Product
This privacy policy informs you about the processing of personal data by clockin GmbH as the controller within the meaning of the General Data Protection Regulation (GDPR). It applies to visits to our website and to all data processing activities in connection with our apps and the clockin system, insofar as we act as the controller within the meaning of the GDPR (e.g., when providing the app or technical administration).
Please note:
The processing of personal data within the app or the system is generally carried out by our customers (e.g., your employer), who act as independent controllers within the meaning of the GDPR. For these data processing activities, the respective privacy policies of your employer or the respective company are applicable.
clockin GmbH
Rektoratsweg 36
48159 Münster
Mail: datenschutz@clockin.de
If you have any questions about data protection, please contact:
Mail: datenschutz@clockin.de
Nils Volmer. LL.M.
meibers.rechtsanwälte Rechtsanwaltsgesellschaft mbH
Haus Sentmaring 9
48151 Münster
Telefon: 0251 149891-0
Fax: 0251 149891-99
Mail: datenschutz@clockin.de
We generally delete your personal data when it is no longer necessary for the purposes for which it was collected or otherwise processed.
If we have requested your consent and you have given it, we will delete your personal data once you withdraw your consent, provided there is no other legal basis for the processing.
We will also delete your personal data if you object to the processing and there are no overriding legitimate grounds for the processing, or if you object to the processing for the direct marketing purposes or related profiling.
If deletion is not possible because processing is still required for compliance with a legal obligation (e.g., statutory retention periods) to which we are subject, or for the establishment, exercise or defence of legal claims, we will restrict the processing of your personal data.
Further information on specific retention periods can be found in the sections below.
You have the following rights with regard to your personal data:
- right of access
- right to rectification
- right to erasure
- right to restriction of processing
- right to object to processing
- right to data portability
You have the right to object at any time to the processing of your personal data based on Article 6(1) (e) or (f) GDPR on grounds relating to your particular situation; this also applies to profiling based on these provisions. We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims. Where your personal data are processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing. If you object, we will no longer process your personal data for these purposes.
You have the right to withdraw your consent to the processing of your personal data at any time provided you have given us such consent. The withdrawal of consent does not affect the lawfulness of the processing based on the consent before the withdrawal.
You have the right to lodge a complaint with a supervisory authority about the processing of your personal data by us.
The provision of your personal data is basically not required by law or contract and is not necessary to enter into a contract. You are basically not obliged to provide your personal data. If this should nevertheless be the case, we will point this out to you separately when collecting your personal data (for example, by marking the mandatory fields in input forms).
Failure to provide your personal data basically results in us not processing your personal data for one of the purposes described below and you not being able to take advantage of an offer related to the respective processing (example: without providing your e-mail address, you will not receive our newsletter).
We make our app available for download in the app stores (Apple App Store, Google Play Store). When you download the app, the app store operators themselves process personal data (e.g., user name, email address, customer number of your account, time of download, individual device ID). We have no influence on this data collection and are not responsible for it.
To the extent that we process personal data in the context of providing the app or upon its first launch, this is done for the purpose of the technical provision and functionality of the app as well as for license verification. This particularly concerns:
If we have requested your consent and you have given it, the legal basis for processing is Art. 6 (1)(a) GDPR. If we have not requested your consent, the legal basis for processing is Art. 6 (1)(f) GDPR. Our legitimate interest is the secure provision of the app. If processing is necessary for the performance of a contract with you or for the implementation of pre-contractual measures based on your request, the legal basis for processing is also Art. 6 (1)(b) GDPR.
If you register or create a customer account via the app, we process the data you provide (e.g. name, email address, company data) in order to prepare or fulfill the contract. In this case, the legal basis is Art. 6 (1)(b) GDPR.
When you use the app, we may ask you for permission to enable certain features of the app. This is done in such a way that you are asked to grant the appropriate permission when you first open the respective function. You can revoke and re-grant the permissions you have given at any time via the settings on your device. The permissions requested when using our app and their respective purposes are listed below.
If we have asked for your consent and you have given it, the legal basis for processing is Art. 6 (1)(a) GDPR. If we have not asked for your consent, the legal basis for processing is Art. 6 (1)(f) GDPR. Our legitimate interest in this is the proper provision of the corresponding function.
We may request the following permissions to provide certain features of our app:
Please note: If you are using the app within the context of an employment or contractual relationship (e.g., time tracking for your employer), the respective employer or the company acts as the controller pursuant to the GDPR. You can obtain the relevant data privacy policy directly from your employer or the respective company.
We use external service providers for the hosting of our online services. These providers may have access to personal data that is processed in the context of the use of our online services. For more information about the services used, the scope of data processing, and the technologies and procedures used when using the respective services, please refer to the additional information about the services we use at the end of this passage and the links provided there.
Provider: Webflow, Inc., United States of America.
Website: https://webflow.com/hosting
Further information & privacy: https://webflow.com/legal/privacy and https://webflow.com/legal/eu-privacy-policy
Appropriate safeguards: EU standard contractual clauses. You can request a copy of the EU standard contractual clauses from us. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which ensures compliance with an adequate level of data protection based on a decision by the European Commission.
