Search

Privacy Policy

We ensure protected and proper handling in accordance with legal requirements and international standards. Below is our privacy policy for firstcolo.net
As of: 22.10.2024

General Information
Data Processing
Special Data Processing
Application Process
Abuse and DSA Reports
Social Media
Your Rights

A. General information about privacy

1. Purpose of this privacy information

This privacy policy includes information about data processing in the context of accessing and using the firstcolo.net website. Where links are provided to external websites, we recommend reviewing the privacy information on those sites to determine whether and to what extent personal data is processed there.

2. Responsibility and contact information

The company responsible for processing the personal data is firstcolo GmbH, Kruppstraße 105, 60388 Frankfurt am Main. Additional contact information can be found in the Legal Notice (Impressum). For all questions relating to privacy, especially in conjunction with our website, please contact us or our external data protection officer (Bugl & Kollegen Gesellschaft für Datenschutz und Informationssicherheit mbH, Alexander Bugl, Eifelstraße 55, 93057 Regensburg; email: kontakt@buglundkollegen.de) at any time.

3. Changes to the privacy information

Because we regularly add features to our website and modify existing features, this can result in changes to our statutory privacy processes, so our privacy information is updated regularly. We recommend checking for updates regularly.

B. Data processing when our website is accessed

1. Logfiles

When our web pages are accessed, a protocol data set (known as server logfiles) is saved on our web server; this data set also includes the IP address. Among other things, the data in these server logfiles is used to accurately represent the content of our web pages and for security purposes (here, the legal basis is Art. 6 (1) GDPR, particularly our interest in the proper and safe operation of our IT infrastructure). The logfiles are erased regularly and automatically. If you would like more information about this, please contact us at any time.

2. Tools and cookies

Our website uses various services and applications (collectively known as “Tools”), which are provided either by us or by third parties. In particular, this includes Tools that use technologies to store information on the end device or to access the end device (e.g. cookies, web storage, JavaScript or Pixel). Details about these Tools, particularly the cookies we use, can be found in the Privacy Settings. We distinguish between Tools that are absolutely necessary, e.g. to operate the basic features of the website or to provide explicitly requested services (the legal basis for the use of these Tools is our legitimate interest pursuant to Art. 6 (1) GDPR, and/or § 25 (2) No. 2 TDDDG). We also use Tools that are not absolutely necessary, e.g. which allow us to analyze access and visits to the website or to send out targeted marketing measures. In order to use these Tools, we require prior consent from you as per Art. 6 (1a) GDPR and/or § 25 (1) TDDDG. Details about the Tools and cookies that are implemented when you use our website, as well as their storage length and information about how to erase the data collected here, can be found in the Privacy Settings, which you can access via the “fingerprint symbol.”

3. Tool administration and configuration

Our website uses a cookie consent management tool (Usercentrics, an application from Usercentrics GmbH, Rosental 4, 80331 Munich) to administer and control any consent declarations required for the storage or loading of certain tools. The associated data processing is necessary in order to provide you with the legally required consent management and to fulfill our documentation duties. The legal basis for this is Art. 6 (1c, f) GDPR, especially due to our interest in fulfilling the statutory requirements for consent management (§ 25 (2) No. 2 TTDSG. You can revoke your consent for certain Tools at any time. To do so, click on the Privacy Settings and/or the “fingerprint symbol” shown on the website. Here you can also change the selection of Tools for which you want to provide consent, and find additional information about the cookies and their respective storage length. Alternatively, you can contact the respective provider directly to revoke your consent for certain Tools. If you have any questions about the provider or need any additional information, please get in touch with us anytime via the contact information provided above.

4. Analysis and tracking tools

Our website uses Tools that help us better understand user behavior and allow us to optimize our offering based on the collected information. Details about these Tools can also be found in the Privacy Settings. We always ensure that these Tools are used, and data processed, only where you have consented to this in advance (Art. 6 (1) lt. a) GDPR; § 25 (1) TDDDG). Where these providers have access to personal data or where the Tools are hosted by these providers, the necessary processing contracts have been concluded. If you have any questions about the providers or need additional information about any storage or erasure processes, please get in touch with us anytime via the abovementioned contact information.

