Privacy Policy

Contact

Berlin
Brussels
Delhi
Hamburg
Cologne
Mainz
Munich
Berlin

Köpenicker Straße 9
10997 Berlin

+49 30 97006 0
Europa

Square Ambiorix 10
B-1000 Brussels
Belgium

+32 2 880 06 14
India

7th Floor, 5A, Epitome Building
​DLF Cyber City, Phase III
Gurugram – 122 002, Haryana

+91 124-6483500
Hamburg

Poststraße 33
20354 Hamburg

+49 40 35085 171
Köln

Spiesergasse 20
50670 Cologne

+49 221 474421 80
Mainz

Weißliliengasse 5
55116 Mainz

+49 6131 55392 0
Munich

Sonnenstraße 10
80331 München
Germany

+49 89 8904471 0

Responsible Party

The company responsible for data processing on this website shall be

]init[ AG für digitale Kommunikation (limited company for digital communication)
Köpenicker Str. 9
10997 Berlin
Phone: +49 30 97006 727
Fax: + 49 30 97006 135
www.init.de

We attach particular importance to the protection of your personal data, and therefore we collect, process and use your personal data solely in compliance with the principles described in the following, as well as in accordance with the European Union General Data Protection Regulations (GDPR) and Federal Data Protection Act (BDSG)-new.

 

ISO 27001 Certificate for the highest levels of security

Your data is exclusively saved on our internal servers in Germany. Our data processing center is designed for portal and business applications with very high protection level. This is why we already received the German IT Security Certificate in 2008. With this certificate, the German Federal Office for Information Security (BSI) certifies that our data processing center complies with the security properties of ISO 27001 based on Baseline IT Protection.

 

Nature, scope and purpose of the processing of personal data

When visiting the website

With each visit to our website, our servers in Germany save exclusively the personal data that is transmitted to our server via your browser into a log file for information purposes and in accordance with Article 6 paragraph 1 lit. (f) of the GDPR.

The following data are collected during each visit to our website, and are saved by us until the time of automatic deletion:

  • data and time of access;
  • name and URL of the retrieved file;
  • website from which access is made;
  • operating system of your computer, and browser used by you;
  • IP address;
  • name of your Internet service provider.

The purpose of collecting and processing these data such as date, time, name and URL of the retrieved file, website from which access is made is to allow use of the website (connection setup), to ensure that the content of our web pages is correct, as well as to permanently guarantee the security and stability of the system. The processing of data relating to the operating system and browser used, as well as the name of Internet service provider serves to enable the technical administration of the network infrastructure, and the optimization of our Internet offer, as well as for internal statistical purposes. An IP address will only be analyzed in case of an attack on our Internet infrastructure, as well as for statistical purposes.  The processing of these data is based on the legitimate interest, to protect our website against unauthorized access. At the same time, we are striving to constantly improve our services to our customers, and therefore depend on statistical analyses.

In addition, we use Cookies and web statistics services for visits to our website. Please compare with the respective section below.

We do not transfer your data to a third country.

Storage duration and deletion

]init[ AG saves personal data of the data subject only for the time period necessary to achieve the purpose of the storage, or, as long as stipulated by the GDPR or other regulations as special mandatory retention periods. If you visit our website, your data will be stored for 7 days maximum to detect and ward off attacks.

If the storage purpose is not applicable, or if a storage period prescribed expires, the personal data are routinely blocked or erased in accordance with legal requirements.

Mailings and newsletters

Currently, we do not offer newsletters or mailings through our website. If you, as an interested party, receive newsletters/mailings from us outside the website offerings, and you have given us your express authorization to do so, we will use your email address and personal data submitted on a strictly voluntary basis only to deliver our newsletters and/or mailings to you on a regular basis, in accordance with Article 6 paragraph 1 lit. (a) of the GDPR. To receive our newsletters/mailings, entering your email address will be sufficient. Additional personal information submitted on a strictly voluntary basis exclusively serve to customize the newsletter.

We use the so-called double opt-in process to guarantee a mutually agreed mailing of the newsletter.  As a result, the potential recipient is added to a mailing list. After entering your email address, you will receive a confirmation email with the option to legally confirm your subscription. The address you provide will only be included in the active mailing list after you have completed this confirmation.  We use your data exclusively to send out the requested information and offers, and on the basis of your consent in accordance with Article 6 paragraph 1 lit. (a) of the GDPR.

By clicking on the "Unsubscribe” link at the bottom of the actual newsletter, you can revoke (unsubscribe) your consent to save your personal data and email address as well as its use for sending out the newsletters and mailings at any time. You have also the option to unsubscribe by email to newsletter@init.de at any time. If you unsubscribe from the newsletter and mailings, your personal data will be deleted without delay. This means, that your data is only stored for the time period you wish to receive the newsletters. You are entitled to request disclosure of any personal data stored about you.