We process your personal data to display our online services to you and to ensure the stability and security of our online services. In the process, information (for example, requested resource, accessed URL, operating system, date and time of request, browser type and version used, IP address, protocol used, amount of data transferred, user agent, referrer URL, time zone difference to Greenwich Mean Time (GMT) and/or HTTP status code) is stored in so-called log files (access log, error log, etc.).
If we have requested your consent and you have given it, the legal basis for the processing is Art. 6(1)(a) GDPR. If we have not requested your consent, the legal basis for the processing is Art. 6(1)(f) GDPR. Our legitimate interest here is the proper display of our online services and ensuring the stability and security of our online services.
For security reasons and to protect the transmission of your personal data and other confidential content, we use encryption on our domain. You can recognize this in the browser line by the string "https://" and the lock symbol.
We use content delivery networks provides by external service providers to optimize the loading time, stability, and security of our online services.
If we have requested your consent and you have given it, the legal basis for the processing is Art. 6(1)(a) GDPR. If we have not requested your consent, the legal basis for the processing is Art. 6(1)(f) GDPR. Our legitimate interest in this is to optimize the loading time, stability, and security of our online offering.
When using external services, profiling (for advertising, personalized information, etc.) may also occur. Profiling may also take place across services and devices. Further information on the services used, the scope of data processing and the technologies and procedures used when using the respective services, as well as whether profiling takes place when using the respective services and, if applicable, information on the logic involved and the scope and intended effects of such processing for you can be found in the further information on the services we use at the end of this passage and under the links provided there.
Provider: Amazon Web Services EMEA SARL, Luxembourg. Amazon Web Services EMEA SARL is a subsidiary of Amazon.com, Inc., United States of America.
Website: https://aws.amazon.com/de/cloudfront/
Further information & privacy: https://aws.amazon.com/de/legal/
Appropriate safeguards: EU standard contractual clauses. You can request a copy of the EU standard contractual clauses from us. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which ensures compliance with an adequate level of data protection based on a decision by the European Commission.
If you contact us, we process your personal data in order to process your request.
If we have requested your consent and you have given it, the legal basis for the processing is Art. 6(1) (a) GDPR. If we have not requested your consent, the legal basis for the processing is Art. 6(1) (f) GDPR. Our legitimate interest is the processing of your contact request. If the processing is necessary for the performance a contract with you or for the implementation of pre-contractual measures based on your request, the legal basis for the processing is also Art. 6(1) (b) GDPR.
We use external service providers to host and maintain our e-mail inboxes. These providers may have access to personal data that is processed in the context of the contact request. For further information on the services used, the scope of data processing and the technologies and processes involved in the use of the respective services, please refer to the following information about the services we use, and the links provided there:
Provider: Within the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, based in the United States of America.
Website: https://workspace.google.com/
Further information & privacy: https://policies.google.com/ and https://business.safety.google/privacy/
The transfer of personal data to third countries depends on the specific Google service being used and is carried out under the applicable EU Standard Contractual Clauses (SCCs), provided these are made available by Google. Further information on this and Google’s role as a controller or processor can be found at the following link: https://business.safety.google/gdpr/. A copy of the EU Standard Contractual Clauses is also available there. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which ensures compliance with an adequate level of data protection based on a decision by the European Commission.
We use support systems (appointment booking systems, live chats, ticket systems, helpdesks, etc.) and external service providers to help us process your contact requests. These providers may have access to personal data that is processed when you contact us via a support system. Further information on the services used, the scope of data processing, and the technologies and procedures used when employing the respective services can be found below in the further information on the services we use and under the links provided there:
Provider: HubSpot, Inc., United States of America.
Website: https://www.hubspot.de/
Further information & privacy: https://legal.hubspot.com/de/legal-stuff and https://legal.hubspot.com/de/privacy-policy
Appropriate safeguards: EU standard contractual clauses. You can request a copy of the EU standard contractual clauses from us. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which ensures compliance with an adequate level of data protection based on a decision by the European Commission.
Provider: Calendly, LLC, United States of America.
Website: https://calendly.com/de
Further information & privacy: https://calendly.com/privacy, https://calendly.com/security and https://help.calendly.com/hc/de/articles/360007032633
Appropriate safeguards: EU standard contractual clauses. You can request a copy of the EU standard contractual clauses from us. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which ensures compliance with an adequate level of data protection based on a decision by the European Commission.
Provider: Reclaim.ai Inc., United States of America. Reclaim.ai Inc. is a subsidiary of Dropbox, Inc., United States of America.
Website: https://reclaim.ai/
Further information & privacy: https://reclaim.ai/terms, https://reclaim.ai/security and https://reclaim.ai/privacy
Appropriate safeguards: EU standard contractual clauses. You can request a copy of the EU standard contractual clauses from us. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which ensures compliance with an adequate level of data protection based on a decision by the European Commission.
Provider: Chatbase, Canada.
Website: https://www.chatbase.co/
Further information & privacy: https://www.chatbase.co/legal/terms and https://www.chatbase.co/legal/privacy
Safeguards: EU Commission's adequacy decision.
Provider: Livestorm Inc., France.
Website: https://livestorm.co/de
Further information & privacy: https://security.livestorm.co/ and https://livestorm.co/privacy-policy/
We use Cookies on our website. Cookies are text information that is stored on your device. A distinction is made between session cookies, which are deleted immediately after closing your browser, and persistent cookies, which are stored for a specified period before being deleted.
