Privacy Policy - Cyber-Security Ressource Plattform

DATA PROTECTION

DATA PROTECTION AT A GLANCE

General Information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data are all data with which you can be personally identified or are identifiable. You can find detailed information on data protection in our data protection declaration below this text.

How do we collect your data?

On the one hand, your data is collected when you provide it to us. There are basically the following ways:

Collection via our contact form:

If you use the functionality of the contact form, your name, company and email address are usually recorded. If you share additional information with us (such as addresses or telephone numbers), this will also be recorded. This recording is done for the purpose of establishing contact in order to be able to adequately answer your request.

Recording when registering on our marketplace (portal):

For marketplace-registration all data that you provide in the registration-form will be recorded in order to enable dc pretorian to perform the agreed services. The mandatory fields are:

Name of company representative requesting the registration
Phone number
Email
Company name
Company overview
Company headquarter location
Website-link
Additional company contact information like telephone number, email

Other data are collected automatically when you visit the website. This is mainly technical data (e.g. internet browser, operating system or time of the page was viewed). This data is collected automatically as soon as you enter this .

What do we use your data for?

Some of the data is collected in order to ensure that the website is error-free and to provide our services. Other data can be used to analyze your user behavior and to enable direct communication with you, if you wish.

Personal data are collected exclusively for the purpose of properly performing tasks. The specific purpose of their processing, the legal basis for their processing, the categories of personal data and, in the case of processing in accordance with Article 6 (1) (f) GDPR, the legitimate interests pursued by the Federal Office of Justice or a third party who use the data in the following ways:

a) in the context of transaction processing
b) under the processes of this data protection declaration

- to be able to identify you as a customer;

- to be able to advise you appropriately;

- for sending information material;

- to answer individual inquiries;

- in order to be able to fulfill our contractual obligations towards you;

- in order to be able to meet our legal obligations;

- for correspondence with you;

- for invoicing or, if necessary, as part of the dunning process;

- for the purposes of permitted direct mail;

- to assert any claims against you.

How long will your data be stored?

We store the data as long as this is necessary to establish the contract, to execute it, to terminate it if necessary and / or to defend ourselves against claims by you that are directly or indirectly related to the respective contract.

If a contractual relationship is established between us, we also store the data until our statutory retention periods have expired. The legal basis for this is Article 6 Paragraph 1 Clause 1 lit. c GDPR in conjunction with Section 147 AO, Section 257 HGB. According to these regulations, some of the above-mentioned data must also be stored beyond the point in time at which the purpose is achieved. For example, we may be obliged to provide personal data about you, which is derived from books and records, inventories, annual financial statements, individual financial statements in accordance with Section 325 (2a) of the German Commercial Code, consolidated financial statements, management reports and group management reports, opening balance sheets, accounting documents, documents in accordance with Article 15 (1) and Article 163 of the Union Customs Code, trading books as well as the work instructions and other organizational documents required for their understanding must be kept for ten years, whereby the retention period usually begins at the end of the calendar year in which the relevant document was created (Article 6 Paragraph 1 Clause 1 lit. c GDPR in conjunction with Section 147 AO or in conjunction with Section 257 HGB),

To keep data about yourself from received commercial or business letters, from reproductions of received commercial or business letters as well as from other documents that are important for taxation for six years, whereby the retention period usually ends at the end of the calendar year begins when the relevant document was created (Article 6 Paragraph 1 Clause 1 lit. c GDPR in conjunction with Section 147 AO or in conjunction with Section 257 HGB).

Who receives your data and for what reason?

Within our company, those departments have access to your data that need it to fulfill contractual and legal obligations. Processors employed by us (Art 28 GDPR) can also receive data for these purposes. We use various IT systems to process your personal data, some of which we operate ourselves or have a service provider operate. We have carefully selected these service providers and commissioned them in writing. They are bound by our instructions and are regularly checked by us. With whom we have concluded order processing contracts in accordance with Art. 28 GDPR, if necessary. The service providers will not use your data for their own purposes or pass them on to third parties.

Recipients or categories of recipients of personal data and transfer of the data to a third country (Article 13 Paragraph 1 Letter e and f or Article 14 Paragraph 1 Letter e and f GDPR).

Recipients or categories of recipients of personal data and the intention to transfer this data to a third country (countries outside the European Union and countries outside the Agreement on the European Economic Area and not Switzerland) are the data subject either

a) as part of the transaction processing or
b) under this data protection declaration or
c) on the website of the Federal Office of Justice under the respective “topics” in a supplementary data protection notice.

