Zásady ochrany osobních údajů | Norres Baggerman Group

Where personal data is collected during your visit to our website, such processing is carried out exclusively in accordance with the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and the Telecommunications Digital Services Data Protection Act (TDDDG).

Personal data is processed solely in accordance with this Privacy Policy.

This Privacy Policy applies to the website accessible at www.norres-baggerman.com. For content linked to external providers, the privacy policy of the respective linked website shall apply.

Please note that data transmission via the Internet may be subject to security vulnerabilities which cannot be fully prevented by the technical design of this website. Complete protection of personal data against third-party access is not possible when using the Internet.

2 Controller, Art. 13 para. 1 lit. a GDPR

The controller responsible for the processing of personal data on this website is:

NORRES Schlauchtechnik GmbH
Am Stadthafen 12-16
45881 Gelsenkirchen
Germany
Phone +49 209 8 00 00 0
E-Mail info@norres-baggerman.de

3 Data Protection Officer

Our appointed Data Protection Officer is:

Mr. Dipl.-Inform. Olaf Tenti
GDI Gesellschaft für Datenschutz und Informationssicherheit mbH
Alter Schloßweg 30
58119 Hagen (NRW)
Germany
Phone: +49 (0)2331/356832-0
Email: datenschutz@gdi-mbh.eu
Website: www.gdi-mbh.eu

4 Hosting

Our website is hosted on servers operated by:

bitformer GmbH
Mittelweg 7
38106 Braunschweig
Germany

We have concluded a data processing agreement (DPA) with bitformer GmbH.

When our website is accessed, data is automatically collected and stored in log files on the hoster’s server. This data may contain personal data. The data collected includes:

IP address of the requesting device (in anonymized form) – stored for 7 days
Date and time of access – stored for 7 days
Requested resource (URL/path) – stored for 7 days
Amount of data transferred (bytes) – stored for 7 days
HTTP status code – stored for 7 days
Referrer URL (if transmitted by browser) – stored for 7 days
User agent (browser/device identification) – stored for 7 days

The hoster uses this data to ensure the smooth operation of the website, IT security, and optimization of our services. In case of specific indications, log data may be analyzed retrospectively. Temporary storage of the IP address is necessary to deliver the website to the user’s device. The IP address must remain stored for the duration of the session.

No merging of this data with other data sources takes place.

Rechtsgrundlage der Datenerhebung ist Art. 6 Abs. 1 S. 1 lit. f DSGVO. Unser berechtigtes Interesse an der Datenerhebung ergibt sich aus den genannten Zwecken.

Legal basis: Art. 6 para. 1 sentence 1 lit. f GDPR (legitimate interest). Our legitimate interest arises from the purposes listed above.

The data is deleted when it is no longer required for the purpose for which it was collected. Log files are deleted or anonymized after seven days at the latest.

Collection of this data is mandatory for operating the website; therefore, there is no right to object.

5 Cookies

In addition to the data mentioned above, cookies are used when you visit and use our website.

Upon your first visit, you will be asked whether you consent to the use of cookies and, if so, to which categories.

Cookies are small text files that are stored by your browser on your end device in order to save certain information. Furthermore, cookies are used to make the use of our website more convenient and user-friendly for you or for analytical purposes.

Most of the cookies we use are so-called “session cookies”. These serve to technically provide you with the services of our website. After the end of your visit, these cookies are automatically deleted by your browser.

Other cookies remain on your device and enable us to recognise your device during your next visit (so-called persistent cookies).

When you access our website again using the same device, the information stored in cookies is retrieved either by our website (“first-party cookie”) or by another website to which the cookie belongs (“third-party cookie”).

These cookies are automatically deleted by your system after a predefined period, which may vary depending on the respective cookie.

Through the stored and returned information, the respective website recognises that you have previously accessed and visited it using the browser of your device.

We use this information in order to optimally design and display the website in accordance with your preferences. In this process, only the cookie itself is identified on your device.

Any further storage of personal data takes place only with your explicit consent or where it is strictly necessary in order to use the service offered and requested by you.