In addition to cookies, we may also use similar technologies (tracking pixels, web beacons, etc.). The following statements on cookies also apply to similar technologies. Likewise, these statements apply to further processing in connection with cookies and similar technologies (analysis & marketing, etc.). This also applies in particular to any consent you may have given for the use of cookies. This also extends to other technologies and to further processing in connection with cookies and similar technologies.
Cookies can be used to enable certain functions. Cookies can also be used to measure the reach of our online services, to tailor it to user needs and interests and to optimize our online services and our marketing. Cookies can be used by us and by third-party service providers.
We use a Consent Tool to manage the cookies used and the associated consents. Details regarding the cookies used (purpose, storage period, external service, etc.) and the Consent Tool can be found in the following passages and within the Consent Tool itself.
If we have requested your consent and you have given it, the legal basis for the processing is Art. 6(1) (a) GDPR. If we have not requested your consent, the legal basis for the processing is Art. 6(1) (f) GDPR. Our legitimate interest is the management of the cookies used and the related consents. Depending on the purpose of the processing, our legitimate interests can be inferred from the following passages.
You can prevent the storage of cookies by configuring your browser settings accordingly. Below we provide links for commonly used browsers where you can find more detailed information on managing cookie preferences:
- Firefox: https://support.mozilla.org/de/kb/verbesserter-schutz-aktivitatenverfolgung-desktop
- Chrome: https://support.google.com/chrome/answer/95647?hl=de&hlrm=en
- Internet Explorer / Edge: https://support.microsoft.com/de-de/windows/l%C3%B6schen-und-verwalten-von-cookies-168dab11-0753-043d-7c16-ede5947fc64d
- Safari: https://support.apple.com/de-de/guide/safari/sfri11471/mac
- Opera: https://help.opera.com/de/latest/web-preferences/#cookies
- Yandex: https://browser.yandex.com/help/personal-data-protection/cookies.html
Additional opt-out options are available at the following links:
https://www.youronlinechoices.eu/, https://youradchoices.ca/en/tools, https://optout.aboutads.info/?c=2&lang=EN und https://optout.networkadvertising.org/?c=1.
If you disable cookies, this may affect the proper functioning of our online services. If you delete all cookies, the above settings will also be lost and you will have to make them again.
Furthermore, you can activate the "Do-Not-Track" function of your browser to indicate that you do not wish to be tracked. Below we provide links for typical browsers where you can find more detailed information about the "Do-Not-Track" setting:
- Firefox: https://support.mozilla.org/de/kb/wie-verhindere-ich-dass-websites-mich-verfolgen
- Chrome: https://support.google.com/chrome/answer/2790761?co=GENIE.Platform%3DDesktop&hl=de
- Internet Explorer / Edge: https://support.microsoft.com/de-de/windows/verwenden-von-do-not-track-in-internet-explorer-11-ad61fa73-d533-ce96-3f64-2aa3a332e792
- Opera: https://help.opera.com/de/latest/security-and-privacy/
- Safari no longer supports the "Do-Not-Track" feature as of February 2019. The following link can be used to prevent cross-site tracking in Safari: https://support.apple.com/de-de/guide/safari/sfri40732/12.0/mac
- Yandex: https://browser.yandex.com/help/personal-data-protection/ytp.html
You can also withdraw or manage your consent regarding the use of cookies in the Consent Tool we use.
In order to use the services provided by clockin, registration or a booking is required. When you register or make a booking, we process your personal data for the purpose of handling and administering your registration or booking, fulfilling the associated rights and obligations, and enabling your use of the Office Center and its functionalities, as well as the associated apps. In addition, we use your data to simplify and facilitate your ongoing and future use of the Office Center, the apps, and any related bookings.
If we have requested your consent and you have given it, the legal basis for processing is Art. 6 (1)(a) GDPR. If we have not requested your consent, the legal basis for processing is Art. 6 (1)(f) GDPR. Our legitimate interest is the secure and efficient administration of your registration and booking. If processing is necessary for the performance of a contract with you or for the implementation of pre-contractual measures based on your request, the legal basis for processing is also Art. 6 (1)(b) GDPR.
Recipients of your personal data may include third parties (e.g., fulfillment providers, IT service providers, shipping and logistics companies, banks, tax advisors, legal counsel, or public authorities), insofar as this is necessary for processing your registration and fulfilling the corresponding rights and obligations.
To process payments, we use external service providers. Your personal data is transferred to these providers to the extent necessary for the execution of payment transactions. Further information on the services used, the scope of data processing, and the technologies and procedures applied in connection with these services can be found in the detailed descriptions at the end of this section and via the links provided therein.
Provider: Stripe Payments Europe, Ltd., Ireland. Stripe Payments Europe, Ltd. is a subsidiary of Stripe, Inc., United States of America.
Website: https://stripe.com/
Further information & privacy: https://stripe.com/de/privacy
Appropriate safeguards: EU standard contractual clauses. You can request a copy of the EU standard contractual clauses from us. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which ensures compliance with an adequate level of data protection based on a decision by the European Commission.
As part of our services, we offer you the option to use AI-based solutions. These include, among other things, chatbots, text recognition, and automated evaluations. For this purpose, we use external service providers. These providers may have access to personal data processed in the context of your use of our services. The implementation of AI-based solutions is intended to enhance the efficiency of our services and provide you with an improved user experience.