Within the Federal Office of Justice and its processors in accordance with Article 28 GDPR, only those employees who are responsible for processing the respective case receive personal data.

What rights do you have with regard to your data?

You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction or deletion of this data. You can contact us at any time at the address given in the legal notice if you have any further questions on the subject of data protection. You also have the right to lodge a complaint with the competent supervisory authority. You also have the right to request that the processing of your personal data be restricted under certain circumstances. You can find details on this in the data protection declaration under “Right to restriction of processing”.

Analysis tools and third party tools

When you visit this website, your surfing behavior can be statistically evaluated. This is done primarily with cookies and so-called analysis programs. Your surfing behavior is usually analyzed anonymously; surfing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. You can find detailed information about these tools and your options for objection in the following data protection declaration.

External Hosting

This website is hosted by an external service provider (hoster). The personal data recorded on this website are stored on the host’s servers. This can primarily involve IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses and other data generated via a website. The hoster is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 Para. 1 lit.b GDPR) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 Para . 1 lit.f GDPR). Our host will only process your data insofar as this is necessary to fulfill its performance obligations and follow our instructions with regard to this data.

GENERAL NOTES AND MANDATORY INFORMATION

Data Protection

The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration. When you use this website, various personal data are collected. Personal data are data with which you can be personally identified. This data protection declaration explains which data we collect and what we use it for. It also explains how and for what purpose this is done. We would like to point out that data transmission over the Internet (e.g. when communicating by e‑mail) can have security gaps. A complete protection of the data against access by third parties is not possible.

Note on the responsible body

The responsible body for data processing on this website is:

DC Services GmbH

Davide Criscione

Meistersignerstrasse 81

81927 München

E‑Mail: info@dc-services.eu

The responsible body is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data (e.g. names, email addresses, etc.).

Revocation of your consent to data processing

Many data processing operations are only possible with your explicit consent. You can revoke your consent at any time. An informal e‑mail to us is sufficient. The legality of the data processing carried out before the revocation remains unaffected by the revocation.

Right to object to the collection of data in special cases and to direct mail (Art. 21 GDPR)

If the data processing is based on Article 6 Paragraph 1 Letter E or F GDPR, you have the right at any time to object to the processing of your personal data for reasons that arise from your particular situation; this also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this data protection declaration. If you object, we will no longer process your personal data concerned, unless we can prove compelling reasons worthy of protection for the processing that outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims (objection according to Art. 21 Paragraph 1 GDPR). If your personal data are processed in order to operate direct mail, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct mail. If you object, your personal data will then no longer be used for direct marketing purposes (objection according to Art. 21 Paragraph 2 GDPR).

Right of appeal to the competent supervisory authority

In the event of violations of the GDPR, the data subjects have the right to lodge a complaint with a supervisory authority, in particular in the member state of their habitual residence, their place of work or the place of the alleged violation. The right of appeal exists without prejudice to other administrative or judicial remedies. This complaint can be submitted to the following authority, for example:

Bayerische Landesbeauftragte für den Datenschutz

Wagmüllerstraße 18

80538 München

E‑Mail: poststelle@datenschutz-bayern.de

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another person responsible, this will only be done if it is technically feasible.

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the website operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http: //” to “https: //” and by the lock symbol in your browser line. If the SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties

Information, deletion and correction

Within the framework of the applicable legal provisions, you have the right to free information about your stored personal data, their origin and recipient and purpose of the data processing and, if necessary, a right to correct or delete this data. You can contact us at any time at the address given in the legal notice if you have any further questions on the subject of personal data.

Right to restriction of processing

You have the right to request that the processing of your personal data be restricted. You can contact us at any time at the address given in the legal notice. The right to restriction of processing exists in the following cases:

If you dispute the accuracy of your personal data stored by us, we usually need time to check this. For the duration of the test, you have the right to request that the processing of your personal data be restricted. If the processing of your personal data happened / happens unlawfully, you can request the restriction of the data processing instead of the deletion.

If we no longer need your personal data, but you need them to exercise, defend or assert legal claims, you have the right to request that the processing of personal data be restricted instead of being deleted.

If you have lodged an objection in accordance with Art. 21 Paragraph 1 GDPR, your interests and ours must be weighed up. As long as it is not yet clear whose interests prevail, you have the right to request that the processing of your personal data be restricted.

If you have restricted the processing of your personal data, this data — apart from its storage — may only be used with your consent or for the establishment, exercise or defense of legal claims or to protect the rights of another natural or legal person or for reasons of important public interest processed by the European Union or a member state.

