obligation to provide your data

There is no legal obligation to provide your data. However, if you do not provide us with your data, we will not be able to provide you with the desired content.

4.3 E-mail advertising

When you enter into a contract about digital content or other services we offer, we process your data to send you promotional e-mails to introduce you to events or to gauge your satisfaction. We will also send you other information that might interest you. You will receive these e-mails without the need for consent.

Purpose

The purpose of processing your data is for the purpose of direct marketing.

The legal basis for data processing is article 6 (1) (f) GDPR. Our legitimate interests are to send you advertising in the form of direct marketing. Based on the contractual relationship existing between you and us and the information provided by us in the context of this privacy notice, we assume that you consent to the advertising sent by us, in particular because you can object to receiving such advertising at any time by simply notifying us if you are not interested.

Recipient

We pass on your data strictly for the intended purpose, if at all necessary, and only to the extent required within the framework of data processing agreements and to our IT service providers.

Storage period

Your data will be stored for the purpose of sending advertising for as long as it is needed for this purpose or until you object to the processing of your data for this purpose.

Objection

You can unsubscribe from our advertising e-mails at any time. Simply send us a short message that you no longer wish to receive advertising.

Obligation to provide your data

We receive your data within the framework of the contractual relationship existing between you and us. Without the provision of this data, the implementation of the contractual relationship is not possible. However, you may object to the processing of your data for the purpose of sending advertising in connection with the contractual relationship at any time in accordance with the above information.

4.4 Job Applications

4.4.1 Application form on our website

If you apply for a position with us by other means, e.g., via a portal, we process the data that you provide in your application.

4.4.2 Applying via a portal

If you apply for a position with us by other means, e.g., via a portal, the Dierks+Company company to which you apply for the position is responsible for data processing. We process the data that you provide in your application.

Purpose

The personal data you provide will be processed for the purpose of deciding whether to establish an employment relationship and to document the outcome of the application process. If you consent, we will store your application documents in our talent pool even after the application process has been completed.

The legal bases for the processing are

  • Art. 6 (1)(b) GDPR in conjunction withSec. 26 (1) BDSG, insofar as the processing is carried out for the execution of the application process and for the decision on the establishment of an employment relationship. If you provide more than the required information, the legal basis is Art. 6 (1)(a) and, if applicable, Art. 9 (2)(a) GDPR. Insofar as we are legally obliged to process data that we have received as part of the application process, we process this data on the basis of Art. 6 (1)(c) GDPR.
  • Art. 6 (1)(f) GDPR for the documentation of the result of the application process. We have a legitimate interest in documenting and tracking which applicants we have already been in contact with and the reasons why an employment relationship has not materialised.
  • Art. 6 (1)(a) GDPR for storage in our talent pool.

Sources and recipients

If you apply to us via a portal, your data will also be processed by the portal and transmitted to us. Depending on which way you choose to apply, the portal may function as a processor under article 28 GDPR or as a joint controller with us under article 26 GDPR. For more information, see section 5.2.

In order to assess your documents, they will be forwarded to the relevant employees of the company to which you are applying. In addition, your data may be forwarded to our group-affiliated company and to our IT service providers as part of a data processing agreement.

Storage period

If your application is successful, we will store your application documents in your personnel file. If the data processing is based on a legal obligation to which we are subject article 6 (1) (c) GDPR), the data will be stored for as long as is necessary to fulfil our legal obligation.

If your application was unsuccessful, your application documents will be stored by us for the duration of the application process and will also be kept for 6 months in order to answer any questions you may have. After this period, the documents provided by you will be deleted. In order to be able to continue to track which applicants we have already been in contact with and for which reasons an employment relationship has not materialised, we store your name and our documentation of the outcome of the application process for a maximum period of 5 years.

Only if you consent, we will store your data until withdrawal or for a maximum of 3 years in order to be able to contact you in the future regarding interesting job offers within our company.

Obligation to provide your data

You are not obliged to provide us with your data. The provision of your data is necessary for the application process and for the decision on the establishment of an employment relationship. If you do not provide us with your data, we will unfortunately not be able to consider you in the selection process for filling the advertised position.

5. Data processing in connection with our presence on social media

We maintain publicly accessible profiles on various social media platforms and job portals. Your visit to these profiles may initiate data processing procedures. In the following, we provide you with an overview of which of your personal data is processed by us when you visit our profiles. We would like to point out that you use our profiles and the contents available on them at your own responsibility. This applies in particular to the use of interactive functions (e.g., commenting, sharing, rating).