Newsletter2Go by the German Newsletter2Go GmbH is used as newsletter and mailing software. In the process, your personal data is transferred to the Newsletter2Go GmbH acting as our service provider on our behalf. According to our mutual contract, Newsletter2Go GmbH is prohibited to sell or use your personal data for purposes other than sending our mailings and newsletters.  Newsletter2Go is a certified German service provider who we selected in compliance with the requirements of the General Data Protection Regulations and the Federal Data Protection Act. For further information, please click here.

Of course, we have concluded a current order processing agreement with Newsletter2Go accordingly.

Use of contact forms

You can contact us directly by using our contact forms provided on our website. We will collect, process and use your personal data entered into the form exclusively for the processing of your concrete request, and with your consent only.

By submitting your request and giving your consent, you acknowledge and agree that we can use your personal information for the response to your request and/or establishment of contact in accordance with Article 6 paragraph 1 lit. (a) of the GDPR. Your personal data will principally not be disclosed to third parties, unless such disclosure is justified by applicable data protection regulations, or we are required by law to do so.  For processing your request, entering your email address will be sufficient. Additional personal information submitted on a strictly voluntary basis exclusively serve to customize the request.

You may, at any time, revoke your consent given with future effect by sending an email to newsletter@init.de. If you revoke your consent, your personal data will be deleted without delay. Otherwise, your personal data will be deleted after the processing of your request has been completed, or if the purpose for the retention no longer applies.  You are entitled to request disclosure of any personal data stored about you.

As applicant

Usually, your application documents are processed electronically by sending your documents via our career portal www.init.de/en/career by email to our HR department. Your personal data are exclusively used for the ongoing application process.

If we conclude an employment contract with you as applicant, we will store the submitted data for the purpose of processing the employment relationship under consideration of statutory regulations.

If no contract is concluded between the controller and the applicant, your data will be stored for 6 months after completion of the application process, and will be deleted after these 6 months, provided that the deletion is not opposed by justified interests within the meaning of Article 6 paragraph 1 lit. (a) of the GDPR. For example, a justified interest within this meaning is the burden of proof in proceedings according to the General Equal Treatment Act.

You will be given the option to have your information stored over the following 24 months after completion of the application process in accordance with Article 6 paragraph 1 lit. (a) of the GDPR, if you are interested to be considered for future job offers. Following the completion of the application process, you will receive a notification from us by email providing you the option to such an agreement.  You are entitled to revoke your consent to the storage of your personal data for 24 months at any time. For this purpose please contact us at career@init.de.

For questions regarding the application process, please do not hesitate to contact us anytime at career@init.de.

 

Data disclosure to third parties

No data is disclosed to third parties without your prior consent. Exceptions apply only, if and insofar as it is required for the purpose of enforcing our rights, or if there is a legal obligation for us.

 

Cookies

When you visit our website, information can be stored on your computer or your mobile device (hereinafter generally referred to as computer) in the form of cookies.  Cookies allow us to make your visit on our website even more convenient, easy and practical. Cookies are small text files that your browser automatically saves to the hard drive of your computer whenever you visit our website.

Cookies will not damage the hard drive of your computer. Cookies are also unable to execute programs or introduce viruses to your computer.

We use Session Cookies to be able to identify you as user of our website. Session Cookies are temporary, and are automatically deleted, as soon as you leave our website. The majority of web browsers do accept Cookies automatically.

We also use eTracker for statistical purposes only. Compare the respective section below.

The use of cookies allows us to optimize the information and offers on our website with you in mind. It allows us to make our website more user-friendly in a way that would not be possible without the use of cookies.

At any time, you can adjust your browser by setting your configuration accordingly, to prevent and object to the installation of cookies on your computer.   Already installed cookies may also be deleted at any time via a web browser or other software programs. This is possible in all common Internet browsers. If you deactivate the setting of cookies in the web browser used, not all functions of our website may be entirely usable.

 

eTracker web statistics

This website uses technologies by etracker GmbH (www.etracker.com) to collect and store data exclusively for statistical purposes. No user profiles are created from this data, nor do we use the data for retargeting purposes.

Cookies are used in the process to allow carrying out statistical analyses of the use of this website by visitors within the meaning of the Authority Principle (50) of the GDPR.

This data created thereby is processed and stored by etracker in Germany only, and are therefore subject to strict German and European data protection laws and directives. etracker has been audited and then certified in this regard, and was awarded with the European ePrivacyseal.