This website uses the following types of cookies, the scope and functionality of which are explained below:

Essential Cookies: Strictly necessary cookies ensure functions without which you would not be able to use our website as intended. These cookies are used exclusively by us and serve, for example, to ensure that you remain logged in as a registered user when accessing different subpages of our website and therefore do not have to re-enter your login credentials each time you access a new page. The legal basis for the use of essential cookies is our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR.
Functional Cookies: Functional cookies enable our website to store information you have already provided and to offer enhanced and improved functions based on this information. The legal basis for the use of these cookies is your consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR.
Marketing or Tracking Cookies: These cookies are used to collect information about the websites visited by the user in order to create and enable targeted and more effective advertising for the user and to identify the interests of website visitors in order to make our website more attractive in the future.

Marketing and/or tracking cookies are only set after your active consent.

The legal basis for this data processing is Art. 6 para. 1 sentence 1 lit. a GDPR.

Opt-out for Marketing Cookies

You may also manage cookies used for online advertising via tools developed within the framework of self-regulatory programmes in many countries, such as:

In the USA: https://www.aboutads.info/choices/

In the EU: https://www.youronlinechoices.com/uk/your-ad-choices

You may revoke your consent to the use of cookies at any time with effect for the future.

You may configure your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, for example third-party cookies (cookies set by a third party and not by the website you are currently visiting), exclude the acceptance of cookies in certain cases or in general, and activate the automatic deletion of cookies when closing your browser. You may delete stored cookies at any time using your web browser.

You may also disable cookies entirely in your browser at any time.

However, if cookies are disabled, the functionality of this website may be limited.

Deletion of Cookies

Cookies are stored on your device until you delete them, which is possible at any time. Expired cookies are automatically deleted by your browser if you have configured your browser accordingly. Expired cookies are no longer transmitted to our servers and can therefore no longer be used by us.

Information on how to delete cookies and manage cookie settings in the most common browsers can be found for:

Desktop / Laptop

Mobile Devices

If you have not configured otherwise, cookies required for essential technical functions remain on your device until you close your browser; other cookies may remain on your device for a longer period (maximum of 6 months).

To safeguard your privacy, you should regularly review and independently delete cookies stored on your device as well as your browsing history.

6 Local Storage / Session Storage-Cookies

In addition, we use so-called local storage and session storage technologies (also referred to as “local data”, “local storage” and “session storage”), meaning that we use your browser’s storage capacity.

With local storage, data is stored locally in your browser’s cache and remains available even after the browser window has been closed or the program has been terminated, unless you actively delete the cache.

Local storage enables your preferences when using our websites to be stored on your device and reused by you.

The function of session storage corresponds in substance to the local storage described above, except that the respective data is automatically removed from your browser’s cache immediately after the browser is closed (end of the “session”).

Data stored in local storage and session storage cannot be accessed by third parties. It is not disclosed to third parties and is not used for advertising purposes. In particular, this technology is used to present our content in an appealing graphical format (e.g. pop-up windows, etc.) and to personalise our services and navigation on our pages for you.

No merging of this data with other data (e.g. information from tracking tools that may also be stored separately in local storage) takes place.

Furthermore, certain information and inputs are stored in local storage for transmission to and analysis by tracking tools. This data serves solely to analyse and evaluate the browsing behaviour of visitors. The data stored in local storage is not used for advertising purposes.

Where the use of this technology is necessary for the operation of the website, processing is carried out on the basis of our legitimate interest in providing you with an attractive and fully functional offering, pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR.

In all other cases, processing is carried out on the basis of your consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR.

7 Cookiebot.com

Our website uses the cookie consent technology of Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark (hereinafter referred to as “cookiebot”) in order to obtain your consent to the storage of certain cookies in your browser and to document such consent in a data protection compliant manner.

We use this data to ensure the full functionality of our website.

If the user gives consent to the use of cookies, the following data is automatically logged by cookiebot:

The anonymised IP address of the user;
Date and time of consent;
Browser user agent of the end user;
The URL of the provider;
An anonymous, random and encrypted key;
The user’s approved cookies (cookie status), which serves as proof of consent.

The encrypted key and the cookie status are stored by means of a cookie on the user’s end device in order to establish the corresponding cookie status during future page visits. This cookie is automatically deleted after 12 months.

Mandatory statutory retention periods remain unaffected.