When you visit our profiles, your personal data is processed not only by us but also, where applicable, by the providers of the respective platform. The individual data processing procedures and their scope differ depending on the provider of the respective platform and are not necessarily comprehensible for us. For details about the collection and storage of your personal data as well as the type, scope, and purpose of their use by the provider of the respective platform, please also refer to the data protection information of the respective provider.

5.1 Facebook

Dierks+Company operates a profile on the social network Facebook of Meta Platforms Ireland Ltd, 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland ("Meta").

Joint controllership with Meta

Meta and we have concluded an agreement within the scope of joint controllership, which you can access here: https://de-de.facebook.com/legal/terms/page_controller_addendum (so-called "Page Insights Addendum"). From this, the respective responsibilities, in particular with regard to the protection of data subject rights, between us and Meta can also be inferred. The Page Insights Addendum refers to those data processing operations that are collected in connection with a visit to or interaction with our Facebook profile, but only insofar as these data are also processed (thereafter) for "Page Insights". "Page Insights" include analytics services that help Page owners better understand interactions with their Pages. The purpose of the data processing is to create aggregated statistics for us, the operator of our Facebook profile respectively. Meta provides more details on how to exercise these rights in the "Page Insights Data Information". You can find this here https://www.facebook.com/legal/terms/information_about_page_insights_data.

When you visit our Facebook profile, Meta collects, among other things, your IP address and other information that is present on your system in the form of cookies. This information is used to provide us, as the operator of the profiles, with statistical information about the use of the profiles. Meta provides more detailed information on this at the following link: https://de-de.facebook.com/help/pages/insights.

The data collected about you in this context will be processed by Meta and, if necessary, transferred to countries outside the EU. The transfer is secured by an order processing agreement and the conclusion of the EU standard contractual clauses, which in individual cases permit a transfer to so-called third countries outside the EU. The data usage guidelines are available at the following link: https://de-de.facebook.com/full_data_use_policy.

In which way Meta uses the data from the visit of Facebook profile for its own purposes, to what extent activities on the Facebook profile are assigned to individual users, how long Meta stores this data and whether data from a visit to the Meta site is passed on to third parties, is not conclusively and clearly stated by Meta and is not known to us. When accessing a Facebook profile, the IP address assigned to your end device is transmitted to Meta. According to information from Meta, this IP address is anonymized (for "German" IP addresses). Meta also stores information about the end devices of its users (e.g. as part of the "login notification" function); if necessary, this enables Meta to assign IP addresses to individual users. If you are currently logged in to Facebook as a user, a cookie with your Facebook ID is located on your end device. This enables Meta to track that you have visited our website and how you have used it. This also applies to all other Meta pages. Via Facebook buttons embedded in websites, it is possible for Meta to record your visits to these websites and assign them to your Facebook profile. Based on this data, content or advertising tailored to you can be offered. If you want to avoid this, you should log out of Facebook or deactivate the "stay logged in" function, delete the cookies present on your device and exit and restart your browser. In this way, meta-information through which you can be directly identified will be deleted. This allows you to use our Facebook profile without revealing your Facebook identifier. When you access interactive features of the site (like, comment, share, message, etc.), a Facebook login screen will appear. After any login, you will again be recognizable to Meta as a specific user.

Controllership of Dierks+Company

In addition to the processing mentioned above regarding Insights Data, we are generally solely responsible for any further processing by us (for example, if you contact us via Facebook and we process their data to respond to your inquiry).

Purpose

This processing of visitors' data serves the purpose of providing the site, statistical analysis of the use of our site, as well as the purpose of answering your inquiries (if you have sent us an inquiry) or communicating with you and publishing information about offers from Dierks+Company.

The legal basis of the processing for the purpose of answering inquiries that serve a future conclusion of a contract and are initiated by you is Art. 6 para. 1 p. 1 lit. b DSGVO and in the other cases Art. 6 para. 1 p. 1 lit. f DSGVO. The legitimate interests regarding the processing of personal data when visiting the site and the creation of the "site insights" are: Communication and interaction with interested parties and customers; Dissemination of information; Anonymized evaluation and presentation of the use of our Facebook profile.

Storage period

After your request has been completed, the personal data you have provided will be deleted from our systems. Should you interact with us publicly, for example by leaving a comment or "liking" a post, this data will remain publicly accessible on the site until deleted by us or you. If legal storage obligations require longer storage, your data will only be stored for this purpose and will be blocked for other purposes.

Objection

You have the option to delete comments and likes on Facebook. To exercise your right to object to us, please contact our data protection officer. We will then process your request immediately.

Obligation to provide your data

The provision of your data is voluntary. However, it is not possible to visit our Facebook profile without us or Meta processing personal data.

