Information on data protection
The protection of your personal data during the collection, processing and use on the occasion of your visit to our homepage is an important concern for us.
We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.
As a rule, it is possible to use our website without providing personal data. Insofar as personal data (e.g. name, address or e‑mail address) is collected on our website, this is always done on a voluntary basis. We would like to point out that data transmission on the Internet (e.g. when communicating by e‑mail) can have security gaps. Complete protection of data against access by third parties is not possible.
In the following, we would like to inform you that and how personal data is requested from you and electronically stored and processed by us
Who is responsible for processing?
Data Protection Officer
Mauß Datenschutz GmbH, Neuer Wall 10, 20354 Hamburg, Germany, is responsible for professional data protection. You can contact our data protection officer by post or by telephone: +49 (0) 40 999 99 52 — 0 or by e‑mail: firstname.lastname@example.org.
Personal data is information about you. This includes information such as your name, address, telephone number or e‑mail address, but also data such as your location, IP address or bank details. You do not need to disclose personal data to use our website. In certain cases, however, we need your name and address as well as other information so that we can provide the requested information or services.
Collection and processing of personal data
We process personal data that you actively provide to us through your input. Furthermore, we automatically process personal data based on the use of our website. Your personal data may therefore be processed in the following cases in particular:
Visiting our website
Establishing contact with us
Analysis of why visitors come to our website and how they use it
Use of external tools (e.g. web fonts)
Defence against attacks against technical infrastructure
For details, please refer to the following statements.
Visiting our website
When you visit our website, the company commissioned by us to operate the website processes and stores not only technical information about the end device you are using (operating system, screen resolution and other, non-personal characteristics) and the browser (version, language settings), but in particular the public IP address of the computer you are using to visit our website, together with the date and time of access. The IP address is a unique numerical address under which your end device sends or retrieves data on the Internet. As a rule, we or our service provider do not know who is behind an IP address, unless you provide us with data during the use of our website that enables us to identify you.
Our service provider uses the processed data in a non-personal manner for statistical purposes so that we can understand which end devices are used with which settings for visiting our website in order to optimise it for them if necessary. These statistics do not contain any personal data. The legal basis for the creation of the statistics is Art. 6 para. 1 lit. f GDPR.
The IP address is also used so that you can technically access and use our website and to detect and defend against attacks against our service provider or our website. Such attacks would impair the intended functionality of the data centre of the company commissioned by us, the use of our website or its functionality as well as the safety of visitors to our website. The processing of the IP address including the time of access is carried out to defend against such attacks. Through our service provider, we pursue the legitimate interest with this processing to ensure the functionality of our website and to ward off illegal attacks against us and the visitors to our website. The legal basis for the processing is Art. 6 para. 1 lit. f GDPR.
The stored IP data is deleted after 7 days and kept for 14 days in encrypted form by a backup. After that, they are no longer needed for the detection or defence of an attack.
Data storage and transmission to third parties
By carrying out the iTYPE test procedure the user agrees that his personal data (first name, surname, e‑mail address and IP address) in connection with the personality profile will be stored in the iTYPE test database for 3 months. i‑TYPE GmbH is entitled to pass on the user's personality profile with his personal data to the personality consultant responsible for the evaluation. The consent to the transfer is given on the Internet immediately before the test begins.
The data we collect on our homepage is transmitted to us exclusively in encrypted form. The same applies to the delivery of our web pages. Even if you call up our website without encryption, the response from our web server is already encrypted.
Some of our web pages use so-called cookies. Cookies do not cause any damage to your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are so-called "session cookies". They are automatically deleted at the end of your visit. Other cookies remain stored on your end device until you delete them. These cookies enable us to recognise your browser on your next visit.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited.
We regularly evaluate these server logs anonymously for statistical purposes so that we can determine how our websites are used. We then optimise our website on the basis of these findings. In addition, in the event of system abuse, we may use this information in cooperation with your Internet provider and/or local authorities to identify the perpetrator of such abuse.
Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
browser type/browser version
operating system used
host name of the accessing computer
time of the server request
This data cannot be assigned to specific persons. This data is not merged with other data sources. We reserve the right to check this data retrospectively if we become aware of concrete indications of illegal use.
If you send us enquiries via the contact form, your details from the enquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We do not pass on this data without your consent, unless it is necessary to commission one of our trained personality consultants to process your enquiry.
If you send us a message via one of the contact options offered, we will use the data you provide us with to process your enquiry. The legal basis for this is our legitimate interest in responding to your request in accordance with Art. 6 Para. 1 lit. f DS-GVO. If your enquiry serves the conclusion of a contract with us to which you as a person are a party, the further legal basis for the processing is Art. 6 (1) lit. b GDPR. The data will be deleted after your request has been dealt with. If we are legally obliged to store the data for a longer period of time, it will be deleted after the expiry of the relevant period.