This data processing is carried out in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR on the basis of our legitimate interest in providing a cookie consent management service for website visitors.

You may prevent the collection and processing of your data by cookiebot.com by disabling the execution of script code in your browser or by installing a script blocker in your browser.

We have concluded a data processing agreement with Usercentrics A/S (https://www.cookiebot.com/wp-content/uploads/2022/10/DPA_01_2022.pdf This is a contract required under data protection law which ensures that Usercentrics processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

Further details regarding data processing can be found in the cookiebot privacy policy: https://www.cookiebot.com/en/privacy-policy/.

8 SSL and TLS Encryption

For security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the website operator, this website uses SSL or TLS encryption.

You can recognise an encrypted connection by the fact that the browser’s address line changes from “http://” to “https://” and by the lock symbol displayed in your browser bar.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties (end-to-end encryption). The encryption protocols authenticate the communication partner and ensure the integrity of the transmitted data.

9 Data Retention

Unless a more specific retention period is stated within this Privacy Policy, your personal data will remain with us until the purpose for the data processing no longer applies.

If you assert a legitimate request for erasure or withdraw your consent to data processing, your data will be deleted unless we have other legally permissible grounds for retaining your personal data (e.g. retention obligations under tax or commercial law). In the latter case, deletion will take place once those grounds no longer apply.

10 Contact Options

Our website provides the possibility to contact us via [email or contact form.

In this context, the information you provide in the form (and/or via email), including the contact details you supply therein, will be stored and processed by us for the purpose of handling your enquiry and in the event of follow-up questions. This data (e.g. name, address, telephone number, email address, IP address) will not be disclosed to third parties without your consent.

This data will not be merged with other data collected on this website.

The contact form is transmitted using TLS encryption technology. The encryption serves to prevent unauthorised access by third parties to your personal data.

The processing of this data is carried out on the basis of Art. 6 para. 1 sentence 1 lit. b GDPR, provided that your enquiry is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interest in effectively handling enquiries addressed to us (Art. 6 para. 1 sentence 1 lit. f GDPR).

The data you provide in the contact form or by email will remain with us until you request its deletion, object to its processing, or the purpose for data storage no longer applies (e.g. after your enquiry has been fully processed). Mandatory statutory provisions – in particular retention periods – remain unaffected.

11 Applications

On our website, you have the opportunity to apply for a position within our company.

We accept digital applications, regardless of whether you are applying for a position advertised by us or submitting an unsolicited application. Separate privacy information for applicants can be found at the following link.

12 Google Tag Manager

We use “Google Tag Manager” on our websites. The service is operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, or, if you have your registered office or place of residence within the EU, by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

Google Tag Manager provides functionality that enables us to integrate additional services into our website easily, efficiently and dynamically. Code snippets can be implemented more easily into websites or apps. This allows us to configure and adjust services integrated via Google Tag Manager, so-called tags, quickly without having to make technical changes to our website.

The functions of these tags are often used, for example, to analyse users’ online behaviour (generally or on the page), optimise marketing campaigns or deliver appropriate advertising. Services to which you have already objected or for which you have withdrawn consent will not be delivered to your browser via Google Tag Manager.

Google Tag Manager itself does not collect any personal data and does not set any cookies. However, it may transmit cookies, as the tags used may set cookies. When Google Tag Manager is accessed, the IP address and browser fingerprint (also referred to as device fingerprinting or online fingerprinting) are transmitted to Google. This constitutes processing within the meaning of Art. 4 no. 2 GDPR.

The legal basis for the use of Google Tag Manager is your consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR, provided that you have granted such consent upon first accessing the website.

Google may also process your data in the USA. For data transfers to the USA, the provider has joined the EU–US Data Privacy Framework, which, on the basis of an adequacy decision of the European Commission, ensures compliance with the European level of data protection.

Furthermore, Google uses so-called Standard Contractual Clauses pursuant to Art. 46 para. 2 and 3 GDPR. Standard Contractual Clauses are model templates provided by the European Commission and are intended to ensure that your data complies with European data protection standards even when transferred to third countries (such as the USA) and stored there.

By concluding these clauses, Google undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the European Commission. The decision and the corresponding Standard Contractual Clauses can be found, among others, at:

https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj

Additional Information on Data Processing

We have concluded the Google Ads Data Processing Terms with Google. These correspond to the Standard Contractual Clauses and also apply to Google Tag Manager.