Further information on the specific services used, the scope of data processing, and the technologies and procedures applied in connection with such services can be found in the detailed descriptions of the respective providers at the end of this section and via the links provided therein.
If we have requested your consent and you have given it, the legal basis for processing is Art. 6 (1)(a) GDPR. If processing is necessary for the performance of a contract with you, the legal basis for processing is also Art. 6 (1)(b) GDPR.
Provider: OpenAI Ireland Limited, Ireland. OpenAI Ireland Limited is a subsidiary of OpenAI Inc., United States of America.
Website: https://openai.com
Further Information & Privacy: https://openai.com/security-and-privacy/ and https://openai.com/policies/privacy-policy
Safeguards: EU Standard Contractual Clauses (SCCs). A copy of the EU Standard Contractual Clauses can be provided upon request.
Provider: Chatbase, Canada.
Website: https://www.chatbase.co/
Further Information & Privacy: https://www.chatbase.co/legal/terms and https://www.chatbase.co/legal/privacy
Safeguards: Adequacy decision of the European Commission.
Furthermore, the processing of personal data within the app or the system is carried out by our customers (e.g., your employer), who act as independent controllers within the meaning of the GDPR. For these data processing activities, the respective privacy policies of your employer or the respective company are applicable.
If we have requested your consent and you have given it, we process your email address for the purpose of email marketing and, where applicable, additional personal data in order to personalize our communication with you. The legal basis for this processing is Art. 6 (1)(a) GDPR. The specific content of the email marketing will be clearly described at the time we request your consent. In general, our email marketing contains information about us, our products, and our services.
We use the so-called double opt-in procedure to prevent misuse of your personal data. This means that after collecting your email address, we will send a confirmation email to the address you provided, asking you to confirm that you wish to receive email marketing. The legal basis for this processing is Art. 6 (1)(f) GDPR. Our legitimate interest lies in ensuring the lawful conduct of our email marketing.
We log the time your consent was given, the time of confirmation, your IP address, and the content of your declaration of consent, in order to be able to demonstrate that your consent was lawfully obtained. The legal basis for this processing is Art. 6 (1)(f) GDPR. Our legitimate interest lies in documenting compliance with legal requirements for consent.
We use external service providers for email marketing. These providers may process your personal data. Further information on the services used, the scope of data processing, the technologies and procedures applied, and whether profiling takes place in connection with such services, including information on the logic involved, as well as the significance and intended consequences of such processing for you, can be found in the detailed descriptions of the respective providers at the end of this section and via the links provided therein.
You may withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. To withdraw your consent, you can use the unsubscribe link provided in each email or contact us using the contact details provided above.
If you withdraw your consent, we reserve the right to process your personal data in a so-called blacklist/blocklist to ensure that no further email marketing is sent to the relevant data in the future. The legal basis for this processing is Art. 6 (1)(f) GDPR. Our legitimate interest lies in preventing unsolicited marketing communications.
We also process your personal data for tracking and performance measurement purposes to assess the reach of our email marketing, to tailor it to user interests, and to improve its effectiveness. This may include profiling (e.g., for advertising purposes or personalized information). Profiling may also take place across services and devices. If we have requested your consent and you have given it, the legal basis for processing is Art. 6 (1)(a) GDPR. If we have not requested your consent, the legal basis for processing is Art. 6 (1)(f) GDPR. Our legitimate interest lies in optimizing our email marketing. It is not possible to withdraw your consent or object to tracking and performance measurement separately. If you wish to withdraw or object, you must do so with respect to the entire email marketing processing.
Provider: HubSpot, Inc., United States of America.
Website: https://www.hubspot.com/
Further information & privacy: https://legal.hubspot.com/legal-stuff and https://legal.hubspot.com/privacy-policy
Appropriate safeguards: EU standard contractual clauses. You can request a copy of the EU standard contractual clauses from us. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which ensures compliance with an adequate level of data protection based on a decision by the European Commission.
Provider: Mailgun Technologies Inc., United States of America.
Website: https://www.mailjet.de
Further information & privacy: https://www.mailjet.com/legal/terms/, https://www.mailjet.de/privacy-policy/ and https://sinch.com/legal/terms-and-conditions/other-sinch-terms-conditions/data-protection-agreement/
Appropriate safeguards: EU standard contractual clauses. You can request a copy of the EU standard contractual clauses from us. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which ensures compliance with an adequate level of data protection based on a decision by the European Commission.
If we have received your email address in connection with the sale of a product or service and you have not objected to its use, we may process your email address to send you email marketing regarding our own similar products or services, and, where applicable, additional personal data to personalize our communication with you. The legal basis for this processing is Art. 6 (1)(f) GDPR. Our legitimate interest is direct marketing.
We use external service providers for email marketing. These providers may process your personal data. Further information on the services used, the scope of data processing, the technologies and procedures applied, and whether profiling takes place in connection with such services, including information on the logic involved, as well as the significance and intended consequences of such processing for you, can be found in the detailed descriptions of the respective providers at the end of this section and via the links provided therein.
You have the right to object at any time to the processing of your personal data for the purposes of email marketing, without incurring any costs other than the transmission costs in accordance with the basic tariffs. If you object, we will no longer process your personal data for email marketing purposes. To object, you can use the unsubscribe link provided in each email or contact us using the contact details provided above.