5. Marketing and retargeting tools

In addition, our website uses marketing and retargeting Tools. Some of the access data required to use our website is utilized to create user profiles, which in particular save your usage behavior, the ads you viewed or clicked on, and the resulting assignment to ad categories, interests, and preferences. Analyzing and evaluating this access data allows us to show you personalized ads, in other words ads that correspond to your actual interests and needs, on our website and on the websites and services of other providers. We also analyze your usage behavior so we can recognize you on other sites and target you in a personalized way based on your usage of our site (“retargeting”). Details about these applications can also be found in the Privacy Settings. We always ensure that these applications are implemented, and data is only processed, where you have consented to this in advance (Art. 6 (1) lt. a) GDPR; § 25 (1) TTDSG). If you have any questions about the providers or need additional information about any storage or erasure processes, please get in touch with us anytime via the abovementioned contact information.

6. kununu Content Delivery Network (CDN)

We use the Content Delivery Network (CDN) from kununu to properly provide the content on our website. The kununu CDN is a service from New Work SE, Am Strandkai 1, 20457 Hamburg, that functions as a CDN on our website. A CDN helps us provide the content for our online offering, especially files like graphics or scripts, more quickly using regionally or internationally distributed servers. When you access this content, you create a connection to the New Work SE servers, thereby sharing your IP address and potentially browser data such as your user agent. This data is used exclusively for the abovementioned purposes and to maintain the security and functionality of the kununu CDN. Use of the Content Delivery Network takes place on the basis of our legitimate interests, i.e. our interest in the secure, efficient provision and optimization of our online offering pursuant to Art. 6 (1 f) GDPR.

C. Other special data processing

1. Contact form

Our website provides a contact form so we can answer questions from users and customers and communicate with them. Inquiries and information shared in this manner are processed only for the purpose of responding to your inquiry and contacting you (Art. 6 (1 a, f) GDPR). We will save your data no longer than the duration of any resulting contract with you (Art. 6 (1 b) GDPR). If no such contract results from the inquiry, we will erase your data within twenty-four (24) months of our last contact with you. Naturally, your right to object to the processing in advance and to request erasure of the data remains unaffected.

2. Newsletter

If you subscribe to our email newsletter, we will process only your email address and your name. This data will be used exclusively to provide you with information about our services and offerings on a regular basis. The data processing takes place on the basis of your consent (Art. 6 (1 a) GDPR). You can revoke your consent at any time by unsubscribing from the newsletter. The legality of the previous data processing steps remains unaffected by such revocation.

Our email newsletter is distributed by a specialized service provider. The associated data processing is considered contracted processing and thus takes place on the basis of the necessary contracts. Please note that as a rule, your data is transferred to and stored on a server belonging to the service provider in the United States. The data transfer takes place according to Art. 45 (1) GDPR, on the basis of the adequacy decision of the European Commission, since the participating US company is certified under the EU-US Data Privacy Framework (EU-US DPF).

In addition to distribution, the service provider also uses this information for a statistical analysis of the newsletter on our behalf. For this analysis, the emails contain web beacons or tracking pixels. That allows us to determine whether a newsletter message has been opened and which links have been clicked on. Technical information is also collected (e.g. the time of access, IP address, browser type, and operating system). This data is exclusively used for statistical analysis of newsletter campaigns. The results of these analyses can be used to better tailor future newsletters to the interests of the recipients. The legal basis for processing your personal data in conjunction with this analysis is your consent provided in the sense of Art. 6 (1) lt. a) GDPR. This consent can be revoked at any time. If you wish to object to the abovementioned data processing, you must unsubscribe from the newsletter. The service provider’s privacy provisions can be reviewed here: https://mailchimp.com/legal/privacy

3. Google Maps

Our website uses Google Maps (API). The operating company for Google Maps is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Maps is a web service used to display interactive maps that visually represent geographic information. When a page is accessed that includes Google Maps, your browser loads the necessary web fonts into your browser cache so that Google Maps can be displayed. Your chosen browser also creates a connection to the Google servers for this purpose. This notifies Google that your IP address was used to access our website. Google will save your data as a user profile (even for users who are not logged in) and analyze it. The parent company of the abovementioned service provider is headquartered in the United States. While we do not intend to transfer personal data to third countries outside the European Economic Area, particularly to the United States, this cannot be excluded due to the corporate structures. In this event, however, pursuant to Art. 45 (1) GDPR, the data transfer will take place on the basis of the adequacy decision of the European Commission, since the participating US company is certified under the EU-US Data Privacy Framework (EU-US DPF). You have a right to object to the creation of these user profiles; to exercise this right, you must contact Google. This processing takes place exclusively where explicit consent has been provided pursuant to Art. 6 (1 a) GDPR. You can review the privacy provisions for Google Maps under: https://www.google.de/intl/de/policies/privacy/

