General information
The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to identify you personally. Detailed information on the subject of data protection can be found in the privacy policy beneath this text.
Data collection on this website
Who is responsible for the data collection on this website?
The data processing on this website is performed by the website operator. You can find the operator’s contact details in the ‘Information about the Controller’ section of this privacy policy.
How do we collect your data?
Firstly, your data is collected through your communication of it to us. This data may, for example, be data that you enter in a contact form. Other data is collected by our IT systems when you visit our website automatically or after you give consent. This data is mainly technical data (e.g. web browser, operating system or time of page access). This data is collected automatically as soon as you enter the website.
What do we use your data for?
Part of the data is collected to ensure that the website is provided without any errors. Other data may be used to analyse your user behaviour.
What rights do you have in relation to your data?
You have the right at all times to access information free of charge about the origin, recipients and purpose of the personal data of yours that is stored. You furthermore have the right to obtain the rectification or erasure of this data. If you have given consent to data processing, you can withdraw this consent at any time with effect for the future. Moreover, you have the right to obtain the restriction of the processing of your personal data in certain circumstances. On top of that, you have the right to lodge a complaint with the competent supervisory authority.
You can contact us at any time for these purposes or other questions concerning data protection.
Analytics and third-party tools
Your surfing patterns may be analysed statistically when you visit this website. This is mainly done using analytics programs.
Detailed information on these analytics programs can be found in the following privacy policy.
IONOS
We host our website at IONOS SE. The provider is IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany (hereinafter IONOS). When you visit our website, IONOS keeps various log files, including your IP addresses. Details can be found in the IONOS privacy policy: https://www.ionos.de/terms-gtc/terms-privacy.
IONOS is used based on Article 6(1)(f) of the GDPR. We have a legitimate interest in presenting our website as reliably as possible. If corresponding consent has been requested, the processing is based solely on Article 6(1)(a) of the GDPR; consent can be withdrawn at any time.
Processing agreements
We have signed a processing agreement with the above provider. This is an agreement which is required by data protection law and ensures that the processor only processes our website visitors’ personal data based on our instructions and in compliance with the GDPR.
Data protection
The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations as well as this privacy policy.
A variety of personal data is collected when you use this website. Personal data is data that can be used to identify you personally. This privacy policy explains what data we collect and what we use it for. It also explains how this is done and for what purpose.
Please be aware that online data transmission (e.g. when communicating by email) may entail security gaps. It is impossible to provide gap-free protection of data against access by third parties.
Information about the controller
The controller of the data processing on this website is:
PRIO Holding GmbH
Bleichenbrücke 11
20354 Hamburg
Germany
Telefon: +49 (0)40 82212848
E-Mail: info@prioholding.com
The controller is the natural person or legal entity which makes decisions alone or in conjunction with others regarding the purposes and means of the processing of personal data (e.g. names, email addresses and suchlike).
Duration of storage
If a more specific duration of storage has not been specified in this privacy policy, your personal data will remain with us until the purpose for the data processing no longer applies. If you submit a legitimate request for erasure or withdraw consent to data processing, your data will be erased if we do not have any other legally permissible grounds for storing your personal data (e.g. retention periods under tax or commercial laws); in the latter case, the erasure will occur once these grounds no longer apply.
Information about data forwarding to the US and other third countries
We use, among other things, tools from companies based in the United States or other third countries not deemed secure under data protection law. When these tools are active, your personal data may be transferred to these third countries and processed in them. Please be aware that a level of data protection comparable to the EU cannot be guaranteed in these countries. For example, US companies are required to surrender personal data to security authorities without you as a data subject being able to take legal action against this at court. For this reason, it cannot be ruled out that US authorities (e.g. intelligence services) process, analyse and permanently store the data of yours located on US servers for surveillance purposes. We do not have any influence on these processing activities. There are no statutory obligations to provide data. Not providing personal data does not result in consequences for the data subject.
Withdrawal of consent to data processing
Many data processing operations are only possible with your explicit consent. You can at any time withdraw consent that you have given previously. The lawfulness of the processing up until the time of the withdrawal will not be affected by the withdrawal.
