for the content and functions of the Traitwise Platform
April 2025
Privacy policies are often difficult to read. We understand this and want to do it differently. This Privacy Policy provides you with an easy‑to‑understand explanation of how we process your personal data. We have structured the policy so that, for every topic, you can immediately see whether and how we process your personal data.
The protection of your personal data and your privacy is of paramount importance to us. We therefore aim to provide you with complete transparency regarding the processing of your personal data (under the GDPR) and the storage of information on your device (under the TDDDG). Only when the processing of personal data and information is comprehensible to you as the data subject will you be sufficiently informed about the scope, purposes and benefits of such processing.
This Privacy Policy applies to all processing of personal data carried out by us and to the storage of information on your devices. It therefore applies both to the provision of our services within our own platform (“Services”) and to our external online presences—such as our social‑media fan pages.
The controller within the meaning of the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and other data‑protection provisions is
“Traitwise” is pre‑hire assessment software that enables candidates in corporate selection processes to complete aptitude diagnostics. Personal data are processed both during these diagnostics and elsewhere on the platform.
First of all, we would like to give you some introductory context—namely what the protection of your personal data means, what constitutes personal data, how we process such data, and the security measures we apply when doing so.
“Personal data” (hereinafter also “data”) means any information relating to an identified or identifiable natural person.
Examples of personal or factual circumstances:
The “processing” of personal data includes, for example, the following measures:
We process personal data strictly within the limits permitted by law—above all the General Data Protection Regulation (GDPR). Under Article 6(1) GDPR every processing operation must rest on at least one statutory basis. The legal bases that most commonly apply to our activities are:
We process personal data only for clearly defined purposes (Article 5 (1) (b) GDPR). As soon as the purpose ceases to apply, we erase the data or protect them by appropriate technical and organisational measures (for example by pseudonymisation).
The same applies once a statutory retention period has expired, unless further storage is necessary for the conclusion or performance of a contract. Statutory obligations may also require us to retain data for a longer period or to disclose them to third parties—particularly to law‑enforcement authorities. In all other cases the retention period, the type of data collected and the manner of processing depend on the specific functions of the Services that you use. On request we will gladly provide you with individual information pursuant to Article 15 GDPR.
Data categories are in particular the following data:
In line with statutory requirements—and taking into account the state of the art, implementation costs, and the nature, scope, context and purposes of processing, as well as the varying likelihood and severity of risks to your rights and freedoms—we implement appropriate technical and organisational measures to ensure a level of protection commensurate with the risk.
These measures include, in particular, guaranteeing that your data are stored and processed confidentially, with integrity and are available at all times. They further comprise controls governing access to your data as well as controls over entry, disclosure, availability safeguards and segregation from data belonging to other natural persons.
We have also put procedures in place that enable the effective exercise of data‑subject rights (see Section 5), the erasure of data and a rapid response in the event of any threat to your data. In addition, we take the protection of personal data into account as early as the software‑development stage and by applying the principles of data protection by design and by default.
In the course of processing your personal data, it may occur that such data are transmitted or otherwise disclosed to other bodies, companies, legally independent organisational units or individuals. These third parties may include, for example, payment institutions involved in payment transactions, service providers entrusted with IT tasks, or providers of services and content that we have integrated into our Services.
Whenever we transmit or disclose your personal data to third parties, we comply with all statutory requirements and, in particular, conclude appropriate contracts or agreements with the recipients to safeguard your data.
If this Privacy Policy states that we transfer your personal data to a third country—that is, a country outside the EU or the EEA—the following applies. Such a transfer takes place only in accordance with statutory requirements. We guarantee that we possess a contractual or statutory authorisation to transfer and process your data in the relevant third country.
Moreover, we allow your data to be processed solely by service providers in third countries that, in our assessment, offer an adequate level of data protection. This is the case, for example, where an adequacy decision exists between the EU and the destination country. An adequacy decision, adopted by the European Commission pursuant to Article 45 GDPR, determines that a third country or an international organisation ensures an adequate level of protection for personal data.
