Data Protection

Privacy Policy

General Data Protection Information
Data Protection Information for Applicants

1. General Data Protection Information

Contact information

Responsible party in terms of the EU General Data Protection Regulation (GDPR) and service provider in terms of the German Telemedia Law (TMG) is

The Social Chain AG
Alte Jakobstraße 85/86
10179 Berlin
Germany
Phone: 030 208484010

(hereinafter also referred to as "we", "our" or "us")

You can reach the data protection supervisor of the Social Chain AG at
The Social Chain AG
Alte Jakobstraße 85/86
10179 Berlin
Germany
Email: privacy@socialchain.de

Access logs and types of data processed when the page is accessed
When you use the website for information purposes, we only collect personal data that your browser sends to our server. If you wish to access our website, we collect the following data:

•  File name of the requested file(s)
•  Date and time of the request
•  Quantity of data transmitted
•  An indication whether the file has been transmitted in completely
•  Information about your web browser and operating system
•  Address of the page from which you started the request
•  Your IP address

This data is stored in the log files of our system. We do not store this data or any other personal data. We collect the listed data to ensure a proper connection to the website and to enable a comfortable use of our website for users. In addition, the log file serves to evaluate system security and stability as well as for administrative purposes. As there is a legitimate interest in the temporary storage of the data or log files, the legal base is Art. 6 para. 1 letter f DSGVO.

For reasons of technical security, in particular to prevent attacks on our web server, this data is stored by us for a short period of time. It is not possible for us to draw conclusions about individual persons on the basis of this data. After seven days at the latest, the data is anonymised by shortening the IP address at domain level, so that it is no longer possible to establish a link to the individual user.

In anonymised form, the data is also processed for statistical purposes. We do not store this data or any other personal data. All data will be deleted as soon as it is no longer required for the purpose of its collection.

Processing of personal data
We only collect, use and transmit personal data if this is legally allowed or we have your consent to do so.

Contact
Whenever you send us an inquiry, e.g. by e-mail, we will save your inquiry for processing and for further inquiries. The personal data sent to us by e-mail (e.g. name, address, telephone number or e-mail address) is used exclusively for the processing of contact inquiries.

Data will not be forwarded to third parties or published.

Because of the legitimate interest in the processing of data transmitted by e-mail, the legal basis is Art. 6 para. 1 p. 1 lit. f GDPR.

Data will be deleted as soon as it is no longer necessary for the purpose for which it was collected. This is the case when the processing of the respective inquiry has been completed, i.e. when it can be concluded from the circumstances that the matter in question has been finally clarified.

We would like to point out that the confidentiality of e-mails or other electronic forms of communication on the Internet cannot be guaranteed. We recommend sending confidential information by post.

The rights of users and data subjects
With regard to data processing described in more detail below, users and data subjects have the right

•  to confirmation of whether data concerning them is being processed, information about the data being processed, further information about the nature of the data processing, and copies of the data (cf. also Art. 15 GDPR);
•  to correct or complete incorrect or incomplete data (cf. also Art. 16 GDPR);
•  to the immediate deletion of data concerning them (cf. also Art. 17 GDPR), or, alternatively, if further processing is necessary as stipulated in Art. 17 Para. 3 GDPR, to restrict said processing per Art. 18 GDPR;
•  to notification per Art. 19 GDPR;
•  to receive copies of the data concerning them and/or provided by them and to have the same transmitted to other providers/controllers (cf. also Art. 20 GDPR);
•  to file complaints with the supervisory authority if they believe that data concerning them is being processed by the controller in breach of data protection provisions (see also Art. 77 GDPR).

In addition, the controller is obliged to inform all recipients to whom it discloses data of any such corrections, deletions, or restrictions placed on processing the same per Art. 16, 17 Para. 1, 18 GDPR. However, this obligation does not apply if such notification is impossible or involves a disproportionate effort. Nevertheless, users have a right for information about these recipients.

Likewise, under Art. 21 GDPR, users and data subjects have the right to object to the controller's future processing of their data pursuant to Art. 6 Para. 1 lit. f) GDPR.