5.2 LinkedIn

Dierks+Company operates a profile on the social media platform LinkedIn of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland ("LinkedIn").

Joint controllership with LinkedIn

Dierks+Company and LinkedIn have concluded an agreement as part of their joint controllership, which you can access here: https://legal.linkedin.com/pages-joint-controller-addendum (so-called "Page Insights Joint Controller Addendum"). The agreement covers those data processing procedures in connection with a visit to or interaction with our LinkedIn profile, but only to the extent that such data is also processed (thereafter) for "Page Insights". "Page Insights" comprise analytics services that help the operator of a LinkedIn profile to better understand interactions with its LinkedIn profile. The purpose of the data processing is to generate aggregate statistics for LinkedIn profile operators. It involves processing data in the context of people visiting or interacting with a LinkedIn profile, but only to the extent that the purpose is to use it for " Page Insights ". LinkedIn provides more detailed information on this at the following link: https://www.linkedin.com/help/linkedin/answer/4499/linkedin-page-analytics-overview?lang=en. The "Information on data for Page Insights " (https://legal.linkedin.com/pages-joint-controller-addendum), which can be accessed by data subjects, indicates how and when "insights data" are collected and used to create " Page Insights ":

When you visit our LinkedIn profile, LinkedIn collects, among other things, your IP address and other information that is present on your PC in the form of cookies. This information is used to provide us, as the operator of our LinkedIn profile, with statistical information about the use of the LinkedIn profile. We do not receive any personal data from LinkedIn in this context.

Through the LinkedIn Insight Tag, your data is transmitted to LinkedIn, under certain circumstances also to the USA. The transfer is secured by a data processing agreement and the conclusion of the EU standard contractual clauses, which in individual cases allow a transfer to so-called third countries outside the EU. Further information on data protection at LinkedIn can be found here https://www.linkedin.com/legal/privacy-policy#choices-oblig.

The respective responsibilities, in particular with regard to the protection of data subject rights, between Dierks+Company and LinkedIn can be found in the Page Insights Addendum (https://legal.linkedin.com/pages-joint-controller-addendum).

LinkedIn assumes primary responsibility for complying with the GDPR obligations for the shared processing of "Insights Data". This includes fulfilling your data subject rights. LinkedIn provides more details on how to exercise these rights in its privacy policy under point 4: https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy.

Controllership of Dierks+Company

In addition to the processing mentioned above, we are solely responsible for any further processing by us (for example, if you contact us via LinkedIn and we process your data to respond to your inquiry).

Purpose

This processing of the visitors' data serves the purpose of providing the profile, the statistical evaluation of the use of our profile as well as for the purpose of answering your inquiries or communicating with you and publishing information about Dierks+Company.

The legal basis of the processing for the purpose of answering inquiries that serve a future conclusion of a contract and are initiated by you is article 6 (1) (b) GDPR and in other cases article 6 (1) (f) GDPR. The legitimate interests regarding the processing of personal data when visiting the site and the creation of the "Insights data" are Communication and interaction with interested parties and customers; dissemination of information; anonymised evaluation and presentation of the use of our LinkedIn profile.

Storage period

After answering your request, the personal data you have provided will be deleted from our systems. If you interact with us publicly, for example by leaving a comment or reacting to a post, this data remains publicly accessible on the site until it is deleted by us or you. Insofar as legal storage obligations require longer storage, your data will only be stored for this purpose and blocked for other purposes.

Objection

LinkedIn users can influence the extent to which their user behaviour may be recorded when visiting our LinkedIn profile under the settings. The processing of information by means of the cookies used by LinkedIn can also be prevented by not allowing cookies from third-party providers or those from LinkedIn in your own browser settings. You have the option to delete comments and reactions on LinkedIn. To exercise your right to object, please contact our data protection officer (section 2) or datenschutz@dierks.company.

Obligation to provide your data

You are not obliged to provide your data. However, visiting, or individual functionalities of our LinkedIn profile may not be possible or only possible to a limited extent without us or LinkedIn processing personal data.

5.3 Xing

Dierks+Company operates a profile on the social media platform XING of New Work SE, Am Strandkai 1, 20457 Hamburg ("XING").

Data processed by XING

We use the statistical information (the volume of interactions, statistics on age composition and work relationships of visitors to our XING profile) that XING provides in anonymised form via its statistical service. It is not possible for us to draw conclusions about individual users or access individual user profiles. XING provides more detailed information on this under the following link: https://www.xing.com/terms.

Further information on data processing by XING can be found in the data protection information: https://privacy.xing.com/de/datenschutzerklaerung.

