Skip to main content

Data Protection Statement

You may adjust your cookie settings under the following link.

Cookie settings

The information below will give you a rough overview of how your personal data will be processed when you visit the website of Trei Real Estate GmbH (hereinafter “TREI,” “we” or “us”). In addition, we will give you an overview of the further processing of personal data, e. g. within the scope of our social media activities. The sections will brief you in accordance with Art. 13, EU General Data Protection Regulation (GDPR) and Art. 14, GDPR, about scenarios in which no data are directly collected. We will subsequently explain which data we process for what purpose, and tell you what your rights are in this context, among other things.

This data protection statement is intended for visitors of our website or of our LinkedIn company profile, for business partners and for applicants responding to our job openings, among others.

Our data protection statement is structured as follows:

1. General Information

1.1 Data Controller and Data Protection Officer

The website’s data controller within the meaning of Art. 4, No. 7, GDPR, is

Trei Real Estate GmbH
Klaus-Bungert-Str. 5b
D-40468 Düsseldorf

Phone: +49 211 54011-000
E-mail: info@treirealestate.com

For more details on the parties responsible, please see the legal notice of this website.

If you have any questions regarding the subject of data protection, please get in touch with our external data protection officer:

Tengelmann Audit GmbH
Datenschutzbeauftragter
An der Pönt 45
D-40885 Ratingen

E-mail: datenschutz@t-audit.de

1.2 General Information on the Legal Bases for Processing Personal Data

Personal data will only be processed to the extent necessary for a given purpose and/or subject to consent. Processing may principally proceed on the following legal bases, among others:

  • Art. 6, Sec. 1, Lit. a, GDPR (consent by the data subject), or Art. 9, Sec. 2, Lit. a, GDPR (if consent to the processing of special categories of data was granted pursuant to Art. 9, Sec. 1, GDPR)
  • Art. 6, Sec. 1, Lit. b, GDPR (fulfilment of a contractual relationship with the data subject, pre-contractual measures at the request of the data subject)
  • Art. 6, Sec. 1, Lit. c, GDPR (fulfilment of a legal obligation)
  • Art. 6, Sec. 1, Lit. f, GDPR (protection of a legitimate interest of the controller or of a third party, provided that the interests, fundamental rights and freedoms of the data subject, which require the protection of personal data, prevail)
  • Art. 49, Sec. 1, Lit. a, GDPR (express consent to the transfer of personal data to third countries).

If consent constitutes the legal basis for processing personal data, you may retract your consent at any time without stating your reasons. Principally, retracting your consent is only effective for the future. This means that retracting your declaration of consent will not render prior processing impermissible that preceded our receipt of the revocation of your consent.

For details on the relevant (or supplementary) legal bases in a given case, please see the following sections of this Data Protection Statement.

2. Data Subject Rights

If we process your personal data as controller, you have the following rights vis-à-vis us with regard to the processing of your personal data, which you may assert at any time:

Right to Information, Erasure and Correction

Within the scope of the applicable legal provisions, you have the right to free information (Art. 15, GDPR) about your processed personal data and other disclosures pursuant to Art. 15, Sec. 1, Lit. a through h, GDPR, at any time. In addition, you may be entitled to the rectification (Art. 16, GDPR) or erasure (Art. 17, GDPR) of these data. The right to erasure may be restricted in cases specified in Art. 17, Sec. 3, GDPR (e. g. whenever the data are required for asserting, exercising or defending legal claims).

Right to Restriction of Processing

You have the right to demand that the processing (Art. 18, GDPR) of your personal data be restricted (or blocked). The right to restriction of processing exists in the cases specified in Art. 18, Sec. 1, Lit. a to d, GDPR. Once the processing of your personal data has been restricted, such data may—apart from being stored—only be processed with your consent or else to assert, exercise or defend legal claims, or for to protect the rights of another natural person or legal entity, or for reasons of material public interest of the European Union or one of its member state.

Right to Data Portability

You have the right to receive personal data concerning you in a standard machine-readable format, assuming that you have provided us with the data yourself, that we process this data via automated procedures and that the processing is based on your consent or the fulfilment of a contract with you (Art. 20, GDPR).

Right to Object to the Processing of Your Data

To the extent that personal data are processed (including profiling, where applicable) on the basis of legitimate interests (Art. 6, Sec. 1, Lit. f, GDPR), you have the right to object to the processing of your personal data at any time for reasons arising from your specific circumstances (Art. 21, GDPR). In that case, we will cease to process your personal data for said purposes unless our legitimate interests prevail, or unless the processing serves the assertion, exercise or defence of legal claims. Collecting data in order to make the website available and storing log files is imperative for the operation of the website. Without prejudice to this fact, you may object to the processing of your personal data for purposes of direct marketing at any time without stating a reason. The same is true for possible profiling if it is connected to direct marketing of this type.