The Google Ads Data Processing Terms are available at:
https://business.safety.google/adsprocessorterms/

Google’s privacy policy is available at:
https://policies.google.com/privacy

The Google Tag Manager terms of use are available at:
https://marketingplatform.google.com/about/analytics/tag-manager/use-policy/

13 Use of Google Analytics 4

This website uses the web analytics service Google Analytics 4, operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, or, if you have your registered office or place of residence within the EU, by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

Google Analytics uses so-called “cookies”, i.e. small text files that are stored on your computer and that enable an analysis of your use of the website, provided that you have consented to the use of cookies for marketing purposes.

The information generated by the cookie about your use of this website is transmitted to Google servers and further processed there. Transfers to Google LLC in the USA may also occur.

According to Google, all data from end devices within the EU is stored and processed on servers within the EU.

Precise location data is not provided. Instead, the following metadata is derived from IP addresses: “City” (and the derived latitude and longitude of the city), “Continent”, “Country”, “Region”, “Subcontinent” (and the corresponding ID-based equivalents).

For accesses originating from the EU, IP address data is truncated by removing the last digits immediately after transmission to the EU server and is thus pseudonymised in order to exclude direct personal reference. Only thereafter is the data forwarded to Analytics servers for further processing.

On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activities and to provide other services relating to website usage and internet usage to the website operator.

The truncated IP address transmitted by your browser will not be merged with other data held by Google. Data collected in connection with the use of Google Analytics 4 is stored for a period of two months and subsequently deleted.

You may prevent the storage of cookies by adjusting your browser software accordingly; however, please note that in this case you may not be able to use all functions of this website to their full extent.

You may also prevent the collection of data generated by the cookie and relating to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing the browser plugin available at the following link:
https://tools.google.com/dlpage/gaoptout

Demographic Features

Google Analytics 4 uses the special function “Demographics”. With this function, Google Analytics 4 can create statistics that provide information about the language, interests, location, age and gender of website users in order to identify target groups for marketing activities. This is carried out by analysing advertising and information from third-party providers.

The collected data cannot be assigned to any specific individual and is deleted after a storage period of two months.

Google Signals

As an extension of Google Analytics 4, we use Google Signals on our website to generate cross-device reports. If you have activated personalised advertising and linked your devices to your Google account, Google may – subject to your consent to the use of Google Analytics – analyse your usage behaviour across devices and create database models, including models relating to cross-device conversions.

We do not receive any personal data from Google, but only aggregated statistic. If you wish to prevent cross-device analysis, you can deactivate the “Personalised Advertising” function in your Google account settings.

Instructions can be found at: https://support.google.com/ads/answer/2662922

Further information on Google Signals is available at: https://support.google.com/analytics/answer/7532985

UserIDs

As an extension of Google Analytics 4, the “User IDs” function is used on our website. If you have consented to the use of Google Analytics 4, created an account on this website and log in with this account on different devices, your activities – including conversions – may be analysed across devices.

The terms of use and data protection information are available at:

https://www.google.com/analytics/terms/
https://policies.google.com/privacy
https://policies.google.com/?hl=en&gl=en

Google processes your personal data on our behalf. We have therefore concluded a data processing agreement with Google pursuant to Art. 28 para. 3 GDPR, under which Google undertakes to protect your personal data and not to disclose it to third parties for purposes other than those stated above.

The legal basis for the use of Google Analytics is your consent pursuant to § 25 para. 1 TDDDG and Art. 6 para. 1 sentence 1 lit. a GDPR, provided that you have granted such consent upon first accessing the website.

For data transfers to the USA, the provider has joined the EU–US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision of the European Commission.

You may withdraw your consent to data processing and transfer at any time without giving reasons by deleting cookies in your browser or by clicking on the “Manage Consent” box.

The withdrawal of consent does not affect the lawfulness of processing carried out on the basis of consent before its withdrawal.

14 Google Fonts

Through the integration of “Google Maps”, “Google Fonts” are loaded. Google Fonts is provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, or, if you have your registered office or place of residence within the EU, by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

We have no influence over this process.