Use of Instagram
Our website uses social plugins ("plugins") from Instagram, which is operated by Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA ("Instagram"). The plugins are marked with an Instagram logo, for example in the form of an "Instagram camera". You can find an overview of the Instagram plugins and their appearance here:
When you call up a page of our website that contains such a plugin, your browser establishes a direct connection to the servers of Instagram. The content of the plugin is transmitted by Instagram directly to your browser and integrated into the page. Through this integration, Instagram receives the information that your browser has called up the corresponding page of our website, even if you do not have an Instagram profile or are not currently logged in to Instagram. This information (including your IP address) is transmitted by your browser directly to an Instagram server in the USA and stored there.
If you are logged in to Instagram, Instagram can directly assign your visit to our website to your Instagram account. If you interact with the plugins, for example by clicking the "Instagram" button, this information is also transmitted directly to an Instagram server and stored there. The information is also published on your Instagram account and displayed there to your contacts.
For the purpose and scope of the data collection and the further processing and use of the data by Instagram, as well as your rights in this regard and setting options for protecting your privacy, please refer to Instagram's data protection information: https://help.instagram.com/155833707900388/
Use of Twitter
Our website uses social plugins ("plugins") from the microblogging service Twitter, which is operated by Twitter Inc, 1355 Market St, Suite 900, San Francisco, CA 94103, USA ("Twitter"). The plugins are marked with a Twitter logo, for example in the form of a blue "Twitter bird". You can find an overview of the Twitter plugins and their appearance here: https://about.twitter.com/en_us/company/brand-resources.html
When you call up a page of our website that contains such a plugin, your browser establishes a direct connection to the Twitter servers. The content of the plugin is transmitted by Twitter directly to your browser and integrated into the page. Through the integration, Twitter receives the information that your browser has called up the corresponding page of our website, even if you do not have a profile on Twitter or are not currently logged in to Twitter. This information (including your IP address) is transmitted by your browser directly to a Twitter server in the USA and stored there.
If you are logged in to Twitter, Twitter can directly assign your visit to our website to your Twitter account. If you interact with the plugins, for example by clicking the "Tweet" button, the corresponding information is also transmitted directly to a Twitter server and stored there. The information is also published on your Twitter account and displayed there to your contacts. For the purpose and scope of the data collection and the further processing and use of the data by Twitter, as well as your rights in this regard and setting options for protecting your privacy, please refer to Twitter's data protection information: https://twitter.com/privacy If you do not want Twitter to assign the data collected via our website directly to your Twitter account, you must log out of Twitter before visiting our website. You can also completely prevent the loading of Twitter plugins with add-ons for your browser, e.g. with the script blocker "NoScript" (http://noscript.net/).
Use of Facebook
Our website uses social plugins ("plugins") of the social network Facebook, which is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook"). The plugins are marked with a Facebook logo or the addition "Social Plug-in from Facebook" or "Facebook Social Plugin". You can find an overview of the Facebook plug-ins and their appearance here: https://developers.facebook.com/docs/plugins.
When you call up a page of our website that contains such a plug-in, your browser establishes a direct connection to the Facebook servers. The content of the plugin is transmitted by Facebook directly to your browser and integrated into the page. Through this integration, Facebook receives the information that your browser has called up the corresponding page of our website, even if you do not have a Facebook profile or are not currently logged in to Facebook. This information (including your IP address) is transmitted by your browser directly to a Facebook server in the USA and stored there.
If you are logged in to Facebook, Facebook can directly assign your visit to our website to your Facebook profile. If you interact with the plugins, for example by clicking the "Like" button or posting a comment, this information is also transmitted directly to a Facebook server and stored there. The information is also published on your Facebook profile and displayed to your Facebook friends.
If you do not want Facebook to assign the data collected via our website directly to your Facebook profile, you must log out of Facebook before visiting our website. You can also completely prevent the loading of Facebook plugins with add-ons for your browser, e.g.
for Mozilla Firefox: https://addons.mozilla.org/de/firefox/addon/facebook-blocker/
for Opera: https://addons.opera.com/de/extensions/details/facebook-blocker/?display=en
for Chrome: https://chrome.google.com/webstore/detail/facebookblocker/chlhacbfddknadmnmjmkdobipdpjakmc?hl=en
Use of YouTube
Our website uses social plugins ("plugins") from YouTube, which is operated by YouTube Videos is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. operated. The plugins are marked with a YouTube logo.
To use the functions of the video players, it is necessary to save your IP address. This information is usually transferred to a server of the video platforms in the USA and stored there. The provider of this website has no influence on this data transmission.
We have configured the integration of the videos in such a way that data transmission to the video platforms does not take place automatically, but only when you activate the videos by clicking on them.
The video platforms provide the video in various formats and qualities and ensure correct display of the videos on all end devices.
YouTube is used in the interest of an appealing, audiovisual presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR.