If no adequacy decision exists, we transfer personal data to a third country only where, for instance, contractual obligations between us and the service provider incorporate the standard contractual clauses issued by the EU Commission and additional technical safeguards have been implemented to guarantee a level of protection essentially equivalent to that in the EU, or where the service provider can demonstrate data‑protection certifications and processes your data solely under internal data‑protection rules (Articles 44-49 GDPR; see the EU‑Commission information page: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de.
Under the EU-US Data Privacy Framework (DPF) the European Commission recognised, on 10 July 2023, that certain US companies provide an adequate level of protection. A list of certified companies and further information about the DPF can be found (in English) at https://www.dataprivacyframework.gov. In this Privacy Policy we indicate which of the services we use are certified under the DPF.
In accordance with statutory requirements, we delete the personal data we process as soon as the consent that permits the processing is withdrawn or any other legal authorisation ceases to apply (for example, because the purpose for which the data were processed no longer exists or the data are no longer required for that purpose).
If data cannot be deleted because they are required for other lawful purposes, we restrict their processing to those purposes. In practice, the data are blocked and will not be processed for any other reason. This applies, for instance, to data that must be retained for commercial‑ or tax‑law reasons or whose storage is necessary for the establishment, exercise or defence of legal claims, or to protect the rights of another natural or legal person.
Where appropriate, this Privacy Policy specifies additional information on deletion and retention periods that apply to particular processing operations.
Unless we obtain your consent, the storage of or access to information on your terminal equipment takes place solely under § 25 (2) No. 2 of the German Act on Data Protection and the Protection of Privacy in Telecommunications and Digital Services (TDDDG), because such storage or access is strictly necessary for us to provide the functions of the Services that you request. Where we do obtain consent, the legal basis is § 25 (1) TDDDG.
Our Services employ cookies, tokens, beacons and comparable technologies that may be stored on your devices and without which the provision of the Services would not be possible. As a rule, these technologies are text files stored on your device and can be read by us and by third parties when you access the Services. Many of them contain a unique identifier (ID)—a character string that allows websites and servers to associate the technology with the specific internet browser, service or device in which it is stored. This enables website operators and analytics services to recognise you as a user and to differentiate you from others.
If we make use of external service providers to process your data, we select and commission them with great care. Where the services rendered constitute processing on behalf of a controller within the meaning of Article 28 GDPR, the service providers are bound by our instructions and regularly monitored. Our processing agreements fully comply with the stringent requirements of Article 28 GDPR and the guidelines issued by the German data‑protection authorities.
If your personal data are processed, you are a data subject within the meaning of the GDPR and you have the following rights vis‑à‑vis us, the controller:
You have the right to obtain confirmation as to whether we process personal data concerning you. Where that is the case, you may request access to the following information:
You have the right to obtain without undue delay the rectification of inaccurate or the completion of incomplete personal data concerning you.
You may request restriction of processing where one of the following applies:
Where processing is restricted, such data shall, with the exception of storage, be processed only with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest. We will inform you before the restriction is lifted.
3.4.1. You may request that personal data concerning you be erased without undue delay where one of the following grounds applies:
3.4.2. If the controller has made the personal data concerning you public and is obliged pursuant to Article 17(1) GDPR to erase such data, they shall, taking account of available technology and the cost of implementation, take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you, as the data subject, have requested the erasure by such controllers of any links to, or copies or replications of, those personal data.
3.4.3. Exceptions to the Right to Erasure
The right to erasure does not apply where processing is necessary:
If you have exercised your right to rectification, erasure or restriction, we are obliged to communicate that to each recipient to whom the data have been disclosed, unless this proves impossible or involves disproportionate effort. We will inform you about those recipients if you request it.
You have the right to receive the personal data that you have provided to us in a structured, commonly used and machine‑readable format and to transmit those data to another controller without hindrance, where processing is based on consent under Art. 6 (1) (a) or Art. 9 (2) (a) GDPR or on a contract under Art. 6 (1) (b) GDPR and the processing is carried out by automated means. You may also have the data transmitted directly from us to another controller, where technically feasible, provided that this does not adversely affect the rights of others.