Right to Revoke Your Consent

If consent constitutes the legal basis for processing your personal data, you may retract your consent at any time without stating your reasons (Art. 7, Sec. 3, GDPR). Principally, retracting your consent is only effective for the future. This means that the revocation of consent will not affect the lawfulness of the processing which was carried out on the basis of your consent prior to its revocation.

Right to Lodge a Complaint with a Regulator

If you believe that the processing of your personal data violates data protection law, you have the right to lodge a complaint with a regulator, specifically in the member state of your habitual residence, place of work or place of the alleged violation (Art. 77, GDPR). The right to lodge a complaint exists without prejudice to any other administrative or judicial remedy.

To assert your rights vis-à-vis us, please get in touch with us, using the contact details quoted in the disclosures about the controller and the data protection officer.

Whenever data subject rights are asserted, personal data will be processed in this same context in order to respond to the request. Here, the processing of personal data is done to fulfil a legal obligation pursuant to Art. 6, Sec. 1, Lit. c, GDPR, or on the basis of our legitimate interest pursuant to Art. 6, Sec. 1, Lit. f, GDPR, to implement the data protection regulations that govern the rights of data subjects.

3. Data Processing when Visiting Our Website

Visiting our website will cause personal data to be processed, among other data. This section will give you an overview of the data processed in this context as well as on the purpose of, and legal basis for, doing so.

For security reasons and to protect the transmission of data, this site uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the character string in your browser’s address line changes from “http://” to “https://” and by the lock symbol in your browser line.

Enabling SSL or TLS encryption will, as a rule, make it impossible for third parties to read the data you transmit to us. Please note, however, that electronic data transmission (on the Internet or via e-mail) are always subject to the risk of security gaps despite all precautions taken. There is no way to provide end-to-end protection against third-party access.

Whenever you visit our website our servers can generally access information, such as the IP address of your end device, but information may also be stored on your end device (e. g. in the form of cookies). To the extent that this is necessary to ensure an error-free and secure presentation of our website and the services associated with it, it is principally done on the basis of Art. 25, Sec. 2, Telecommunications and Telemedia Data Protection Act (TDDDG). Alternatively, it is done on the basis of your consent pursuant to Art. 25, Sec. 1, TDDDG.

Whenever the retrieval or storage of information involves the processing of personal data, such processing is usually done on the relevant legal basis pursuant to Art. 6, Sec. 1, GDPR, as mentioned above.

To this end, we use e. g. various technologies (including cookies) that are imperative for the use of certain functions of our website and that are therefore rated “necessary” by us. The use of these technologies serves the purpose of collecting and processing the IP address, the time of your visit, details on your device and browser information as well as information about your use of our website. This will help to optimise the presentation and secure provision of our website and of the respective contents. At the same time, these purposes constitute our legitimate interest pursuant to Art. 6, Sec. 1, Sent. 1, Lit. f, GDPR, and thus the legal basis for processing said data.

For more details on each cookie used, third-party services or other technologies, please click on the “Cookie settings” box shown at the top of this Data Protection Statement. In addition, you will find further information about the cookies used on our web pages, third-party services and other technologies in the sections below.

3.1 Hosting the Website

For technical reasons, every time you access our website, data will automatically be transmitted to the web server of the Internet service provider hosting our website and temporarily stored there.

Server Log

Every time our website is accessed, information will automatically be collected and stored in so-called server log files that your browser automatically transmits to us. These include

  • browser type and version
  • operating system used
  • referrer URL
  • retrieved file, quantity of the data transmitted
  • date and time of the server request
  • and your IP address.

3.2 Cookies and Other Technologies

Our homepage uses so-called cookies. Cookies represent text files that a website stores in the browser history of the person visiting it and that are used to exchange information with the server of the homepage.

Our homepage uses the following types of cookies and third-party services:

Cookiebot declaration

3.3 Use of the CookieBot

Our website uses the “Cookiebot” consent technology to obtain your consent to the storage of certain cookies on your end device or to the use of certain technologies, and to document your consent in accordance with data protection regulations. The technology is provided by Usercentrics A/S based in Copenhagen, Denmark.

