Data Protection

1. General notes and mandatory information

1.1. Foreword

We take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

This privacy policy explains which data we collect when you visit our website, for contract processing, for marketing measures and for other processing listed in the privacy policy, how we use it and to whom we pass it on. We also inform you about your rights to information, correction, objection and deletion of your data.

We may update this Privacy Policy from time to time to keep information up to date or to reflect changes in the law. For new processing purposes that affect the data you have already provided, we will, where required by law, obtain separate consent from you or inform you by email of any significant changes.

We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.

Last update: December 2024

1.2. Note on the responsible body

The responsible body for data processing is:

MBS Speditionsgesellschaft mbH
Hansestr. 57
51149 Cologne

Phone: +49 2203 93380
E-mail: info@mbslogistics.com

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).

We have appointed a data protection officer who you can contact at any time with questions about data protection:

Dr Georg Schröder, LL.M.
legal data Schröder Rechtsanwaltsgesellschaft mbH

Prannerstr. 1
80333 Munich
Phone: +49 (0)89 954 597 520
Fax: +49 (0)89 954 597 522

E-mail: datenschutz@legaldata.law

1.3. Processing and storage duration

As the responsible body, it is our task to process your data only to the extent permitted by law and to secure the processing with suitable protective measures.

We only store your data for as long as is necessary for the purpose for which it was collected, unless a legal basis requires longer storage (e.g. retention periods under tax or commercial law). Your data will then be deleted.

The various processing operations that we carry out and the associated information are listed in detail under Point 3 – Data processing.

1.4. Data transmission

We only pass on your personal data to third parties in the following cases:

If you have expressly given us your consent in accordance with Art. 6 para. 1 lit. a GDPR.
If this is legally permissible and necessary for the fulfilment of a contractual relationship or for the implementation of pre-contractual measures, e.g. to payment, shipping or collection service providers (pursuant to Art. 6 para. 1 lit. b GDPR).
If there is a legal obligation to pass on the data, e.g. to authorities, social security institutions or law enforcement authorities (pursuant to Art. 6 para. 1 lit. c GDPR).
If the transfer is necessary to safeguard our legitimate interests or for the establishment, exercise or defence of legal claims and there are no overriding legitimate interests on your part to the contrary (pursuant to Art. 6 para. 1 lit. f GDPR).
If we use external service providers (processors) in accordance with Art. 28 GDPR, who only process your data in accordance with our instructions and are obliged to maintain data secrecy, e.g. in the IT or marketing area.

1.5. Transfer to third countries

Your personal data is generally processed in Germany or within the EU, where the GDPR guarantees a high level of data protection. If we commission service providers outside the EU, a lower level of data protection may apply in these countries. For transfers to third countries, we ensure compliance with the data protection requirements pursuant to Art. 44 et seq. GDPR through EU standard contractual clauses. When commissioning service providers in the USA, data is transferred on the basis of the adequacy decision of the EU-US Privacy Framework, provided the company is certified. Otherwise, we use standard contractual clauses.

2. Your rights under data protection law

2.1. Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can withdraw your consent at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

2.2. Right to object to the collection of data in special cases and to direct marketing (Art. 21 GDPR)

IF THE DATA PROCESSING IS BASED ON ART. 6 ABS. 1 LIT. E OR F GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA CONCERNED UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS OR THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE OR DEFENCE OF LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 21 PARA. 1 GDPR).

IF YOUR PERSONAL DATA ARE PROCESSED FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH MARKETING; THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR THE PURPOSE OF DIRECT MARKETING (OBJECTION PURSUANT TO ART. 21 PARA. 2 GDPR).

2.3. Right to lodge a complaint with the competent supervisory authority

In the event of infringements of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, place of work or place of the alleged infringement. The right to lodge a complaint is without prejudice to any other administrative or judicial remedies.

2.4. Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a commonly used, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.

2.5. Information, correction and deletion

Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of the data processing and, if necessary, a right to correction or deletion of this data. You can contact us at any time if you have further questions on the subject of personal data.

2.6. Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. You can contact us at any time to do this. The right to restriction of processing exists in the following cases:

If you dispute the accuracy of your personal data stored by us, we generally need time to check this. For the duration of the review, you have the right to request that the processing of your personal data be restricted.
If the processing of your personal data was/is unlawful, you can request the restriction of data processing instead of erasure.
If we no longer need your personal data, but you need it for the exercise, defence or assertion of legal claims, you have the right to request the restriction of the processing of your personal data instead of its erasure.
If you have lodged an objection in accordance with Art. 21 para. 1 GDPR, a balance must be struck between your interests and ours. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.