This right does not apply to processing personal data that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
You may object at any time, on grounds relating to your particular situation, to processing based on Art. 6 (1) (e) or (f) GDPR, including profiling. We will then cease processing unless we can demonstrate compelling legitimate grounds that override your interests, rights and freedoms or processing serves the establishment, exercise or defence of legal claims.
Where personal data are processed for direct marketing, you may object at any time; in that case we will no longer process the data for that purpose. This applies equally to profiling in so far as it is related to such direct marketing.
In connection with the use of information‑society services—and notwithstanding Directive 2002/58/EC—you may exercise your right to object by automated means using technical specifications.
Right to Object (Art. 21 GDPR) You may object at any time, on grounds relating to your particular situation, to processing based on Art. 6 (1) (e) or (f) GDPR, including profiling. We will then cease processing unless we can demonstrate compelling legitimate grounds that override your interests, rights and freedoms or processing serves the establishment, exercise or defence of legal claims.
Where personal data are processed for direct marketing, you may object at any time; in that case we will no longer process the data for that purpose.
You have the right to withdraw at any time any declaration of consent you have given under data‑protection law. Withdrawal affects only future processing; the legality of processing carried out on the basis of your consent up to the point of withdrawal remains unaffected.
Withdrawal may be made informally—for example by post or e‑mail. From the moment we receive your withdrawal, we will cease processing your personal data unless another statutory basis permits us to continue. If no such basis exists, we are obliged to erase your data without undue delay in accordance with Article 17 (2) GDPR. Your right to withdraw consent, subject to the above conditions, is fully ensured.
Please address withdrawals to:
Traitwise GmbH
Mühlenstr. 8a
14167 Berlin
Germany
contact@trait-wise.com
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority—in particular in the Member State of your habitual residence, place of work or the place of the alleged infringement—if you consider that the processing of personal data relating to you infringes the GDPR. The supervisory authority with which the complaint is lodged will inform you of the status and the outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR.
Right to Lodge a Complaint (Art. 77 GDPR) Without prejudice to any other remedy, you may lodge a complaint with a supervisory authority, in particular in your Member State of residence, place of work or place of the alleged infringement, if you consider that the processing of your personal data infringes the GDPR. The supervisory authority will inform you of the progress and outcome of the complaint including the possibility of a judicial remedy under Art. 78 GDPR.
No automated individual decision‑making, including profiling, takes place unless explicitly stated in this Privacy Policy.
Where personal data have been lawfully disclosed to third parties, we will inform them of any rectification, erasure or restriction pursuant to Arts. 16, 17 (1) and 18 GDPR, unless impossible or disproportionate.
We use cookies, beacons and other technologies to deliver our Services, to evaluate how they are used and to conduct marketing based on the data thus obtained. Cookies are small text files that store data relating to visited websites or domains and are saved on your device (computer, tablet or smartphone). When you access a website, the cookie stored on your device transmits information to the party that placed the cookie.
We want you to be able to make an informed decision for or against the use of cookies and other technologies that are not strictly necessary for the technical functionality of the services. Therefore, we enable you—on a voluntary basis—to choose, during your first visit to our services and at any time thereafter via the relevant settings, which cookies and technologies you wish to allow. Please note that functional cookies and similar technologies are strictly necessary for the use of our services and are therefore pre-enabled by default. Statistical and marketing cookies and other technologies are optional. You may consent to their use via the consent banner by actively opting in. Alternatively, you may decline the use of statistical and marketing cookies and technologies. Please note that even if you reject statistical and marketing cookies, advertising may still be shown to you; however, it will be less tailored to your interests. The full functionality of the services will remain available to you either way.
Unless we state otherwise (e.g. in the consent banner), cookies and similar technologies are stored for up to two years. Where cookies are set based on consent, you may withdraw consent or object (“opt‑out”) at any time.