The files required for this purpose may be requested via the Google domains fonts.googleapis.com, maps.gstatic.com, maps.googleapis.com and/or fonts.gstatic.com.

Gstatic is a domain used by Google to load static content under a different domain name in order to reduce bandwidth usage and improve network performance for end users.

By visiting the website, Google receives the information that you have accessed the corresponding subpage of our website. In addition, the following data is transmitted directly from your browser to a Google server:

IP address,
Date and time of the request,
Time zone difference to Greenwich Mean Time (GMT),
Content of the request (specific page),
Access status / HTTP status code,
Amount of data transferred,
The website from which the request originates (so-called referrer),
Type and version of the browser used, including language settings,
Type and version of the operating system used, including interface.

According to Google, this information is not stored and is used solely to deliver the requested fonts and to detect and, where necessary, prevent attacks on the IT system.

If you have given your consent to the activation of the aforementioned tools and thus to the loading of Google Fonts, the legal basis for data processing is your consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR.

Further information on the purpose and scope of data collection and its processing by the plugin provider can be found in the provider’s privacy policy. There you will also find further information on your related rights and settings options for the protection of your privacy: https://policies.google.com/privacy

15 Profiles on Social Networks

Our presences on the social networks and video platforms listed below serve the purpose of active and up-to-date communication with our customers and prospective clients. We provide information there about our services, products and special promotions relating to our company and our services. Further information about us as the provider of the respective social media channel can be found in our legal notice (Imprint).

Below, we provide you with privacy information pursuant to Art. 13 of the General Data Protection Regulation (GDPR) regarding the social media presences operated by us: ~~LinkedIn US/UK-Account hinzufügen~~

https://www.facebook.com/p/NORRES-Schlauchtechnik-GmbH-100064704311794/?locale=de_DE

https://de.linkedin.com/company/norres-schlauchtechnik-gmbh

https://www.xing.com/pages/norres-schlauchtechnik-gmbh

16.1 Company Facebook Page

We operate a social media presence on the social network Facebook.

The social network Facebook is operated by Meta Platforms, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or, if you have your registered office or place of residence within the EU, by Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter “Facebook”).

We are jointly responsible with Facebook for data processing. For this purpose, we have concluded an agreement on joint controllership pursuant to Art. 26 GDPR with Facebook. This agreement, the so-called “Page Insights Controller Addendum”, can be viewed at:
https://www.facebook.com/legal/terms/page_controller_addendum

When visiting our Facebook page, your data may be automatically collected and stored for market research and advertising purposes. Based on this data, so-called user profiles are created using pseudonyms. These may be used, for example, to place advertisements within and outside the platforms that presumably correspond to your interests.

For this purpose, cookies are generally used on your end device. These cookies store user behaviour and interests.

Furthermore, we use Facebook’s Page Insights function. This provides us with statistical evaluations regarding users of our Facebook page. The Page Insights data collected via our Facebook page is provided to us in anonymised form, so that no conclusions can be drawn about individual persons.

Further information about Page Insights and Facebook pages can be found at:
https://www.facebook.com/about/privacy/
https://www.facebook.com/legal/terms/information_about_page_insights_data

Information about Facebook’s use of cookies can be found at:
https://www.facebook.com/policies/cookies/

The data processing serves to safeguard our overriding legitimate interests in optimising the presentation of our company, as well as our services and offers, and in communicating effectively with you. The legal basis for processing is therefore Art. 6 para. 1 sentence 1 lit. f GDPR.

If Facebook requests your consent to data processing, the legal basis for processing is Art. 6 para. 1 sentence 1 lit. a GDPR in conjunction with § 25 para. 1 TDDDG. You may withdraw this consent at any time with effect for the future by contacting Facebook. Withdrawal does not affect the lawfulness of processing carried out prior to withdrawal.

Facebook may also base the processing of your personal data on Art. 6 para. 1 sentence 1 lit. b GDPR (performance of a contract) and Art. 6 para. 1 sentence 1 lit. c GDPR (compliance with a legal obligation).