Right to object to data collection in exceptional cases and to direct marketing (Article 21 of the GDPR)
When the data processing is based on Article 6(1)(e) or (f) of the GDPR, you have the right at all times to object to the processing of your personal data on grounds relating to your particular situation, including profiling based on these provisions. This privacy policy tells you the relevant legal grounds on which data processing is based. If you object, we will stop processing the personal data of yours that is concerned, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing is for the establishment, exercise or defence of legal claims (objection under Article 21(1) of the GDPR).
If your personal data is processed for direct marketing purposes, you have the right at all times to object to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. If you object, your personal data will then cease to be used for direct marketing purposes (objection under Article 21(2) of the GDPR).
Right to lodge a complaint with the competent supervisory authority
In the event of infringements of the GDPR, data subjects have a right to lodge a complaint with a supervisory authority – in particular, in the member state of your habitual residence, place of work or place of the alleged infringement. The right to lodge a complaint exists without prejudice to any other administrative or judicial remedy.
Right to data portability
You have the right to have the personal data concerning you that we process based on your consent or for the purposes of a contract given to you or a third party in a structured, commonly used and machine-readable format. If you obtain the direct transmission of the data to another controller, this occurs only where technically feasible.
SSL or TLS encryption
This website uses SSL or TLS encryption for security reasons and to protect confidential content such as orders or enquiries that you send to us, the website operator. You can identify an encrypted connection when the browser’s address bar switches from ‘http://’ to ‘https://’ and a padlock symbol appears in the browser bar.
When SSL or TLS encryption is activated, the data you transfer to us cannot be intercepted by third parties.
Access, erasure and rectification
You have the right at all times, within the framework of the applicable statutory provisions, to obtain access free of charge to the stored personal data of yours and information about its origin and recipients and the purpose of the data processing, and, if applicable, you have a right to rectification or erasure of this data. You can contact us at any time for these purposes or other questions concerning personal data.
Right to restriction of processing
You have the right to obtain the restriction of the processing of your personal data. You can contact us at any time for this purpose. The right to restriction of processing exists in the following cases:
If you dispute the accuracy of the personal data of yours stored with us, we usually require time to review this. For the duration of this review, you have the right to obtain the restriction of the processing of your personal data.
When the processing of your personal data occurred/is occurring unlawfully, you may obtain the restriction of the data processing instead of data erasure.
If we no longer require your personal data but you require it for the exercise, defence or establishment of legal claims, you have the right to obtain the restriction of processing of your personal data instead of its erasure.
If you have objected in accordance with Article 21(1) of the GDPR, there must be a balancing of your and our interests. For as long as it is not yet determined whose interests are overriding, you have the right to obtain the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, this data may, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural person or legal entity or for reasons of important public interest of the European Union or of a member state.
Objection to marketing emails
Where contact details are published pursuant to a legal ‘imprint’ obligation to provide such details, the use of these details to send advertising and information materials that have not explicitly been requested is hereby objected to. The operators of this website explicitly reserve the right to take legal action if unsolicited marketing information is sent – for example, through spam emails.
Consent with Borlabs cookie
Our website uses the Borlabs consent technology cookie to obtain your consent to the storage of specific cookies in your browser or to the use of specific technologies and to the documentation of this in compliance with data protection law. The provider of this technology is Borlabs – Benjamin A. Bornschein, Rübenkamp 32, 22305 Hamburg (hereinafter Borlabs).
When you access our website, a Borlabs cookie is stored in your browser. It itself stores the consent you have given or the withdrawal of this consent. This data is not forwarded to the provider of the Borlabs cookie.
The collected data is stored until you ask us to erase it or the Borlabs cookie erases the data itself or the purpose for the data storage no longer applies. Binding statutory retention periods remain unaffected by this. Details about data processing by the Borlabs cookie can be found at https://borlabs.io/kb/what-information-does-borlabs-cookie-store/.
The Borlabs cookie consent technology is used to obtain the legally required consent to the usage of cookies. The legal grounds for this are Article 6(1)(c) of the GDPR.