Objection to advertising emails

We hereby object to the use of the contact data published in the context of the imprint obligation for sending unsolicited advertising and information materials. The operators of the pages expressly reserve the right to take legal action in the event of unsolicited sending of advertising information, such as spam e‑mails.

DATA COLLECTION ON THIS WEBSITE

Cookies

Internet pages sometimes use so-called cookies. Cookies do not damage your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, more effective and safer. Cookies are small text files that are stored on your computer and saved by your browser. Most of the cookies we use are so-called “session cookies”. They are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser the next time you visit. You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when you close the browser. If cookies are deactivated, the functionality of this website may be restricted. Cookies that are required to carry out the electronic communication process or to provide certain functions you require (e.g. notification of requirements, submission of offers) are stored on the basis of Art. 6 Para. 1 lit.f GDPR. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimized provision of its services. If a corresponding consent has been requested (e.g. consent to the storage of cookies), processing takes place exclusively on the basis of Art. 6 Para. 1 lit. a GDPR; the consent can be withdrawn at any time. Insofar as other cookies (e.g. cookies for analyzing your surfing behavior) are stored, these will be treated separately in this data protection declaration.

Server-Log-Files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are among others:

Browser type and browser version

operating system used

Referrer URL

Host name of the accessing computer

Time of the server request

IP address

This data will not be merged with other data sources. This data is recorded on the basis of Art. 6 Paragraph 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of his website — the server log files must be recorded.

Request by email or phone

If you contact us by e‑mail or telephone, your request, including all the resulting personal data (name, request), will be stored and processed by us for the purpose of processing your request. The recording takes place mainly in our CRM system (Hub-Spot) or in separate files that we save on Sharepoint. We do not pass on this data without your consent. This data is processed on the basis of Article 6 (1) (b) GDPR, provided that your request is related to the performance of a contract or is necessary to carry out pre-contractual measures. In all other cases, the processing is based on your consent (Art. 6 Para. 1 lit. A GDPR) and / or on our legitimate interests (Art. 6 Para. 1 lit.f GDPR), as we have a legitimate interest in the effective Processing the inquiries sent to us. The data you send to us via contact requests will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions — in particular statutory retention periods — remain unaffected.

Data collected upon registration

At the time you register on our portal (“marketplace”), we collect so-called “user information” such as your name, address, telephone number, business e‑mail address, your company for the purpose of providing our services. The user information entered as part of the registration and profile creation as well as any further specified profile data that are required to carry out the electronic communication process or to provide certain functions you require (e.g. notification of requirements, submission of offers) are processed on the basis of Art. 6 Para. 1 lit. f GDPR saved. All of the collected user information and profile data will only be used and published to the extent specified in our general terms and conditions and / or in this data protection declaration. This is done on the legal basis of Art. 6 Paragraph 1 GDPR or, in the case of voluntary information, on the consent of the user in accordance with Art. 6 Paragraph 1a. GDPR. Our services, which are available after successful registration, are not offered to persons under the age of 18 years. Therefore, when registering, we do not intend to collect personal information from visitors who are less than 18 years old.

Data collected when arranging consulting services

Project-related data that are required for the provision and implementation of certain functions you require (e.g. description of needs for advice, description of offers) are collected and processed in accordance with general terms and conditions and stored on the basis of Article 6 (1) (f) GDPR . Within the framework of the applicable legal provisions, you have the right to free information about your stored project-related data, their origin and recipient and purpose of the data processing and, if necessary, a right to correct or delete this data. You can contact us at any time at the address given in the legal notice if you have any further questions on the subject of personal data.

USE OF YOUR DATA ON THIS WEBSITE

Use of data in the brokerage and billing of consulting services

In principle, the data that you provide to us are used in accordance with Article 6 (1) (f) DSGVO to provide our services of mediation and billing of consulting services, to answer your inquiries or to help us to improve our service for our customers in the long term. We use your data and information for the following purposes, among others:

Provision of desired services for the mediation of consulting services
Creation and activation of your account in our portal or on our marketplace, as well as assignment to your company
Mediation of reported customer advice needs to registered IT service providers (“delivery partners”)
Mediation of offer and profile data from interested delivery partners to clients
Sending various administrative emails in connection with the provision of the services such as verification, security, support or maintenance emails
Answering your inquiries and questions after making appropriate contact
Sending emails to registered users with content related to our services, provided the user has not objected
Improving our website and our services

USE OF TOOLS AND OUTGOING LINKS

Use of Google Analytics

On the basis of our legitimate interests (within the meaning of Art. 6 Paragraph 1 lit. f. GDPR), we use Google Analytics, a web analysis service provided by Google LLC (“Google”). Google uses cookies. The information generated by the cookie about the use of the online offer by the user is usually transmitted to a Google server in the USA and stored there. Google is certified under the Privacy Shield Agreement and thus offers a guarantee that it will comply with European data protection law (https://policies.google.com/privacy?fg=1).