We distinguish functionally between three categories:
We use Cookiebot as a consent management tool in the context of tracking and analytics activities within our Services. Cookiebot is a service provided by Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark, Tel.: +45 50 333 777, E-Mail: mail@cookiebot.com (“Cookiebot”). Cookiebot collects log file and consent data using JavaScript. This JavaScript enables us to inform you about, obtain, manage and document your consent for certain tags used in our Services.
We process the following data: (1) Consent data (i.e. data related to consent such as anonymised log data including Consent ID, Processor ID, Controller ID, consent status, timestamp); (2) Device data (i.e. data related to the device used, including truncated IP addresses (IPv4, IPv6), device information, timestamp); (3) User data (e.g. email address, user ID, browser information, setting IDs, changelog). The Consent ID (which includes the aforementioned data) and the consent status including timestamp are stored locally in your browser as well as on cloud servers used by us.
Further processing only occurs if you submit an information request or revoke your consent. Personal data that we process via Cookiebot is stored on our servers as well. The legal basis for processing personal data using Cookiebot as described here is our legitimate interest, as well as compliance with legal obligations, in accordance with Art. 6 (1) lit. f and c GDPR. By using Cookiebot, we aim to comply with legal requirements regarding data protection and tracking, and to ensure that our IT systems operate in a legally compliant and user-centric manner.
Using our Services—including all their functions—inevitably involves the processing of personal data. The following explains how and why this takes place.
When you merely access the Services for information, we process the following personal data and information: browser type and version, operating system used, address of previously visited web pages (referrer), IP address of the device you use to access the Services, and the time of access. All these data are automatically transmitted by your browser unless you have configured it to suppress transmission.
These personal data are processed in order to ensure the functionality and optimisation of the Services and to safeguard the security of our IT systems. These purposes constitute legitimate interests within the meaning of Article 6 (1)(f) GDPR, which forms the legal basis for the processing.
Beyond purely informational use, you may register for or log in to the Services and thereby make full use of our offering. In doing so we process, in particular, master and contact data—such as your e‑mail address and password—and automatically process connection data such as the date, device information and IP address.
Certain processing steps may be carried out by third‑party providers under their respective privacy policies. Where such processing constitutes processing on behalf of a controller within the meaning of Article 28 GDPR, the providers are bound by our instructions and subject to strict contractual safeguards.
Processing after registration / login differs from informational use. Data linked to your profile are collected for the purpose of verifying your status and thereby fulfilling our contractual obligations to you, which is a legitimate purpose under Article 6 (1)(b) GDPR. Where consent is required for a particular processing operation, we obtain it at the relevant point—e.g. via an opt‑in in the consent banner when you first use the Services. If you have further questions, we will gladly provide information under your right of access (Art. 15 (1) GDPR).
Depending on your registration status, you can access the functions described below. We make these functions available so that you can exploit the full scope of our Services—according to the plan you have booked—and so that we can achieve the best possible outcome in our collaboration. We do not forward the data you enter to unauthorised third parties; rather, we process them solely to perform the contractual relationships concluded with you, in particular the user agreement for the Services. Accordingly, the legal basis for processing your data is Article 6 (1)(b) GDPR.
Within the Services you, as a user, have the option of completing an aptitude‑diagnostic assessment that tests your suitability for specific job profiles. In doing so we process, in particular, your master data, contact data and any content data you provide, and we transmit the results of the aptitude‑diagnostic assessment to the company responsible for the relevant application procedure. That company is an authorised third party because it has commissioned us to carry out the assessment as part of your application process with that company. The company therefore conducts this part of the aptitude diagnostics with the support of our Traitwise platform, but remains independent and solely responsible for all processes and procedures relating to your application. Unless the company provides you with different information, the legal basis for its processing of your data in the context of applicant management is Art. 88 (1) GDPR in conjunction with § 26 (1) sentence 1 BDSG. The legal basis for storing the data for future recruitment procedures is your consent, which you may give when you submit your data, i.e. Art. 6 (1)(a) GDPR in conjunction with Art. 7 GDPR and § 26 (2) BDSG, and Art. 6 (1)(f) GDPR. We ourselves erase all data we have processed in the course of providing the Services, unless you have consented to further use, within six months after we have transmitted your test results to the company.