Contact form
When you send us enquiries through the contact form, your details from the enquiry form – including the contact details provided on it – will be stored with us for the purpose of processing the enquiry and in case of follow-up questions. We do not forward this data without your consent.
The processing of this data is based on Article 6(1)(b) of the GDPR if your enquiry is associated with the performance of a contract or is necessary in order to take steps prior to entering into a contract. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries sent to us (Article 6(1)(f) of the GDPR) or on your consent (Article 6(1)(a) of the GDPR) if this has been asked for.
The data entered by you on the contact form remains with us until you ask us to erase it, you withdraw your consent to the storage or the purpose for the data storage no longer applies (e.g. after the processing of your enquiry has been completed). Binding statutory provisions – particularly retention periods – remain unaffected by this.
Enquiry by email, telephone or fax
If you contact us by email, telephone or fax, your enquiry – including all personal data emerging from it (name, enquiry) – is stored with us and processed for the purpose of processing your matter. We do not forward this data without your consent.
The processing of this data is based on Article 6(1)(b) of the GDPR if your enquiry is associated with the performance of a contract or is necessary in order to take steps prior to entering into a contract. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries sent to us (Article 6(1)(f) of the GDPR) or on your consent (Article 6(1)(a) of the GDPR) if this has been asked for.
The data sent by you to us in contact enquiries remains with us until you ask us to erase it, you withdraw your consent to the storage or the purpose for the data storage no longer applies (e.g. after the processing of your matter has been completed). Binding statutory provisions – particularly statutory retention periods – remain unaffected by this.
SalesViewer®
We use a pixel from the provider Salesviewer on our website. Salesviewer is a service from Salesviewer GmbH, Huestr. 30, 44787 Bochum, HRB 16602 at the Bochum local court. The Salesviewer pixel enables us to use data measurements for marketing, market research and optimisation purposes. It uses a JavaScript-based code which serves the purpose of collecting company-related data and using it. The data collected with this technology is encrypted using a non-invertible one-way function (‘hashing’). The data is pseudonymised directly and not used to identify the visitor of this website personally. The data stored as part of Salesviewer is erased as soon as it is no longer required for its intended purpose and there are no statutory retention obligations opposing erasure.
The Salesviewer privacy policy can be accessed at www.salesviewer.com/en/privacy-policy/. Further information about the provider’s compliance with the applicable data protection regulations can additionally be found at https://www.salesviewer.com/en/platform/data-protection/.
The usage of the Salesviewer pixel as well as the storage of any cookies is based on Article 6(1)(a) of the GDPR (data subject consent). On top of that, we have signed a processing agreement with Salesviewer to ensure that Salesviewer protects the data of our website visitors and does not forward it to third parties.
The collection and storage of data can be objected to at any time with effect for the future by clicking on the link https://www.salesviewer.com/opt-out to stop SalesViewer® from collecting data within this website in the future. An opt-out cookie for this website will be stored on your device for this. If you delete your cookies from this browser, you will need to click on the link again.
Vimeo
Additional personal information is processed when you access some sub-services on our website. The categories of data processed: technical connection data relating to the server access (IP address, date, time, page requested, browser information), data for the creation of usage statistics. Purpose of processing: delivery of content provided by third parties, selection of online advertising on other platforms selected automatically using real-time bidding based on usage patterns; and transmission and presentation of video content. Legal grounds for the processing: your consent pursuant to Article 6(1)(a) of the GDPR. Data is transferred: to Vimeo Inc., 555 West 18th Street, New York, NY 10011, United States of America (https://vimeo.com/) with shared responsibility. This may also mean a transfer of personal data to a country outside of the European Union. The transfer of the data is based on your consent pursuant to Article 6(1)(a) in conjunction with Article 49(1)(a) of the GDPR. When you gave your consent, you were informed that the US does not have a level of data protection corresponding to the EU standards. In particular, US intelligence services may access your data without you being informed of this and without you being able to take legal action against it. Duration of processing: variable, ends when the purpose for the processing no longer applies.