If you have restricted the processing of your personal data, this data – apart from its storage – may only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.

3. Data processing in detail

In the following, we would like to give you a detailed overview of the individual data processing operations, as well as the purposes, legal bases, storage period and recipients of this data.

3.1. Website

3.1.1. General information

If you visit our website without providing us with further data by registering or using the contact form, we automatically collect technical log data (so-called log files) that are sent from your end device to our server. This includes, among other things:

IP address
Date and time of the enquiry
URL of the accessed subpage
URL of the referring page (referrer URL)
Access status/HTTP status code
Browser type, language and version
Operating system

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

This data processing is necessary to display our website to you and to ensure its security and stability. The legal basis is Art. 6 para. 1 lit. f GDPR, as the processing is necessary to safeguard our legitimate interests in order to enable the technically error-free display and optimisation of our website.

The data is deleted as soon as it is no longer required to display the website, but no later than seven days after your visit. The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. The user does not have the option to object to this.

We host the content of our website with the provider Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen (hereinafter referred to as Hetzner).

The use of Hetzner is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in displaying our website as reliably as possible. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

Details can be found in Hetzner’s privacy policy: https://www.hetzner.com/de/legal/privacy-policy/.

3.1.2. Cookies

Our Internet pages use so-called “cookies”. Cookies are small data packets and do not cause any damage to your end device. They are stored on your device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or they are automatically deleted by your web browser.

Cookies may originate from us (first-party cookies) or from third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services from third-party companies within websites (e.g. cookies for processing payment services).

Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the shopping basket function or the display of videos). Other cookies can be used to analyse user behaviour or for advertising purposes.

Cookies that are required to carry out the electronic communication process, to provide certain functions that you have requested (e.g. for the shopping basket function) or to optimise the website (e.g. cookies to measure the web audience) (necessary cookies) are stored on the basis of Art. 6 para. 1 lit. f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in the storage of necessary cookies for the technically error-free and optimised provision of its services. If consent to the storage of cookies and comparable recognition technologies has been requested, the processing is carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG); the consent can be revoked at any time.

You can revoke your consent at any time or access further detailed information on the individual cookies, including type, storage duration and data transmission, via the cookie settings on our website at the following link:

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.

You can find out which cookies and services are used on this website under Point 4 – Third-party tools.

3.2. Pre-contractual and contractual processing

We collect personal data from you or the contact persons of the companies as part of the pre-contractual relationship and upon conclusion of the contract. This includes, for example, first and last name, address, e-mail address, telephone number or payment method. This data is collected and processed exclusively for the fulfilment of a concluded contract or for the fulfilment of pre-contractual obligations, e.g. in the context of customer orders, contracts with service providers, contractual partners and other business partners.

The legal basis for this is Art. 6 para. 1 lit. b GDPR. If you have also given your consent, the additional legal basis is Art. 6 para. 1 lit. a GDPR.

As soon as your data is no longer required for the fulfilment of the purpose of processing, it will be deleted. In addition, legal regulations may result in obligations to retain data. The retention periods are up to ten years and are set out in the provisions of the German Commercial Code (HGB) and the German Fiscal Code (AO). Your data will be deleted after the specified periods have expired.

3.3. Contact options

Personal data is collected when you contact us (e.g. by telephone, contact form, email or fax). Which data is collected via the contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of processing your enquiry or for contacting you and the associated technical administration.

The legal basis for the processing of the data is our legitimate interest in processing your request in accordance with Art. 6 para. 1 lit. f GDPR. If your contact is aimed at the conclusion of a contract, the legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

Your data will be deleted after final processing of the enquiry if it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.

3.4. Applications

All applications are processed and accepted exclusively via our application portal (https://www.mbslogistics.com/en/careers/). On the application portal you will find detailed information on the processing of your data as part of the application process.

3.5. Newsletter

If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. No further data is collected, or only on a voluntary basis.

The data processing takes place on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. The legality of the data processing operations that have already taken place remains unaffected by the revocation.

The data you provide us with for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data stored by us for other purposes remains unaffected by this.

We use newsletter service providers, which are described below, to process the newsletter.

This website uses Brevo to send newsletters. The provider is Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany.

Brevo is a service that can be used to organise and analyse the sending of newsletters, among other things. The data you enter for the purpose of subscribing to the newsletter is stored on the servers of Sendinblue GmbH in Germany.