Google will use this information on our behalf to evaluate the use of our online offer by users, to compile reports on the activities within this online offer and to provide us with other services related to the use of this online offer and the internet. In doing so, pseudonymous user profiles can be created from the processed data. We only use Google Analytics with activated IP anonymization. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The full IP address will only be sent to a Google server in the USA and shortened there in exceptional cases. The IP address transmitted by the user’s browser will not be merged with other Google data.

Users can prevent the storage of cookies by setting their browser software accordingly; Users can also prevent Google from collecting the data generated by the cookie and relating to their use of the online offer and from processing this data by downloading and installing the browser plug-in available at the following link: http: // tools .google.com / dlpage / gaoptout? hl = de. You can find more information on data usage by Google, setting and objection options in Google’s data protection declaration (https://policies.google.com/technologies/ads) and in the settings for the display of advertisements by Google (https: // adssettings.google.com/authenticated). The personal data of the users will be deleted or anonymized after 14 months.

Links to Social Media Services

dc pretorian is or will be connected to the social networks LinkedIn and Xing as well as Youtube via links. If you click these icons on this website, you will automatically be redirected to the respective page of dc pretorian or its employees on the social network and the data will then only be processed via the server of the respective social network.

Data processing when using Xing

We use the above-mentioned social medium. Its provider is New Work SE, Dammtorstrasse 30, 20354 Hamburg, Germany. We have no influence on the data collected and the data processing operations, nor are we aware of the full scope of data collection, the purposes of processing or the storage periods. We also have no information on the deletion of the data collected by this provider. If you select our company pages, there is the possibility that the provider saves the data collected about you as a user profile and uses this for the purposes of advertising, market research and / or the needs-based design of its website. You have the right to object to the creation of these user profiles, although you must contact the provider to exercise this right. You can find the provider’s data protection declaration here:https://privacy.xing.com/de/datenschutzerklaerung.

Further information on data protection with this provider can also be found here: https://privacy.xing.com/de.

As far as we can influence the data processing, its purpose is to present our company, to analyze your usage behavior in relation to the interaction with our company website maintained there and to communicate with you via this social network (possibly for advertising purposes).

The categories of personal data that we process about you depend on the specific use of this social medium, as described in paragraph 4.

In addition, we will provide information on data processing in this context:

We maintain a company page on this social network and, if necessary, analyze whether and how you have visited our company page there; whether and how you react to our posts in social networks; whether and how you communicate with us via the channels there. In this respect, the consent that you have given to this provider is decisive.

We have also linked our company page with this provider on our website. If you click on this link (meaning the link to our company page), you will be taken to our profile. With regard to this processing, we refer to our previous statements on visiting our company page with this provider.

We have no influence on the data collected and the data processing operations, nor are we aware of the full scope of data collection, the purposes of processing or the storage periods. We also have no information on the deletion of the data collected by the provider.

The provider saves the data collected about you as a user profile and uses this for advertising, market research and / or needs-based design of its website. Such an evaluation takes place in particular (also for users who are not logged in) to display needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, although you must contact the provider to exercise this .

The data is passed on regardless of whether you have an account with the provider and are logged in there. If you are logged in with the provider, your data collected by us will be assigned directly to your account with the provider. If you press the activated button and z. If, for example, if you link the page, the provider also saves this information in your user account and shares it publicly with your contacts. We recommend that you log out regularly after using a social network, but especially before activating the button, as this allows you to avoid being assigned to your profile with the provider.

Data processing when using LinkedIn

We use the above-mentioned social medium. Its provider is the LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. We have no influence on the data collected and the data processing operations, nor are we aware of the full scope of data collection, the purposes of processing or the storage periods. We also have no information on the deletion of the data collected by this provider. If you select our company pages, there is the possibility that the provider saves the data collected about you as a user profile and uses this for the purposes of advertising, market research and / or the needs-based design of its website. You have the right to object to the creation of these user profiles, although you must contact the provider to exercise this right. You can find the provider’s data protection declaration here: https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv.