Further details can be found at:
https://www.facebook.com/privacy/policy

Detailed information on the processing and use of your personal data by Facebook, including contact options and your related rights and settings options for protecting your privacy, in particular objection options (so-called opt-out), can be found in Facebook’s privacy policy:
https://www.facebook.com/about/privacy/

The opt-out option can be accessed here:
https://www.facebook.com/settings?tab=ads

It is possible that some of the collected information may also be processed outside the European Union, in the USA.

16.2 LinkedIn (Company Profile)

For the purpose of recruitment and employer branding, we use the professional and career network “LinkedIn” and maintain a company profile there. LinkedIn is operated by LinkedIn Corporation, 1000 W. Maude Ave., Sunnyvale, California 94085, USA, or, if you have your registered office or place of residence within the EU, by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (“LinkedIn”).

We have concluded a data processing agreement with LinkedIn, which can be accessed here:
https://de.linkedin.com/legal/l/dpa

When visiting our company profile on LinkedIn, your data may be automatically collected and stored by LinkedIn for market research and advertising purposes as well as for the placement of job offers that may be of interest to you (so-called Page Insights). Based on this data, so-called usage and interest profiles are created using pseudonyms. For this purpose, cookies are generally used on your end device.

Information about the function of cookies is provided in LinkedIn’s privacy policy and cookie policy; please refer to those notices for further details. These cookies store user behaviour and interests.

Furthermore, we receive statistical evaluations derived from the collected data regarding which groups of persons are interested in our company page. The data is processed in anonymised form so that no conclusions can be drawn about individual persons. The statistical evaluations may include information such as approximate geographic location, age group and other aggregated characteristics.

The processing of personal data in connection with LinkedIn Page Insights is carried out on the basis of a joint controller agreement pursuant to Art. 26 GDPR, which can be viewed here:
https://legal.linkedin.com/pages-joint-controller-addendum

Irrespective of the internal allocation of responsibilities agreed between us and LinkedIn, you may direct all data protection enquiries either to us or to our Data Protection Officer, as well as to LinkedIn.

If LinkedIn requests your consent to data processing, for example by means of a checkbox, the legal basis for processing is Art. 6 para. 1 sentence 1 lit. a GDPR.

You may withdraw your consent at any time with effect for the future by contacting LinkedIn. Processing carried out prior to withdrawal remains lawful.

If you wish to deactivate LinkedIn advertising cookies, please use the following link:
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

Detailed information on the processing and use of data by LinkedIn, including contact options and your related rights and settings options for protecting your privacy, can be found in LinkedIn’s privacy policy at:
https://www.linkedin.com/legal/privacy-policy

LinkedIn’s cookie policy is available at:
https://www.linkedin.com/legal/cookie-policy

16.3 XING / Kununu - Profile

We operate company profiles on XING and Kununu to present our company. The provider of XING and Kununu is New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany.

Our XING profile serves the purpose of actively and contemporarily addressing potential employees in a professional environment. On this page, we share information about our company and present ourselves externally. We provide information about our services, products, special promotions, and employment opportunities within our company.

If XING requests your consent to data processing, for example by means of a checkbox, the legal basis for processing is Art. 6 para. 1 sentence 1 lit. a GDPR.

Detailed information on the processing and use of data by the provider, as well as contact options and your related rights and settings options for protecting your privacy, can be found in XING’s privacy policy at:
https://privacy.xing.com/en/privacy-policy

Kununu primarily offers users the opportunity to submit and view employer reviews. At the same time, we use our presence on Kununu to provide information about our company, career opportunities, products and services.

When visiting our Kununu page and in the course of other interactions with our Kununu page, personal data of users may be collected by Kununu, for example through the use of cookies. Such data collection by Kununu may also occur for users who are not logged in or registered with Kununu. Information on data collection and further processing by Kununu can be found in Kununu’s privacy policy at:
https://privacy.xing.com/en/privacy-policy

Data processing is carried out as joint processing. For content that you make directly available on the platform, i.e. comments, private messages or similar content, New Work SE and we act as joint controllers pursuant to Art. 26 GDPR.

The legal basis for the processing of data is your consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR, where you have provided such consent, as well as the protection of legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR. If you contact us, the legal basis may additionally be Art. 6 para. 1 sentence 1 lit. b GDPR (necessity for the implementation of pre-contractual measures).