If you object to the processing of your personal data for email marketing purposes, we reserve the right to process your data in a so-called blacklist/blocklist in order to ensure that no further marketing emails are sent to that address. The legal basis for this processing is Art. 6 (1)(f) GDPR. Our legitimate interest lies in preventing unwanted marketing communication.
We also process your personal data for tracking and performance measurement purposes to assess the reach of our email marketing, to tailor it to user interests, and to improve its effectiveness. This may include profiling (e.g., for advertising purposes or personalized information). Profiling may also take place across services and devices. If we have requested your consent and you have given it, the legal basis for processing is Art. 6 (1)(a) GDPR. If we have not requested your consent, the legal basis for processing is Art. 6 (1)(f) GDPR. Our legitimate interest lies in optimizing our email marketing. It is not possible to withdraw your consent or object to tracking and performance measurement separately. If you wish to withdraw or object, you must do so with respect to the entire email marketing processing.
Provider: HubSpot, Inc., United States of America.
Website: https://www.hubspot.com/
Further information & privacy: https://legal.hubspot.com/legal-stuff and https://legal.hubspot.com/privacy-policy
Appropriate safeguards: EU standard contractual clauses. You can request a copy of the EU standard contractual clauses from us. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which ensures compliance with an adequate level of data protection based on a decision by the European Commission.
Provider: Sinch Sweden AB, Sweden.
Website: https://www.mailjet.de
Further information & privacy: https://www.mailjet.de/privacy-policy/
If we have received your personal data in connection with the sale of a product or service and you have not objected to its use, we may process your personal data to send you marketing materials by post. The legal basis for this processing is Art. 6 (1)(f) GDPR. Our legitimate interest is direct marketing. We use external service providers (e.g., print shops, mailing service providers) for postal marketing.
You have the right to object at any time to the processing of your personal data for the purposes of postal marketing. If you object, we will no longer process your personal data for postal marketing purposes. To exercise your right to object, you may contact us using the contact details provided above.
If you object to the processing of your personal data for the purposes of postal marketing, we reserve the right to process your data in a so-called blacklist/blocklist to ensure that no further postal marketing is sent to the relevant address. The legal basis for this processing is Art. 6 (1)(f) GDPR. Our legitimate interest is the prevention of unwanted postal advertising.
We process your personal data to measure the reach of our online services, to design them according to user needs and interests, and to optimize both our online services and our marketing.
If we have requested your consent and you have given it, the legal basis for processing is Art. 6 (1)(a) GDPR. If we have not requested your consent, the legal basis for processing is Art. 6 (1)(f) GDPR. Our legitimate interest is the optimization of our online services and our marketing, as well as the avoidance of unnecessary advertising for our customers by transmitting personal data to external services in order to exclude you from specific campaigns.
We use external service providers for analytics and marketing purposes. These providers may process your personal data. Profiling may occur as part of the use of such services (e.g., for advertising purposes or the delivery of personalized content). Profiling may also take place across services and devices. Further information on the services used, the scope of data processing, the technologies and procedures applied, and whether profiling takes place in connection with such services, including information on the logic involved, as well as the significance and intended consequences of such processing for you, can be found in the detailed descriptions of the respective providers at the end of this section and via the links provided therein. For additional information on cookies and similar technologies, please refer to the relevant section above.
Provider: Within the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, based in the United States of America.
Website: https://support.google.com/google-ads/answer/1722022?hl=de
Further information & privacy: https://policies.google.com/?hl=de and https://business.safety.google/privacy/
The transfer of personal data to third countries depends on the specific Google service being used and is carried out under the applicable EU Standard Contractual Clauses (SCCs), provided these are made available by Google. Further information on this and Google’s role as a controller or processor can be found at the following link: https://business.safety.google/gdpr/. A copy of the EU Standard Contractual Clauses is also available there. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which ensures compliance with an adequate level of data protection based on a decision by the European Commission.
Provider: Within the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, based in the United States of America.
Website: https://support.google.com/analytics/answer/10089681?hl=de
Further information & privacy: https://support.google.com/analytics/answer/6004245?hl=de, https://policies.google.com/?hl=de und https://business.safety.google/privacy/
The transfer of personal data to third countries depends on the specific Google service being used and is carried out under the applicable EU Standard Contractual Clauses (SCCs), provided these are made available by Google. Further information on this and Google’s role as a controller or processor can be found at the following link: https://business.safety.google/gdpr/. A copy of the EU Standard Contractual Clauses is also available there. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which ensures compliance with an adequate level of data protection based on a decision by the European Commission.
Provider: Within the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, based in the United States of America.
Website: https://support.google.com/google-ads/answer/2453998
Further information & privacy: https://policies.google.com/?hl=de and https://business.safety.google/privacy/
The transfer of personal data to third countries depends on the specific Google service being used and is carried out under the applicable EU Standard Contractual Clauses (SCCs), provided these are made available by Google. Further information on this and Google’s role as a controller or processor can be found at the following link: https://business.safety.google/gdpr/. A copy of the EU Standard Contractual Clauses is also available there. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which ensures compliance with an adequate level of data protection based on a decision by the European Commission.
Provider: Within the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, based in the United States of America.