In addition, we will provide information on data processing in this context:

The data is passed on regardless of whether you have an account with the provider and are logged in there. If you are logged in with the provider, your data collected by us will be assigned directly to your account with the provider. If you press the activated button and, for example, if you link the page, the provider also saves this information in your user account and shares it publicly with your contacts. We recommend that you log out regularly after using a social network, but especially before activating the button, as this allows you to avoid being assigned to your profile with the provider.

If you contact us via the messenger function in this social network, we would like to point out that this communication (in particular your contact details) takes place via the provider of this social network. When you contact us, you consent to this separately.

In addition to our general remarks on the legal basis, we also share here with you:

If you yourself maintain a profile on this social medium, the legal basis is your consent within the meaning of Article 6 Paragraph 1 Clause 1 lit. a GDPR, which you have given to the provider of the social network. In all other cases, the legal basis is Article 6 Paragraph 1 Clause 1 lit.f GDPR, according to which your data may be processed if it is necessary to safeguard our legitimate interests or the interests of a third party, unless your interests or fundamental rights and freedoms are require the protection of personal data, especially if the person concerned is a child.

We have the economic interest to link our company pages, whereby you click on the links independently and voluntarily. Otherwise, the provider is responsible.

If and to the extent that we analyze visitor interactions with our company website, we and this provider are jointly responsible under data protection law; this in accordance with Article 26 GDPR. If and to the extent that we commission this provider to process additional data for us, we are the client within the meaning of Article 28 GDPR.

The data processing operations also do not prevent the data from being processed outside the European Union by the provider, possibly in cooperation with the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA. Because your consent also includes a declaration in accordance with Article 49 (1) (a) GDPR. Please read our information beforehand under “General part / special constellation: Consent to the transfer to third country offices based in the USA, including the risk information”.

Data processing when using YouTube (with own channel)

We use the above video platform or the above video portal on our website. Your provider is Google LLC, 1600 Amphitheater Parkway, Mountain View, California 94043. If you are based in the European Economic Area, your data will also be processed by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland. You can find the provider’s data protection declaration here: https://policies.google.com/privacy?fg=1.

We would like to briefly describe this processing procedure: Plugins from the YouTube video portal are integrated into our website. Each time you visit a page that offers one or more YouTube video clips, a direct connection is established between your browser and a YouTube server. These videos are all integrated in the “extended data protection mode”. No data about you as a user will be transmitted to YouTube if you do not play the videos. Only when you play the videos will the data mentioned in paragraph 3 be transmitted. We have no influence on this data transfer. If you use a Google account and do not wish to be assigned to your profile on YouTube, you must log out before activating the button.

In doing so, we usually process the following data from you: When you visit the website, YouTube receives the information that you have accessed the corresponding subpage of our website. This happens regardless of whether YouTube provides a user account that you are logged in to, or whether there is no user account. If you are logged in to Google, your data will be assigned directly to your account. YouTube stores your data as a user profile and uses it for advertising, market research and / or needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, although you must contact YouTube to exercise this right. Further information on the purpose and scope of the data collection and its processing by YouTube can be found in the data protection declaration. There you will also find further information on your rights and setting options to protect your privacy: https://www.google.de/intl/de/policies/privacy.

We also maintain a company website with this provider. If you interact with this company website, there is a possibility that the provider will process your data as described in paragraph 3.

The data processing operations are also not prevented by the fact that the data may be processed outside the European Union by the provider; possibly in cooperation with Google LLC. Because your consent also includes a declaration in accordance with Article 49 (1) (a) GDPR. Please read our information beforehand under “General part / special constellation: Consent to the transfer to third country offices based in the USA, including the risk information”.

Usage of further third-party tools

As part of our activities, we use various tools from third-party providers who also use and process data or which we use to process data. In this chapter we refer to the providers currently used.

Video-conferencing: Zoom

We use the “Zoom” tool to hold telephone conferences, online meetings, video conferences and / or webinars (hereinafter: “Online Meetings”). “Zoom” is a service provided by Zoom Video Communications, Inc., which is based in the United States. Note: If you access the “Zoom” website, the provider of “Zoom” is responsible for the data processing. Calling up the website is only required to use “Zoom” in order to download the software for using “Zoom”.

You can also use “Zoom” if you enter the respective meeting ID and any other access data for the meeting directly in the “Zoom” app.

If you do not want to or cannot use the “Zoom” app, the basic functions can also be used via a browser version, which you can also find on the “Zoom” website.

Which data are processed?

When using “Zoom” different types of data are processed. The scope of the data also depends on the information you provide about data before or when participating in an “online meeting”.