Within the Services you may also elect to store the results of the aptitude‑diagnostic assessment (see above) in our candidate pool. The purpose of the pool is to allow potentially interested companies to view your candidate profile, including your test results and contact details, so that they can use this information in their recruitment process, contact you and, for example, invite you to apply. Each company remains independent and solely responsible for all processes and procedures relating to your application. Unless the company provides you with different information, the legal basis for its processing of your data in the context of applicant management is Art. 88 (1) GDPR in conjunction with § 26 (1) sentence 1 BDSG. The legal basis for storing the data for future recruitment procedures is your consent, which you may give when you transmit your data, i.e. Art. 6 (1)(a) GDPR in conjunction with Art. 7 GDPR and § 26 (2) BDSG, and Art. 6 (1)(f) GDPR. We process your data in the candidate pool only for as long as we have your corresponding consent. We will therefore contact you at least once a year to ask whether you wish us to continue processing your data in the candidate pool.
Contact form / Contact by E‑mail:We process the personal data that you provide to us when you contact us in order to answer your enquiry, your e‑mail or your request for a call‑back. The categories of data processed include master data, contact data, content data and, where applicable, usage data, connection data and contract data. In individual cases we forward these data to affiliated companies or to third parties whom we commission to handle orders. The legal basis for processing depends on the purpose of the contact. By submitting an enquiry via the contact form or by contacting us by e‑mail you declare that you wish to receive answers or information on specific topics and therefore provide your data for that purpose. We reply as requested and process your data accordingly. Processing is thus authorised under Article 6 (1)(b) GDPR, because it is necessary in order to respond to your enquiry and thereby to perform the contract created by your request.
o be able to provide you with our Services, we engage a web‑hosting provider. Our Services are delivered from the servers of this hosting provider. For that purpose we make use of the provider’s infrastructure and platform services, computing capacity, storage space and database services, as well as its security‑ and technical‑maintenance services. ‑hosting provider to make the Services available is Article 6 (1)(f) GDPR (legitimate interest).
The data processed comprise all information that you enter—or that is otherwise collected—during your use and communication when visiting our Services (for example, your IP address). Our legal basis for using a web
The services we obtain from our hosting provider also include the sending, receipt and storage of e‑mails. For these purposes, the addresses of the recipients and senders of your e‑mails—together with additional information relating to e‑mail transmission (for example, the providers involved) and the contents of the respective messages—are processed. The data mentioned above are used, inter alia, for the detection of spam.
E‑mails are generally not encrypted end‑to‑end on the internet. As a rule, messages are encrypted only while in transit; they are not encrypted on the servers from which they are sent or received (unless end‑to‑end encryption is used). We therefore cannot assume responsibility for the transmission path of e‑mails between the sender and their reception on our server. Our legal basis for engaging a hosting provider to handle the dispatch and receipt of e‑mails is Article 6 (1)(f) GDPR (legitimate interest).
We ourselves (or our hosting provider) collect data on every access to the server (so‑called “server log files”). These log files may include the address and name of the services and files accessed, the date and time of access, the amount of data transferred, a message confirming successful retrieval, the browser type and version, your operating system, the referrer URL (the page visited immediately before) and—typically—IP addresses and the requesting provider.
Server log files are used, first, for security purposes, for example to prevent overloading of the servers (particularly in the event of abusive attacks such as DDoS attacks), and, second, to ensure optimal utilisation and stability of the servers. Our legal basis for engaging a hosting provider to collect access data and log files is Article 6 (1)(f) GDPR (legitimate interest).