With the help of Brevo, we are able to analyse our newsletter campaigns. For example, we can see whether a newsletter message has been opened and which links have been clicked on. In this way, we can determine which links have been clicked on particularly often.

We can also recognise whether certain previously defined actions were carried out after opening/clicking (conversion rate). For example, we can recognise whether you have made a purchase after clicking on the newsletter.

Brevo also allows us to subdivide (“cluster”) newsletter recipients according to various categories. The newsletter recipients can be categorised by age, gender or place of residence, for example. In this way, the newsletters can be better customised to the respective target groups.

If you do not wish to be analysed by Brevo, you must unsubscribe from the newsletter. We provide a link for this purpose in every newsletter message.

After you unsubscribe from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist if this is necessary to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). Storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.

Detailed information on the functions of Brevo can be found at the following link: https://www.brevo.com/de/newsletter-software/.

For more information, please refer to Brevo’s privacy policy at: https://www.brevo.com/de/datenschutz-uebersicht/ and https://www.brevo.com/de/legal/privacypolicy/.

4. Tools from third-party providers

4.1. Consent with Borlabs Cookie

Our website uses Borlabs Cookie consent technology to obtain your consent to the storage of certain cookies in your browser or to the use of certain technologies and to document these in compliance with data protection regulations. The provider of this technology is Borlabs GmbH, Rübenkamp 32, 22305 Hamburg, Germany (hereinafter referred to as Borlabs).

When you enter our website, a Borlabs cookie is stored in your browser, in which the consents you have given or the revocation of these consents are stored. This data is not passed on to the provider of Borlabs Cookie.

The data collected will be stored until you ask us to delete it or delete the Borlabs cookie yourself or until the purpose for storing the data no longer applies. Mandatory statutory retention periods remain unaffected. Details on data processing by Borlabs Cookie can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.

Borlabs cookie consent technology is used to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 lit. f GDPR.

4.2. Google

4.2.1. Google Tag Manager

We use the Google Tag Manager tool on our website. Google Tag Manager is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Tel: +353 1 543 1000, Fax: +353 1 686 5660, E-Mail: support-deutschland@google.com (“Google”), with which marketers can manage website tags via an interface.

The Google Tag Manager only implements tags. Tags are small code elements on the website that are used, among other things, to measure traffic and visitor behaviour, record the impact of online advertising and social channels, use remarketing and targeting and test and optimise the website.

This means that no additional cookies are used. No personal data is collected. Google Tag Manager triggers other tags, which in turn may collect data. Google Tag Manager does not access this data. If deactivation has been carried out at domain or cookie level – in particular if you have selected the objection solution for Google Analytics described above or have made the corresponding settings in your browser – it will remain in place for all tracking tags if they are implemented with Google Tag Manager.

Further information on data protection at Google can be found here: https://policies.google.com/privacy?hl=en

Data protection conditions for advertising: https://www.google.com/intl/en/policies/technologies/ads/

4.2.2. Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyse the behaviour of website visitors. In doing so, the website operator receives various usage data, such as page views, length of visit, operating systems used and origin of the user. This data is assigned to the user’s end device. It is not assigned to a user ID.

We can also use Google Analytics to record your mouse and scroll movements and clicks, among other things. Google Analytics also uses various modelling approaches to supplement the recorded data records and uses machine learning technologies for data analysis.

Google Analytics uses technologies that enable the recognition of the user for the purpose of analysing user behaviour (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is generally transmitted to a Google server in the USA and stored there.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://privacy.google.com/businesses/controllerterms/mccs/.

Google Analytics IP anonymisation is activated. As a result, your IP address will be truncated by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information to analyse your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

You can prevent the collection and processing of your data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

You can find more information on how Google Analytics handles user data in Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

4.2.3. YouTube with extended data protection

This website embeds videos from the YouTube website. The operator of the website is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

When you visit one of these websites on which YouTube is integrated, a connection to the YouTube servers is established. The YouTube server is informed which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account.

We use YouTube in extended data protection mode. According to YouTube, videos that are played in extended data protection mode are not used to personalise surfing on YouTube. Ads that are played in extended data protection mode are also not personalised. No cookies are set in extended data protection mode. Instead, so-called local storage elements are stored in the user’s browser, which contain personal data similar to cookies and can be used to recognise the user. Details on the extended data protection mode can be found here: https://support.google.com/youtube/answer/171780.

After activating a YouTube video, further data processing operations may be triggered over which we have no influence.

The use of YouTube is in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s end device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

Further information about data protection at YouTube can be found in their privacy policy at: https://policies.google.com/privacy?hl=de.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.