Responsibility of Dierks+Company

We may process the following personal data: Your XING username as well as comments on our XING pages and messages you send to us via our XING profile.

Purpose

The processing of visitor data serves to provide the profile, statistical evaluation of the use of our profile and for the purpose of communicating with you and publishing information about Dierks+Company.

The legal basis for processing for the purpose of answering enquiries that serve a future conclusion of a contract and are initiated by you is article 6 (1) (b) GDPR and in other cases article 6 (1) (f) GDPR. The legitimate interests regarding the processing of personal data are Communication and interaction with interested parties and customers, dissemination of information, anonymised evaluation, and presentation of the use of our XING profile.

Storage period

After answering your request, the personal data you have provided will be deleted from our systems. If you interact with us publicly, for example by leaving a comment or responding to a post, this data remains publicly accessible on the site until it is deleted by us or you. If legal storage obligations require longer storage, your data will only be stored for this purpose and will be blocked for other purposes.

Objection

The processing of information by means of the cookies used by XING can be prevented in the cookie guidelines and by not allowing cookies from third-party providers or those from XING in your own browser settings. You have the option to delete comments and reactions on XING. To exercise your right to object to us, please contact our data protection officer (section 2) or datenschutz@dierks.company.

Obligation to provide your data

You are not obliged to provide your data. However, it may not be possible or only possible to a limited extent to visit or use individual functions of our XING profile without us or XING processing your personal data.

5.4. StepStone

Dierks+Company operates a profile on the StepStone job portal of StepStone Deutschland GmbH, Völklinger Straße 1 in 40219 Düsseldorf ("StepStone").

If you apply via the StepStone application form, according to StepStone's T&Cs (Part B Clause 1.1.3) there is joint controllership between StepStone and Dierks+Company if you are registered with StepStone; the joint controllership agreement set out in Part D of the GTC pursuant to article 26 GDPR shall apply to this. If you are not registered with StepStone, StepStone states that it acts as our processor in accordance with article 28 GDPR (Part B Clause 1.1.3 and Part C of StepStone's T&Cs) (see section 4.4.2).

If you move from StepStone directly to our website and apply via our application form, we are solely responsible for the data processing (see section 4.4.1).

StepStone's T&Cs are available at https://www.stepstone.de/e-recruiting/allgemeine-geschaftsbedinungen.

Joint controllership with StepStone

Under the joint controllership agreement, StepStone is responsible for processing the personal data of users registered on StepStone during the application process for a job advertisement from us.

Dierks+Company is responsible for the processing of personal data of applicants after receipt of applications in the customer centre. The subject of the processing operations is all data provided and submitted by applicants. These data usually include all CV-related data, such as the name, address, telephone number, date of birth and information on educational background and professional experience. In addition, we may process other data as part of our responsibilities. This includes information provided when using the comment or note function or by assigning an application status, as well as, in the case of using the video interview service, a) the recorded applicant videos, or b) the e-mail address and name of applicants used to conduct a live interview.

Controllership of Dierks+Company

In addition to the processing in joint controllership, we are solely responsible for any further processing by us (for example, if we are in contact with you outside of StepStone to conduct the application process).

Purpose

The purpose of the data processing is to enable you to apply for jobs at Dierks+Company via StepStone.

The legal basis is article 6 (1) (b), 88 (1) GDPR in conjunction with. § 26 (1), (8) Federal Data Protection Act. If you provide more than the required information, the legal basis is your consent pursuant to article 6 (1) (a) GDPR. Insofar as we are legally obliged to process data that we have received as part of the application process, we conduct this data processing on the basis of article 6 (1) (c) GDPR.

Storage period

After processing your application, your personal data provided will be deleted from our systems in accordance with section 4.4. If you interact with us publicly, for example by leaving a comment or giving a rating, this data remains publicly accessible until it is deleted by us or you.

Withdrawal

You have the option to delete comments and reactions on StepStone. To exercise your right to withdrawal, please contact our data protection officer (section 2) or datenschutz@dierks.company. We will then process your request immediately.

Obligation to provide your data

You are not obliged to provide us with your data. The provision of your data is necessary for the application process and for deciding whether to establish an employment relationship. However, you can also choose another way to submit your application, e.g., via our website. If you do not provide us with your data, we will unfortunately not be able to consider you in the selection process for filling the advertised position.

5.5 Contact via other networks

We also maintain a presence on various platforms and networks. If you are also a member of one of these platforms, we may contact you in order to inform you about interesting job offers. The prerequisite for this is that you have provided corresponding information about yourself in your own profile and have allowed such contact in the settings. In this context, we may process the data you have provided in your profile and possibly your contact information.