These are cases where the processing operation is based on legitimate interests of the controller and on the assumption that his legitimate interests in excluding the processing operation do not outweigh his legitimate interests in protection. If such an objection is exercised, we ask for a statement of the reasons arising from their particular situation. In the case of your objection, we will examine the situation and will either stop or adapt the data processing or show you our compelling reasons for continuing the processing on the basis of which we are entitled to protection.

In addition, you have the right of appeal to a data protection supervisory authority as per Art. 77 GDPR if you are of the opinion that the processing of your personal data is not lawful. The right of appeal is without prejudice to any other administrative or judicial remedy.

Data Security
We use the SSL procedure (Secure Socket Layer) within the website visit in connection with the highest encryption level supported by your browser. This is a 256-bit encryption in general. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is being transmitted in encrypted form by the display of the closed key or lock symbol in the lower status bar of your browser.

We also use appropriate technical and organisational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in line with technical developments.

Cookies
Cookies are small text files that are stored locally in the cache of the visitor's Internet browser. Cookies enable the recognition of the internet browser, e.g. to recognise you when using the login area. These are used to make surfing as easy and comfortable as possible for you. If you wish to generally exclude the use of cookies, you can do so by changing the settings in your browser. In this case, however, this may be associated with a functional impairment when using our websites.

You can find a list of the cookies we use, descriptions of the purposes of the cookies and further information on the particular cookies in our cookie consent banner.

Here you find a list of all used cookies:
CookieConsent: Stores the user's cookie consent state for the current domain; Expiry: 1 year
_ga: Registers a unique ID that is used to generate statistical data on how the visitor uses the website; Expiry: 2 years
_gat: Used by Google Analytics to throttle request rate; Expiry: 1 day
_gid: Registers a unique ID that is used to generate statistical data on how the visitor uses the website.; Expiry: 1 day

Google Analytics (1)
If you have given your consent, Google Analytics, a web analysis service of Google Ireland Limited ("Google") is used on this website. The use includes the "Universal Analytics" operating mode. This makes it possible to assign data, sessions and interactions across multiple devices to a pseudonymous user ID and thus analyze a user's activities across devices.

Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users interact with the site. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. However, if IP anonymisation is activated on this website, Google will reduce your IP address within Member States of the European Union or in other states party to the Agreement on the European Economic Area beforehand. We would like to point out that on this website Google Analytics has been extended to include IP anonymisation in order to ensure anonymous collection of IP addresses (so-called IP masking). The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data. For more information on terms of use and data protection, please visit https://www.google.com/analytics/terms/gb.html or https://policies.google.com/?hl=en.

Purposes of the Processing
On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services related to website and Internet use.

Legal Basis
The legal basis for the use of Google Analytics is your consent in accordance with Art. 6 para. 1 lit. a GDPR.

Recipients or Categories of Recipients
The recipient of the collected data is Google.

Transfer to Third Countries
Personal data will be transferred to the USA under the EU-US Privacy Shield on the basis of the European Commission's adequacy decision. You can download the certificate here.

Duration of Data Storage
The data sent by us and linked to cookies, user-identifiers (e.g. User-IDs) or advertising-identifiers are automatically deleted after 14 months. Data whose retention period has been reached is automatically deleted once a month.

Rights of the Persons affected
You can revoke your consent at any time with effect for the future by blocking the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functionalities of this website to their full extent.

You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the Google Analytics Opt-out Browser Add-on. Opt-out cookies will prevent future collection of your data when you visit this website. To prevent Universal Analytics from collecting data across different devices, you must opt-out on all systems used. You can disable Google Analytics in our cookie consent banner.

(1) https://www.dr-datenschutz.de/fachbeitraege/google-analytics-datenschutzkonform-einsetzen/#datenschutzerklaerung

Google Maps
We include the maps of the service "Google Maps" of the service provider Google. The processed data may include in particular IP addresses and location data of the users, which, however, are not collected without their consent.

Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland, parent company: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland; parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA;

By using Google Maps, information about the use of this website including your IP address and the (start) address entered in the route planner function can be transmitted to Google in the USA.

When you call up a website of our online presence that contains Google Maps, your browser establishes a direct connection with the servers of Google. The map content is transmitted by Google directly to your browser and integrated into the website by it. We therefore have no influence on the extent of the data collected by Google in this way. According to our state of knowledge this is at least the following data:

•  Date and time of your visit to the website in question,
•  Internet address or URL of the web page accessed,
•  IP address, (start) address entered during route planning.

We have no influence on the further processing and use of the data by Google and therefore cannot take responsibility for this.

If you do not want Google to collect, process or use data about you via our website, you can deactivate JavaScript in your browser settings. In this case, however, you cannot use the map display.

For the purpose and scope of data collection and the further processing and use of data by Google, as well as your rights and setting options for the protection of your privacy, please refer to Google's Privacy Policy (https://policies.google.com/privacy?hl=en)

Google LLC is certified under the EU-US Privacy Shield Agreement and the Swiss-US Privacy Shield Agreement.

Vimeo
For integration and display of video content, our website uses plugins from Vimeo.

Service provider: Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.

When a page with an integrated Vimeo plug-in is called up, a connection to the Vimeo servers is established. This tells Vimeo which of our pages you have called up. Vimeo obtains your IP address, even if you are not logged in to the video portal or do not have an account there. The information collected by Vimeo is transmitted to servers of the video portal in the USA.

Details on the management of user data can be found in Vimeo’s privacy policy.

_________

Definitions

Personal Data (or Data)
Any information that directly, indirectly, or in connection with other information — including a personal identification number — allows for the identification or identifiability of a natural person.

Usage Data
Information collected automatically through this Website (or third-party services employed in this Website), which can include: the IP addresses or domain names of the computers utilized by the Users who use this Website, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server’s answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User’s IT environment.

User
The individual using this Website who, unless otherwise specified, coincides with the Data Subject.

Data Subject
The natural person to whom the Personal Data refers.

Data Processor (or Data Supervisor)
The natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Controller, as described in this privacy policy.

Data Controller (or Owner)
The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of this Website. The Data Controller, unless otherwise specified, is the Owner of this Website.

This Website (or this Application)
The means by which the Personal Data of the User is collected and processed.

Service
The service provided by this Website as described in the relative terms (if available) and on this site/application.

European Union (or EU)
Unless otherwise specified, all references made within this document to the European Union include all current member states to the European Union and the European Economic Area.

Cookies
Small sets of data stored in the User’s device.

----

2. Data Protection Information for Applicants

Privacy Policy for Applicants

Please also read our general Privacy Policy.

a) Responsible party in terms of the EU General Data Protection Regulation (GDPR) is

The Social Chain AG
Gormannstraße 22
10119 Berlin
Germany
Phone: 030 208484010

(hereinafter also referred to as "we", "our" or "us")

b) You can reach the data protection supervisor of the Social Chain AG at

The Social Chain AG
Gormannstraße 22
10119 Berlin
Germany
Email: privacy@socialchain.de

c) Purpose and Legal Basis of the Data Proceeding

We process your personal data in accordance with the provisions of the EU General Data Protection Regulation (EU-GDPR) and the German Federal Data Protection Act (BDSG), insofar as this is necessary for the decision on the establishment of an employment relationship with us. The legal basis for this is Art. 88 GDPR in conjunction with § 26 BDSG as well as, if applicable, Art. 6 para. 1 lit. b GDPR for the initiation or implementation of contractual relationships.

Furthermore, we may process personal data from you if this is necessary to fulfil legal obligations (Art. 6 para. 1 lit. c GDPR) or to defend against legal claims asserted against us. The legal basis for this is Art. 6 para. 1 lit. f GDPR. The legitimate interest is, for example, an obligation to provide evidence under the German General Equal Treatment Act (AGG). If you give us express consent to process personal data for specific purposes, the lawfulness of this processing is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR. Any consent granted can be revoked at any time, with effect for the future (see Section 8 of this data protection information.)