4.2.4. Google Maps

This site uses the map service Google Maps. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. With the help of this service, we can integrate map material on our website.

To use the functions of Google Maps, it is necessary to save your IP address. This information is usually transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. If Google Maps is activated, Google may use Google Fonts for the purpose of standardising the display of fonts. When you call up Google Maps, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.

The use of Google Maps is in the interest of an appealing presentation of our online offers and to make it easy to find the places we have indicated on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

You can find more information on the handling of user data in Google’s privacy policy: https://policies.google.com/privacy?hl=de.

4.2.5. Google Fonts

We use external fonts from Google on this website. Google Fonts is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Tel: +353 1 543 1000, Fax: +353 1 686 5660, E-Mail: support-deutschland@google.com (“Google”).

These web fonts are integrated via a server call. This may also be a Google server in the USA. The server is informed which of our web pages you have visited. The IP address of your end device is also processed by Google.

The purpose of using Google Fonts is the standardised display of fonts. The legal basis is your consent in accordance with Art. 6 para. 1 lit. a GDPR.

The data collected by Google through the use of Google Fonts is not processed by us.

You can find further information on data protection for “Google Fonts” in the provider’s FAQ at: https://developers.google.com/fonts/faq/privacy?hl=de

4.2.6. Further information and transfer to third countries

You can find more information on the handling of user data in Google’s privacy policy: https://policies.google.com/privacy?hl=de.

If data is transferred to Google in the USA, this is done on the basis of the standard contractual clauses of the EU Commission or on the basis of the adequacy decision of the EU Commission.

Details can be found here: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

4.2.7. CO2 emissions calculator

We have integrated WildVenture GmbH’s CO2 calculator on our website, which you can use to calculate your CO2 footprint. We would like to point out that we do not process any personal data when you use this tool. WildVenture GmbH, Oberbergstrasse 110, CH-6390 Engelberg, is responsible for data processing in connection with the CO2 emissions calculator. The registration and login functions cannot be used on our website and you will be redirected to the WildVenture GmbH website in this context.

Further information on the processing of your data by WildVenture GmbH and your rights can be found in their privacy policy, which you can access at the following link: https://www.carboncare.org/datenschutz

5. Use of social media

5.1. Meta services (Instagram / Facebook)

5.1.1. General information

If you visit our Instagram channel or Facebook fan page, personal data will be stored and processed by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 D02 X525, Ireland (hereinafter: “Meta Platforms Ireland”), as the provider of Instagram and Facebook, in accordance with the Instagram (https://privacycenter.instagram.com/policy/) and Facebook (https://www.facebook.com/privacy/policy/) privacy policies.

Please note that Meta Platforms Ireland may transfer personal data to the USA. Meta Platforms Ireland obliges recipients outside the EU/EEA to comply with an adequate standard of data protection on the basis of so-called EU standard contractual clauses. In addition, a transfer to a third country may also take place on the basis of the recognition of an adequate level of data protection by the European Commission (so-called adequacy decision).

With regard to the processing of Insights data, there is a joint responsibility between Meta Platforms Ireland and us, under which Meta Platforms Ireland has assumed primary responsibility. This concerns the processing of Insights data and the implementation of data subjects’ rights. Therefore, please contact Meta Platforms ireland directly regarding all obligations under the GDPR with regard to the processing of Insights data. We will forward any requests we receive in this regard to Meta Platforms Ireland. Further details on this are set out in the Joint Controller Addendum, which you can find here: www.facebook.com/legal/terms/page_controller_addendum

Meta Platforms Ireland will generally fulfil your legal rights on our behalf. However, you can also contact us regarding your rights listed below:

Right to withdraw consent in accordance with Art. 7 para. 3 GDPR
Right to information in accordance with Art. 15 GDPR
Right to rectification and completion in accordance with Art. 16 GDPR
Right to erasure and to be “forgotten” in accordance with Art. 17 GDPR
Right to restriction of processing in accordance with Art. 18 GDPR
Right to data portability in accordance with Art. 20 GDPR
Right to object pursuant to Art. 21 GDPR
Right not to be subject to a decision based solely on automated processing – including profiling – in accordance with Art. 22 GDPR
Complaint to a data protection supervisory authority in accordance with Art. 77 GDPR

5.1.2. Instagram

The purpose of processing your data on our Instagram profile page is to provide information about our offers and services and to respond to any enquiries on our profile page. The legal basis for the processing is Art. 6 para. 1 lit. f GDPR. In this respect, public relations work is covered by our legitimate interests within the meaning of the provision.