The following personal data are processed:

User information: first name, last name, telephone (optional), email address, password (if “single sign-on” is not used), profile picture (optional), department (optional)

Meeting metadata:

Topic, description (optional), participant IP addresses, device / hardware information.

For recordings (optional): MP4 file of all video, audio and presentation recordings, M4A file of all audio recordings, text file of the online meeting chat.

When dialing in with the phone: information on the incoming and outgoing phone number, country name, start and end time. If necessary, further connection data such as the IP address of the device can be saved.

Text, audio and video data: You may have the option of using the chat, question or survey functions in an “online meeting”. In this respect, the text entries you make are processed in order to display them in the “online meeting” and, if necessary, to record them. In order to enable the display of video and the playback of audio, the data from the microphone of your terminal device and any video camera on the terminal device are processed accordingly for the duration of the meeting. You can switch off or mute the camera or microphone yourself at any time using the “Zoom” applications.

In order to take part in an “online meeting” or to enter the “meeting room”, you must at least provide information about your name.

Scope of processing

We use “Zoom” to conduct “online meetings”. If we want to record “online meetings”, we will inform you transparently in advance and — if necessary — ask for your consent. The fact of the recording is also displayed in the “Zoom” app.

If necessary for the purpose of logging the results of an online meeting, we will log the chat content. However, this will usually not be the case.

In the case of webinars, we can also process the questions asked by webinar participants for the purpose of recording and following up webinars.

If you are registered as a user with “Zoom”, reports on “Online Meetings” (meeting metadata, data on telephone dial-in, questions and answers in webinars, survey function in webinars) can be saved in “Zoom” for up to one month.

Automated decision-making within the meaning of Art. 22 GDPR is not used.

Legal basis for data processing

Insofar as personal data is processed by employees of DC Services GmbH, Section 26 BDSG is the legal basis for data processing. If, in connection with the use of “Zoom”, personal data are not required for the establishment, implementation or termination of the employment relationship, but are nevertheless an elementary part of the use of “Zoom”, Article 6 (1) lit. f) GDPR is applicable the legal basis for data processing. In these cases, we are interested in the effective implementation of “online meetings”.

Otherwise, the legal basis for data processing when conducting “online meetings” is Article 6 (1) (b) GDPR, insofar as the meetings are carried out within the framework of contractual relationships.

If there is no contractual relationship, the legal basis is Art. 6 Paragraph 1 lit. f) GDPR. Here, too, we are interested in the effective implementation of “online meetings”.

Recipient / transfer of data

Personal data that are processed in connection with participation in “online meetings” are generally not passed on to third parties unless they are specifically intended to be passed on. Please note that content from “online meetings”, as well as from personal meeting meetings, is often used to communicate information with customers, interested parties or third parties and is therefore intended to be passed on.

Other recipients: The provider of “Zoom” necessarily receives knowledge of the above data, insofar as this is provided for in our order processing contract with “Zoom”.

Data processing outside the European Union

“Zoom” is a service that is provided by a provider from the USA. Processing of personal data also takes place in a third country. We have concluded an order processing contract with the provider of “Zoom” which meets the requirements of Art. 28 GDPR.

On the one hand, an adequate level of data protection is guaranteed by the conclusion of the so-called EU standard contractual clauses. As a supplementary protective measure, we have also configured our zoom in such a way that only data centers in the EU, the EEA or secure third countries such as Canada or Japan are used for conducting “online meetings”.

Video-conferencing: Microsoft Teams

We use the “Microsoft Teams” tool to hold telephone conferences, online meetings, video conferences and / or web conferences (hereinafter: “Online Meetings”). “Microsoft Teams” is a service from Microsoft Corporation.

We use the Team Meetings mode at Microsoft Teams. During team meetings, audio input and video recordings are prevented by our Microsoft Teams settings. There is no recording.

We carry out the data processing on the basis of a legitimate interest in accordance with Art. 6 Para. 1 f) GDPR. In these cases, we are particularly interested in

the effective implementation of “online meetings”
Exchange of information with business partners (customers, potential new customers, service providers) and other interested persons
Promotion of cooperation in the nearshoring area
Information about developments and trends etc..