Purpose

The processing takes place in order to submit interesting job offers to you.

Depending on the respective platform, the legal basis is your consent pursuant to article 6 (1) (a) GDPR or our legitimate interest pursuant to article 6 (1) (f) GDPR, whereby our interest is to find qualified employees for our companies.

Sources and recipients

Please refer to the data protection information of the respective platform.

In order to assess your qualifications, your data may be forwarded to the relevant employees of the company where the job offer exists. In addition, your data may be passed on to our affiliated company and to our IT service providers as part of data processing agreements.

Storage period

If an application process develops from the contact, we store your data in accordance with section 4.4. If you do not respond to our enquiry or inform us that you do not wish to be contacted by us, we delete your data after one month at the latest.

Withdrawal and objection

You can withdraw your consent or object to data processing by us at any time by configuring your profile settings of the respective platform accordingly. In addition, you can also notify us of your objection or withdrawal by sending an e-mail to datenschutz@dierks.company.

Obligation to provide your data

The provision of your data on the respective platform is necessary so that we can find you and contact you. If you do not provide us with your data, we will not be able to inform you about interesting job offers.

6. Transfer to a so-called third country

Unless otherwise stated in this Privacy Policy, we do not transfer your data outside the European Economic Area.

7. How long we keep your personal data

Unless a shorter storage period results from the other provisions of this Privacy Policy, we will only store your personal data for as long as is necessary to fulfil the respective purposes, and thereafter only to the extent and insofar as we are obliged to do so due to mandatory statutory retention obligations. If we no longer need your data for the purposes described in this Privacy Policy, it will only be stored during the respective statutory retention period and not processed for other purposes.

8. Your Rights

If we process your personal data, you have the following data subject rights:

8.1 Right of access

You have the right to obtain information about your personal data processed by us in accordance with article 15 GDPR. In particular, you can access information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the source of your data if it has not been collected by us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information about its details.

8.2 Right to rectification

In accordance with article 16 GDPR, you have the right to demand rectification of inaccurate of your personal data.

8.3 Right to erasure

You have the right to request the erasure of your personal data stored by us in accordance with article 17 GDPR, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise, or defence of legal claims.

8.4 Right to restriction of processing

You have the right to request the restriction of the processing of your personal data in accordance with article 18 GDPR, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you oppose the erasure or we no longer require the data, but you need it to assert, exercise or defend legal claims or you have objected to the processing in accordance with article 21 GDPR.

8.5 Right to data portability

You have the right, in accordance with article 20 GDPR, to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format or to request that it be transferred to another controller.

8.6 Right to object

If your personal data is processed based on article 6 (1) (e) or (f) GDPR, you have the right to object to the processing of your personal data in accordance with article 21 GDPR, provided that there are grounds for doing so that arise from your particular situation or the objection is directed against direct marketing. In the latter case, you have a general right of objection, which is implemented by us without specifying a particular situation.

You can express your objection by sending an e-mail to datenschutz@dierks.company.

8.7 Automated individual decision-making including profiling

Where certain decisions on our part are based solely on automated processing - including user profiling - you have the right not to be subject to such a decision which produces legal effects concerning you or similarly significantly affects you. However, this does not apply,

·       if the decision is necessary for the conclusion or performance of a contract between you and us,

·       where the decision is authorised by the European Union or national law to which we are subject, and that law contains appropriate measures to safeguard your rights and freedoms and your legitimate interests; or

·       if this form of decision-making is conducted with your express consent.

8.8 Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or our registered office for this purpose.

If you have given your consent under data protection law, you have the right to withdraw this consent at any time. The withdrawal of consent does not affect the lawfulness of the processing based on the consent until the withdrawal. To notify us of your withdrawal, please contact our Data Protection Officer or datenschutz@dierk.company.

9. Data security

Within the website visit, we use the widespread SSL procedure (Secure Socket Layer) in connection with the highest encryption level supported by your browser. As a rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is encrypted by the closed key or lock symbol in the status bar of your browser.

We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

Please note that our website may contain links to content from other providers to which this Privacy Policy does not apply. We have no influence on these websites and not on whether they comply with the applicable data protection regulations.

11. Updating the Privacy Policy

Due to the further development of technical standards but also of our offers or due to changed legal or official requirements, it may become necessary to change this Privacy Policy. We reserve the right to change this Privacy Policy at any time with effect for the future. You can access the latest version on our website at https://www.dierks.company/datenschutz. Please visit the website regularly and inform yourself about the current Privacy Policy.

Last updated: 12.02.2023