Website: https://support.google.com/analytics/answer/7532985?hl=de&ref_topic=7668613#zippy=%2Cthemen-in-diesem-artikel
Further information & privacy: https://support.google.com/analytics/answer/6004245?hl=de, https://policies.google.com/?hl=de and https://business.safety.google/privacy/
The transfer of personal data to third countries depends on the specific Google service being used and is carried out under the applicable EU Standard Contractual Clauses (SCCs), provided these are made available by Google. Further information on this and Google’s role as a controller or processor can be found at the following link: https://business.safety.google/gdpr/. A copy of the EU Standard Contractual Clauses is also available there. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which ensures compliance with an adequate level of data protection based on a decision by the European Commission.
provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, based in the United States of America.
Website: https://support.google.com/tagmanager/answer/6102821?hl=de
Further information & privacy: https://policies.google.com/?hl=de and https://business.safety.google/privacy/
The transfer of personal data to third countries depends on the specific Google service being used and is carried out under the applicable EU Standard Contractual Clauses (SCCs), provided these are made available by Google. Further information on this and Google’s role as a controller or processor can be found at the following link: https://business.safety.google/gdpr/. A copy of the EU Standard Contractual Clauses is also available there. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which ensures compliance with an adequate level of data protection based on a decision by the European Commission.
Provider: Hotjar Limited, Malta.
Website: https://www.hotjar.com/
Further information & privacy: https://www.hotjar.com/legal/policies/privacy/
Provider: If you are located in the EU, the European Economic Area (EEA), or Switzerland, this service is provided by LinkedIn Ireland Unlimited Company, Ireland.
If you are located outside the EU, the European Economic Area (EEA), or Switzerland, this service is provided by LinkedIn Corporation, United States of America.
Website: https://business.linkedin.com/de-de/marketing-solutions/insight-tag
Further information & privacy: https://de.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy and https://de.linkedin.com/legal/cookie-policy?trk=homepage-basic_footer-cookie-policy
Safeguards: EU Standard Contractual Clauses (SCCs). A copy of the EU Standard Contractual Clauses can be provided upon request. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which ensures compliance with an adequate level of data protection based on a decision by the European Commission.
Provider: Self hosted.
Website: https://matomo.org/
Further information & privacy: https://matomo.org/gdpr-analytics and https://matomo.org/privacy-policy/
Provider: Meta Platforms Ireland Limited, Ireland. Meta Platforms Ireland Limited is a subsidiary of Meta Platforms, Inc., United States of America.
Website: https://www.facebook.com/business/help/744354708981227?id=2469097953376494
Further information & privacy: https://www.facebook.com/business/help/742478679120153?id=1205376682832142&recommended_by=218844828315224, https://www.facebook.com/business/help/1474662202748341?id=2469097953376494&locale=de_DE, https://de-de.facebook.com/business/help/611774685654668, https://www.facebook.com/privacy/policy/, https://de-de.facebook.com/policies/cookies/, https://www.facebook.com/help/566994660333381?ref=dp and https://de-de.facebook.com/help/568137493302217
Safeguards: EU Standard Contractual Clauses (SCCs). A copy of the EU Standard Contractual Clauses can be provided upon request. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which ensures compliance with an adequate level of data protection based on a decision by the European Commission.
Provider: Microsoft Ireland Operations Limited, Ireland. Microsoft Ireland Operations Limited is a subsidiary of Microsoft Corporation, United States of America.
Website: https://about.ads.microsoft.com/de-de
Further information & privacy: https://privacy.microsoft.com/de-de/ and https://www.microsoft.com/de-de/trust-center/privacy
Safeguards: EU Standard Contractual Clauses (SCCs). A copy of the EU Standard Contractual Clauses can be provided upon request. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which ensures compliance with an adequate level of data protection based on a decision by the European Commission.
Provider: Microsoft Corporation, United States of America.
Website: https://clarity.microsoft.com/
Further information & privacy: https://privacy.microsoft.com/de-de/ and https://www.microsoft.com/de-de/trust-center/privacy
Safeguards: EU Standard Contractual Clauses (SCCs). A copy of the EU Standard Contractual Clauses can be provided upon request. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which ensures compliance with an adequate level of data protection based on a decision by the European Commission.
Provider: Cheq AI Technologies Ltd., Israel.
Website: https://www.clickcease.com/de.html
Further information & privacy: https://www.clickcease.com/tos.html and https://cheq.ai/data-processing-agreement/
Safeguards: Adequacy decision of the European Commission.
Provider: Amplitude, Inc., United States of America.
Website: https://amplitude.com/
Further information & privacy: https://amplitude.com/terms and https://amplitude.com/privacy/archive/2023-09
Safeguards: The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which ensures compliance with an adequate level of data protection based on a decision by the European Commission.
Provider: In Europe, the Stape services are provided by Stape Europe OÜ, Estonia. Stape Europe OÜ is a subsidiary of Stape Inc., United States of America.
Website: https://stape.io/
Further information & privacy: https://stape.io/terms-conditions and https://stape.io/privacy-notice
Safeguards: EU Standard Contractual Clauses (SCCs). A copy of the EU Standard Contractual Clauses can be provided upon request.
We maintain social media presences on external platforms to communicate with users and to optimize our online services and marketing.