Use of social media plugins
We only use privacy-friendly social media plugins on our pages. You can call up all our pages without data being transmitted to social networks (Facebook, Instagram, Twitter, LinkedIn, Xing, etc.) when you call them up. Only when you as a user actively click on a corresponding icon ("like", "share", "tweet", "+1" etc.) will the corresponding page of the respective social network be called up. The social network is solely responsible for all subsequent data transfers to this social network.
Hyperlinks to other websites
Our website contains hyperlinks to other websites that are not operated by i‑TYPE GmbH. We do not monitor these websites and are not responsible for their content or their handling of personal data.
Google Web Fonts
This site uses so-called web fonts provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google") for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.
For this purpose, the browser you are using must connect to Google's servers. This informs Google that our website has been accessed via your IP address. Google Web Fonts are used in the interest of a uniform and appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR. If your browser does not support web fonts, a standard font will be used by your computer.
Google LLC, based in the USA, is certified for the us-European data protection agreement "Privacy Shield", which ensures compliance with the level of data protection applicable in the EU.
We reserve the right to change the security and data protection measures at any time, especially if this becomes necessary due to technical developments. In such cases, we may also adapt this data protection notice accordingly. Please therefore refer to the current version of this data protection statement.
Right to information
According to Art. 15 GDPR, you have the right to request confirmation from us as to whether personal data relating to you is being processed by us. If this is the case, you have the right to be informed about this personal data and to receive further information as specified in Art. 15 GDPR.
Right to rectification
Pursuant to Art. 16 GDPR, you have the right to request that we correct any inaccurate personal data relating to you without undue delay. Taking into account the purposes of the processing, you also have the right to request that incomplete personal data be completed, including by means of a supplementary declaration.
Right to erasure
You have the right to request that we delete personal data relating to you without undue delay. We are obliged to delete personal data without delay if the relevant requirements of Art. 17 GDPR are met. For details, please refer to Art. 17 GDPR.
Right to restriction of processing
In accordance with Art. 18 GDPR, you have the right under certain conditions to demand that we restrict the processing of your personal data.
Right of objection
Pursuant to Art. 21 GDPR, you have the right to object to the processing of personal data concerning you which is carried out on the basis of Article 6 (1) (e) or (f) GDPR; this also applies to profiling based on these provisions.
If we process your personal data for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing.
If you wish to exercise any of these rights, please contact us as the data controller using the contact details above or use one of the other methods we offer to send you this notice. If you have any questions about this, please contact us.
Existence of a right of complaint to the supervisory authority
Pursuant to Article 77 of the GDPR, you have the right to complain to the supervisory authority, without prejudice to any other administrative or judicial remedy. This right exists in particular in the Member State of your place of residence, your place of work or the place of the alleged infringement if you consider that the processing of personal data concerning you infringes the GDPR.
Application procedure at iType
What personal data do we process and for what purpose?
We process the data you have sent us in connection with your application in order to check your suitability for the advertised position, to coordinate in-house, to carry out the pre-selection procedure, to conduct interviews with you, and to make a decision on employment.
This data includes, in particular, title, surname and first name, the usual correspondence data such as postal address, e‑mail address and telephone numbers, as well as application documents such as a letter of motivation, curriculum vitae, professional, educational and further training qualifications as well as references and all information that you also provide to us voluntarily.
What is the legal basis for our data processing?
The legal basis for the processing of your personal data in this application procedure is, in particular, Section 26 BDSG in conjunction with Article 6 (1) lit. b and, if applicable, a GDPR. According to this, the processing of all data required in connection with the decision on the establishment of an employment relationship is permissible.
Furthermore, we may process personal data about you insofar as this is necessary for the defence of asserted legal claims against us arising from the application process. The legal basis for this is Art. 6 para. 1 lit. b and f of the GDPR. Our legitimate interest is the aforementioned defence against claims.
If we create evaluations or statistics, the processing is based on Art. 6 Para. 1 lit. f GDPR, our legitimate interest is the constant review and optimisation of our attractiveness as an employer, as well as the monitoring of success.
How long is your data stored?
In the event of a rejection, applicant data will be deleted 6 months after completion of the recruitment process, provided it is for an advertised position. If you have sent us a speculative application, we will delete the data 6 months after we have rejected you.
If an employment relationship is established, we will continue to process the data we have already received from you for the purposes of the employment relationship and all related processing (e.g. reporting and payment of social security contributions). We will inform you in good time about this further processing in accordance with the statutory provisions.
Who receives your data?
After receipt of your application, your application data will be viewed by the staff responsible for human resources. Candidate applications are then forwarded internally to the person responsible for the respective vacant position.
In principle, only those persons within the company have access to your data who are responsible for ensuring that the selection process is carried out properly. Within the framework of technical maintenance measures, those responsible for this may be able to view your data.
Are you obliged to provide us with data?
You are neither contractually nor legally obliged to provide us with data as part of the application process. However, failure to provide us with data may mean that we are unable to consider you in the further procedure.
Version IV, Status 08.08.2019