Privacy Policy

Infor­mation on data protection

The protection of your personal data during the collection, processing and use on the occasion of your visit to our homepage is an important concern for us.

We treat your personal data confi­den­tially and in accor­dance with the statutory data protection regula­tions and this data protection declaration.

As a rule, it is possible to use our website without providing personal data. Insofar as personal data (e.g. name, address or e‑mail address) is collected on our website, this is always done on a voluntary basis. We would like to point out that data trans­mission on the Internet (e.g. when commu­ni­cating by e‑mail) can have security gaps. Complete protection of data against access by third parties is not possible.

In the following, we would like to inform you that and how personal data is requested from you and electron­i­cally stored and processed by us

Who is respon­sible for processing?
i‑TYPE GmbH
Kleine Seiler­straße 1
D‑20359 Hamburg

repre­sented by the managing director Manuela Barth, who can be reached info@itype.eu or via telephone: +49 (0) 40 46 89 84 40

Data Protection Officer
Mauß Daten­schutz GmbH, Neuer Wall 10, 20354 Hamburg, Germany, is respon­sible for profes­sional data protection. You can contact our data protection officer by post or by telephone: +49 (0) 40 999 99 52 — 0 or by e‑mail: datenschutz@datenschutzbeauftragter-hamburg.de.

Personal Data
Personal data is infor­mation about you. This includes infor­mation such as your name, address, telephone number or e‑mail address, but also data such as your location, IP address or bank details. You do not need to disclose personal data to use our website. In certain cases, however, we need your name and address as well as other infor­mation so that we can provide the requested infor­mation or services.

Collection and processing of personal data
We process personal data that you actively provide to us through your input. Furthermore, we automat­i­cally process personal data based on the use of our website. Your personal data may therefore be processed in the following cases in particular:

  • Visiting our website

  • Estab­lishing contact with us

  • Analysis of why visitors come to our website and how they use it

  • Use of external tools (e.g. web fonts)

  • Defence against attacks against technical infrastructure

For details, please refer to the following statements.

Visiting our website

When you visit our website, the company commis­sioned by us to operate the website processes and stores not only technical infor­mation about the end device you are using (operating system, screen resolution and other, non-personal charac­ter­istics) and the browser (version, language settings), but in particular the public IP address of the computer you are using to visit our website, together with the date and time of access. The IP address is a unique numerical address under which your end device sends or retrieves data on the Internet. As a rule, we or our service provider do not know who is behind an IP address, unless you provide us with data during the use of our website that enables us to identify you.

Our service provider uses the processed data in a non-personal manner for statis­tical purposes so that we can under­stand which end devices are used with which settings for visiting our website in order to optimise it for them if necessary. These statistics do not contain any personal data. The legal basis for the creation of the statistics is Art. 6 para. 1 lit. f GDPR.

The IP address is also used so that you can techni­cally access and use our website and to detect and defend against attacks against our service provider or our website. Such attacks would impair the intended function­ality of the data centre of the company commis­sioned by us, the use of our website or its function­ality as well as the safety of visitors to our website. The processing of the IP address including the time of access is carried out to defend against such attacks. Through our service provider, we pursue the legit­imate interest with this processing to ensure the function­ality of our website and to ward off illegal attacks against us and the visitors to our website. The legal basis for the processing is Art. 6 para. 1 lit. f GDPR.

The stored IP data is deleted after 7 days and kept for 14 days in encrypted form by a backup. After that, they are no longer needed for the detection or defence of an attack.

Data storage and trans­mission to third parties
By carrying out the iTYPE test procedure the user agrees that his personal data (first name, surname, e‑mail address and IP address) in connection with the person­ality profile will be stored in the iTYPE test database for 3 months. i‑TYPE GmbH is entitled to pass on the user's person­ality profile with his personal data to the person­ality consultant respon­sible for the evalu­ation. The consent to the transfer is given on the Internet immedi­ately before the test begins.

Encrypted trans­mission
The data we collect on our homepage is trans­mitted to us exclu­sively in encrypted form. The same applies to the delivery of our web pages. Even if you call up our website without encryption, the response from our web server is already encrypted.

Cookies
Some of our web pages use so-called cookies. Cookies do not cause any damage to your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are so-called "session cookies". They are automat­i­cally deleted at the end of your visit. Other cookies remain stored on your end device until you delete them. These cookies enable us to recognise your browser on your next visit.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the accep­tance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the function­ality of this website may be limited.

