Privacy Policy
Introduction
Thank you for your interest in VOCATO public relations GmbH (hereinafter "We", "Us") and for visiting our website.
With the information presented below, we provide you with an overview of the processing of your personal data on our website (hereinafter "Website").
We also want to inform you about your rights under data protection laws. The processing of your personal data by us is always carried out in accordance with the Basic Data Protection Regulation (hereinafter "DSGVO"), the Telecommunications and Telemedia Data Protection Act (hereinafter "TTDSG") and all applicable country-specific data protection regulations.
1. Responsibility
Responsible in the sense of the DSGVO is:
VOCATO public relations GmbH
represented by: Corinna Bause, Birgit Brabeck
Toyota-Allee 29
50858 Cologne
E-mail: info@vocato.com
2. Data protection officer
You can reach our data protection officer as follows:
Niklas Hanitsch
secjur GmbH
Steinhöft 9
20459 Hamburg
Telephone: +49 40 228 599 520
E-mail: dsb@secjur.com
You can contact our data protection officer directly at any time with all questions and suggestions regarding data protection and the exercise of your rights.
3. Definition of terms
- Processing: Processing means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
- Recipient: a recipient is a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not a third party. However, public authorities that may receive personal data in the context of a specific investigative task under Union or Member State law shall not be considered as recipients.
- Third party: a natural or legal person, public authority, agency or other body other than the data subject, the controller, the processor and the persons authorised to process the personal data under the direct responsibility of the controller or the processor.
- Consent: Consent means any freely given and informed indication of the data subject's wishes in the form of a statement or other unambiguous affirmative act by which the data subject signifies his or her agreement to the processing of personal data relating to him or her.
4. Origin of the personal data
We may obtain personal data in the following ways:
4.1 Information provided by you
You have the opportunity to provide information (e.g. contact details) about yourself on our website.
4.2 Automatically collected and generated data
Data is automatically collected and generated through the use of our website.
4.3 Data collected by third parties
Insofar as we maintain presences in social and professional networks, we may receive data from you via these (e.g. if you contact us via a social or professional network or respond to one of our contents shared there).
5. The scope, purpose, legal basis, storage period and, where applicable, recipients and third country transfer of the respective processing of personal data
5.1 General information
In the following, we provide you with an overview of the personal data we process. For this purpose, we explain to what extent, for what purposes and on what legal basis we process personal data. We also state – if available – which third-party providers we use who receive your data.
We will not disclose your personal data to third parties without your consent, unless this is permitted by law (e.g. because it is necessary for the performance of the contract).
The processing of your personal data may be based in particular on the following legal bases:
- Article 6 (1) sentence 1 lit. a) DSGVO serves as the legal basis for processing operations in which we obtain consent for a specific processing.
- If the processing of personal data is necessary for the performance of a contract to which you are a party, the processing is based on Art. 6 (1) sentence 1 lit. b) DSGVO. The same applies to such processing operations which are necessary for the performance of pre-contractual measures.
- If we are subject to a legal obligation which requires the processing of personal data, the processing is based on Art. 6 (1) sentence 1 lit. c) DSGVO.
- Furthermore, processing operations may be based on Art. 6 (1) sentence 1 lit. f) DSGVO. Processing operations are based on this legal basis if the processing is necessary to protect a legitimate interest of ours, provided that the interests, fundamental rights and freedoms of the data subject are not overridden.
5.2 Data transfers to third countries
Among other things, we use services of companies that are based in third countries (e.g. in the USA). If these services are active, it is possible that data will be transferred to a third country and processed there. We would like to point out that no level of data protection comparable to that in the EU can be guaranteed in these countries.
US companies, for example, are obliged to hand over data to authorities or similar institutions if necessary, without you as a data subject being able to take effective legal action against this according to our legal understanding. We have no influence on such data transfer.
5.3 Deletion of data
The data processed by us will be deleted in accordance with the legal requirements as soon as their consents permitted for processing are revoked or other permissions cease to apply (e.g. if the purpose for processing this data has ceased to apply or it is not required for the purpose). If the data are not deleted because they are required for other and legally permissible purposes, their processing will be limited to these purposes. I.e. the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law or whose storage is necessary for the assertion, exercise or defence of legal claims or for the protection of the rights of another natural or legal person.
Our data protection notices may also contain further details on the retention and deletion of data which have priority for the respective processing operations.
5.4 Security measures
We take appropriate technical and organisational measures in accordance with the law, taking into account the state of the art, the costs of implementation and the nature, scope, circumstances and purposes of the processing, as well as the different probabilities of occurrence and the level of threat to the rights and freedoms of natural persons, in order to ensure a level of protection appropriate to the risk.
The measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as access to, input of, disclosure of, assurance of availability of and segregation of the data. We also have procedures in place to ensure the exercise of data subjects' rights, the deletion of data and responses to data compromise. Furthermore, we already take the protection of personal data into account in the development or selection of hardware, software and procedures in accordance with the principle of data protection, through technology design and through data protection-friendly default settings.
5.5 Transmission of personal data
In the course of our processing of personal data, it may happen that the data is transferred to or disclosed to other bodies, companies, legally independent organisational units or persons. The recipients of this data may include, for example, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we observe the legal requirements and, in particular, conclude corresponding contracts or agreements that serve to protect your data with the recipients of your data.
5.6 Website in general
5.6.1 Provision of the website, server log files
5.6.1.1 Scope of processing
For the provision of our website, we use storage space, computing capacity and software which we rent from a corresponding server provider (web host). These services also include the sending, receiving and storage of e-mails. In addition, when you visit our website, data that your browser transmits to our server is automatically processed. This general data and information is stored in the server's log files (in so-called "server log files"). The following data can be collected:
- Browser type and version
- Language and version of the browser software.
- Operating system used
- Referrer URL (previously visited website)
- Host name of the accessing computer
- Date and time of server request
- IP address
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/HTTP status code
5.6.1.2 Purpose of the processing
When using this data and information, we do not draw any conclusions about your person. The purposes we pursue include in particular:
- Provision of our website
- Provision of our online offer and user-friendliness; Information technology infrastructure (operation and provision of information systems)
- Provision of contractual services
- Customer service
- Provision of e-mail communication
- Ensuring a smooth connection to the website
- Clarification of acts of abuse or fraud
- Problem analysis in the network
- Evaluation of system security and stability.
5.6.1.3 Legal basis
The legal basis for data processing is our legitimate interest within the meaning of Art. 6 (1) p. 1 lit. f) DSGVO. We have an overriding legitimate interest in providing a website and being able to offer our services in a technically flawless manner.
5.6.1.4 Recipients of personal data
Your data will be passed on to the necessary extent to service providers for hosting within the framework of order processing.
5.6.2 Use of cookies
5.6.2.1 General information
We use cookies on our website. These are files that your browser automatically creates and that are stored on your IT system when you visit our site. Information is stored in the cookie that arises in each case in connection with the specific end device used.
Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters by which internet pages and servers can be assigned to the specific internet browser in which the cookie was stored. This enables the visited Internet pages and servers to distinguish the individual browser of the data subject from other Internet browsers that contain other cookies. A specific internet browser can be recognised and identified via the unique cookie ID.
When you visit our website or a sub-website for the first time and it contains cookies, you will be shown "data protection settings". There you will be informed about the individual cookies that we use. You can find out about each individual cookie in terms of the name, the provider, the purpose of the processing and the storage period. You can also allow us to use non-essential cookies and reverse this decision there.
From a legal point of view, a distinction must be made between essential and non-essential cookies.
5.6.2.2 Essential cookies
We use essential cookies. These are cookies that are technically necessary to provide all functions of our website. The legal basis for data processing is our legitimate interest within the meaning of Art. 6 (1) p. 1 lit. f) DSGVO. We have an overriding legitimate interest in being able to offer our service in a technically flawless manner. The legal basis for the use of cookies vis-à-vis our contractual partners who make use of services contractually owed by us via our website is Art. 6 para. I lit. b) DSGVO, the provision of our contractual services.
5.6.2.3 Non-essential cookies
We also use non-essential cookies (e.g. analysis and marketing cookies). These are cookies that are not technically necessary. We use them to understand your behaviour on our website and to improve our services. The legal basis for the data processing is your consent according to Art. 6 para. 1 p. 1 lit. a) DSGVO. The cookies are only set after you have given your consent via our cookie banner.
5.6.2.4 Storage duration
With regard to the storage period, the following types of cookies are distinguished:
- Temporary cookies (also: session cookies): Temporary cookies are deleted at the latest after a user has left an online offer and closed their end device (e.g. browser or mobile app).
- Permanent cookies: Permanent cookies remain stored even after the end device is closed. For example, the login status can be saved or preferred content can be displayed directly when the user visits a website again. Likewise, user data collected with the help of cookies can be used to measure reach. Unless we provide users with explicit information on the type and storage duration of cookies (e.g. when obtaining consent), users should assume that cookies are permanent and that they can be stored for up to two years.
5.7 Contact options
5.7.1 Scope of processing
Via our website, you have the possibility to contact us by e-mail.