The data processing is carried out based on statutory provisions of Article 6 paragraph 1 lit. (f) of the GDPR (justified interests). Our aim within the meaning of Article 6 paragraph 1 lit. (f) of the GDPR (justified interests) is the optimization of our online offers and our website. In order to respect your privacy, we have activated the shortened IP-address for the etracker technology. In doing so, the address cannot be directly linked to a particular individual.

No data will be merged or used with other data of etracker, and no data will be passed on to third parties.

You are entitled to object to the stipulated data processing at any time.

 

 

Such objection is technically realized via a Cookie, and is only effective, as long as this Cookie is stored in your browser. Therefore, please do not delete this Cookie, if you still wish to maintain such objection.

 

Links

This privacy policy does not apply to external websites linked with our website that are not operated by us. We have no influence on whether their operators comply with our privacy policy and general safety standards on these pages. The respective provider or operator of the websites is always responsible for the content of these linked pages. While applying a reasonable standard of review, unlawful contents were not recognizable at the time the link was set up. Should any violation of the law come to our knowledge, we will remove these links immediately.

 

Social Media

We do not use links to social networks which already contain the code of the respective external network on our web pages, so-called “social plug ins”. On our website you only find simple links which are created by us, so that during the stay on our site no data transfer to external site operators is possible.

In order to provide you with information and additional contact options, we are, however, also present on a variety of social media platforms which allow us to communicate with active clients, interested parties and users while providing information on our services.

Please be aware that the processing of your personal data on these social media platforms is primarily controlled by the respective platform provider. During the visit on our social media pages, the platform provider stores cookies in your browser that collect and save data regarding your user behavior and information about your probable interests for market research and advertising purposes. As the services of these platforms can also partly be used without registration, it cannot be excluded that users who are not registered with the platform may also be affected by the data processing.

The providers of the respective social media platforms potentially process user data outside the EU. The providers in the US, who are certified under the Privacy Shields, undertake to observe the European data protection norms.

During the visit of one of our social media pages, your personal data is processed based on our legitimate interest in effective user information and communication with the user according to Article 6 paragraph 1 lit. (f) of the GDPR. We have interest in introducing our company to the public with common market practices and providing our users the social media pages as additional information and communication channels. If the users are asked for their consent to the processing of their data by the provider of the platform and they agree to do so, the legal basis for the data processing will be Article 6 paragraph 1 lit. (a) and Article 7 of the GDPR.

In case of requests for information and the assertion of the right to use, please be aware that it is most effective if you assert your right against the provider directly. Only the providers have access to the user data, and therefore can provide the information accordingly, and take appropriate measures directly.

Detailed information regarding data processing in context with the use of our social media pages can be found in the privacy policy of one of the social media platforms used by us and listed below:

Facebook

Provider: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland

Privacy Policy: https://www.facebook.com/about/privacy/.

Privacy Shield: Facebook Inc., USA: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active

Joint controllership, Article 26 of the GDPR. We determine our respective responsibilities in this controller addendum:  https://www.facebook.com/legal/terms/page_controller_addendum. Accordingly, Facebook is the responsible party and contact partner for the obligation to provide information (Articles 12-13 of the GDPR), your data subject rights (Articles 15-22 of the GDPR), data security and the obligation to report any data protection violations (Articles 32-34 of the GDPR). According to Article 26 paragraph 3 of the GDPR, you are also entitled to assert your right against us. As the data processed by Facebook are exclusively controlled by Facebook, asserting your right directly against Facebook is most effective.

Twitter

Provider: Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA

Privacy Policy: https://twitter.com/de/privacy

Privacy Shields: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO

Xing

Provider: XING AG, Dammtorstraße 29-32, 20354 Hamburg, Deutschland

Privacy Policy: https://privacy.xing.com/de/datenschutzerklaerung

XING AG is a German Company which is bound by rules of the GDPR.

LinkedIn

Provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Irland

Privacy Policy: https://www.linkedin.com/legal/privacy-policy?trk=organization-guest_footer-privacy-policy

Privacy Shield: Parent enterprise LinkedIn Corporation, USA:  https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active

Instagram (Facebook)

Provider: Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland

Privacy Policy: https://help.instagram.com/519522125107875

Privacy Shield: Facebook Inc., USA: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active

Joint controllership, Article 26 of the GDPR. We determine our respective responsibilities in this controller addendum: https://www.facebook.com/legal/terms/page_controller_addendum. Accordingly, Facebook is the responsible party and contact partner for the obligation to provide information (Articles 12-13 of the GDPR), your data subject rights (Articles 15-22 of the GDPR), data security and the obligation to report any data protection violations (Articles 32-34 of the GDPR). According to Article 26 paragraph 3 of the GDPR, you are also entitled to assert your right against us. As the data processed by Facebook are exclusively controlled by Facebook, asserting your right directly against Facebook is most effective.