Microsoft Teams is part of Microsoft Office 365. Microsoft Teams is a collaboration tool that also includes a video conference function. Microsoft Office is software from Microsoft Corporation, One Microsoft Way Redmond, WA 98052–6399 USA. (3) Microsoft Teams is part of the Office 365 cloud application, for which a user account must be created. Microsoft also reserves the right to process customer data for its own business purposes. This represents a data protection risk for the users of Microsoft Teams. We have concluded data protection agreements and EU standard contracts with the provider Microsoft in order to guarantee a minimum level of data protection. Please note that we have no influence on Microsoft’s data processing. To the extent that Microsoft Teams processes personal data in connection with Microsoft’s legitimate business operations, Microsoft is the independent data controller for that use and, as such, is responsible for complying with all applicable laws and obligations of a data controller. (4) Further information on the purpose and scope of data collection and its processing by Microsoft Teams can be found in Microsoft’s privacy policy at

https://privacy.microsoft.com/de-de/privacystatement und Microsoft Teams and at https://docs.microsoft.com/de-de/microsoftteams/teams-privacy.

There you will also find further information on your rights in this regard. Microsoft also processes your personal data in the USA. EU standard contracts with Microsoft for Office 365 and Teams have been concluded in order to guarantee an adequate level of data protection.

The following personal data are processed:

User information: z. B. Display name (“Display name”), possibly e‑mail address, profile picture (optional), preferred language. B. Date, time, meeting ID, telephone numbers, location Text, audio and video data: You may have the option of using the chat function in an “online meeting”. In this respect, the text entries you make are processed in order to display them in the “online meeting”. In order to enable the display of video and the playback of audio, the data from the microphone of your terminal device and any video camera on the terminal device are processed accordingly during the duration of the meeting. You can switch off or mute the camera or microphone yourself at any time using the “Microsoft Teams” applications.

Online-Marketing: HubSpot

We use the HubSpot service for various purposes on this website. HubSpot is a US software company with a subsidiary in Ireland. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, Phone: +353 1 5187500.

Hubspot is an integrated software solution with which we cover various aspects of our online marketing. These include, among other things:

Email marketing, social media publishing & reporting, reporting, contact management (e.g. user segmentation & CRM), landing pages and contact forms.

Our registration service enables visitors to our website to learn more about our company, to download content and to provide their contact information and other demographic information. This information and the content of our website are stored on the servers of our software partner HubSpot. They can be used by us to get in touch with visitors to our website and to determine which services from our company are of interest to them. All information we collect is subject to this privacy policy. We use all information collected exclusively to optimize our marketing measures.

As part of the optimization of our marketing measures, the following data can be collected and processed via Hubspot:

- Geographical position

- browser type

- navigation information

- Referral URL

- performance data

- Information on how often the application is used

- Mobile apps data

- Credentials for the HubSpot subscription service

- files that are displayed on site

- Domain names

- Pages viewed

- Aggregate usage

- Version of the operating system

- Internet service provider

- IP address

- device identification

- Duration of the visit

- Where the application was downloaded from

- operating system

- Events that occur within the application

- access times

- Clickstream data

- Device model and version

The legal basis for processing is your consent in accordance with Article 6 (1) (a) GDPR. If you do not want the data mentioned to be collected and processed via Hubspot, you can refuse your consent or revoke it at any time with effect for the future.

The personal data are kept for as long as they are necessary to fulfill the processing purpose. The data will be deleted as soon as they are no longer required for the purpose.

As part of the processing via HubSpot, data can be transmitted to the USA. The security of the transmission is ensured by so-called standard contractual clauses, which guarantee that the processing of personal data is subject to a security level that corresponds to that of the GDPR. If the standard contractual clauses are not sufficient to create an adequate level of security, your consent in accordance with Article 49 (1) (a) GDPR can serve as the legal basis for the transfer to third countries

Datenverarbeitung beim Einsatz von Calendly

We use the tool from the following provider: Calendly LLC BB&T Tower

271 17th St NW, Atlanta, GA 30363, USA. We would be happy to briefly describe this processing procedure: If you want to arrange an appointment with us, you can use the appointment booking portal described in more detail in the heading to view the appointments that we have available and simply choose one. We will then receive a message from the appointment booking portal or the appointment will be blocked in our calendar. We then process the data that the provider makes available to us for the purpose of establishing, executing and terminating this contract, precisely for these purposes. We have commissioned this provider in accordance with Article 28 GDPR. The provider’s terms of use can be found at https://calendly.com/de/pages/terms

In doing so, we usually process the following data from you: We use this provider to document all of the data you provide when booking an appointment, i.e. your name, your contact details, the appointment data and other information you provide. For more information on how data is processed, see: https://calendly.com/de/pages/privacy und https://calendly.com/de/pages/security

The data processing operations are also not prevented by the fact that the data may be processed outside the European Union by the provider. Because you have made a declaration in accordance with Article 49 (1) (a) GDPR. Please read our information beforehand under “General part / special constellation: Consent to the transfer to third country offices based in the USA, including the risk information“.

