Privacy notices for the Changepoint Group
We would like to inform you below about the processing of personal data as part of the use of our website. Under Article 4 of the General Data Protection Regulation (GDPR), “personal data” is any information relating to an identified or identifiable natural person (‘ affected person ‘). Identifiable is a natural person who identifies directly or indirectly, in particular by assigning it to an identifier such as a name, to a identification number, to location data, to an online identifier or to one or more special features The expression of the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person. The legal basis for data protection can be found in the new Federal Data Protection Act (BDSG-new) and the General Data Protection Regulation (GDPR).
Changepoint Verwaltungs GmbH (Great Elbstraße 42, 22767 Hamburg) is responsible for this website.
Further information about our company and the persons entitled to represent you can be found in our imprint of our website: www.changepoint.de.
What data is being processed?
Legal bases for data processing
In order to be able to offer you our website and related services, we process personal data on the basis of the following legal bases:
- Consent (Article 6 (1) lit. a) GDPR)
- To fulfil contracts (Article 6 (1) lit. b) GDPR
- On the basis of a balance of interest (Article 6 (1) lit. f) GDPR)
- To comply with a legal obligation (Article 6 (1) lit. c) GDPR)
We will refer to the relevant terms in connection with the respective processing, so that you can classify the basis on which we process personal data.
If personal data is processed by you on the basis of your consent, you have the right to revoke your consent at any time with effect for the future towards us.
If we process data on the basis of a balance of interests, you as a concerned event have the right to object to the processing of the personal data, taking into account the requirements of Article 21 of the GDPR.
When you visit our website, personal data is processed in order to be able to show you the contents of the website on your device.
In order for the pages to be displayed in your browser, the IP address of the device you are using must be processed. In addition, there is more information about the browser of your device. The data is also used to identify and correct errors on the website.
We are also obliged under data protection law to ensure the confidentiality and integrity of the personal data processed with our IT systems.
For this purpose and from this interest, the following data are logged on the basis of a balance of interests:
- Anonymised IP address of the calling computer (for a maximum of 5 days)
- Operating system of the calling computer
- Browser version of the calling computer
- Name of the retrieved file
- Date and Time Of Retrieval
- Amount of data transferred
- referring URL
The anonymised IP address will be deleted from all systems used in connection with the operation of these websites at the latest by five days at the latest.
The data is also used to identify and correct errors on the website.
Cookies are used on our website. Cookies are small text information that is stored in your device via their browser. The cookies are necessary to enable certain functions of our website.
We use session cookies, which are automatically deleted from your browser immediately after the end of the visit to the website.
You can prevent cookies from being set by setting cookies in your browser. However, we would like to point out that the use of our website may then be limited. Cookies do not install or launch programs or other applications on your computer.
Cookies are used on the basis of a balance of interests. Our interest is the user-friendly visit to our website.
We use so-called Google web fonts on our website. In the process, fonts are loaded from Google servers that better design the website. Data processing is based on a balance of interests, and our interest is in an appealing design of the website.
The fonts in question are loaded from servers of Google, which are usually located in the United States. The appropriate level of data protection is guaranteed by Google (list entry “Privacy Shield”).
Online presence on social media
We maintain online presence within social networks and platforms to communicate with customers, prospects and users who are active there. We inform our customers there about services. The terms and conditions and data processing policies are based on the respective operators of the respective networks when they call.
We only process users ‘ data when they communicate with us within the social networks. This would be the case if users write posts or send us messages on our online stores.
Use of Doubleclick Ad Exchange
This website uses the online marketing tool Doubleclick. As soon as Doubleclick Ad Exchange, a web ad service of Google Inc., USA (“Google”), displays advertisements (text ads, banners, etc.) on this website, your browser may store a cookie sent by Google Inc. or third parties. The stored information can be recorded, collected and evaluated by Google Inc. or even third parties. In addition, the Doubleclick Ad Exchange also uses so-called “WebBeacons” (small invisible graphics) for the collection of information, through which simple actions such as visitor traffic on the website can be recorded, collected and evaluated. The information generated (through Cookie and/or WebBeacon) about your use of this website is transmitted to a Google server in the USA and stored there as well. To evaluate their usage behavior with regard to Doubleclick Ad Exchange ads, Google uses the information it receives. This information may also be transferred to Google to third parties if required by law or if third parties process this data on behalf of Google.
If IP addresses are transmitted and stored in this context, this will only take place for the fight and filtering of spam/ic scams (ad impressions-spam and click spam).
This data is only accessible to anti-abuse teams. Google does not associate the IP address with other data stored by Google.