Obtaining your consent and the associated setting of cookies as well as the processing of the corresponding personal data are activities necessary to fulfil the legal obligation which we are subject to (Art. 6, Sec. 1, Sent. 1, Lit. c, GDPR). Without such processing, it cannot be guaranteed that the website is fully functional in a legally permissible manner. On top of that, we have a legitimate interest (Art. 6, Sec. 1, Sent. 1, Lit. f, GDPR) to implement the requirements under applicable data protection laws to which we are subject. To this end, the following personal data may be processed: your IP address, consent status, the date and time of your consent, geolocation, language, referrer URL.

Your selection will be stored for 12 months, after which the consent banner will automatically re-open, prompting you to renew your consent.

You may change or revoke your consent any time by going to the cookie declaration on our website.

3.4 Use of the Google Tag Manager

Assuming your consent, we use the Google Tag Manager provided by Google Ireland Limited (“Google” for short) as a tool to manage and control cookies or tracking codes from programs like Google Analytics.

Since the Tag Manager is integrated by a Google server, this implies that personal data in the form of your IP address are transferred from the website to Google as soon as you visit our website and have granted your consent accordingly. The data will be passed on within the Google group of companies, so that data processing by Google LLC will essentially be carried out in the United States.

Please note that, under current data protection legislation, the United States are rated as a so-called third country where statutory data protection regulations apply that deviate from those enforced in the European Union, and that the legally required level of data protection may therefore be lower than that of the European Union. However, the United States are subject to an adequacy decision by the European Commission regarding the EU-US Data Privacy Framework, assuming that a given company has been certified accordingly. The US parent company of Google has been certified along these lines. In cases where data are processed outside the EU/EEA and the level of data protection falls short of the European standard, Google also applies EU standard contractual clauses in order to establish an appropriate level of data protection.

Legal basis for the data processing is your consent pursuant to Art. 6, Sec. 1, Lit. a, GDPR.

You may retract your granted consent with effect for the future at any time by visiting your cookie settings in this Statement, and by changing your selection there. Doing so will not affect the legitimacy of any processing done with your consent up to the time of your revocation.

3.5 Use of Google Analytics

This website uses Google Analytics, a web analysis service provided by Google LLC, California, USA, if you consented to its use. For users inside the European Union (EU)/the European Economic Area (EEA), data processing is carried out by Google Ireland Limited, Ireland (“Google” for short).

Google Analytics uses cookies that permit analysing your use of our website. The information generated by the cookies about your use of this website will usually be transmitted to and stored by Google on servers in the United States.

In the case of Google Analytics, the anonymisation of IP addresses is enabled by default. IP anonymisation will cause your IP address to be truncated by Google within member states of the EU or in other EEA treaty states. Only in exceptional cases will your full IP address be transmitted to a Google server in the United States and truncated there.

During your visit to this website, your user behaviour will be recorded in the form of “events.” Events can mean, inter alia:

  • page views
  • first-time visit of the website
  • start of session
  • your click trail, interaction with the website
  • scrolls (whenever a user scrolls down to the end of the page [90%])
  • clicks on third-party links
  • internal web search queries
  • interaction with videos
  • file downloads
  • viewed / clicked ads
  • language setting.

The following will also be recorded:

  • your approximate location (region)
  • your IP address (in truncated form)
  • technical details about your browser and the endpoint you use (e. g. language setting, screen resolution)
  • your Internet provider
  • the referrer URL (the website from which you visit us or the advert you place with us).

On behalf of us, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for us and providing other services relating to website activity and Internet usage. We use the reports that Google Analytics provides to analyse the performance of our website and the success of our marketing campaigns.

The data are passed on within the Google group of companies, so that data processing by Google LLC is essentially carried out in the United States.

Please note that, under current data protection legislation, the United States are rated as a so-called third country where statutory data protection regulations apply that deviate from those enforced in the European Union, and that the legally required level of data protection may therefore be lower than that of the European Union. However, the United States are subject to an adequacy decision by the European Commission as to the EU-US Data Privacy Framework, assuming that a given company has been certified accordingly. The US parent company of Google has been certified along these lines. In cases where data are processed outside the EU/EEA and the level of data protection falls short of the European standard, Google moreover applies EU standard contractual clauses, among others, in order to establish an appropriate level of data protection.

The data sent by us and linked to cookies are automatically deleted after 2 months. The data whose retention period has expired are automatically deleted once a month.

Legal basis for the processing of personal data as outlined is your consent pursuant to Art. 6, Sec. 1, Lit. a, GDPR.