We regularly evaluate these server logs anony­mously for statis­tical purposes so that we can determine how our websites are used. We then optimise our website on the basis of these findings. In addition, in the event of system abuse, we may use this infor­mation in cooper­ation with your Internet provider and/​or local author­ities to identify the perpe­trator of such abuse.

Server log files
The provider of the pages automat­i­cally collects and stores infor­mation in so-called server log files, which your browser automat­i­cally transmits to us. These are:

  • browser type/​browser version

  • operating system used

  • referrer URL

  • host name of the accessing computer

  • time of the server request

This data cannot be assigned to specific persons. This data is not merged with other data sources. We reserve the right to check this data retro­spec­tively if we become aware of concrete indica­tions of illegal use.

Contact form
If you send us enquiries via the contact form, your details from the enquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We do not pass on this data without your consent, unless it is necessary to commission one of our trained person­ality consul­tants to process your enquiry.

Contact requests
If you send us a message via one of the contact options offered, we will use the data you provide us with to process your enquiry. The legal basis for this is our legit­imate interest in responding to your request in accor­dance with Art. 6 Para. 1 lit. f DS-GVO. If your enquiry serves the conclusion of a contract with us to which you as a person are a party, the further legal basis for the processing is Art. 6 (1) lit. b GDPR. The data will be deleted after your request has been dealt with. If we are legally obliged to store the data for a longer period of time, it will be deleted after the expiry of the relevant period.

Use of Instagram
Our website uses social plugins ("plugins") from Instagram, which is operated by Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA ("Instagram"). The plugins are marked with an Instagram logo, for example in the form of an "Instagram camera". You can find an overview of the Instagram plugins and their appearance here:
http://blog.instagram.com/post/36222022872/introducing-instagram-badges

When you call up a page of our website that contains such a plugin, your browser estab­lishes a direct connection to the servers of Instagram. The content of the plugin is trans­mitted by Instagram directly to your browser and integrated into the page. Through this integration, Instagram receives the infor­mation that your browser has called up the corre­sponding page of our website, even if you do not have an Instagram profile or are not currently logged in to Instagram. This infor­mation (including your IP address) is trans­mitted by your browser directly to an Instagram server in the USA and stored there.

If you are logged in to Instagram, Instagram can directly assign your visit to our website to your Instagram account. If you interact with the plugins, for example by clicking the "Instagram" button, this infor­mation is also trans­mitted directly to an Instagram server and stored there. The infor­mation is also published on your Instagram account and displayed there to your contacts.

For the purpose and scope of the data collection and the further processing and use of the data by Instagram, as well as your rights in this regard and setting options for protecting your privacy, please refer to Instagram's data protection infor­mation: https://help.instagram.com/155833707900388/

GDPRIf you do not want Instagram to directly assign the data collected via our website to your Instagram account, you must log out of Instagram before visiting our website. You can also completely prevent the loading of Instagram plugins with add-ons for your browser, e.g. with the script blocker "NoScript" (http://noscript.net/).

Use of Twitter
Our website uses social plugins ("plugins") from the microblogging service Twitter, which is operated by Twitter Inc, 1355 Market St, Suite 900, San Francisco, CA 94103, USA ("Twitter"). The plugins are marked with a Twitter logo, for example in the form of a blue "Twitter bird". You can find an overview of the Twitter plugins and their appearance here: https://about.twitter.com/en_us/company/brand-resources.html

When you call up a page of our website that contains such a plugin, your browser estab­lishes a direct connection to the Twitter servers. The content of the plugin is trans­mitted by Twitter directly to your browser and integrated into the page. Through the integration, Twitter receives the infor­mation that your browser has called up the corre­sponding page of our website, even if you do not have a profile on Twitter or are not currently logged in to Twitter. This infor­mation (including your IP address) is trans­mitted by your browser directly to a Twitter server in the USA and stored there.

If you are logged in to Twitter, Twitter can directly assign your visit to our website to your Twitter account. If you interact with the plugins, for example by clicking the "Tweet" button, the corre­sponding infor­mation is also trans­mitted directly to a Twitter server and stored there. The infor­mation is also published on your Twitter account and displayed there to your contacts. For the purpose and scope of the data collection and the further processing and use of the data by Twitter, as well as your rights in this regard and setting options for protecting your privacy, please refer to Twitter's data protection infor­mation: https://twitter.com/privacy If you do not want Twitter to assign the data collected via our website directly to your Twitter account, you must log out of Twitter before visiting our website. You can also completely prevent the loading of Twitter plugins with add-ons for your browser, e.g. with the script blocker "NoScript" (http://noscript.net/).