WP Statistics
This website uses the analytics tool WP Statistics to analyse visitor access statistically. The provider is Veronalabs, ARENCO Tower, 27th Floor, Dubai Media City, Dubai, Dubai 23816, United Arab Emirates (https://veronalabs.com).
With WP Statistics, we can analyse the usage of our website. WP Statistics collects, among other things, log files (IP address, referrer, browser used, origin of the user, search engines used) and actions that the website visitors have performed on the page (e.g. clicks and views).
Data collected using WP Statistics is stored exclusively on our own server.
The usage of this analytics tool is based on Article 6(1)(f) of the GDPR. We have a legitimate interest in anonymised analysis of user behaviour in order to optimise our online offering as well as our advertisements. If corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is based solely on Article 6(1)(a) of the GDPR; consent can be withdrawn at any time.
IP anonymisation
We use WP Statistics with anonymised IPs. Your IP address is truncated so that it can no longer be matched to you directly.
Google Web Fonts
This page uses Web Fonts provided by Google to present fonts in a consistent manner. When accessing a page, your browser loads the required Web Fonts into your browser cache to display text and fonts correctly.
For this purpose, the browser used by you must connect to Google’s servers. In doing so, Google obtains knowledge that this website was accessed from your IP address. The usage of Google Web Fonts is based on Article 6(1)(f) of the GDPR. The website operator has a legitimate interest in the consistent presentation of the fonts on its website. If corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is based solely on Article 6(1)(a) of the GDPR; consent can be withdrawn at any time.
If your browser does not support Web Fonts, a default font will be used by your computer.
Further information about Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://policies.google.com/privacy.
Handling of applicant data
We offer you the possibility to apply for a job with us (e.g. by email, post or an online application form). In the following, we provide you with information about the scope, purpose and usage of your personal data that is collected as part of the application process. We assure you that the collection, processing and usage of your data is in compliance with applicable data protection laws and all other statutory provisions and that your data is treated as strictly confidential.
Scope and purpose of data collection
If you send us an application, we process your associated personal data (e.g. contact and communication details, application documents, notes made during job interviews, etc.) insofar as this is necessary to make a decision about the establishment of an employment relationship. The legal grounds for this are section 26 of the German Data Protection Act (Bundesdatenschutzgesetz, BDSG) (initiation of an employment relationship), Article 6(1)(b) of the GDPR (general initiation of a contract) and, if you have given consent, Article 6(1)(a) of the GDPR. Consent can be withdrawn at any time. Within our company, your personal data can only be forwarded to people who are involved in the processing of your application.
If the application is successful, the data submitted by you will be stored in our data processing systems for the purpose of implementing the employment relationship on the grounds of section 26 of the BDSG and Article 6(1)(b) of the GDPR.
Duration of data retention
If we cannot offer you a position, you reject a position or you rescind your application, we reserve the right to store with us the data that was transferred by you on the grounds of our legitimate interests (Article 6(1)(f) of the GDPR) for up to six months from the time that the application procedure ends (rejecting or rescinding of the application). The data will then be erased and the physical application documents destroyed. In particular, the retention serves evidence purposes in the event of a legal dispute. If it is apparent that the data will be needed after the six-month period has passed (e.g. due to a looming or pending legal dispute), erasure will only take place when the purpose for the extended retention no longer applies.
Longer retention may also occur if you have given corresponding consent (Article 6(1)(a) of the GDPR) or when statutory retention obligations oppose erasure.
Addition to applicant pool
If we do not offer you a position, you might have an option of being added to our applicant pool. If you are added, all documents and disclosures from the application will be transferred to the applicant pool so that you can be contacted if there are suitable vacancies.
Addition to the applicant pool is based solely on your explicit consent (Article 6(1)(a) of the GDPR). Giving consent is voluntary and does not have any connection with the ongoing application procedure. Data subjects can withdraw their consent at any time. In this case, the data will be erased from the applicant pool irreversibly unless there are statutory retention grounds.
The data from the applicant pool will be erased irreversibly no later than two years after consent is given.