You may retract your granted consent with effect for the future at any time by visiting your cookie settings in this Policy, and by changing your selection there. Doing so will not affect legitimacy of any processing done with your consent up to the time of your revocation.

Aside from withholding your consent, you may also prevent the storage of cookies in general by adjusting your browser settings accordingly. However, configuring your browser to reject all cookies may limit the functionality of this and other websites for you.

For more information on the terms of use of Google Analytics and on Google’s data protection policy, click the following third-party links:

https://marketingplatform.google.com/about/analytics/terms/de/ and https://policies.google.com/?hl=de.

3.2 Use of Google Maps

This website uses the Google Maps service. It is provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The service enables us to display interactive maps directly on our website and lets you use the map function at your convenience. It is integrated into our website via a Java Script API. When using Google Maps, other Google services, such as e. g. Google Fonts, may be activated, which Google uses to optimise the way its map service is displayed and functions.

Use of Google Maps, and thus the processing of personal data by Google Maps, is not possible unless you have consented to it through the cookie settings on this page (“Marketing” category). Legal basis for the data processing is therefore your consent pursuant to Art. 6, Sec. 1, Lit. a, GDPR. You may retract your consent with effect to the future via the same cookie settings at any time.

As a result of using Google Maps, Google will receive information that the corresponding (sub)page of our website was called up while also receiving the associated IP address. This will happen regardless of whether Google provides a user account through which you are logged in or whether no such user account exists. If you are signed into a Google service, your data will (probably) be directly associated with your account. If you do not wish to be associated with your profile on Google, you should log out of your Google account before clicking the button. Google stores the data collected about you in the form of a user profile and uses it for advertising purposes, market research and/or the need-based design of its websites. The purpose of such an analysis is specifically to generate customised advertising (even for users not logged in). You have the right to object to the creation of such a user profile, but you will have to contact Google directly to exercise that right.

The aforesaid personal data will be transferred to the United States during the use of Google Maps. Please note that, under current data protection legislation, the United States are rated as a so-called third country where statutory data protection regulations apply that deviate from those enforced in the European Union, and that the legally required level of data protection may therefore be lower than that of the European Union. However, the United States are subject to the adequacy decision by the European Commission regarding the EU-US Data Privacy Framework only if a given company has been certified accordingly. The US parent company of Google has been certified along these lines. In cases where data are processed outside the EU/EEA and the level of data protection falls short of the European standard, Google also applies EU standard contractual clauses in order to establish an appropriate level of data protection.

For more information on the purpose and scope of the collection of data and their processing by the provider of Google Maps, please see the provider’s data protection statements. If you do, Google will also provide more details about your rights and privacy settings (third-party link): www.google.com/policies/privacy.

4. Social Media Profiles

We maintain an active presence in various social networks and platforms using company profiles in order to communicate with users and parties interested in our company and to advertise open positions or available services, for example.

Please note that we are in no way responsible for the processing of personal data that the respective platform operators carry out on their own. The data protection statements of the respective operators apply. In addition, we would like to point out that personal data processed during your visit to the respective platforms may also be transferred to so-called third countries (countries outside the European Union and the European Economic Area) where other statutory data protection regulations apply and where the legally required level of data protection may fall short of the standards that apply in the European Union. For more information on the subject, please see the data protection statement of the respective platform operator.

When visiting one of our company profiles, you are under no obligation to actively disclose personal data to us. We may limit the data processing to personal data that you made public (e. g. your clear name in your user profile) and that directly relate to activities on our company profile (e. g. contributions, posts, likes, tags, etc.) or that you provided while communicating with us.

Reasons why we process your personal data may include, depending on the case at hand, either market research and advertising purposes or effective communication with users and the ability to process inquiries by a given user. At the same time, these purposes constitute our legitimate interest and thus the legal basis pursuant to Art. 6, Sec. 1, Lit. 3, GDPR, for processing the associated personal data. Insofar as communication with you via the platforms takes place at your request for the purpose of fulfilling a contract with you or of executing pre-contractual measures, this will also constitute the relevant legal basis pursuant to Art. 6, Sec. 1, Lit. b, GDPR, for the processing of your personal data in the context of communicating with you.

The platform operators also use so-called cookies and similar technologies specifically to identify you as a registered user and normally also to analyse your usage behaviour, at the least. We have no access to information that was gained through cookies and similar technologies. However, such information could serve as basis for compiling statistical/analytic data. For more details on this subject, check the data protection policies of the respective operators.