You Tube (Google)

Provider: YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA, represented by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

Privacy Policy: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI

If you visit one of our websites with embedded videos, the internet browser will not automatically establish a link to the server on the appropriate network. By clicking on the embedded video you give your consent to communication with the aforementioned website and the placing of cookies by this website. By clicking on the embedded video the information that you visited our website will be automatically be forwarded to the aforementioned website operator and cookies will be placed by the aforementioned website.

If you are logged into the aforementioned website visiting our website, the data transmitted will be associated with your user account. If you wish to prevent a network from linking information with your user account in this manner, please log out from the respective network before clicking on the respective video.

Even if you are not registered as a member of the aforementioned website, or you are currently not logged in your data may be stored by the operator of the aforementioned website after you click on the respective video. We have no influence on the placement of third-party cookies and over the scope and content of the data collected by the aforementioned website or on how that data is used.

 

Google Web Fonts

For uniform representation of fonts, this page uses web fonts provided by Google. When you open a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.

For this purpose your browser has to establish a direct connection to Google servers. Google thus becomes aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and attractive presentation of our website. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.

If your browser does not support web fonts, a standard font is used by your computer.

Further information about handling user data, can be found at https://developers.google.com/fonts/faq and in Google's privacy policy at https://www.google.com/policies/privacy/.

 

Adobe Typekit Web Fonts

This page uses web fonts provided by Adobe Typekit to display fonts uniformly. When you call up a page, your browser loads the required Web fonts into your browser cache to display texts and fonts correctly.

These are accessed when you visit the site from servers of Adobe Systems Inc, San Jose, California, USA. Adobe does not use cookies to provide the service. This will allow Adobe Typekit to know that your IP address has been used to access our website. The use of Adobe Typekit is in the interest of a uniform and appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 (1) (f) DSGVO.

If your browser does not support web fonts, a default font is used by your computer.

For more information about Adobe Typekit privacy, please see Adobe's privacy policy: https://www.adobe.com/privacy/policies/typekit.html

 

Data security

We apply appropriate technical and organizational security measures in order to protect your personal data against accidental or deliberate manipulations, partial or full loss, destruction and against unauthorized access by third parties. Our security measures are continually enhanced as new technology becomes available.  Also compare with the section above relating to ISO 27001 Certificate for the highest levels of security.

 

Your rights as data subject

You are entitled to demand information at any time about whether and how your personal data is processed. The right to demand information includes information about the nature of the data, period and purpose of retention, potential recipients and transmissions as well as what is the legal basis that justifies such processing, and whether automated decision-making is intended. You are entitled to request a copy of this information. You are entitled to request rectification, deletion or restriction of the processing of your personal data, if its use is prohibited in terms of data protection law, in particular, as (i) the data are incomplete or incorrect, (ii) the data are no longer necessary for the purposes for which they were initially collected, (iii) the consent on which the processing was based has been revoked, or (iv) you have successfully made use of your right to object to the processing of your personal data; in case your data are processed by a third party, we will forward your request for rectification, deletion or restriction of the processing of your personal data to these third parties, unless this proves impossible or involves a disproportionate effort. Furthermore, we will - upon request - provide you your personal data for further use. Upon your request, we will also transfer your personal data to a third party recipient designated by you. You are entitled to revoke your authorization for the collection, processing and use of your personal data at any time with effect for the future. Such a legal request must be carried out in writing and with proof of identity.

In addition, you may contact the competent local data protection authority at any time.

Special note regarding the right to object:

You are entitled to object at any time to such data processing that is based on justified interests, unless we are able to provide compelling and legitimate grounds for the data processing which - as an exception - outweigh your interests, rights and liberties; you are always entitled to object to data processing for the purpose of direct marketing.

 

You, as data subject, have the following rights:

  • Right to be informed according to Article 15 of the GDPR
  • Right to demand correction according to Article 16 of the GDPR
  • Right to erasure according to Article 17 of the GDPR
  • Right to restrict processing of the data according to Article 18 of the GDPR
  • Right to data transferability according to Article 20 of the GDPR
  • Right to object according to Article 21 of the GDPR 

Contact partner

Our data protection officer is René Rautenberg:

ER Secure GmbH
Außenstelle Berlin
Großbeerenstraße 2- 10
12107 Berlin

If you, as data subject, would like to make use of your rights, have questions regarding data protection on our website, would like to request information or apply for the deletion of your personal data, please do not hesitate to contact our contact partner for data protection issues by email at the following address: datenschutz@init.de.

 

Adjustments

We reserve the right to update this privacy policy from time to time. Updated versions of our privacy policy are published on our website. Modifications apply upon publication on our website.

 

Status: May 2018