You can prevent cookies from being stored on your hard drive and web beacons from being displayed. To do this, you must choose “do not accept cookies” in your browser settings (in Internet Explorer under “Extras/Internet Options/Privacy/Settings,” in Firefox under “Extras/Settings/Privacy/Cookies”).
Google Re/Marketing Services
On the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer) in accordance with Article 6 (1) lit. (F) We GDPR, we use Google LLC’s marketing and remarketing services (Google Marketing Services), 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (“Google”). Google is certified under the Privacy Shield Agreement, providing a guarantee to comply with European data protection law www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
Google marketing services allow us to display ads for and on our website in a more targeted way. This presents users with ads that potentially suit their interests. “Remarketing” is referred to when, for example, a user is shown ads for products they have been interested in on other websites.
For these purposes, when our and other websites are active on Google, a code from Google is executed directly by Google and so-called (re) marketing tags (invisible graphics or code, also known as “web beacons”) in The website is integrated. This stores an individual cookie, i.e. a small file, on the user’s device. The cookies can be set by various domains, including google.com, invitemedia.com, doubleclick.net, admeld.com, googleadservices.com or googlesyndication.com. This file shows which content the user is interested in and which website he has visited. It also notes which offers he has clicked, which referring websites, technical information about the browser and operating system, visiting time and other information about the use of the online offer.
Use of Google Adwords
We also use the Google Google advertising tool “Google Adwords” to promote our website. As part of this, we use the “conversion tracking” analytics service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, “Google” on our website. If you have entered our website via a Google ad, a cookie will be stored on your computer. Cookies are small text files that your internet browser stores and stores on your computer. These so-called “conversion cookies” lose their validity after 30 days and do not serve your personal identification. If you visit certain pages of our website and the cookie has not expired yet, we and Google can recognize that you as a user have clicked on one of our ads placed on Google and have been forwarded to our site.
The information obtained with the help of the “conversion cookies” is used by Google to compile visit statistics for our website. Through this statistic, we learn the total number of users who clicked on our ad and which pages of our website were subsequently accessed by the respective user. However, we or other advertisers via “Google Adwords” do not receive any information that can be used to personally identify users.
You can prevent the installation of the “conversion cookies” by setting your browser accordingly, for example by means of a browser setting, which generally disables the automatic setting of cookies or specifically only the cookies from the domain ” googleadservices.com” is blocked.
Google’s privacy notices can be found at the following link:
Purposes of processing personal data
We process the aforementioned data for the operation of our website and for the fulfilment of contractual obligations towards our customers or for the protection of our legitimate interests.
In the event of enquiries from you outside of an active customer relationship, we process the data for the purposes of sales and advertising. You can object to the use of your personal data for advertising purposes at any time.
SSL or TLS encryption
For Security Reasons and to Protect the Transfer of confidential Content that You send to us as a Site Operator, our Website uses an SSL or TLS encryption. This means that data that you transmit through our websites is not readable by third parties. You can recognize an encrypted connection by the “https://” Address line of Your Browser and on the lock icon in the Browser line.
Insofar as you voluntarily provide data to us, e.g. in forms, and these are not necessary for the fulfilment of our contractual obligations, we process this data on the legitimate assumption that the processing and use of these data in your interest.
Recipients / disclosure of data
Data that you provide to us will not be passed on to third parties. In particular, your data will not be passed on to third parties for their advertising purposes.
However, we may use service providers for the operation of these websites or for other products or services from us. In this regard, a service provider may become aware of personal data. We carefully select our service providers , especially with regard to data protection and data security, and take all necessary measures for the permissible data processing.
Data processing outside the European Union
Insofar as personal data is processed outside the European Union, you can find out from the previous statements.
All necessary technical and organizational security measures to protect your personal data from loss and misuse are taken by us. This way, your data is stored in a secure operating environment that is not accessible to the public. Your data is encrypted during transmission by so-called Transport Layers Security (TLS). This means that communication between your computer and our servers is based on a recognized encryption method.
Passing automated decision-making
As a responsible company, we refrain from automatic decision-making or profiling.
Data protection supervisor
Your rights as a person affected
You have the right to information about the personal data concerning you. You can contact us at any time for information.
In the case of a request for information that is not made in writing, we ask for your understanding that we may require proof from you to prove that you are the person you are posing for.
You also have the right to correct or delete or to restrict processing, as far as you are legally entitled to do so.
Finally, you have a right of objection to processing within the scope of the legal requirements. The same applies to a right to data portability.
Deletion of data
We delete personal data in principle if there is no need for further storage. A requirement may exist in particular if the data are still needed to meet contractual services, to check warranty and, if applicable, warranty claims and to grant or fend off. In the case of statutory retention obligations, deletion can only be considered after the expiry of the respective retention obligation.
