Data protection statement for the use of our website
(Last updated: February 2022)
You will find information below on how we collect personal data when using our website. We have taken extensive operational protective measures to protect your data from accidental or deliberate loss or access by unauthorised individuals.
1. Responsible according to Art. 4, Para. 7 of the EU General Data Protection Regulation (GDPR):
Burchardstraße 13C – Chilehaus
Telefon +49(40) 80 90 72 90
2. You can contact our data protection officer by either using our postal address with the add-on „Data Protection Officer“ or on firstname.lastname@example.org.
3. The subject of data protection is personal data under the terms of Art. 4, Para. 1 of the GDPR. This is all information which relates to an identified or identifiable natural person. It generally includes all information which could be used to identify a natural person (indirectly at least). This could be, for example, a person’s name or contact details (e. g. telephone number, postal address and email address). The IP address can also represent personal data in this sense.
4. You have the following rights with regard to the personal data concerning you:
1 General rights
You have a right of access, correction, deletion, restriction of processing, objection to processing and data portability. Insofar as processing is based on your consent, you have the right to revoke this consent you gave us with effect for the future.
2 Rights with regard to data processing according to a legitimate interest
According to Art. 21, Para. 1 of the GDPR, you have the right, on grounds relating to your particular situation, to object at any time to either processing of the personal data concerning you based on Art. 6, Para. 1 e) of the GDPR (data processing in the public interest) or based on Art. 6, Para. 1 f) of the GDPR (data processing to protect a legitimate interest); this also applies to profiling based on this regulation. If you object, we shall no longer process your personal data unless we can demonstrate compelling and legitimate grounds for processing which outweigh your interests, rights and freedoms, or if processing serves to establish, exercise or defend legal claims.
3 Right to lodge a complaint with a supervisory authority
You also have the right to lodge complaints regarding our processing of your personal data with a responsible data protection supervisory authority.
5. UnisonSteadfast only collects, processes and uses your personal data insofar as this is permitted or required by the GDPR, the German Federal Data Protection Act, another piece of legislation, or insofar as you, as a user of our website, have consented to such collection, processing and use.
6. When you are using the website for information purposes, we only collect the personal data which your browser transfers to our server. When you visit our website, we collect the following data, which is technically necessary for us to enable you to view the website and to guarantee stability and security. The legal basis for this is Art. 6, Para. 1 f) of the GDPR:
IP address, date and time of the request, time zone difference from Greenwich Mean Time (GMT), content of the request (specific page), access status / HTTP status code and the amount of data transferred.
7. With confirming the processing of your data according to Art. 6, Paras. 1 a) and b) of the GDPR, you can request receiving our corporate magazine, UnisonTimes. For this service, certain personal information is required. The provision is voluntary. The voluntary provision of additional data allows us to improve our website and provide you, on request, with targeted offers specifically tailored to meet your needs. You can enter this data in the designated places on the website. We process your data for the purpose of responding to your enquiry and providing you with the requested publication. If data is exceptionally processed for other purposes, this only takes place if you have given your consent to this effect.
The following data will be requested within this request: name, surname and email address.
8. If you contact us by email or using the contact form, the data you share (your email address and possibly your name and telephone number) shall be stored by us for the purpose of answering your questions. If we request that you use our contact form to input information which is not necessary for contact, we have always marked this as being optional. We use this information to substantiate your enquiry and to improve handling of your request. This information is communicated exclusively on a voluntary basis and with your consent as per Art. 6, Para.1 a) of the GDPR. If this information relates to communication channels (e.g. your email address or telephone number), you are also consenting to the fact that we may, if necessary, contact you using these communication channels to respond to your request. You may revoke this consent at any time with effect for the future.
We delete the data collected in this regard once storage is no longer necessary, or we restrict processing if legal retention requirements exist.
9. You can apply to our company electronically by email. We will only use your information for the purpose of processing your application and will not disclose it to third parties as required by law or we have your express consent.
If you have applied for a specific position and it has already been filled, or if we believe that another position is also suitable for you, we would be more than happy to forward your application within the company. Please let us know if you do not agree to your email being forwarded within our company.
Your personal data is deleted immediately once the application process is closed, or at most after six months, unless you have given us your express consent to store your data for longer or a contract has been concluded. The legal basis is Art. 6, Paras. 1 a), b) and f) of the GDPR and Section 26 of the German Federal Data Protection Act.
10. When you use our website, cookies are stored on your computer. Cookies are small text files that are saved on your hard drive, are assigned to the browser you use and through which the party that sets the cookie receives certain information. Cookies cannot either run any programs or transfer viruses to your computer. They are used to make the website more user-friendly.
This website uses the following types of cookies, the scope and functions of which are explained below:
1 Transient cookies
These cookies are automatically deleted when you close the browser. They particularly include session cookies. These save a ‘session ID’ which can be used to assign various requests from your browser to the same session. Your computer can therefore be recognised if you return to our website. The session cookies are deleted if you either log out or close the browser.