If there comes an employment agreement between you and us, we may, in accordance with Art. 88 GDPR and Art. 26 BDSG, process the personal data already received from you for the purposes of the employment relationship, insofar as this is necessary for the implementation or termination of the employment relationship or for the exercise or fulfilment of the rights and duties of employee representation arising from a law or a collective agreement, works or service agreement.

d) Categories of Personal Data

We only process such data that are related to your application. This can be general personal data (name, address, contact details, etc.), information on your professional qualifications and schooling, information on further professional training and, if applicable, other data that you provide us with in connection with your application.

e) Sources of Data

We collect personal data that results from the application form. You can also apply via your LinkedIn or Xing profile. For applications to job advertisements for jobs in Germany you also have the possibility to use the application portal Personio. In these cases, the third-party provider will transfer the above-mentioned personal data to us. LinkedIn, Xing or Personio is therefore the data source in the sense of Art. 14 para. 2 lit. f GDPR. The data does not come from publicly accessible sources.

f) Recipients of the Data

Within our company, we only pass on your personal data to those areas and persons who need this data to fulfil contractual and legal obligations or to implement our legitimate interests.

We may transfer data to companies affiliated with us to the extent that this is permissible within the framework of the purposes and legal bases set out in Section 3 of this data protection information.

Otherwise, data will only be passed on to recipients outside the company if this is permitted or required by law, if the transfer is necessary to fulfil legal obligations or if we have your consent.

g) Duration of Data Storage

We store your personal data as long as this is necessary for the decision on your application. Your personal data or application documents will be deleted a maximum of six months after the end of the application procedure (e.g. the announcement of the decision to reject your application), unless longer storage is legally required or permitted. Beyond this, we only store your personal data to the extent required by law or in a specific case for the assertion, exercise or defence of legal claims for the duration of a legal suit.

In the case that you have consented to a longer storage of your personal data, we will store it in accordance with your declaration of consent.

If, following the application procedure, an employment, training or internship relationship arises, your data will continue to be stored, if necessary and permissible, and then transferred to the personnel file.

If you send us an interesting application, but there is no suitable position available at the moment, we would like to keep a copy of your application documents in individual cases, even beyond the duration of a single application procedure. In this case, however, we will obtain your prior consent.

h) Your Rights

Every data subject has the right of access under Art. 15 GDPR, the right of rectification under Art. 16 GDPR, the right of deletion under Art. 17 GDPR, the right to restrict processing under Art. 18 GDPR, the right of notification under Art. 19 GDPR and the right to data transferability under Art. 20 GDPR.

In addition, you have the right of appeal to a data protection supervisory authority under Art. 77 GDPR if you believe that your personal data is not being processed lawfully. The right of appeal is without prejudice to any other administrative or judicial remedy.

If the processing of data is based on your consent, you are entitled under Art. 7 GDPR to revoke your consent to the use of your personal data at any time. Please note that the revocation is only effective for the future. Processing that took place before the revocation is not affected. Please also note that we may have to retain certain data for a certain period of time in order to comply with legal requirements (see also Section 7 of this data protection information).

i) Right of objection

Insofar as the processing of your personal data pursuant to Art. 6 para. 1 lit. f GDPR is carried out to maintain legitimate interests, you have the right pursuant to Art. 21 GDPR to object to the processing of such data at any time for reasons arising from your particular situation. We will then no longer process this personal data unless we can prove compelling reasons for processing worthy of protection. These must outweigh your interests, rights and freedoms, or the processing must serve to assert, exercise or defend legal claims. You are free to contact us to protect your rights.

j) Necessity of providing the personal data

The provision of personal data in the context of application processes is not required by law or contract. You are therefore not obliged to provide any information about your personal data. Please note, however, that this information is necessary for the decision on an application or a contract of employment with us. If you do not provide us with personal data, we cannot make a decision to establish an employment relationship. We recommend that you only provide personal data in your application that is necessary to carry out the application.

Get in touch

Whether you are a member of the media, an investor, a customer or looking for a business opportunity, we are looking forward to your email.