This Privacy Policy also applies to the following social media profiles:
https://www.facebook.com/clockinzeiterfassung
https://www.instagram.com/clockin_zeiterfassung/
https://www.linkedin.com/company/clockinzeiterfassung/
https://www.youtube.com/channel/UCZuOMyhL4eZbmqoGOwl6xzA
If we have requested your consent and you have given it, the legal basis for processing is Art. 6 (1)(a) GDPR. If we have not requested your consent, the legal basis for processing is Art. 6 (1)(f) GDPR. Our legitimate interest is the optimization of our online services and our marketing.
We use external service providers for our social media presences. These providers may process your personal data. Profiling may occur when using these external services (e.g., for advertising purposes or personalized information). Such profiling may also take place across services and devices. Further information on the services used, the scope of data processing, the technologies and procedures applied, and whether profiling takes place in connection with such services, including information on the logic involved, as well as the significance and intended consequences of such processing for you, can be found in the detailed descriptions of the respective providers at the end of this section and via the links provided therein.
Provider: Meta Platforms Ireland Limited, Ireland. Meta Platforms Ireland Limited is a subsidiary of Meta Platforms, Inc., United States of America.
Website: https://www.facebook.com
The provider and we act as joint controllers. We have entered into a corresponding agreement with the provider. This agreement can be viewed at:
https://www.facebook.com/legal/terms/page_controller_addendum and
https://www.facebook.com/legal/controller_addendum
Further information & privacy: https://developers.facebook.com/docs/plugins/, https://www.facebook.com/legal/terms/information_about_page_insights_data, https://www.facebook.com/privacy/policy/, https://de-de.facebook.com/policies/cookies/, https://www.facebook.com/help/566994660333381?ref=dp and https://de-de.facebook.com/help/568137493302217
Safeguards: EU Standard Contractual Clauses (SCCs). A copy of the EU Standard Contractual Clauses can be provided upon request. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which ensures compliance with an adequate level of data protection based on a decision by the European Commission.
Provider: Meta Platforms Ireland Limited, Ireland. Meta Platforms Ireland Limited is a subsidiary of Meta Platforms, Inc., United States of America.
Website: https://www.instagram.com
Further information & privacy: https://help.instagram.com/581066165581870 and https://help.instagram.com/519522125107875
Safeguards: EU Standard Contractual Clauses (SCCs). A copy of the EU Standard Contractual Clauses can be provided upon request. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which ensures compliance with an adequate level of data protection based on a decision by the European Commission.
Provider: If you are located in the EU, the European Economic Area (EEA), or Switzerland, this service is provided by LinkedIn Ireland Unlimited Company, Ireland. If you are located outside the EU, the EEA, or Switzerland, this service is provided by LinkedIn Corporation, United States of America.
Website: https://www.linkedin.com
Further information & privacy: https://de.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy and https://de.linkedin.com/legal/cookie-policy?trk=homepage-basic_footer-cookie-policy
Safeguards: EU Standard Contractual Clauses (SCCs). A copy of the EU Standard Contractual Clauses can be provided upon request. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which ensures compliance with an adequate level of data protection based on a decision by the European Commission.
Provider: Within the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, based in the United States of America.
Website: https://www.youtube.com
Further information & privacy: https://policies.google.com/?hl=de and https://business.safety.google/privacy/
The transfer of personal data to third countries depends on the specific Google service being used and is carried out under the applicable EU Standard Contractual Clauses (SCCs), provided these are made available by Google. Further information on this and Google’s role as a controller or processor can be found at the following link: https://business.safety.google/gdpr/. A copy of the EU Standard Contractual Clauses is also available there. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which ensures compliance with an adequate level of data protection based on a decision by the European Commission.
We use social media content and plugins provided by external service providers in order to display content and functionalities from those services and to optimize our online presence and marketing.
If we have requested your consent and you have given it, the legal basis for processing is Art. 6 (1)(a) GDPR. If we have not requested your consent, the legal basis for processing is Art. 6 (1)(f) GDPR. Our legitimate interest is the optimization of our online services and our marketing.
We use external service providers for the integration of social media content and plugins. These providers may process your personal data. Profiling may occur in connection with the use of these external services (e.g., for advertising purposes or personalized information). Such profiling may also take place across services and devices. Further information on the services used, the scope of data processing, the technologies and procedures applied, and whether profiling takes place in connection with such services, including information on the logic involved, as well as the significance and intended consequences of such processing for you, can be found in the detailed descriptions of the respective providers at the end of this section and via the links provided therein.
Provider: Vimeo, Inc., United States of America.
Website: https://vimeo.com/de/
Further information & privacy: https://vimeo.com/privacy
Safeguards: EU Standard Contractual Clauses (SCCs). A copy of the EU Standard Contractual Clauses can be provided upon request.
Provider: Within the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, based in the United States of America.
Website: https://www.youtube.com
Further information & privacy: https://policies.google.com/?hl=de and https://business.safety.google/privacy/
The transfer of personal data to third countries depends on the specific Google service being used and is carried out under the applicable EU Standard Contractual Clauses (SCCs), provided these are made available by Google. Further information on this and Google’s role as a controller or processor can be found at the following link: https://business.safety.google/gdpr/. A copy of the EU Standard Contractual Clauses is also available there. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which ensures compliance with an adequate level of data protection based on a decision by the European Commission.