2 Persistent cookies
These cookies are automatically deleted after a specified period of time, which can vary depending on the cookie in question. You can delete the cookies at any time in your browser’s security settings.
3 Flash cookies
The flash cookies used are not recorded by your browser, but rather by your Flash plugin. We also use HTML5 storage objects, which are stored on your terminal device. These objects store the data required regardless of the browser you use and do not have an automatic expiry date. If you do not want the flash cookies to be processed, you must install a corresponding add-on, such as ‘Better Privacy’ for Mozilla Firefox (https://addons.mozilla.org/de/firefox/addon/betterprivacy/) or the Adobe Flash Killer Cookie for Google Chrome. You can prevent the use of HTML5 storage objects by using your browser in Private mode. We also recommend manually deleting your cookies and browser history on a regular basis.
4 Preventing cookies
You can configure your browser settings in line with your requirements and refuse to either accept third-party cookies or all cookies, for example. Please note that if you do so, you may not be able to use all the functions of this website.
5 Legal bases and duration of storage
The legal bases for potential processing of personal data and the data storage durations vary and are described in the sections below.
11. We use various services for the purposes of analysing and optimising our website; We can use the below-described services to analyse how many users visit our page, what information is desired most or how users discover our offering. We collect data that includes the website from which a data subject has arrived at another (called the ‘referrer’), the pages that are accessed on a website, and how often and for how long a page is viewed. This helps us to make our website user-friendly and also to improve it. The data collected in this way is not used to identify individual users personally. Data is collected anonymously or, at most, under pseudonyms. The legal basis for this is GDPR Art 6(1).
1 Google Analytics
If you give your consent, this website will use Google Analytics, a web analytics service from Google LLC. The relevant service provider in the EU is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (‘Google’).
Scope of processing
We use the ‘anonymizeIP’ function (i.e. IP masking), enabling IP anonymisation on this website. Accordingly, Google truncates your IP address within member states of the European Union or in other countries party to the Agreement on the European Economic Area. Only in exceptional cases is your full IP address transmitted to a Google server in the United States and truncated there. The IP address transmitted by your browser through Google Analytics is not combined with any other data held by Google.
The following data, among other things, is collected during your visit to this website:
the pages you have viewed, i.e. your ‘click path’
your usage patterns (e.g. clicks, dwell time and bounce rates)
your approximate location (region)
your IP address (truncated)
technical details about your browser and the devices you use (e.g. language settings, screen resolution)
your Internet service provider
the referrer URL (the website/advertisement from which you arrive at this website)
Purposes of processing
Google uses this information on behalf of the website operator to analyse how you (under a pseudonym) use the website and to compile reports about the website’s activities. The reports supplied by Google serve the purpose of analysing the performance of our website.
Recipient of the data
The recipient of the data is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. To this end, we have signed a data processing agreement with Google. Google LLC, based in California in the United States, and potentially American authorities may have access to the data stored at Google.
Length of storage
Data that is sent by us and linked with cookies is automatically deleted after fourteen months. Data for which the storage period has expired is automatically deleted once per month.
Furthermore, you can stop Google from storing and processing the cookie-generated data concerning your use of the website (including your IP address) by:
You can also prevent cookies from being stored by configuring the relevant settings in your browser. However, if you set your browser to reject all cookies, you may experience restrictions in the functionality of this and other websites.
Legal grounds and option to withdraw consent
Your consent represents the legal grounds for this data processing in accordance with German Telemedia Act (TMG) s 15(3) in conjunction with GDPR Arts 4(11) and 7. You may at any time withdraw your consent with effect for the future by accessing the cookie settings and changing your choices there.
A browser add-on that deactivates Google Analytics has been developed for website visitors who do not want their data to be used in Google Analytics. https://tools.google.com/dlpage/gaoptout?hl=en
12. We provide social media buttons so that the content of our website can be shared on social networks.
The buttons offered directly by the operators of social networks generally transfer personal data such as IP addresses to the social network in question when a website with these integrated buttons is loaded. As a result, social network operators automatically receive precise information about your internet surfing. You do not have to be logged in to the network in question for this to occur; you do not even need to be a member of said network.
13. UnisonSteadfast discloses personal data to companies outside of the company in exceptional circumstances if we use these companies to process your data. In these cases, however, the amount of data transferred is restricted to the minimum required. Insofar as recipients outside of UnisonSteadfast come into contact with your personal data, we ensure in the context of processing as per Art. 28 of the GDPR that these parties comply with the regulations set down in data protection legislation in the same way. Please also note the providers’ respective privacy policies. The respective service provider is responsible for the contents of external services, whereby we check, within reasonable limits, that the services comply with the legal requirements.
We never transfer any personal data which we collect on this website to countries outside the European Union, or the European Economic Area or Australia – unless such transmission is expressly stated.