The aforementioned legitimate interest consists in our desire to communicate with you via our Kununu page and to inform you about our company, career opportunities and jobs, as well as our products and services.

Information on how XING and Kununu process your data can be found in XING’s privacy policy, which applies to all services of New Work SE:
https://privacy.xing.com/en/privacy-policy/general-information

As only New Work SE has information about the data actually collected and its use on the respective platforms, requests for information as well as the exercise of other data subject rights should be directed there. Of course, you may also send such enquiries to us; we will Via the XING and Kununu platforms, we only process the data that you provide to us directly. This includes comments, enquiries, your user profile, reviews and similar information. Such data remains stored for the duration of the existence of the respective profile.

Processing of the data used by us takes place exclusively within the territory of the EU or the EEA. We do not transfer data to third countries.

16 Your Rights and Exercise of Your Rights

You are entitled to the rights listed below. You may assert these rights against us. To exercise your rights, please use the contact details provided above or contact us by email at: info@norres-baggerman.de.

Pursuant to Art. 15 GDPR, you have the right to request information about the personal data we process concerning you. In particular, you may request information about:

the purposes of processing,
the categories of personal data concerned,
the categories of recipients to whom your data has been or will be disclosed,
the planned storage period,
the existence of a right to rectification, erasure, restriction of processing or objection,
the existence of a right to lodge a complaint,
the origin of your data where it was not collected by us,

the existence of automated decision-making, including profiling, and, where applicable, meaningful information about its details.

Right to Rectification:

Pursuant to Art. 16 GDPR, you have the right to request without undue delay the rectification of inaccurate personal data stored by us or the completion of your personal data.

Right to Erasure:

Pursuant to Art. 17 GDPR, you have the right to request the erasure of your personal data stored by us, unless processing is necessary:

for exercising the right of freedom of expression and information,
for compliance with a legal obligation,
for reasons of public interest, or
for the establishment, exercise or defence of legal claims.

Right to Restriction of Processing:

Pursuant to Art. 18 GDPR, you have the right to request restriction of processing of your personal data where:

you contest the accuracy of the data,
the processing is unlawful but you oppose the erasure of the data,
we no longer need the data but you require it for the establishment, exercise or defence of legal claims, or
you have objected to processing pursuant to Art. 21 GDPR.

Right to Data Portability:

Pursuant to Art. 20 GDPR, you have the right to receive the personal data you have provided to us in a structured, commonly used and machine-readable format or to request transmission to another controller.

Withdrawal of Consent:

Pursuant to Art. 7 para. 3 GDPR, you have the right to withdraw your consent at any time with effect for the future. As a result, we may no longer continue data processing based on this consent in the future. The withdrawal of consent does not affect the lawfulness of processing carried out on the basis of consent before its withdrawal.

Please address your withdrawal to the contact details provided above or by email to: info@norres-baggerman.de

Right to Object

You have the right, on grounds relating to your particular situation, to object at any time to the processing of personal data concerning you which is based on Art. 6 para. 1 sentence 1 lit. e or f GDPR; this also applies to profiling based on those provisions.

The controller shall no longer process the personal data concerning you unless it demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defence of legal claims.

Where personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing; this also applies to profiling insofar as it is related to such direct marketing.

If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for such purposes.

In the context of the use of information society services – notwithstanding Directive 2002/58/EC – you may exercise your right to object by automated means using technical specifications.

Automated Individual Decision-Making, Including Profiling

You have the right not to be subject to a decision based solely on automated processing – including profiling – which produces legal effects concerning you or similarly significantly affects you.

This shall not apply if the decision:

is necessary for entering into, or performance of, a contract between you and the controller,
is authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests, or
is based on your explicit consent.

However, such decisions may not be based on special categories of personal data pursuant to Art. 9 para. 1 GDPR, unless Art. 9 para. 2 lit. a or g GDPR applies and suitable measures to safeguard your rights and freedoms and legitimate interests have been implemented.

Right to Lodge a Complaint with a Supervisory Authority:

Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority. As a rule, you may contact the supervisory authority of your habitual residence, place of work or the registered office of our company.

17 Version of this Privacy Policy

The ongoing development of the Internet may make it necessary to amend this Privacy Policy from time to time. We reserve the right to make corresponding changes at any time.

Status: February 2026