We use maps provided by external service providers to display our location and to enable the use of additional functionalities offered by these services in connection with the maps.
If we have requested your consent and you have given it, the legal basis for processing is Art. 6 (1)(a) GDPR. If we have not requested your consent, the legal basis for processing is Art. 6 (1)(f) GDPR. Our legitimate interest is the simplification of the use of maps.
We use external service providers for displaying maps. These providers may process your personal data. Profiling may occur in connection with the use of these external services (e.g., for advertising purposes or personalized content). Such profiling may also take place across services and devices. Further information on the services used, the scope of data processing, the technologies and procedures applied, and whether profiling takes place in connection with such services, including information on the logic involved, as well as the significance and intended consequences of such processing for you, can be found in the detailed descriptions of the respective providers at the end of this section and via the links provided therein.
Provider: Within the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, based in the United States of America.
Website: https://www.google.de/maps
Further information & privacy: https://policies.google.com/?hl=de and https://business.safety.google/privacy/
The transfer of personal data to third countries depends on the specific Google service being used and is carried out under the applicable EU Standard Contractual Clauses (SCCs), provided these are made available by Google. Further information on this and Google’s role as a controller or processor can be found at the following link: https://business.safety.google/gdpr/. A copy of the EU Standard Contractual Clauses is also available there. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which ensures compliance with an adequate level of data protection based on a decision by the European Commission.
We use review platforms and process your personal data to collect feedback on our services and thereby improve our online services and marketing. For this purpose, we also integrate so-called widgets from review platforms, for example, to display which platform we use and how our services are rated.
If we have requested your consent and you have given it, the legal basis for processing is Art. 6 (1)(a) GDPR. If we have not requested your consent, the legal basis for processing is Art. 6 (1)(f) GDPR. Our legitimate interest lies in optimizing our online services and marketing.
If we, or the review platforms we use, have requested your consent and you have given it, we or the respective review platform may process your personal data to remind you to submit a review. The legal basis for this processing is Art. 6 (1)(a) GDPR.
We use external service providers for collecting and displaying reviews. These providers may process your personal data. Further information on the services used, the scope of data processing, the technologies and procedures applied, and whether profiling takes place in connection with such services, including information on the logic involved, as well as the significance and intended consequences of such processing for you, can be found in the detailed descriptions of the respective providers at the end of this section and via the links provided therein.
Provider: Expert Systems AG, Germany.
Website: https://www.provenexpert.com/de-de/
Further information & privacy: https://www.provenexpert.com/de-de/datenschutzbestimmungen/
If you apply to us, we process your personal data to carry out the application process and to make a decision regarding the establishment of an employment relationship. Once the application process has been completed, we will restrict the processing of your personal data and delete or destroy it no later than six months after the rejection has been communicated to you, or return the application documents to you and delete or destroy any copies, unless you have given your consent for us to retain your personal data for future consideration.
If we have requested your consent and you have given it, the legal basis for processing is Art. 6 (1)(a) GDPR. If we have not requested your consent, the legal basis is Art. 6 (1)(f) GDPR. Our legitimate interest is the proper handling of the application process and, where applicable, the defense against legal claims arising from the rejection of an application. Where the processing is necessary for making a decision on the establishment of an employment relationship, the legal basis is also Art. 6 (1)(b) GDPR in conjunction with § 26 (1) Sentence 1 of the German Federal Data Protection Act (BDSG).
We use captchas to protect our online services from abusive, automated, and/or machine-based input (e.g., in forms) and to prevent misuse.
If we have requested your consent and you have given it, the legal basis for processing is Art. 6 (1)(a) GDPR. If we have not requested your consent, the legal basis for processing is Art. 6 (1)(f) GDPR. Our legitimate interest is the protection of our online services and preventing misuse.
We use external service providers to deliver captcha functionalities. Profiling may occur in connection with the use of such services. Such profiling may also take place across services and devices. Further information on the services used, the scope of data processing, the technologies and procedures applied, and whether profiling takes place in connection with such services, including information on the logic involved, as well as the significance and intended consequences of such processing for you, can be found in the detailed descriptions of the respective providers at the end of this section and via the links provided therein.
Provider: Friendly Captcha GmbH, Germany.
Website: https://friendlycaptcha.com/de/
Further information & privacy: https://friendlycaptcha.com/de/legal/privacy-end-users/
Provider: Within the European Economic Area (EEA) and Switzerland, Google services are provided by Google Ireland Limited, Ireland. Google Ireland Limited is a subsidiary of Google LLC, based in the United States of America.
Website: https://www.google.com/recaptcha/
Further information & privacy: https://policies.google.com/?hl=de and https://business.safety.google/privacy/
The transfer of personal data to third countries depends on the specific Google service being used and is carried out under the applicable EU Standard Contractual Clauses (SCCs), provided these are made available by Google. Further information on this and Google’s role as a controller or processor can be found at the following link: https://business.safety.google/gdpr/. A copy of the EU Standard Contractual Clauses is also available there. The provider has joined the EU-US Data Privacy Framework (https://www.dataprivacyframework.gov), which ensures compliance with an adequate level of data protection based on a decision by the European Commission.
This Privacy Policy was created with the assistance of the legal configurator provided by getLaw.de.