Use of Facebook

Our website uses social plugins ("plugins") of the social network Facebook, which is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook"). The plugins are marked with a Facebook logo or the addition "Social Plug-in from Facebook" or "Facebook Social Plugin". You can find an overview of the Facebook plug-ins and their appearance here: https://developers.facebook.com/docs/plugins.

When you call up a page of our website that contains such a plug-in, your browser estab­lishes a direct connection to the Facebook servers. The content of the plugin is trans­mitted by Facebook directly to your browser and integrated into the page. Through this integration, Facebook receives the infor­mation that your browser has called up the corre­sponding page of our website, even if you do not have a Facebook profile or are not currently logged in to Facebook. This infor­mation (including your IP address) is trans­mitted by your browser directly to a Facebook server in the USA and stored there.

If you are logged in to Facebook, Facebook can directly assign your visit to our website to your Facebook profile. If you interact with the plugins, for example by clicking the "Like" button or posting a comment, this infor­mation is also trans­mitted directly to a Facebook server and stored there. The infor­mation is also published on your Facebook profile and displayed to your Facebook friends.

For the purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as your rights in this regard and setting options for protecting your privacy, please refer to Facebook's privacy policy: http://www.facebook.com/policy.php.

If you do not want Facebook to assign the data collected via our website directly to your Facebook profile, you must log out of Facebook before visiting our website. You can also completely prevent the loading of Facebook plugins with add-ons for your browser, e.g.

for Mozilla Firefox: https://addons.mozilla.org/de/firefox/addon/facebook-blocker/
for Opera: https://addons.opera.com/de/extensions/details/facebook-blocker/?display=en
for Chrome: https://chrome.google.com/webstore/detail/facebookblocker/chlhacbfddknadmnmjmkdobipdpjakmc?hl=en

Use of YouTube
Our website uses social plugins ("plugins") from YouTube, which is operated by YouTube Videos is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. operated. The plugins are marked with a YouTube logo.

To use the functions of the video players, it is necessary to save your IP address. This infor­mation is usually trans­ferred to a server of the video platforms in the USA and stored there. The provider of this website has no influence on this data transmission.

We have configured the integration of the videos in such a way that data trans­mission to the video platforms does not take place automat­i­cally, but only when you activate the videos by clicking on them.

The video platforms provide the video in various formats and qualities and ensure correct display of the videos on all end devices.

YouTube is used in the interest of an appealing, audio­visual presen­tation of our online offers. This repre­sents a legit­imate interest within the meaning of Art. 6 Para. 1 lit. f GDPR.

Further infor­mation on the handling of user data can be found in Google's privacy policy: https://www.google.de/intl/de/policies/privacy/.

Use of social media plugins
We only use privacy-friendly social media plugins on our pages. You can call up all our pages without data being trans­mitted to social networks (Facebook, Instagram, Twitter, LinkedIn, Xing, etc.) when you call them up. Only when you as a user actively click on a corre­sponding icon ("like", "share", "tweet", "+1" etc.) will the corre­sponding page of the respective social network be called up. The social network is solely respon­sible for all subse­quent data transfers to this social network.

Hyper­links to other websites
Our website contains hyper­links to other websites that are not operated by i‑TYPE GmbH. We do not monitor these websites and are not respon­sible for their content or their handling of personal data.

Google Web Fonts
This site uses so-called web fonts provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google") for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.

For this purpose, the browser you are using must connect to Google's servers. This informs Google that our website has been accessed via your IP address. Google Web Fonts are used in the interest of a uniform and appealing presen­tation of our online offers. This repre­sents a legit­imate interest within the meaning of Art. 6 Para. 1 lit. f GDPR. If your browser does not support web fonts, a standard font will be used by your computer.

Google LLC, based in the USA, is certified for the us-European data protection agreement "Privacy Shield", which ensures compliance with the level of data protection applicable in the EU.

Further infor­mation on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google's privacy policy: https://www.google.com/policies/privacy/.