Please note that your communication with us via a given platform will be handled by the infrastructure of the platform operator whose security we can influence only to a limited extent. For this reason, please contact us directly via our own communication channels if you intend to disclose more detailed or confidential information to us.

Platform operators could also make statistically processed data with or without personal references available to us, which we use to evaluate user behaviour in relation to our company profile. Such data can, e. g., update us on the number of followers, the number of views or likes as well as demographic data (such as a user’s country) or job-related information (industries, areas of responsibility). We have no way to influence the collection or provision of these data. Rather, the data are processed and provided by the respective platform operator. Our evaluation of the data provided to us with regard to user behaviour or interaction behaviour helps us measure our performance and thereby control our activities on such platforms in a target-oriented manner, while these activities simultaneously constitute our legitimate interest pursuant to Art. 6, Sec. 1, Lit. f, GDPR.

Responsibility for certain processing steps involving personal data in the context of our company profile on a given platforms is shared by us and the respective platform operator. This is particularly true whenever the platform operator makes statistics and evaluations involving our company profile available to us. For more details on each of the relevant platform operators, see the sections below:

LinkedIn

When using LinkedIn, the operator of the social network shares our responsibility for data processing on our fan pages/company profiles under data protection law, the operator being:

LinkedIn Ireland Unlimited Company
Wilton Place
Dublin 2, Irland

You may submit data protection complaints on the following page (third-party link): )Contact LinkedIn Help.

To find out more about on what scale and for how long your personal data are collected and processed by LinkedIn, see LinkedIn’s privacy policy sowie LinkedIns user agreement (third-party links).

Responsibility for the processing of personal data in the context of our company profile on LinkedIn is shared by us and LinkedIn Ireland Unlimited Company. For more information on our joint controllership, click here (third-party link).

XING

When using XING, the operator of the social network shares our responsibility for data processing on our fan pages/company profiles under data protection law, the operator being:

New Work SE
Am Strandkai 1
20457 Hamburg, Germany

You may submit data protection complaints on the following page (third-party link): Contact I XING Help.

To find out more about on what scale and for how long your personal data are collected and processed by XING, see XING’s privacy policy and XING’s user agreement (third-party links).

Responsibility for the processing of personal data in the context of our company profile on XING is shared by us and New Work SE. For more information on our joint controllership, click hear (third-party link).

5. Communicating with Us

Details on how to get in touch with us are provided in various ways (e. g. on this homepage, on business cards or in e-mail signatures). In most cases, the point of disclosing our contact details is to make it easier for our (potential) business partners to request information from us. If you wish to communicate with us in regard to open positions, please note moreover the relevant passages below.

Whenever you contact us, e. g. via e-mail or telephone, the personal data you submit out of your own free will (e. g. your e-mail address, your name or your phone number) will be processed by us in order to handle/answer your request for information. If the chosen means of communication offers additional options (e. g. video telephony), you are at liberty to enable or disable these at your discretion any time.

Only persons who need these personal data for the lawful purpose of processing them in the relevant context will have access to the personal data you disclosed while communicating with us. Personal data that we received in the context of communicating with you will be shared with third parties only if doing so is either technically necessary (e. g. telecommunications providers or IT service providers) or required for properly completing a given transaction (e. g. cloud, postal or parcel service providers) or if you gave us permission to do so. Third-party service providers are selected and contracted in consideration of internal minimum data protection standards and of the relevant legal requirements (e. g. the conclusion of applicable contracts pursuant to Art. 28, GDPR, for commissioned data processors, to the extent necessary).

Any personal data you submitted while communicating with us will be processed on the legal basis of Art. 6, Sec. 1, Lit. b, GDPR, if your inquiry relates to the fulfilment of a contract or is required for conducting pre-contractual measures. In addition, data processing is based on our legitimate interest to efficiently process inquiries submitted to us (Art. 6, Sec. 1, Lit. f, GDPR) or else is based on your consent (Art. 6, Sec. 1, Lit. a, GDPR) if your consent was requested. You may revoke your consent at any time with effect to the future.

If you are not one of our contractual partners, but e. g. the employee of a (potential/current/former) business partner, the processing of your personal data—to the extent required for establishing, implementing or terminating a business relationship—is based on our legitimate interest pursuant to Art. 6, Sec. 1, Lit. f, GDPR. Efficient communication for the economic fulfilment of our business purpose and for the mutual fulfilment of (pre-)contractual obligations arising from (potential) business relationships constitutes both our own legitimate interest and—at least to some extent—the legitimate interest of our business partners.