In the course of contacting you and responding to your enquiry, we process the following personal data from you:
- Name
- Date and time of the request
- IP address
- Other personal data that you provide to us when contacting us.
5.7.2 Purpose of the processing
We process your data to respond to your enquiry and other matters arising from it.
5.7.3 Legal basis
If your enquiry is based on pre-contractual measures or an existing contract with us, the legal basis is the performance of the contract and the implementation of pre-contractual measures pursuant to Art. 6 (1) sentence 1 lit. b) DSGVO.
If your request is made independently of pre-contractual measures or contracts existing with us, our overriding legitimate interests pursuant to Art. 6 (1) p. 1 lit. f) DSGVO constitute the legal basis. We have an overriding legitimate interest in providing visitors to our website with a means by which they can contact us.
5.7.4 Storage period
We delete your personal data as soon as they are no longer required to achieve the purpose for which they were collected. In the context of contact enquiries, this is generally the case when the circumstances indicate that the specific matter has been conclusively processed.
5.8 Online contact form for applications
5.8.1 Scope and purpose
For the online contact form for applications, we only collect and process your personal data if you voluntarily provide it with your knowledge. For the online application form, this is the following data:
- Salutation
- Title
- First and last name*
- Street, house number*
- Postcode, town*
- Country*
- Telephone number*
- e-mail address*
- Personal message
- Enclosures: Application documents*
- Contact origin*
- Consent to use of data*
Mandatory fields are marked with *.
The personal data you provide and its contents remain exclusively with us.
5.8.2 Legal basis
If you would like to use our online contact form to contact us, it is necessary that you consent to the associated collection and processing of the personal data transmitted for the purpose of processing your application in accordance with Art. 6 Para. 1 lit a) DSGVO.
The respective consent is given by means of an active tick before sending. You can revoke your consent at any time with future effect by sending us a corresponding message.
5.9 Social media presences
We use third-party platforms to provide you with information about our company and our products and services. This involves processing interactions such as messages, likes and content on our social media channels.
In addition, we receive non-personal data from third-party platforms, such as the total number of measures played by the platform operator or preferred visiting and posting times. We have no influence on the creation and provision of this data. The legal basis for the processing is Art. 6 para. 1 lit. f DSGVO; our legitimate interest lies in the improvement of our marketing measures.
The associated personal data processing takes place exclusively in the area of responsibility of the platform operators. Further information on data processing can be found in the data protection declarations of the respective providers:
- Instagram: https://de-de.facebook.com/help/instagram/519522125107875
- LinkedIn: https://www.linkedin.com/legal/privacy-policy?_l=de_DE
- Xing: https://privacy.xing.com/de/datenschutzerklaerung
- Facebook: https://de-de.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0
5.10 Integration of third-party services and content
5.10.1 General information
Within our online offer, we use content or service offers of third parties on the basis of your consent within the meaning of Art. 6 para. 1 lit. a. DSGVO, in order to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as "content").
This always assumes that the third-party providers of this content are aware of the IP address of the user, as without the IP address they would not be able to send the content to their browser. The IP address is therefore necessary for the display of this content. We endeavour to only use content whose respective providers only use the IP address to deliver the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our online offering, as well as being linked to such information from other sources.
5.10.2 Google Maps
We integrate the maps of the Google Maps service of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The data processed may include, in particular, IP addresses and location data of the users, which, however, are not collected without their consent (usually executed as part of the settings of their mobile devices). The data may be processed in the USA.
- You can find more information in Google's privacy policy: https://www.google.com/policies/privacy/
5.10.3 Matomo
We use Matomo, a web analytics service provided by InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand. We use this service to analyse and statistically evaluate the use of our website. When you access our website, the following data is stored on servers of Medialine AG:
- Type of browser and operating system used
- Date and time of server request
- Your country of origin
- Frequency of visits to our website
- Time spent on our website
- External links you have clicked on
- Website from which you reached our website
The service is set so that two bytes of your IP address are masked. After the IP address has been anonymised in this way (e.g.: 192.168.xxx.xxx), it is no longer possible to infer your identity. We therefore only create pseudonymised usage profiles. An evaluation and analysis of the use of our website is carried out on the basis of this.
The collected data is processed and stored exclusively on the servers of our website. It is not passed on to third parties.
The legal basis for the processing of personal data is Art. 6 para. 1 lit. f DSGVO.
The processing of your data enables us to analyse your surfing behaviour. By evaluating the collected and pseudonymised data, we can gain information about the use of individual components of our website. On this basis, we constantly improve our website and its user-friendliness. These purposes are also our legitimate interest in processing the data according to Art. 6 Para. 1 lit. f DSGVO. By anonymising your IP address, we also ensure sufficient protection of your personal data.