To ensure a smooth technical workflow and an optimal, user‑friendly experience of our Services, we use the following services:
We use Google Analytics for the statistical evaluation of your use of our Services. We collect your IP address before it is anonymised by Google—through shortening—prior to being permanently stored on Google’s servers. Google Analytics enables us to understand how you use our Services and how we can therefore improve and further develop them. For example, Google Analytics shows which content you click on or visit repeatedly. The data processed are usage data and connection data. The recipient of the data is Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland (acting as a joint controller under Art. 26 GDPR). Should Google transfer these data to a third country (e.g. the United States), this occurs only in individual cases, on the basis of a data‑processing agreement concluded with Google and in compliance with the standard contractual clauses and other safeguards permitted under the GDPR that ensure the processing of your personal data with a level of protection equivalent to that in the EU—particularly under the EU-US Data Privacy Framework (DPF). The legal basis for using Google Analytics is your consent (e.g. by opting in via the consent banner), provided you have given it during your visit to our Services, and thus arises from Art. 6 (1)(a) GDPR. Based on your consent, cookies, so‑called “beacons” or similar text files are stored on your device and personal data are read from them. If you have not given consent to the use of Google Analytics (no opt‑in in the banner or withdrawal of your consent), we do not use Google Analytics when you visit our Services.
We use the Google Marketing Platform (including services such as Google Ad Manager) to place advertisements on the Google advertising network (e.g. in search results, videos, on websites, etc.). The Google Marketing Platform allows advertisements to be shown in real time based on the presumed interests of users. This enables us to display adverts more selectively so that you are shown only those ads that correspond to your potential interests. The data processed are usage data and connection data. The recipient of the data is Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland (acting as a joint controller under Art. 26 GDPR). Should Google transfer these data to a third country (e.g. the United States), this occurs only in individual cases, on the basis of a data‑processing agreement concluded with Google and in compliance with the standard contractual clauses and other safeguards permitted under the GDPR that ensure the processing of your personal data with a level of protection equivalent to that in the EU—particularly under the EU-US DPF. The legal basis for using Google Ad Manager is your consent (e.g. by opting in via the consent banner), provided you have given it during your visit to our Services, and thus arises from Art. 6 (1)(a) GDPR. Based on your consent, cookies, so‑called “beacons” or similar text files are stored on your device and personal data are read from them. If you have not given consent to the use of Google Ad Manager (no opt‑in in the banner or withdrawal of your consent), we do not use Google Ad Manager when you visit our Services.
We use Google Ads Conversion Tracking to measure the success of our Google Ads campaigns. Advertisements are first placed in the Google advertising network (e.g. in search results, videos, on websites, etc.) so that they are shown to users who are likely to be interested in them. We then measure the conversion of these adverts. We receive only anonymous aggregate information on the total number of users who clicked on our advert and were redirected to a page tagged with a “conversion‑tracking tag”. We ourselves receive no information that would allow users to be identified. The data processed are usage data and connection data. The recipient of the data is Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland (acting as a joint controller under Art. 26 GDPR). Should Google transfer these data to a third country (e.g. the United States), this occurs only in individual cases, on the basis of a data‑processing agreement concluded with Google and in compliance with the standard contractual clauses and other safeguards permitted under the GDPR that ensure the processing of your personal data with a level of protection equivalent to that in the EU—particularly under the EU-US DPF. The legal basis for using Google Ads Conversion Tracking is your consent (e.g. by opting in via the consent banner), provided you have given it during your visit to our Services, and thus arises from Art. 6 (1)(a) GDPR. Based on your consent, cookies, so‑called “beacons” or similar text files are stored on your device and personal data are read from them. If you have not given consent to the use of Google Ads Conversion Tracking (no opt‑in in the banner or withdrawal of your consent), we do not use Google Ads Conversion Tracking when you visit our Services.