The data you disclosed to us within the scope of our mutual communications will be stored until you ask us to delete them, until you revoke your consent to their storage or until the purpose of storing your data ceases to apply (e. g. once your request has been fully processed), unless there are legitimate reasons to the contrary, such as statutory retention periods or a legitimate interest pursuant to Art. 6, Sec. 1, Lit. f, GDPR (e. g. the processing of queries or the examination, assertion, exercise or defence of legal claims).

5.1 Contact via Microsoft Teams

We use the Microsoft Teams tool to host video conferences or sometimes to make phone calls or possibly to exchange documents and other contents. When running Microsoft Teams, the following categories of personal data, among others, may principally be processed:

  • User data (e. g. name/alias, e-mail address)
  • Communication metadata (e. g. date, time, meeting ID, IP address, phone number)
  • Content data from text, audio, video or other files transmitted.

To the extent that Microsoft processes traffic data, content data and other personal data when providing products and services that are considered telecommunications services under applicable law, Microsoft is subject to telecommunications secrecy and responsible for maintaining it.

Trei is responsible for any further processing that results from the use of Microsoft Teams for communication purposes (e. g. via the invitation function, video recordings or document exchange). In this context, Microsoft acts on our behalf as commissioned data processor. Accordingly, we would like you to take note of the following functions and options:

At any time during a Teams session, it is up to you to decide whether to switch your camera and/or your microphone on or off. Moreover, it is up to you to decide whether to share contents or not.

If you use the chat function, any personal data that you share in the chat texts will be processed, and the other attendees will become aware of such content.

One of the technical options available to attendees of an online meeting is to record the meeting. If this function is enabled, you will promptly be notified of the recording and you have the right to object to the recording vis-à-vis the other meeting attendees. The recording will be saved in Microsoft Meetings after the online meeting. The recording may then be shared with other attendees.

Whenever Teams is used in third countries (countries outside the European Union and the European Economic Area) the processing of personal data is principally not intended because Microsoft Corporation has agreed to limit the storage geographically to data centres inside the European Union. However, we cannot rule out the possibility that data are routed via internet servers that are located outside the European Union. This may be the case particularly whenever the attendees of a meeting are located in a third country.

Microsoft Corporation, the parent company of Microsoft, is domiciled in the United States. Pursuant to an adequacy decision by the European Commission as to the EU-US Data Privacy Framework, the United States are rated as a so-called third country under current data protection legislation where statutory data protection regulations apply that deviate from those enforced in the European Union, and that therefore the legally required level of data protection may be lower than that of the European Union. However, the United States are subject to the adequacy decision by the European Commission regarding the EU-US Data Privacy Framework only if a given company has been certified accordingly. The Microsoft Corporation has been certified along these lines. In cases where data are processed outside the EU/EEA and the level of data protection falls short of the European standard, Microsoft also applies EU standard contractual clauses in order to establish an appropriate level of data protection. For more information, you may also check the data protection policy of Microsoft.

If you prefer not to use Microsoft Teams, please let us know via e-mail so that we can jointly agree on alternative ways to communicate.

For more details on the data protection provisions of Microsoft, go to the Microsoft Corporation homepage at (third-party link): https://privacy.microsoft.com/de-de/privacystatement

5.2 Contacting Us to Apply for an Open Position

If you are interested in an open position that we advertise, you may submit an online application. For this purpose, we use the “Personio” e-recruiting system operated by third-party provider Personio SE & Co. KG, which companies may use to advertise job openings as well as to receive and manage applications in accordance with data protection regulations.

For the corresponding data protection information regarding this process, please see the (third-party) link below: Data protection statement for the online application process

Personio’s application management uses cookies. The link above also provides details on this subject.

6. Other Disclosures

6.1 Obligation to Provide Personal Data

An obligation to provide personal data may arise from contracts already or yet to be concluded insofar as doing so is necessary for the contract’s conclusion or performance. Legal obligations may also prompt the collection and/or processing of personal data. While the submission of personal data is voluntary in principle, please note that, depending on a given case, we may not be able to perform/provide certain measures/services if the relevant data have not been submitted.

6.2 Automated Decision-Making

This website uses no automated decision-making or profiling within the meaning of Art. 22, GDPR.

6.3 Reservation of Right of Modification

We reserve the right to change security and data protection measures whenever doing so becomes necessary in response to technological advances. In such cases, we will also adapt our notes on data protection accordingly. Adapting our Data Protection Statement could also be necessitated by changes to our services or by legal developments.

Baseline date: November 2023