The data is deleted as soon as it is no longer required for recording purposes.
You can object to the processing of data by Matomo at any time with effect for the future by deactivating the cross in the box below.
[check box]
This will place a so-called opt-out cookie in your browser, with the consequence that Matomo will no longer collect any data in the future. If you delete your saved cookies completely, the aforementioned opt-out cookie will also be deleted. You must then reactivate this cookie to prevent Matomo from collecting data when you visit our website again.
For more information on privacy settings, please visit:
- https://www.matomo.org/docs/privacy/
For general privacy information from the service provider, please visit:
- https://www.matomo.org/privacy-policy/
5.10.4 Integration of the Bloggerei Publicon
Our website is listed in the Bloggerei.de blog directory. In this context, we have integrated a tracking pixel on our website, which processes the user's IP address for the purpose of counting visitors when they visit our website. The IP address is not used by Bloggerei.de for any other purposes, is not passed on to third parties and is completely deleted after 30 minutes. Furthermore, Bloggerei.de does not collect any other data and does not store any cookies on the user's computer.
Further information also at:
- https://www.bloggerei.de/main_faq.php#frage14 and https://www.topblogs.de/regeln/.
5.10.5 Monotype
For the uniform display of fonts, we use so-called web fonts, which are provided by Monotype. When you call up a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly. For this purpose, the browser you are using must connect to Monotype's servers. This informs Monotype that our website has been accessed via your anonymised IP address 0.0.0.0.
We have an overriding legitimate interest in a uniform and appealing presentation of our online offers. The legal basis is therefore Art. 6 para. 1 lit. f DSGVO.
Further information on Monotype Fonts can be found in Monotype's privacy policy:
- https://www.monotype.com/legal/privacy-policy/web-font-tracking-privacy-policy
6. Your rights
In this section we inform you about the rights you have in relation to the processing of your data. The exact scope of the right mentioned in each case can be found in the corresponding article of the GDPR. If you wish to exercise any of your rights, please contact us via email (dsb@secjur.com).
6.1 Right to confirmation
You have the right to request confirmation from us as to whether personal data relating to you is being processed by us.
6.2 Information (Art. 15 DSGVO)
You have the right to obtain from us at any time, free of charge, information about the personal data stored about you as well as a copy of this data in accordance with the statutory provisions.
6.3 Correction (Art. 16 DSGVO)
You have the right to request the rectification of inaccurate personal data concerning you. You also have the right to request that incomplete personal data be completed, taking into account the purposes of the processing.
6.4 Deletion (Art. 17 DSGVO)
You have the right to demand that we delete personal data concerning you without delay if one of the reasons provided for by law applies and insofar as the processing or storage is not necessary.
6.5 Restriction of processing (Art. 18 DSGVO)
You have the right to demand that we restrict processing if one of the legal requirements is met.
6.6 Data portability (Art. 20 DSGVO)
You have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format. Furthermore, you have the right to transfer this data to another controller without hindrance from us, to whom the personal data was provided, provided that the processing is based on consent pursuant to Art. 6 para. 1 sentence 1 lit. a) DSGVO or Art. 9 para. 2 lit. a) DSGVO or on a contract pursuant to Art. 6 para. 1 sentence 1 lit. a) DSGVO. (b) DSGVO and the processing is carried out with the aid of automated procedures, unless the processing is necessary for the performance of a task which is in the public interest or in the exercise of official authority vested in us.
In addition, when exercising your right to data portability pursuant to Article 20(1) of the GDPR, you have the right to have the personal data transferred directly from one controller to another controller insofar as this is technically feasible and insofar as this does not adversely affect the rights and freedoms of other persons.
6.7 Objection (Art. 21 DSGVO)
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of data processing in the public interest pursuant to Art. 6 (1) sentence 1 lit. e) DSGVO or on the basis of our legitimate interest pursuant to Art. 6 (1) sentence 1 lit. f) DSGVO.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the assertion, exercise or defence of legal claims.
6.8 Revocation of consent under data protection law
You have the right to revoke your consent to the processing of personal data at any time with effect for the future.
6.9 Complaint to a supervisory authority
You have the right to complain about our processing of personal data to a supervisory authority responsible for data protection.
7. Up-to-dateness and changes of the data protection information
This data protection notice is currently valid and has the following status: June 2023.
If we further develop our website and our offers or if legal or regulatory requirements change, it may be necessary to amend this data protection notice. You can access the current data protection information at any time here.
Opt-Out