We use the statistics service Instagram Insights for the purpose of designing and continuously optimising our pages to meet your needs. This service records your activity on our site and makes it available to us in anonymised statistics. This provides us with information about, among other things, the interactions of our fan page visitors, the views of our page, the reach of posts, information about the activity of our subscribers and information about the countries and locations from which our visitors come, as well as statistics about the gender ratios of our visitors. It is not possible for us to draw conclusions about individual users or access individual user profiles.

You are not obliged to provide us with your data on our profile pages on social networks. If you do not want the operators of the social networks to collect data from you on our profile pages, you can prevent this by not accessing our profile pages.

We delete private messages that you send us via Instagram within one year of the last communication with you. We will always keep your public posts (e.g. in our timeline) published permanently until you expressly request their deletion.

The provision of our services generally requires the involvement of instruction-dependent processors, such as data centre operators or other parties. External service providers who process data on our behalf are carefully selected by us and strictly bound by contract.

5.1.3. Facebook

If you visit our Facebook fan page, Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 D02 X525, Ireland (hereinafter: “Meta Platforms Ireland”) collects, stores and processes your personal data in accordance with Facebook’s privacy policy. You can find the privacy policy here: https://www.facebook.com/privacy/policy/

The purpose of processing your data on our Facebook profile page is to provide information about our offers and services and to respond to any enquiries on our profile page. The legal basis for the processing is Art. 6 para. 1 lit. f GDPR. In this respect, public relations work is covered by our legitimate interests within the meaning of the provision.

As part of the “Facebook Insights” function, Facebook may provide us with the following categories of data in anonymised/statistical form for the purpose of measuring performance and optimising our Facebook presence:

Predefined interactions on our fan page
Timestamp
Country/city of the user
HTTP language code
Age/gender group
Previously visited website (so-called referral URL)
End device of the user
Facebook user ID (if logged in)

We delete private messages that you send us via Facebook within one year of the last communication with you. We will always keep your public posts (e.g. in our timeline) published permanently until you expressly request their deletion.

5.2. LinkedIn

On our LinkedIn page we inform you about career prospects with us and you can contact us directly.

Personal user data is processed by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland (hereinafter: “LinkedIn”). You can find LinkedIn’s privacy policy at: https://www.linkedin.com/legal/privacy-policy

The purpose of processing your data on our LinkedIn profile pages is to provide information about our offers and services and to respond to any enquiries on our profile pages. The legal basis for the processing is Art. 6 para. 1 lit. f GDPR. In this respect, public relations work is covered by our legitimate interests within the meaning of the provision.

We use the analytics functions provided by LinkedIn to optimise the performance of our LinkedIn page. LinkedIn provides us with a statically prepared – i.e. anonymised – compilation of certain data. This includes the following categories of data Conversions (achievement of certain targets such as registrations for events, leads), user actions (e.g. clicks, views of certain adverts) and target groups (e.g. professional position, industry). It is not possible for us to draw conclusions about individual users or access individual user profiles.

We can also search for suitable candidates for vacant positions based on certain characteristics (e.g. current position, skills, professional experience, salary expectations). In this way, we can be shown specific LinkedIn profiles that we can contact directly.

We delete private messages that you send us via LinkedIn within one year of the last communication with you. We will always keep your public posts (e.g. in comments) published permanently until you expressly request their deletion.

We would like to point out that LinkedIn may transfer personal data to the USA. LinkedIn obliges recipients outside the EU/EEA to comply with an appropriate standard of data protection on the basis of so-called EU standard contractual clauses. In addition, a transfer to a third country may also take place on the basis of the recognition of an adequate level of data protection by the European Commission (so-called adequacy decision).

In principle, LinkedIn will fulfil your legal rights on our behalf. However, you can also contact us regarding your rights listed below:

Right to withdraw consent in accordance with Art. 7 para. 3 GDPR
Right to information in accordance with Art. 15 GDPR
Right to rectification and completion in accordance with Art. 16 GDPR
Right to erasure and to be “forgotten” in accordance with Art. 17 GDPR
Right to restriction of processing in accordance with Art. 18 GDPR
Right to data portability in accordance with Art. 20 GDPR
Right to object in accordance with Art. 21 GDPR
Right not to be subject to a decision based solely on automated processing – including profiling – in accordance with Art. 22 GDPR
Complaint to a data protection supervisory authority in accordance with Art. 77 GDPR

News

Search by:

Archive