4. Google Fonts

In order to display fonts in a consistent manner, our website uses web fonts provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. When you access a page, your browser loads the necessary web fonts into your browser cache so that the text and fonts can be displayed correctly (Art. 6 (1 f) GDPR). However, we have integrated the web fonts locally, i.e. on our web server. That means no data is transferred to the Google servers.

D. Data processing for application procedures

Information about the type and scope of data that is processed when you utilize our application platform can be found in the Careers section.

E. Data processing for abuse reports and DSA reports

Information about the type and scope of data that is processed when you utilize our abuse reporting system is provided to you when you use the service.

F. Social Media

We operate web pages on online platforms and social networks in order to interact with potential or current customers, to communicate with potential customers and users, and to advertise offerings and services. We operate our web pages jointly, sharing (privacy) responsibility with the providers. Data that you provide or post directly via online platforms and networks (e.g. through commenting or chat features) is processed by us as the controller so that we can interact or communicate with you appropriately. During this interaction, platform operators may also provide us with statistical data about the use of our “channels and fan pages.” This includes, for instance, details about interactions, likes, comments, and compiled information and statistics (e.g. the IP address or origin of followers), which tell us how people interact with our page. The legal basis for data processing within our area of responsibility is Art. 6 (1), s. 1 f) GDPR.

However, the providers also process data under their own responsibility. We do not have any influence over data that a provider processes under its own responsibility and according to its own usage and privacy conditions. Please note that when you access services from the abovementioned providers, additional data (e.g. about your usage and “surfing behavior”) may be collected and transferred to the provider. Please also note that if you interact with us through the abovementioned media, data may also be processed outside the European Union. Furthermore, user data is generally processed for market research and advertising purposes. For instance, usage behavior, which indicates the user’s interests, can also be used to create usage profiles. These usage profiles can in turn be used to display ads within and outside the platform that presumably correspond to the users’ interests. More information can be found in the respective providers’ privacy policies. Where we have access to your personal data in conjunction with the use of such online platforms and networks, please direct your concerns to us. If you wish to assert further rights against a specific provider, please contact the respective provider.

G. Your rights

You can assert your rights regarding your processed personal data against us at any time, using the contact information provided at the top of this page. In particular, you have the following rights:

Art. 15 GDPR: Right of access to data concerning you that is processed by us

In particular, this includes information about the purposes of the processing; the categories of data; the categories of recipients to whom the data has been or will be disclosed; the period for which the data will be stored; the existence of the right to request rectification, erasure, restriction of or objection to processing; the existence of the right to lodge a complaint; the source of the data where it was not collected by us; and the existence of automated decision-making, including profiling, and, in those cases, meaningful information about the details of this.

Art. 16 GDPR: Right to rectification of inaccurate data or completion of incomplete data stored concerning you

In particular, the right to rectification means that you have the right to request the immediate correction of incorrect personal data concerning you as well as the completion of incomplete personal data.

Art. 17 GDPR: Right to erasure of stored data concerning you

The right to erasure means that you fundamentally have the right to request that we erase personal data concerning you without delay, and that we are obligated to erase such personal data without delay. This can be the case, for instance, where personal data is no longer needed for the purposes for which it was collected or otherwise processed.

Art. 18 GDPR: Right to restriction of data processing

The right to restriction can apply if you dispute the accuracy of the personal data.

Art. 20 GDPR: Right to data portability

The right to data portability means that you fundamentally have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format, and that you have the right to transfer this data to another controller without hindrance from us.

Art. 21 GDPR: Right to object to processing, where this processing takes place on the basis of Art. 6 (1) s. 1 e) or f) GDPR.

As a data subject, you have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on Article 6 (1) e) or f) GDPR, including profiling based on those provisions. If personal data is processed for the purpose of direct advertising, you have the right to object at any time to the processing of personal data concerning you for the purposes of such advertising, including profiling, where it is associated with such direct advertising.

Art. 77 GDPR: Right to lodge a complaint with a supervisory authority