Changes to the privacy policy
We reserve the right to change the security and data protection measures at any time, especially if this becomes necessary due to technical devel­op­ments. In such cases, we may also adapt this data protection notice accord­ingly. Please therefore refer to the current version of this data protection statement.

Right to infor­mation
According to Art. 15 GDPR, you have the right to request confir­mation from us as to whether personal data relating to you is being processed by us. If this is the case, you have the right to be informed about this personal data and to receive further infor­mation as specified in Art. 15 GDPR.

Right to recti­fi­cation
Pursuant to Art. 16 GDPR, you have the right to request that we correct any inaccurate personal data relating to you without undue delay. Taking into account the purposes of the processing, you also have the right to request that incom­plete personal data be completed, including by means of a supple­mentary declaration.

Right to erasure
You have the right to request that we delete personal data relating to you without undue delay. We are obliged to delete personal data without delay if the relevant require­ments of Art. 17 GDPR are met. For details, please refer to Art. 17 GDPR. 

Right to restriction of processing
In accor­dance with Art. 18 GDPR, you have the right under certain condi­tions to demand that we restrict the processing of your personal data.

Right of objection
Pursuant to Art. 21 GDPR, you have the right to object to the processing of personal data concerning you which is carried out on the basis of Article 6 (1) (e) or (f) GDPR; this also applies to profiling based on these provisions.

If we process your personal data for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing.

If you wish to exercise any of these rights, please contact us as the data controller using the contact details above or use one of the other methods we offer to send you this notice. If you have any questions about this, please contact us.

Existence of a right of complaint to the super­visory authority
Pursuant to Article 77 of the GDPR, you have the right to complain to the super­visory authority, without prejudice to any other admin­is­trative or judicial remedy. This right exists in particular in the Member State of your place of residence, your place of work or the place of the alleged infringement if you consider that the processing of personal data concerning you infringes the GDPR.

Appli­cation procedure at iType 

What personal data do we process and for what purpose?
We process the data you have sent us in connection with your appli­cation in order to check your suitability for the adver­tised position, to coordinate in-house, to carry out the pre-selection procedure, to conduct inter­views with you, and to make a decision on employment.

This data includes, in particular, title, surname and first name, the usual corre­spon­dence data such as postal address, e‑mail address and telephone numbers, as well as appli­cation documents such as a letter of motivation, curriculum vitae, profes­sional, educa­tional and further training quali­fi­ca­tions as well as refer­ences and all infor­mation that you also provide to us voluntarily.

What is the legal basis for our data processing?
The legal basis for the processing of your personal data in this appli­cation procedure is, in particular, Section 26 BDSG in conjunction with Article 6 (1) lit. b and, if applicable, a GDPR. According to this, the processing of all data required in connection with the decision on the estab­lishment of an employment relationship is permissible.

Furthermore, we may process personal data about you insofar as this is necessary for the defence of asserted legal claims against us arising from the appli­cation process. The legal basis for this is Art. 6 para. 1 lit. b and f of the GDPR. Our legit­imate interest is the afore­men­tioned defence against claims.

If we create evalu­a­tions or statistics, the processing is based on Art. 6 Para. 1 lit. f GDPR, our legit­imate interest is the constant review and optimi­sation of our attrac­tiveness as an employer, as well as the monitoring of success.

How long is your data stored?
In the event of a rejection, applicant data will be deleted 6 months after completion of the recruitment process, provided it is for an adver­tised position. If you have sent us a specu­lative appli­cation, we will delete the data 6 months after we have rejected you.

If an employment relationship is estab­lished, we will continue to process the data we have already received from you for the purposes of the employment relationship and all related processing (e.g. reporting and payment of social security contri­bu­tions). We will inform you in good time about this further processing in accor­dance with the statutory provisions.

Who receives your data?
After receipt of your appli­cation, your appli­cation data will be viewed by the staff respon­sible for human resources. Candidate appli­ca­tions are then forwarded inter­nally to the person respon­sible for the respective vacant position.

In principle, only those persons within the company have access to your data who are respon­sible for ensuring that the selection process is carried out properly. Within the framework of technical mainte­nance measures, those respon­sible for this may be able to view your data.

Are you obliged to provide us with data?
You are neither contrac­tually nor legally obliged to provide us with data as part of the appli­cation process. However, failure to provide us with data may mean that we are unable to consider you in the further procedure.

Version IV, Status 08.08.2019