Other forms of data processing: sending a newsletter

We may process your data in order to send you a newsletter. A newsletter is an electronic circular that appears regularly. At the beginning, you provide us with the data that we request to register for the newsletter. After carrying out the double opt-in procedure, we will use your data to address you for advertising by means of a newsletter.

We use the so-called double opt-in procedure to obtain consent. This means that after you have registered, we will send you an email to the email address provided, asking you to confirm your consent. If you do not confirm your registration within 24 hours, your information will be blocked and automatically deleted after one month. In addition, we save the IP addresses you use and the times of registration and confirmation. The purpose of the procedure is to be able to prove your registration and, if necessary, to clarify any possible misuse of your personal data. The legal basis for this processing is Article 6 Paragraph 1 Clause 1 lit. According to this provision, we are allowed to process your data if this is necessary to fulfill a legal obligation to which we are subject. The legal obligation to which we are subject follows from Article 7 Paragraph 1 GDPR and Article 5 Paragraph 1 GDPR. Because according to these regulations we are legally obliged to document the obtaining of consent. This is only possible if we collect your data for verification purposes. We save the data as long as this is necessary for verification purposes. If you confirm your consent, the retention period ends only after you revoke your consent plus the period until the statute of limitations for any civil law claims, i.e. usually on December 31 of the 3rd calendar year following the year in which you revoked your consent.

Cases are conceivable in which we make the provision of a free service and / or a free product dependent on the granting of consent. In this context, we take the voluntary requirement stipulated in Article 7 Paragraph 4 GDPR and Article 4 Section 11 GDPR very seriously. In this regard, we clarify: By making the provision of our free service available to you giving the consent described above, we use the option, according to our legal opinion, to make the associated data processing part of the contract ourselves; and not only to fulfill it, but by exchanging your consent to data processing in return for providing a free service. On closer inspection, your consent is part of the contract, which otherwise could not come about or only come about for a fee. Our free service is “paid for” with the personal data or exchanged for it. Since your consent is of central importance to us, the provision of the data for the above-mentioned purposes is the price for our service. You have the option to revoke your consent at any time with effect for the future; You can do this by informing us, for example to one of the above-mentioned contact channels (“general part” / person responsible) or by clicking the unsubscribe link at the end of our e‑mails. You also have the option to object to the processing of your data for the purpose of advertising at any time; also this by informal communication to us, as described above; and without incurring any costs other than the transmission costs according to the basic tariffs. If there is no further reason for storage after the revocation of the consent and / or the objection to the processing of your data for advertising purposes, we will delete your personal data.

In doing so, we usually process the following data from you: The data that you provide to us to register for the newsletter and the data that we need in accordance with paragraph 2 to prove that you have given your consent (opt-in status data) and, if applicable, Data to withdraw your consent.

Data processing at the hosting partner

We host our website at IONOS SE. The provider is IONOS SE, Elgendorfer Str. 57, 56410 Montabaur (hereinafter: IONOS). When you visit our website, IONOS collects various log files including your IP addresses. Details can be found in the IONOS data protection declaration: https://www.ionos.de/terms-gtc/terms-privacy.

IONOS is used on the basis of Article 6 (1) (f) GDPR. We have a legitimate interest in presenting our website as reliably as possible. If a corresponding consent has been requested, processing takes place exclusively on the basis of Article 6 Paragraph 1 Letter a GDPR and Section 25 Paragraph 1 TTDSG, as far as the consent includes the storage of cookies or access to information in the user’s device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be withdrawn at any time.

Order processing:

We have concluded an order processing contract with the above-mentioned provider. This is a contract stipulated by data protection law, which ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

Website and third party offers

If you click on a link to another website or location, you leave our website and go to another website; in this case, your personal information or anonymous data can be collected from another body. We do not control or check these external websites or their content and are not liable for them or their content. Please note that the provisions of this data protection declaration do not apply to these external websites and their content or to data collection that takes place after you have clicked on links to such external websites. This data protection declaration can be accessed at any time on the website at https://www.dcnearshoring.com/en/privacy-policy/ can be viewed and printed out. We are entitled to change this data protection declaration in compliance with the applicable regulations.

Version December 2021

Links sind bereits ergänzt. In der deutschen Version auch. Soll ich diese Passage übersetzen?

Haben Sie noch Fragen?