We use Facebook Custom Audiences (Meta Pixel) to display personalised adverts in the Facebook advertising network (Facebook Ads) based on your pseudonymised browsing behaviour. We employ the Meta Pixel for remarketing purposes in order to re‑engage you on the Facebook social network within 180 days. The Meta Pixel implemented causes your browser to establish a direct connection to the Facebook server. The integration of the Meta Pixel informs Meta that you have accessed our Services or clicked on one of our adverts. If you are registered with Facebook, Meta can match the visit to your account. In addition to the IP address and the marketing identifier, Meta also receives information about the device you are using and the time, and can assign these data to your Facebook account. Meta processes these data under its own responsibility. We have no influence over the data collection and further processing by Meta. The data processed are usage data and connection data. The recipient of the data is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (acting as a joint controller under Art. 26 GDPR). Should Meta transfer these data to a third country (e.g. the United States), this occurs only in individual cases, on the basis of a data‑processing agreement concluded with Meta and in compliance with the standard contractual clauses and other safeguards permitted under the GDPR that ensure the processing of your personal data with a level of protection equivalent to that in the EU—particularly under the EU-US DPF. The legal basis for using the Meta Pixel is your consent (e.g. by opting in via the consent banner), provided you have given it during your visit to our Services, and thus arises from Art. 6 (1)(a) GDPR. Based on your consent, cookies, so‑called “beacons” or similar text files are stored on your device and personal data are read from them. If you have not given consent to the use of the Meta Pixel (no opt‑in in the banner or withdrawal of your consent), we do not use the Meta Pixel when you visit our Services.
We maintain fan pages on various social‑network websites and, in that context, process personal data in order to communicate with users active there or to provide information about our company. Please note that, when you visit our fan pages, your data may be processed outside the European Union. The operators of the respective social networks are responsible for such processing. For a detailed description of the individual processing operations and your options for objection (e.g. opt‑out), please refer to the privacy policies of the respective social‑network operators.
We operate a Facebook fan page for our company. When you visit the Facebook fan page, Facebook may analyse your usage behaviour and share aggregated information with us ("Insights"). We use these page insights to optimise our Services economically and to tailor them to users’ needs. The categories of data processed may include master data, contact data, content data, usage data and connection data. The recipient of the data is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, acting as a joint controller within the meaning of Art. 26 GDPR. The legal basis for processing the data in the manner described is our legitimate interest pursuant to Art. 6 (1)(f) GDPR.
Facebook is responsible for facilitating your data‑subject rights. Information on those rights is available at: https://www.facebook.com/legal/terms/information_about_page_insights_data. You may also assert your rights against us; we will forward your request to Facebook without delay.
We operate an Instagram fan page for our company. When you visit the Instagram fan page, Meta may analyse your usage behaviour and share aggregated information with us ("Insights"). We use these page insights to optimise our online presence and Services economically and in line with demand. The categories of data processed may include master data, contact data, content data, usage data and connection data. The recipient of the data is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, acting as a joint controller within the meaning of Art. 26 GDPR. The legal basis for processing the data in the manner described is our legitimate interest pursuant to Art. 6 (1)(f) GDPR.
Meta is responsible for facilitating your data‑subject rights. Information on those rights is available at: https://privacycenter.instagram.com/policy. You may also assert your rights against us; we will forward your request to Meta without delay.
We operate a LinkedIn fan page for our company. When you visit and use the LinkedIn fan page, LinkedIn may analyse your usage behaviour and share aggregated information with us. We use this information to optimise our online presence and Services economically and in line with demand. The categories of data processed include master data, contact data, content data, usage data and connection data. The recipient of the data is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, acting as a joint controller within the meaning of Art. 26 GDPR. The legal basis for processing the data in the manner described is our legitimate interest pursuant to Art. 6 (1)(f) GDPR.
LinkedIn is responsible for facilitating your data-subject rights. Information on those rights is available at: https://de.linkedin.com/legal/privacy-policy. You may also assert your rights against us; we will forward your request to LinkedIn without delay.
Traitwise requires your consent (by clicking "OK") to store and/or access information on your device (such as your IP address, user ID, browser data, and device identifiers). This data is used to measure traffic from ads, gain insights into target groups, and support product development.
Tracking and the transfer of your pseudonymized data to our partners only occurs after you click "OK" on this banner. You can withdraw your consent at any time by clicking the "Reject" link.
More information about how we handle your data, your consent options, and your rights can be found in our Privacy Policy. Our data processing partner is Google Ireland Limited.