Right of appeal to a supervisory authority
You have the right to complain to a supervisory authority about our processing of your personal data. The competent supervisory authority shall be governed by the state of your residence, work or alleged breach.
Modification of this Privacy Notice
Supplementary data protection information for applicants
We are pleased that you are interested in us and have applied for or applied for a job in our company. We would like to provide you with information on the processing of your personal data in connection with the application.
Which of your data will be processed by us and for what purposes?
We process the data that you have sent to us in connection with your application in order to check your suitability for the position (or any other open positions) and to carry out the application process.
What is the legal basis on this?
The legal basis for the processing of your personal data in this application procedure is Section 26 of the German Data Code (BDSG) as amended from 25.05.2018. It allows the processing of the data necessary in connection with the decision establishing an employment relationship. Should the data be required for legal proceedings after the completion of the application procedure, data processing may be based on the requirements of Art. 1 lit. f GDPR. Our interest then lies in the assertion or defence of claims. Further processing shall be carried out on the basis of Article 6(6) of the 1 lit. a and b GDPR.
How long is the data stored?
Data of applicants applying for internal posts will be deleted after six months in the event of cancellation, provided that no other legitimate interests of the controller are superstitled.
If you have received a commitment for a job during the application process, the data will be transferred to our hr information system.
Data of applicants applying for project-related positions will remain in our pool of applicants for the entire duration of placement, as is the case with the statutory retention periods for the respective performance of the tasks. is required.
Furthermore, their data will be deleted after two years, unless they have given us consent for further storage.
Which recipients will the data be passed on to?
We use a specially developed software solution for the application process.
Your applicant data will be reviewed by the HR department after receiving your application. Appropriate applications are forwarded internally to the department managers for the respective open position. Then the further procedure is agreed. In the company, only the persons who need it for the proper conduct of our application process have access to your data.
We collect, store and process your transmitted personal data only if this is necessary for the processing of enquiries or the processing of orders and if you have previously consented. You have the Right to revoke any consent given with Effect for the Future at any time.
In order to support you in your application efforts in the best possible way, we pass on your personal data to our affiliateD company Mysupply Expertist Vertriebs GmbH in order to be able to check a matching to other projects. In addition, your data will not be passed on to third parties without agreement. The data will only be passed on to third parties in excess of consent if we are obliged to do so due to mandatory legal regulations or if you determine this yourself.
Where is the data processed?
Your applicant data will only be processed in data centers of the Federal Republic of Germany.
With your application you can also subscribe to an e-mail newsletter on our website in order to inform you about new projects. In addition to the voluntary information in the respective form, we only process your e-mail address. However, this is also mandatory.
In order to analyze the popularity of our newsletter broadcasts and optimize them, we log when emails are opened and links are clicked. This usage analysis is carried out on the basis of a balance of interests. You can object to this processing by unsubscribe from the newsletter in order to send you the newsletter.
Newsletter via CleverReach
We use the CleverReach component to send our newsletters. CleverReach is a service provided by CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede, Germany. Your data stored at the newsletter registration (e-mail address, name, IP address, date and time of your registration) will be transferred to a server of The company CleverReach GmbH & Co. KG in Germany and stored there. The data protection regulations of the shipping service provider can be viewed at the following link: www.cleverreach.com/de. The legal basis for the establishment of the shipping service provider is based on Article 6 Abs.1 lit.f) GDPR for the protection of our legitimate interests and an order processing contract in accordance with Art. 3 P.1 GDPR. The shipping service provider does not use the data of our newsletter recipients to write it down or to pass on data to third parties. You can unsubscribe from the newsletter at any time. Alternatively, you will find a link to unsubscribe in each newsletter email.
What rights do you have?
Depending on the situation, you have the following data protection rights as an applicant for us, which you can contact us or our data protection officer at any time.
You have the right to receive information about your personal data processed by us and to request a copy of this data. This includes information on the purpose of the use, the category of data used, its recipients and persons entitled to access and, if possible, the planned duration of the data storage or, if this is not possible, the criteria for determining that duration.
Correction, deletion or restriction of processing
You have the right to demand that we immediately correct incorrect personal data relating to you. Taking into account the purposes of processing, you have the right to require the completion of incomplete personal data – also by means of a supplementary declaration –.
If the processing is based on consent, you have the right to revoke the consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation. To do this, you can contact us or our data protection officers at any time under the aforementioned data.
Right to erasure
You have the right to request that we delete personal data concerning you immediately. We are obliged to delete personal data immediately.
This does not apply to the extent that the processing is necessary for:
- Fulfilment of a legal obligation requiring processing under the law of the Union or the Member States to which we are subject.
- assertion, exercise or defence of legal claims.